From 24e7fe23e7aeb7ac7417b02110716cf9e1fb4943 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@sevenseas.org>
Date: Mon, 21 Mar 2016 18:38:45 +0100
Subject: [PATCH] library/roles/mongodb-org-3.2, library/roles/mongodb-org-3:
 Enable ganglia authentication against mongo.
 d4science-ghn-cluster/group_vars/mongo_cluster_prod/ganglia.yml: Enable
 authentication.

---
 mongodb-org-3.2/defaults/main.yml           | 5 +++++
 mongodb-org-3.2/templates/mongodb.pyconf.j2 | 8 ++++++++
 mongodb-org-3/defaults/main.yml             | 6 ++++++
 mongodb-org-3/templates/mongodb.pyconf.j2   | 8 ++++++++
 4 files changed, 27 insertions(+)

diff --git a/mongodb-org-3.2/defaults/main.yml b/mongodb-org-3.2/defaults/main.yml
index eed15b2b..f82d69fb 100644
--- a/mongodb-org-3.2/defaults/main.yml
+++ b/mongodb-org-3.2/defaults/main.yml
@@ -23,3 +23,8 @@ mongodb_allowed_hosts:
 mongodb_cluster_enabled: False
 mongodb_replicaset: storagedev
 mongodb_replica_keyfile: '{{ mongodb_dbpath }}/replica_keyfile'
+
+mongodb_ganglia_auth_enabled: False
+mongodb_ganglia_db: admin
+mongodb_ganglia_auth_mechanism: MONGODB-CR
+# User and password are stored in the variables mongo_monitoring_u and mongo_monitoring_pwd
diff --git a/mongodb-org-3.2/templates/mongodb.pyconf.j2 b/mongodb-org-3.2/templates/mongodb.pyconf.j2
index a23f9b1c..5ed2f723 100644
--- a/mongodb-org-3.2/templates/mongodb.pyconf.j2
+++ b/mongodb-org-3.2/templates/mongodb.pyconf.j2
@@ -3,10 +3,18 @@ modules {
         name = "mongodb"
         language = "python"
         param server_status {
+{% if mongodb_ganglia_auth_enabled %}
+            value = "mongo --quiet --authenticationMechanism {{ mongodb_ganglia_auth_mechanism }} -u {{ mongo_monitoring_u }} -p {{ mongo_monitoring_pwd }} --eval 'printjson(db.serverStatus())' {{ mongodb_ganglia_db }}"
+{% else %}
             value = "mongo --quiet --eval 'printjson(db.serverStatus())'"
+{% endif %}
         }
         param rs_status {
+{% if mongodb_ganglia_auth_enabled %}
+            value = "mongo --quiet --authenticationMechanism {{ mongodb_ganglia_auth_mechanism }} -u {{ mongo_monitoring_u }} -p {{ mongo_monitoring_pwd }} --eval 'printjson(rs.status())' {{ mongodb_ganglia_db }}"
+{% else %}
             value = "mongo --quiet --eval 'printjson(rs.status())'"
+{% endif %}
         }
     }
 }
diff --git a/mongodb-org-3/defaults/main.yml b/mongodb-org-3/defaults/main.yml
index eed15b2b..6e0f1b36 100644
--- a/mongodb-org-3/defaults/main.yml
+++ b/mongodb-org-3/defaults/main.yml
@@ -23,3 +23,9 @@ mongodb_allowed_hosts:
 mongodb_cluster_enabled: False
 mongodb_replicaset: storagedev
 mongodb_replica_keyfile: '{{ mongodb_dbpath }}/replica_keyfile'
+
+mongodb_ganglia_auth_enabled: False
+mongodb_ganglia_db: admin
+mongodb_ganglia_auth_mechanism: MONGODB-CR
+# User and password are stored in the variables mongo_monitoring_u and mongo_monitoring_pwd
+
diff --git a/mongodb-org-3/templates/mongodb.pyconf.j2 b/mongodb-org-3/templates/mongodb.pyconf.j2
index a23f9b1c..5ed2f723 100644
--- a/mongodb-org-3/templates/mongodb.pyconf.j2
+++ b/mongodb-org-3/templates/mongodb.pyconf.j2
@@ -3,10 +3,18 @@ modules {
         name = "mongodb"
         language = "python"
         param server_status {
+{% if mongodb_ganglia_auth_enabled %}
+            value = "mongo --quiet --authenticationMechanism {{ mongodb_ganglia_auth_mechanism }} -u {{ mongo_monitoring_u }} -p {{ mongo_monitoring_pwd }} --eval 'printjson(db.serverStatus())' {{ mongodb_ganglia_db }}"
+{% else %}
             value = "mongo --quiet --eval 'printjson(db.serverStatus())'"
+{% endif %}
         }
         param rs_status {
+{% if mongodb_ganglia_auth_enabled %}
+            value = "mongo --quiet --authenticationMechanism {{ mongodb_ganglia_auth_mechanism }} -u {{ mongo_monitoring_u }} -p {{ mongo_monitoring_pwd }} --eval 'printjson(rs.status())' {{ mongodb_ganglia_db }}"
+{% else %}
             value = "mongo --quiet --eval 'printjson(rs.status())'"
+{% endif %}
         }
     }
 }