Support for Nut #324 (#384)

* Add nut & nut_diagnostics modules

Author: wmatusiak

docs/meta/sitemap.xml

@@ -59,4 +59,6 @@
    <url><loc>https://ansible-opnsense.oxl.app/modules/unbound_host_alias.html</loc></url>
    <url><loc>https://ansible-opnsense.oxl.app/modules/webproxy.html</loc></url>
    <url><loc>https://ansible-opnsense.oxl.app/modules/wireguard.html</loc></url>
-</urlset>
+   <url><loc>https://ansible-opnsense.oxl.app/modules/nut.html</loc></url>
+   <url><loc>https://ansible-opnsense.oxl.app/modules/nut_diagnostics.html</loc></url>
+</urlset>

docs/source/modules/nut.rst

@@ -0,0 +1,148 @@
+.. _modules_nut:
+
+.. include:: ../_include/head.rst
+
+=======================
+NUT - Network UPS Tools
+=======================
+
+**State:** Unstable
+
+**Tests:** `nut.yml <https://github.com/O-X-L/ansible_opnsense/blob/latest/tests/nut.yml>`_
+
+**API Docs**: `Plugins - NUT <https://docs.opnsense.org/development/api/plugins/nut.html>`_
+
+**Service Docs**: `NUT - Network UPS Tools <https://docs.opnsense.org/manual/how-tos/nut.html>`_
+
+Contribution
+************
+
+Author: `@wmatusiak <https://github.com/wmatusiak>`_
+
+If you encounter any issues or have suggestions for improvements, please feel free to contribute to the project.
+
+----
+
+Prerequisites
+*************
+
+You need to install the NUT plugin:
+
+```
+os-nut
+```
+You can also install it using the :ref:`oxlorg.opnsense.package <modules_package>` module.
+
+----
+
+Functions
+*********
+
+This module allows you to configure the Network UPS Tools on your OPNsense firewall.
+
+NUT is a service that monitors UPS device and shutdown your firewall if the battery level is low.
+
+Parameters
+##########
+
+.. csv-table:: Definition
+   :header: "Parameter", "Type", "Required", "Default", "Aliases", "Comment"
+   :widths: 15 10 10 10 10 45
+
+   "enabled","boolean","false","true","\-","Enable/disable NUT service"
+   "mode","choice","false","standalone","\-","Service mode. One of: 'standalone','netclient'."
+   "name","string","false","UPSName","\-","Name for your UPS."
+   "listen","list","false","['127.0.0.1','::1']","\-","Addresses this service listen on."
+   "admin_password","string","false","Password","\-","Password for admin user 'admin'."
+   "monitor_password","string","false","Password","\-","Password for monitoring user 'monuser'."
+   "usbhid_enable","boolean","false","false","\-","Enable the USBHID driver."
+   "usbhid_args","list","false","['port=auto']","\-","Extra arguments for USBHID driver, e.g. 'port=auto'."
+   "apcsmart_enable","boolean","false","false","\-","Enable the APCSMART driver."
+   "apcsmart_args","list","false","['port=auto']","\-","Extra arguments for APCSMART driver, e.g. 'port=auto'."
+   "apcupsd_enable","boolean","false","false","\-","Enable the APCUPSD controlled devices driver."
+   "apcupsd_host","string","false","localhost","\-","Hostname or ip of the remote apcupsd server."
+   "apcupsd_port","int","false","\-","\-","Port of the remote apcupsd server (optional)."
+   "bcmxcpusb_enable","boolean","false","false","\-","Enable the PowerWare BCMXCPUSB driver."
+   "bcmxcpusb_args","list","false","['port=auto']","\-","Extra arguments for WoerWare BCMXCPUSB driver, e.g. 'port=auto'."
+   "blazerusb_enable","boolean","false","false","\-","Enable the BlazerUSB driver."
+   "blazerusb_args","list","false","['port=auto']","\-","Extra arguments for BlazerUSB driver, e.g. 'port=auto'."
+   "blazerser_enable","boolean","false","false","\-","Enable the BlazerSerial driver. Please be aware that this driver needs to run nut-tools as root."
+   "blazerser_args","list","false","['port=auto']","\-","Extra arguments for BlazerSerial driver, e.g. 'port=auto'."
+   "netclient_enable","boolean","false","false","\-","Enable the Netclient driver"
+   "netclient_address","string","false","\-","\-","IP address of the remote NUT server."
+   "netclient_port","int","false","3493","\-","TCP port of the remote NUT server."
+   "netclient_user","string","false","\-","\-","Usernname of the remote NUT server."
+   "netclient_password","string","false","\-","\-","Password of the remote NUT server."
+   "qx_enable","boolean","false","false","\-","Enable the OX driver."
+   "qx_args","list","false","['port=auto']","\-","Extra arguments for QX driver, e.g. 'port=auto'."
+   "riello_enable","boolean","false","false","\-","Enable the Riello driver."
+   "riello_args","list","false","['port=auto']","\-","Extra arguments for Riello driver, e.g. 'port=auto'."
+   "snmp_enable","boolean","false","false","\-","Enable the SNMP driver."
+   "snmp_args","list","false","['community=public']","\-","Extra arguments for SNMP driver, e.g. 'community=public'."
+
+.. include:: ../_include/param_basic.rst
+
+.. include:: ../_include/param_reload.rst
+
+----
+
+Usages
+******
+
+This module configures all NUT service settings.
+
+After configuration changes, the service will be reloaded automatically.
+
+----
+
+Examples
+********
+
+.. code-block:: yaml
+
+   - hosts: firewalls
+     connection: local
+     gather_facts: false
+     module_defaults:
+        group/oxlorg.opnsense.all:
+            firewall: 'opnsense.template.oxlorg.net'
+            api_credential_file: '/home/guy/.secret/opn.key'
+        oxlorg.opnsense.nut:
+            # repalce defaults password 'Password' with something random
+            admin_password: some random password here
+            monitor_password: some random password here
+
+    tasks:
+        - name: Configure NUT service with USBHID driver
+          oxlorg.opnsense.nut:
+            enabled: True
+            mode: standalone
+            usbhid_enable: True
+
+        - name: Configure NUT service with SNMP driver
+          oxlorg.opnsense.nut:
+            enabled: True
+            mode: standalone
+            snmp_enable: True
+            snmp_args:
+              - community=public
+              - port=192.168.1.200
+              - snmp_version=v2c
+
+        - name: Configure NUT service in Netclient mode
+          oxlorg.opnsense.nut:
+            enabled: Ture
+            mode: netclient
+            netclient_enable: True
+            netclient_address: 192.168.1.100
+            netclient_user: remotemon
+            netclient_password: password for remotemon user on 192.168.1.100 NUT server
+
+----
+
+Troubleshooting
+***************
+
+Check Service -> Nut -> Diagnostics view to check UPS status.
+
+You can use :ref:`oxlorg.opnsense.nut_diagnostics <modules_nut>` to acces status from ansible.

docs/source/modules/nut_diagnostics.rst

@@ -0,0 +1,73 @@
+.. _modules_nut_diagnostics:
+
+.. include:: ../_include/head.rst
+
+=====================================
+NUT - Network UPS Tools - Diagnostics
+=====================================
+
+**State:** Unstable
+
+**Tests:** `nut_diagnostics.yml <https://github.com/O-X-L/ansible_opnsense/blob/latest/tests/nut_diagnostics.yml>`_
+
+**API Docs**: `Plugins - NUT <https://docs.opnsense.org/development/api/plugins/nut.html>`_
+
+**Service Docs**: `NUT - Network UPS Tools <https://docs.opnsense.org/manual/how-tos/nut.html>`_
+
+Contribution
+************
+
+Author: `@wmatusiak <https://github.com/wmatusiak>`_
+
+If you encounter any issues or have suggestions for improvements, please feel free to contribute to the project.
+
+----
+
+Prerequisites
+*************
+
+You need to install the NUT plugin:
+
+```
+os-nut
+```
+You can also install it using the :ref:`oxlorg.opnsense.package <modules_package>` module.
+
+----
+
+Functions
+*********
+
+This module allows you to read UPS Status from Network UPS Tools on OPNsense firewall.
+
+Parameters
+##########
+
+.. include:: ../_include/param_basic.rst
+
+.. include:: ../_include/param_reload.rst
+
+----
+
+Examples
+********
+
+.. code-block:: yaml
+
+   - hosts: firewalls
+     connection: local
+     gather_facts: false
+     module_defaults:
+        group/oxlorg.opnsense.all:
+            firewall: 'opnsense.template.oxlorg.net'
+            api_credential_file: '/home/guy/.secret/opn.key'
+
+    tasks:
+        - name: Read UPS status
+          oxlorg.opnsense.nut_diagnostics:
+          register: ups_status
+
+        - name: Display UPS status
+          ansible.builtin.debug:
+            msg: " {{ ups_status.data }}"
+            

meta/runtime.yml

@@ -196,6 +196,9 @@ action_groups:
     - oxlorg.opnsense.user
     - oxlorg.opnsense.group
     - oxlorg.opnsense.privilege
+  nut:
+    - oxlorg.opnsense.nut
+    - oxlorg.opnsense.nut_diagnostics
   all:
     - metadata:
         extend_group:
@@ -227,6 +230,8 @@ action_groups:
           - oxlorg.opnsense.access
           - oxlorg.opnsense.dnsmasq
           - oxlorg.opnsense.haproxy
+          - oxlorg.opnsense.nut
+          - oxlorg.opnsense.nut_diagnostics
 
 plugin_routing:
   modules:

plugins/module_utils/main/nut.py

@@ -0,0 +1,137 @@
+from ansible.module_utils.basic import AnsibleModule
+
+from ansible_collections.oxlorg.opnsense.plugins.module_utils.base.api import Session
+from ansible_collections.oxlorg.opnsense.plugins.module_utils.base.cls import GeneralModule
+from ansible_collections.oxlorg.opnsense.plugins.module_utils.helper.main import is_unset
+from ansible_collections.oxlorg.opnsense.plugins.module_utils.helper.validate import is_ip, is_valid_domain
+
+
+class Nut(GeneralModule):
+    CMDS = {
+        'set': 'set',
+        'search': 'get',
+    }
+    API_KEY_PATH = 'nut'
+    API_KEY_PATH_REQ = API_KEY_PATH
+    API_MOD = 'nut'
+    API_CONT = 'settings'
+    API_CONT_REL = 'service'
+    API_CMD_REL = 'reconfigure'
+
+    FIELDS_TRANSLATE = {
+        # General section
+        'enabled': ('general', 'enable'),
+        'mode': ('general', 'mode'),
+        'name': ('general', 'name'),
+        'listen': ('general', 'listen'),
+        # Account section
+        'admin_password': ('account', 'admin_password'),
+        'monitor_password': ('account', 'mon_password'),
+        # USBHID-Driver section
+        'usbhid_enable': ('usbhid', 'enable'),
+        'usbhid_args': ('usbhid', 'args'),
+        # APCSMART-Driver section
+        'apcsmart_enable': ('apcsmart', 'enable'),
+        'apcsmart_args': ('apcsmart', 'args'),
+        # APCUPSD-Driver section
+        'apcupsd_enable': ('apcupsd', 'enable'),
+        'apcupsd_host': ('apcupsd', 'hostname'),
+        'apcupsd_port': ('apcupsd', 'port'),
+        # BCMXCPUSB-Driver section
+        'bcmxcpusb_enable': ('bcmxcpusb', 'enable'),
+        'bcmxcpusb_args': ('bcmxcpusb', 'args'),
+        # BlazerUSB-Driver section
+        'blazerusb_enable': ('blazerusb', 'enable'),
+        'blazerusb_args': ('blazerusb', 'args'),
+        # BlazerSerial-Driver section
+        'blazerser_enable': ('blazerser', 'enable'),
+        'blazerser_args': ('blazerser', 'args'),
+        # Netclient section
+        'netclient_enable': ('netclient', 'enable'),
+        'netclient_address': ('netclient', 'address'),
+        'netclient_port': ('netclient', 'port'),
+        'netclient_user': ('netclient', 'user'),
+        'netclient_password': ('netclient', 'password'),
+        # QX-Driver section
+        'qx_enable': ('qx', 'enable'),
+        'qx_args': ('qx', 'args'),
+        # Riello-Driver section
+        'riello_enable': ('riello', 'enable'),
+        'riello_args': ('riello', 'args'),
+        # SNMP-Driver section
+        'snmp_enable': ('snmp', 'enable'),
+        'snmp_args': ('snmp', 'args'),
+    }
+
+    FIELDS_CHANGE = list(FIELDS_TRANSLATE.keys())
+    FIELDS_ALL = FIELDS_CHANGE
+    FIELDS_DIFF_NO_LOG = [
+        'admin_password', 'monitor_password', 'netclient_password'
+    ]
+
+    FIELDS_TYPING = {
+        'bool': [
+            'enabled', 'usbhid_enable', 'apcsmart_enable', 'apcupsd_enable',
+            'bcmxcpusb_enable', 'blazerusb_enable', 'blazerser_enable',
+            'netclient_enable', 'qx_enable', 'riello_enable', 'snmp_enable'
+        ],
+        'str': [
+            'name', 'admin_password', 'monitor_password', 'apcupsd_host',
+            'netclient_address', 'netclient_user', 'netclient_password'
+        ],
+        'int': ['apcupsd_port', 'netclient_port'],
+        'list': [
+            'listen', 'usbhid_args', 'apcsmart_args', 'bcmxcpusb_args',
+            'blazerusb_args', 'blazerser_args', 'qx_args', 'riello_args',
+            'snmp_args'
+        ],
+        'select': ['mode'],
+    }
+
+    STR_VALIDATIONS = {
+        'name': r'^([0-9a-zA-Z._\-]){1,128}$',
+    }
+    INT_VALIDATIONS = {
+        'apcupsd_port': {'min': 1, 'max': 65535},
+        'netclient_port': {'min': 1, 'max': 65535},
+    }
+
+    TIMEOUT = 60.0
+
+    def __init__(self, module: AnsibleModule, result: dict, session: Session = None):
+        GeneralModule.__init__(self=self, m=module, r=result, s=session)
+
+    @staticmethod
+    def _is_ip_or_domain(value) -> bool:
+        # Ignoring empty
+        if is_unset(value):
+            return True
+
+        return is_ip(value, ignore_empty=True) or is_valid_domain(value)
+
+    def check(self) -> None:
+        self._base_check()
+        if isinstance(self.p['listen'], list):
+            for ip in self.p['listen']:
+                if not is_ip(ip, ignore_empty=True):
+                    self.m.fail_json(
+                        f"It seems you provided a invalid IP address as 'listen': '{ip}'"
+                    )
+
+        else:
+            ip = self.p['listen']
+            if not is_ip(ip, ignore_empty=True):
+                self.m.fail_json(
+                    f"It seems you provided a invalid IP address as 'listen': '{ip}'"
+                )
+
+        for field in ['apcupsd_host', 'netclient_address']:
+            ip = self.p[field]
+            if field == 'apcupsd_host' and ip == 'localhost':
+                # Default is localhost
+                continue
+
+            if not self._is_ip_or_domain(ip):
+                self.m.fail_json(
+                    f"It seems you provided a invalid IP or domain as '{field}': '{ip}'"
+                )