OP#436 add documentation for user access

README.md

@@ -8,6 +8,7 @@
   - [WARNING](#warning)
   - [Features](#features)
     - [configuring user access](#configuring-user-access)
+    - [Additional users](#additional-users)
   - [Repo Documentation](#repo-documentation)
   - [Dependencies](#dependencies)
   - [Deployment](#deployment)
@@ -40,7 +41,33 @@ At this stage, the module is being redeveloped and being built to the latest sta
 - if `ng_include_nrpe`is set to `true`, the confdroid_nrpe module is automatically applied on clients ([confdroid_nrpe](https://sourcecode.confdroid.com/confdroid/confdroid_nrpe) must be in the catalogue then)
 
 ### configuring user access
-ToDo
+
+Main access to the user interface requires defining an administrative user and password via `ng_main_user` and `ng_main_password`. The password should be encrypted like this: 
+
+```bash
+htpasswd -B -n  testuser
+New password: 
+Re-type new password: 
+```
+
+This results in
+
+```text
+testuser: $2y$05$rNy/P22OfYZlpdEPnCAIg.OUizRD34P7pDRwUGiaYjH44PcRuZ2ia
+```
+
+Use that value to override the default password in ENC or Hiera, if you use it.
+
+### Additional users
+
+The main user is automatically created. If you want to add more users, this should be done via the define confdroid_nagios::server::access. In your control repo, site.pp etc. address the access define like this:
+
+```puppet
+confdroid_nagios::server::access { 'example':
+  ng_htpasswd_user     => 'example_user',
+  ng_htpasswd_password => 'example_password_encrypted'
+}
+```
 
 ## Repo Documentation
 

manifests/params.pp

@@ -40,13 +40,13 @@ class confdroid_nagios::params (
   String $ng_main_password          = 'nagios',
 
 # nagios.cfg
-  String $ng_log_file              = '/var/log/nagios/nagios.log',
+  String $ng_log_file               = '/var/log/nagios/nagios.log',
 
 # cgi.cfg
   String $ng_context_help           = '1',
 
 # httpd
-  Boolean $ng_use_https       = false,
+  Boolean $ng_use_https             = false,
 
 ) {
 # Default facts
@@ -110,14 +110,14 @@ class confdroid_nagios::params (
   $ng_cntctgrps_rule_erb      = 'confdroid_nagios/nagios/contactgroups_cfg_rule.erb'
   $ng_target_command          = "${ng_conf_d_dir}/nagios_commands_base.cfg"
   $ng_nagios_service_cmd      = 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios'
+  $ng_htpasswd_file           = "${ng_main_dir}/passwd"
+  $ng_htpasswd_head           = 'confdroid_nagios/nagios/htpasswd_head.erb'
+  $ng_htpasswd_rule           = 'confdroid_nagios/nagios/htpasswd_rule.erb'
 
 ## old
   $ng_main_config             = "${ng_main_dir}/nagios.cfg"
   $ng_cgi_cfg_file            = "${ng_main_dir}/cgi.cfg"
   $ng_cgi_cfg_erb             = 'confdroid_nagios/nagios/cgi_cfg.erb'
-  $ng_htpasswd_file           = "${ng_main_dir}/passwd"
-  $ng_htpasswd_head           = 'confdroid_nagios/nagios/htpasswd_head.erb'
-  $ng_htpasswd_rule           = 'confdroid_nagios/nagios/htpasswd_rule.erb'
   $ng_taccgi_erb              = 'confdroid_nagios/selinux/taccgi.erb'
   $ng_statcgi_erb             = 'confdroid_nagios/selinux/statuscgi.erb'
   $ng_statdat_erb             = 'confdroid_nagios/selinux/statusdat.erb'