From a3ef535bfc71dacb44313f66187366509d6d624c Mon Sep 17 00:00:00 2001
From: Ben Vincent <ben@unkin.net>
Date: Wed, 19 Jun 2024 22:29:22 +1000
Subject: [PATCH] fix: ceph consul check script

- add permissions to write ceph-* services to consul
- change from `script` to `args` array
---
 hieradata/roles/infra/proxmox.yaml        | 14 ++++++++++++++
 site/profiles/manifests/proxmox/consul.pp |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/hieradata/roles/infra/proxmox.yaml b/hieradata/roles/infra/proxmox.yaml
index 09e34c9..775d794 100644
--- a/hieradata/roles/infra/proxmox.yaml
+++ b/hieradata/roles/infra/proxmox.yaml
@@ -19,3 +19,17 @@ ssh::server::options:
     - XMODIFIERS
   ListenAddress:
     - "%{facts.networking.interfaces.vmbr1.ip}"
+
+profiles::consul::client::node_rules:
+  - resource: service
+    segment: ceph-mon
+    disposition: write
+  - resource: service
+    segment: ceph-mds
+    disposition: write
+  - resource: service
+    segment: ceph-mgr
+    disposition: write
+  - resource: service
+    segment: ceph-osd
+    disposition: write
diff --git a/site/profiles/manifests/proxmox/consul.pp b/site/profiles/manifests/proxmox/consul.pp
index 9911a87..295dd5a 100644
--- a/site/profiles/manifests/proxmox/consul.pp
+++ b/site/profiles/manifests/proxmox/consul.pp
@@ -25,7 +25,7 @@ class profiles::proxmox::consul {
           {
             id       => "pveceph_${key}_check",
             name     => "PVECeph ${key} Check",
-            script   => "/usr/local/bin/check_ceph_service.sh ${key}",
+            args     => ['/usr/local/bin/check_ceph_service.sh', $key],
             interval => '10s',
             timeout  => '1s',
           }
-- 
2.47.3