<p>Nagios is a powerful open source software solution for monitoring your IT environments.</p>
<p><code>confdroid_nagios</code> is a Puppet module allowing to fully automate the setup & configuration of the Nagios server, as well as actively adding client hosts and services to the monitoring environment through defines and <code>PuppetDB</code>.</p>
<p><strong>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</strong></p>
<p>if FQDN equals the specified <code>ng_nagios_server</code>, nagios server with all required specs is installed, else only nagios client packages and the target specs</p>
<p>configures the main nagios configuration file and sets values as (pre)configured per values in params, which can be overwritten.</p>
</li><li>
<p>if <code>ng_include_nrpe</code>is set to <code>true</code>, the confdroid_nrpe module is automatically applied on clients (<ahref="https://sourcecode.confdroid.com/confdroid/confdroid_nrpe">confdroid_nrpe</a> must be in the catalogue then)</p>
<p>if <code>ng_enable_fail2ban</code>is set to <code>true</code>, a fail2ban jail and filter will be added for the Nagios service (requires confdroid_fail2ban).</p>
<p>Main access to the user interface requires defining an administrative user and password via <code>ng_main_user</code> and <code>ng_main_password</code>. The password should be encrypted like this:</p>
<p>The main user is automatically created. If you want to add more users, this should be done via the define <code>confdroid_nagios::server::access</code>. In your control repo, site.pp etc. address the access define like this:</p>
<p>In order to add contacts for the notifications, address the define <code>confdroid_nagios::nagios::objects::add_contact</code> in your config repo, site.pp etc. like this:</p>
<p>In order to add contact groups for the notifications, address the define <code>confdroid_nagios::nagios::objects::add_contactgroups</code> in your config repo, site.pp etc. like this:</p>
<p>In order to add host groups, address the define <code>confdroid_nagios::nagios::objects::add_hostgroups</code> in your config repo, site.pp etc. like this:</p>
<p>In order to add service groups, address the define <code>confdroid_nagios::nagios::objects::add_servicegroups</code> in your config repo, site.pp etc. like this:</p>
<p>In order to add time periods, address the define <code>confdroid_nagios::nagios::objects::add_timeperiods</code> in your config repo, site.pp etc. like this:</p>
<p>Commands are defined in <code>confdroid_nagios::nagios::objects::commands</code> and deployed /etc/nagios/conf.d/nagios_commands_base.cfg through PuppetDB exports like this:</p>
<p>In order to add time periods, address the define <code>confdroid_nagios::nagios::objects::add_templates</code> in your config repo, site.pp etc. like this:</p>
<h3id="label-Customization+outside+of+Puppet">Customization outside of Puppet</h3>
<blockquote>
<p>Q: what if I want to add my own Nagios plugins, settings etc. outside of Puppet? Will those be overwritten? A: Puppet only controls what it knows about. You can add your own custom configuration files within <code>/etc/nagios/conf.d</code> and Nagios should recognize it, assuming it is valid code. Just beware of duplicated definitions, Nagios is very strict and merciless about this.</p>
<p>A working instance of PuppetDB connected to the Puppet master is required for this to work. Installation and configuration of PuppetDB is out of scope for this module, however <ahref="https://gitlab.confdroid.com/puppet/cd_puppetdb">cd_puppetdb</a> is available to automate this task for you as well within a few minutes.</p>
<h2id="label-SELINUX">SELINUX</h2>
<p>All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.</p>
<h2id="label-Support">Support</h2>
<ul><li>
<p>OS: Rocky 9</p>
</li><li>
<p>Puppet 7 # Puppet does not support Nagios in Puppet 8 anymore, although it still works</p>
</li></ul>
<h2id="label-Tests">Tests</h2>
<ul><li>
<p>Puppet Lint</p>
</li><li>
<p>excluded tests:</p>
<ul><li>
<p><code>--no-variable_scope-check</code>: not applicable as we are inheriting parameters from params class. the lint check does not distinguish between facts and inherited parameters.</p>
<p>confdroid as entity is entirely independent from Puppet. We provide custom configuration modules, written for specific purposes and specific environments. The modules are tested and supported only as documented, and require testing in designated environments (i.e. lab or development environments) for parameter tuning etc. before deploying into production environments.</p>
