re-chained certbot

2017-07-21 16:15:59 +01:00
parent 3923a4adc5
commit 0d2f0ae3e8
5 changed files with 164 additions and 50 deletions
--- a/manifests/server/files.pp
+++ b/manifests/server/files.pp
@@ -25,49 +25,34 @@ class cd_nagios::server::files (
 ) inherits cd_nagios::params {

  if $::fqdn == $ng_nagios_server {
+    if $ng_enable_certbot == true {
+      require cd_nagios::certbot::config
+      require cd_nagios::main::dirs

-  require cd_nagios::main::dirs
-
-    # manage nagios.cfg
+      # manage nagios.cfg


-    # manage cgi.cfg
+      # manage cgi.cfg

-    file { $ng_cgi_cfg_file:
-      ensure    =>  file,
-      path      =>  $ng_cgi_cfg_file,
-      owner     =>  'root',
-      group     =>  'root',
-      mode      =>  '0644',
-      selrange  =>  s0,
-      selrole   =>  object_r,
-      seltype   =>  nagios_etc_t,
-      seluser   =>  system_u,
-      content   =>  template($ng_cgi_cfg_erb),
-      notify    =>  Service[$ng_service],
-    }
-
-    # manage nagios.conf for httpd
-
-    file { $ng_nagios_conf:
-      ensure    =>  file,
-      path      =>  $ng_nagios_conf,
-      owner     =>  'root',
-      group     =>  'root',
-      mode      =>  '0644',
-      selrange  =>  s0,
-      selrole   =>  object_r,
-      seltype   =>  httpd_config_t,
-      seluser   =>  system_u,
-      content   =>  template($ng_nagios_conf_erb),
-      notify    =>  Service[$ae_service],
-    }
-
-    if $ng_http_https_fw == true {
-
-      file { $ng_forward_conf:
+      file { $ng_cgi_cfg_file:
        ensure    =>  file,
-        path      =>  $ng_forward_conf,
+        path      =>  $ng_cgi_cfg_file,
+        owner     =>  'root',
+        group     =>  'root',
+        mode      =>  '0644',
+        selrange  =>  s0,
+        selrole   =>  object_r,
+        seltype   =>  nagios_etc_t,
+        seluser   =>  system_u,
+        content   =>  template($ng_cgi_cfg_erb),
+        notify    =>  Service[$ng_service],
+      }
+
+      # manage nagios.conf for httpd
+
+      file { $ng_nagios_conf:
+        ensure    =>  file,
+        path      =>  $ng_nagios_conf,
        owner     =>  'root',
        group     =>  'root',
        mode      =>  '0644',
@@ -75,18 +60,73 @@ class cd_nagios::server::files (
        selrole   =>  object_r,
        seltype   =>  httpd_config_t,
        seluser   =>  system_u,
-        content   =>  template($ng_forward_conf_erb),
+        content   =>  template($ng_nagios_conf_erb),
        notify    =>  Service[$ae_service],
      }
+
+      if $ng_http_https_fw == true {
+        file { $ng_forward_conf:
+          ensure    =>  file,
+          path      =>  $ng_forward_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_forward_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
+
+      # manage welcome.conf for nagios web server
+
+      if $ng_disable_welcome == true {
+        file { $ng_welcome_conf:
+          ensure    =>  file,
+          path      =>  $ng_welcome_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_welcome_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
    }

-    # manage welcome.conf for nagios web server
+  else {

-    if $ng_disable_welcome == true {
+    require cd_nagios::main::dirs

-      file { $ng_welcome_conf:
+      # manage nagios.cfg
+
+
+      # manage cgi.cfg
+
+      file { $ng_cgi_cfg_file:
        ensure    =>  file,
-        path      =>  $ng_welcome_conf,
+        path      =>  $ng_cgi_cfg_file,
+        owner     =>  'root',
+        group     =>  'root',
+        mode      =>  '0644',
+        selrange  =>  s0,
+        selrole   =>  object_r,
+        seltype   =>  nagios_etc_t,
+        seluser   =>  system_u,
+        content   =>  template($ng_cgi_cfg_erb),
+        notify    =>  Service[$ng_service],
+      }
+
+      # manage nagios.conf for httpd
+
+      file { $ng_nagios_conf:
+        ensure    =>  file,
+        path      =>  $ng_nagios_conf,
        owner     =>  'root',
        group     =>  'root',
        mode      =>  '0644',
@@ -94,9 +134,45 @@ class cd_nagios::server::files (
        selrole   =>  object_r,
        seltype   =>  httpd_config_t,
        seluser   =>  system_u,
-        content   =>  template($ng_welcome_conf_erb),
+        content   =>  template($ng_nagios_conf_erb),
        notify    =>  Service[$ae_service],
      }
+
+      if $ng_http_https_fw == true {
+
+        file { $ng_forward_conf:
+          ensure    =>  file,
+          path      =>  $ng_forward_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_forward_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
+
+      # manage welcome.conf for nagios web server
+
+      if $ng_disable_welcome == true {
+
+        file { $ng_welcome_conf:
+          ensure    =>  file,
+          path      =>  $ng_welcome_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_welcome_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
    }
  }
 }