From a2d7dede737947d7c6afa20a88e1f0c64e0eb96c Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Thu, 10 Aug 2023 11:18:52 +0200
Subject: Merging upstream version 1.42.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 collectors/charts.d.plugin/libreswan/metadata.yaml | 220 +++++++++++++--------
 1 file changed, 142 insertions(+), 78 deletions(-)

(limited to 'collectors/charts.d.plugin/libreswan/metadata.yaml')

diff --git a/collectors/charts.d.plugin/libreswan/metadata.yaml b/collectors/charts.d.plugin/libreswan/metadata.yaml
index 480db3636..484d79ede 100644
--- a/collectors/charts.d.plugin/libreswan/metadata.yaml
+++ b/collectors/charts.d.plugin/libreswan/metadata.yaml
@@ -1,79 +1,143 @@
-meta:
-  plugin_name: charts.d.plugin
-  module_name: libreswan
-  monitored_instance:
-    name: Libreswan
-    link: ''
-    categories:
-    - data-collection.vpns
-    icon_filename: 'libreswan.png'
-  related_resources:
-    integrations:
-      list: []
-  info_provided_to_referring_integrations:
-    description: ''
-  keywords: []
-  most_popular: false
-overview:
-  data_collection:
-    metrics_description: 'Monitor Libreswan performance for optimal IPsec VPN operations. Improve your VPN operations with Netdata''s real-time metrics and built-in alerts.'
-    method_description: ''
-  supported_platforms:
-    include: []
-    exclude: []
-  multi-instance: true
-  additional_permissions:
-    description: ''
-  default_behavior:
-    auto_detection:
-      description: ''
-    limits:
-      description: ''
-    performance_impact:
-      description: ''
-setup:
-  prerequisites:
-    list: []
-  configuration:
-    file:
-      name: ''
-      description: ''
-    options:
-      description: ''
-      folding:
-        title: ''
-        enabled: true
-      list: []
-    examples:
-      folding:
-        enabled: true
-        title: ''
-      list: []
-troubleshooting:
-  problems:
-    list: []
-alerts: []
-metrics:
-  folding:
-    title: Metrics
-    enabled: false
-  description: ""
-  availability: []
-  scopes:
-  - name: IPSEC tunnel
-    description: ""
-    labels: []
+plugin_name: charts.d.plugin
+modules:
+  - meta:
+      plugin_name: charts.d.plugin
+      module_name: libreswan
+      monitored_instance:
+        name: Libreswan
+        link: "https://libreswan.org/"
+        categories:
+          - data-collection.vpns
+        icon_filename: "libreswan.png"
+      related_resources:
+        integrations:
+          list: []
+      info_provided_to_referring_integrations:
+        description: ""
+      keywords:
+        - vpn
+        - libreswan
+        - network
+        - ipsec
+      most_popular: false
+    overview:
+      data_collection:
+        metrics_description: "Monitor Libreswan performance for optimal IPsec VPN operations. Improve your VPN operations with Netdata''s real-time metrics and built-in alerts."
+        method_description: "The collector uses the `ipsec` command to collect the information it needs."
+      supported_platforms:
+        include: []
+        exclude: []
+      multi_instance: true
+      additional_permissions:
+        description: ""
+      default_behavior:
+        auto_detection:
+          description: ""
+        limits:
+          description: ""
+        performance_impact:
+          description: ""
+    setup:
+      prerequisites:
+        list:
+          - title: "Permissions to execute `ipsec`"
+            description: |
+              The plugin executes 2 commands to collect all the information it needs:
+              
+              ```sh
+              ipsec whack --status
+              ipsec whack --trafficstatus
+              ```
+              
+              The first command is used to extract the currently established tunnels, their IDs and their names.
+              The second command is used to extract the current uptime and traffic.
+              
+              Most probably user `netdata` will not be able to query libreswan, so the `ipsec` commands will be denied.
+              The plugin attempts to run `ipsec` as `sudo ipsec ...`, to get access to libreswan statistics.
+              
+              To allow user `netdata` execute `sudo ipsec ...`, create the file `/etc/sudoers.d/netdata` with this content:
+              
+              ```
+              netdata ALL = (root) NOPASSWD: /sbin/ipsec whack --status
+              netdata ALL = (root) NOPASSWD: /sbin/ipsec whack --trafficstatus
+              ```
+              
+              Make sure the path `/sbin/ipsec` matches your setup (execute `which ipsec` to find the right path).
+      configuration:
+        file:
+          name: charts.d/libreswan.conf
+        options:
+          description: |
+            The config file is sourced by the charts.d plugin. It's a standard bash file.
+            
+            The following collapsed table contains all the options that can be configured for the libreswan collector.
+          folding:
+            title: "Config options"
+            enabled: true
+          list:
+            - name: libreswan_update_every
+              description: The data collection frequency. If unset, will inherit the netdata update frequency.
+              default_value: 1
+              required: false
+            - name: libreswan_priority
+              description: The charts priority on the dashboard
+              default_value: 90000
+              required: false
+            - name: libreswan_retries
+              description: The number of retries to do in case of failure before disabling the collector.
+              default_value: 10
+              required: false
+            - name: libreswan_sudo
+              description: Whether to run `ipsec` with `sudo` or not.
+              default_value: 1
+              required: false
+        examples:
+          folding:
+            enabled: false
+            title: "Config"
+          list:
+            - name: Run `ipsec` without sudo
+              description: Run the `ipsec` utility without sudo
+              config: |
+                # the data collection frequency
+                # if unset, will inherit the netdata update frequency
+                #libreswan_update_every=1
+                
+                # the charts priority on the dashboard
+                #libreswan_priority=90000
+                
+                # the number of retries to do in case of failure
+                # before disabling the module
+                #libreswan_retries=10
+                
+                # set to 1, to run ipsec with sudo (the default)
+                # set to 0, to run ipsec without sudo
+                libreswan_sudo=0
+    troubleshooting:
+      problems:
+        list: []
+    alerts: []
     metrics:
-    - name: libreswan.net
-      description: LibreSWAN Tunnel ${name} Traffic
-      unit: "kilobits/s"
-      chart_type: area
-      dimensions:
-      - name: in
-      - name: out
-    - name: libreswan.uptime
-      description: LibreSWAN Tunnel ${name} Uptime
-      unit: "seconds"
-      chart_type: line
-      dimensions:
-      - name: uptime
+      folding:
+        title: Metrics
+        enabled: false
+      description: ""
+      availability: []
+      scopes:
+        - name: IPSEC tunnel
+          description: "Metrics related to IPSEC tunnels. Each tunnel provides its own set of the following metrics."
+          labels: []
+          metrics:
+            - name: libreswan.net
+              description: LibreSWAN Tunnel ${name} Traffic
+              unit: "kilobits/s"
+              chart_type: area
+              dimensions:
+                - name: in
+                - name: out
+            - name: libreswan.uptime
+              description: LibreSWAN Tunnel ${name} Uptime
+              unit: "seconds"
+              chart_type: line
+              dimensions:
+                - name: uptime
-- 
cgit v1.2.3