From 87b90bffa020dd3690b95987e559062ffa3c8fbc Mon Sep 17 00:00:00 2001
From: Jon <jonathon.lockwood@networkedweb.com>
Date: Fri, 23 Feb 2024 15:14:56 +0930
Subject: [PATCH] feat(server): move config of variables to vars file

!8 #11
---
 .../collection/phpipam_scan_agent/docker.md   |  6 +--
 .../collection/phpipam_scan_agent/server.md   | 22 ++++++-----
 extensions/eda/rulebooks/agent_receive.yml    |  2 +-
 includes/etc/phpipam/scan_server.yaml         | 13 +++++++
 includes/etc/supervisor/conf.d/rulebook.conf  |  2 +-
 playbooks/server.yaml                         | 37 ++++++++++---------
 playbooks/tasks/server/ipaddress.yaml         |  8 ++--
 playbooks/tasks/server/subnet_scan.yaml       |  8 ++--
 8 files changed, 57 insertions(+), 41 deletions(-)
 create mode 100644 includes/etc/phpipam/scan_server.yaml

diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md
index fab0c36..95012e8 100644
--- a/docs/projects/ansible/collection/phpipam_scan_agent/docker.md
+++ b/docs/projects/ansible/collection/phpipam_scan_agent/docker.md
@@ -19,10 +19,6 @@ Launching the docker container can be done with
 
 docker run \
     -d \
-    -e "API_URL=<your value here>" \
-    -e "MYSQL_HOST=<your value here>" \
-    -e "MYSQL_USER=<your value here>" \
-    -e "MYSQL_PASSWORD=<your value here>" \
     -p "5000:5000" \
     --name scan-agent \
     nofusscomputing/phpipam-scan-agent:latest;
@@ -45,6 +41,8 @@ You will need to configure the scan components:
 
 - scanner config file at path `/etc/phpipam/scan_agent.yaml`, see [scanner docs](scanner.md#variables) for details.
 
+- server config at path `/etc/phpipam/scan_server.yaml`, see [server docs](server.md#variables) for details.
+
 If you wish to customize the cronjob for the scan component within the container, mount a new cron file to path `/etc/cron.d/scanner`. The default cron file is as follows:
 
 ``` yaml title="/etc/cron.d/scanner" linenums="1"
diff --git a/docs/projects/ansible/collection/phpipam_scan_agent/server.md b/docs/projects/ansible/collection/phpipam_scan_agent/server.md
index a5713ae..53de719 100644
--- a/docs/projects/ansible/collection/phpipam_scan_agent/server.md
+++ b/docs/projects/ansible/collection/phpipam_scan_agent/server.md
@@ -22,24 +22,26 @@ ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive
 
 ### Variables
 
-The variables described below, if optional the value specified here is the default value. All variables that are used by the server component are environmental variables that must be set before execution. Ansbible variable name is enclused in `[]`
+The variables described below, if optional the value specified here is the default value. The variables are to be set in a variables file at path `/etc/phpipam/scan_server.yaml`
 
-``` bash
+``` yaml
 
-# phpIPAM MariaDB/MySQL Variables
-MYSQL_HOST=            # Mandatory, String. IP/DNS of host to connect. [nfc_c_mysql_host]
-MYSQL_PORT=3306        # Optional, Integer. port to use for connection. [nfc_c_mysql_port]
-MYSQL_USER=            # Mandatory, String. User to authenticate with. [nfc_c_mysql_user]
-MYSQL_PASSWORD=        # Mandatory, String. Password for the user to connect with. [nfc_c_mysql_password]
+nofusscomputing_phpipam_scan_server:
+
+  # phpIPAM MariaDB/MySQL Variables
+  mysql_host:         # Mandatory, String. IP/DNS of host to connect. [nfc_c_]
+  mysql_port: 3306    # Optional, Integer. port to use for connection. [nfc_c_]
+  mysql_user:         # Mandatory, String. User to authenticate with. [nfc_c_]
+  mysql_password:     # Mandatory, String. Password for the user to connect with. [nfc_c_]
 
 
-# Server Component Variables
-HTTP_PORT=5000         # Optional, Integer. The port for the Server component to listen for connections.
+  # Server Component Variables
+  http_port: 5000     # Optional, Integer. The port for the Server component to listen for connections.
 
 ```
 
 
-# Workflow
+## Workflow
 
 The Server componet has the following workflow:
 
diff --git a/extensions/eda/rulebooks/agent_receive.yml b/extensions/eda/rulebooks/agent_receive.yml
index 5a64137..a84d2de 100644
--- a/extensions/eda/rulebooks/agent_receive.yml
+++ b/extensions/eda/rulebooks/agent_receive.yml
@@ -6,7 +6,7 @@
     - name: Webhook
       ansible.eda.webhook:
         host: 0.0.0.0
-        port: "{{ HTTP_PORT }}"
+        port: "{{ nofusscomputing_phpipam_scan_server.http_port | default(5000) | int }}"
 
   rules:
 
diff --git a/includes/etc/phpipam/scan_server.yaml b/includes/etc/phpipam/scan_server.yaml
new file mode 100644
index 0000000..e8176b6
--- /dev/null
+++ b/includes/etc/phpipam/scan_server.yaml
@@ -0,0 +1,13 @@
+---
+
+nofusscomputing_phpipam_scan_server:
+
+# phpIPAM MariaDB/MySQL Variables
+# mysql_host:         # Mandatory, String. IP/DNS of host to connect. [nfc_c_]
+# mysql_port: 3306    # Optional, Integer. port to use for connection. [nfc_c_]
+# mysql_user:         # Mandatory, String. User to authenticate with. [nfc_c_]
+# mysql_password:     # Mandatory, String. Password for the user to connect with. [nfc_c_]
+
+
+# Server Component Variables
+# http_port: 5000     # Optional, Integer. The port for the Server component to listen for connections.
diff --git a/includes/etc/supervisor/conf.d/rulebook.conf b/includes/etc/supervisor/conf.d/rulebook.conf
index c63aed3..862a8bb 100644
--- a/includes/etc/supervisor/conf.d/rulebook.conf
+++ b/includes/etc/supervisor/conf.d/rulebook.conf
@@ -1,7 +1,7 @@
 [program:rulebook]
 startsecs=0
 stopwaitsecs=55
-command=ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive --env-vars "HTTP_PORT" -i /root/hosts.yaml -v
+command=ansible-rulebook -r nofusscomputing.phpipam_scan_agent.agent_receive --vars /etc/phpipam/scan_server.yaml -i /root/hosts.yaml -v
 autorestart=true
 autostart=true
 stdout_logfile=/dev/fd/1
diff --git a/playbooks/server.yaml b/playbooks/server.yaml
index dc41f9b..d740d90 100644
--- a/playbooks/server.yaml
+++ b/playbooks/server.yaml
@@ -7,26 +7,29 @@
   tasks:
 
 
-    - name: Fetch Required Environmental Variables
-      ansible.builtin.set_fact:
-        nfc_c_mysql_host: "{{ lookup('ansible.builtin.env', 'MYSQL_HOST') | default('') }}"
-        nfc_c_mysql_port: "{{ lookup('ansible.builtin.env', 'MYSQL_PORT') | default(3306) | int }}"
-        nfc_c_mysql_user: "{{ lookup('ansible.builtin.env', 'MYSQL_USER') | default('') }}"
-        nfc_c_mysql_password: "{{ lookup('ansible.builtin.env', 'MYSQL_PASSWORD') | default('') }}"
-      no_log: true
-
-
     - name: TRACE Inbound data Received
       ansible.builtin.debug:
         msg: "{{ inbound_data }}"
 
+    - name: Check for Existance of config file
+      ansible.builtin.stat:
+        path: /etc/phpipam/scan_server.yaml
+      register: config_file_check
+
+
+    - name: Load Config File
+      ansible.builtin.include_vars:
+        file: /etc/phpipam/scan_server.yaml
+      when: >
+        config_file_check.stat.exists
+
 
     - name: Fetch Agent Details
       community.mysql.mysql_query:
-        login_host: "{{ nfc_c_mysql_host }}"
-        login_port: "{{ nfc_c_mysql_port | default(3306) | int }}"
-        login_user: "{{ nfc_c_mysql_user }}"
-        login_password: "{{ nfc_c_mysql_password }}"
+        login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}"
+        login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}"
+        login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}"
+        login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}"
 
         login_db: 'phpipam'
         query: >
@@ -37,10 +40,10 @@
 
     - name: Confirm Subnet Assignment
       community.mysql.mysql_query:
-        login_host: "{{ nfc_c_mysql_host }}"
-        login_port: "{{ nfc_c_mysql_port | default(3306) | int }}"
-        login_user: "{{ nfc_c_mysql_user }}"
-        login_password: "{{ nfc_c_mysql_password }}"
+        login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}"
+        login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}"
+        login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}"
+        login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}"
 
         login_db: 'phpipam'
         query: >
diff --git a/playbooks/tasks/server/ipaddress.yaml b/playbooks/tasks/server/ipaddress.yaml
index 633ae0c..fb80058 100644
--- a/playbooks/tasks/server/ipaddress.yaml
+++ b/playbooks/tasks/server/ipaddress.yaml
@@ -3,10 +3,10 @@
 
 - name: "Update IP Address' found - {{ scan_address.ipaddress.ip }}"
   community.mysql.mysql_query:
-    login_host: "{{ nfc_c_mysql_host }}"
-    login_port: "{{ nfc_c_mysql_port | default(3306) | int }}"
-    login_user: "{{ nfc_c_mysql_user }}"
-    login_password: "{{ nfc_c_mysql_password }}"
+    login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}"
+    login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}"
+    login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}"
+    login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}"
 
     login_db: 'phpipam'
     query: |-
diff --git a/playbooks/tasks/server/subnet_scan.yaml b/playbooks/tasks/server/subnet_scan.yaml
index d9eb038..a8de9f5 100644
--- a/playbooks/tasks/server/subnet_scan.yaml
+++ b/playbooks/tasks/server/subnet_scan.yaml
@@ -3,10 +3,10 @@
 
 - name: Match Scan Addresses to DB Details
   community.mysql.mysql_query:
-    login_host: "{{ nfc_c_mysql_host }}"
-    login_port: "{{ nfc_c_mysql_port | default(3306) | int }}"
-    login_user: "{{ nfc_c_mysql_user }}"
-    login_password: "{{ nfc_c_mysql_password }}"
+    login_host: "{{ nofusscomputing_phpipam_scan_server.mysql_host }}"
+    login_port: "{{ nofusscomputing_phpipam_scan_server.mysql_port | default(3306) | int }}"
+    login_user: "{{ nofusscomputing_phpipam_scan_server.mysql_user }}"
+    login_password: "{{ nofusscomputing_phpipam_scan_server.mysql_password }}"
 
     login_db: 'phpipam'
     query: |-