From 183e17f460c21ab257c6ba30dc341ed0d9ad0761 Mon Sep 17 00:00:00 2001 From: Jenkins Server Date: Fri, 21 Jul 2017 17:16:28 +0200 Subject: [PATCH] recommit for updates in build 35 --- CHANGELOG.md | 10 + REPOSTRUCTURE.md | 3 +- doc/_index.html | 2 +- doc/file.README.html | 2 +- doc/index.html | 2 +- doc/puppet_classes/cd_nagios.html | 2 +- .../cd_nagios_3A_3Acertbot_3A_3Aconfig.html | 64 ++++- .../cd_nagios_3A_3Aclient_3A_3Atarget.html | 2 +- ...cd_nagios_3A_3Afirewall_3A_3Aiptables.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Aconfig.html | 14 +- .../cd_nagios_3A_3Amain_3A_3Adirs.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Ainstall.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Auser.html | 2 +- doc/puppet_classes/cd_nagios_3A_3Aparams.html | 10 +- .../cd_nagios_3A_3Aselinux_3A_3Aconfig.html | 2 +- ..._nagios_3A_3Aserver_3A_3Aaccess_rules.html | 2 +- .../cd_nagios_3A_3Aserver_3A_3Afiles.html | 244 ++++++++++++++---- .../cd_nagios_3A_3Aserver_3A_3Aservice.html | 2 +- .../cd_nagios_3A_3Aserver_3A_3Aaccess.html | 2 +- doc/top-level-namespace.html | 2 +- 20 files changed, 295 insertions(+), 78 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0bc8730..88fc7e1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ Changelog of Git Changelog.

No issue

+2c6b5f8656e9fef Jenkins Server 2017-07-21 14:51:54 +

+

recommit for updates in build 34

+ +

+3923a4adc5e4443 Arne Teuke 2017-07-21 14:51:28 +

+

changed config to use variables, added parameters

+ +

353e7e99cf92594 Jenkins Server 2017-07-21 14:42:28

recommit for updates in build 33

diff --git a/REPOSTRUCTURE.md b/REPOSTRUCTURE.md index 09b92c5..b258133 100644 --- a/REPOSTRUCTURE.md +++ b/REPOSTRUCTURE.md @@ -54,6 +54,7 @@ | `-- params.pp |-- templates | |-- certbot +| | |-- create_tempfile.erb | | |-- get_cert.erb | | |-- unless_get_cert.erb | | `-- unless_renew_cert.erb @@ -77,4 +78,4 @@ |-- README.md `-- REPOSTRUCTURE.md -18 directories, 59 files +18 directories, 60 files diff --git a/doc/_index.html b/doc/_index.html index 3acb26f..d0108e3 100644 --- a/doc/_index.html +++ b/doc/_index.html @@ -186,7 +186,7 @@ diff --git a/doc/file.README.html b/doc/file.README.html index afa5949..d433ed3 100644 --- a/doc/file.README.html +++ b/doc/file.README.html @@ -304,7 +304,7 @@ environments.

diff --git a/doc/index.html b/doc/index.html index dff6c49..189ba57 100644 --- a/doc/index.html +++ b/doc/index.html @@ -304,7 +304,7 @@ environments.

diff --git a/doc/puppet_classes/cd_nagios.html b/doc/puppet_classes/cd_nagios.html index ccb2727..aaa7e24 100644 --- a/doc/puppet_classes/cd_nagios.html +++ b/doc/puppet_classes/cd_nagios.html @@ -139,7 +139,7 @@ class cd_nagios { diff --git a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html index 4dbfa58..0db5903 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html +++ b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html @@ -162,7 +162,37 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses/.

53 54 55 -56 +56 +57 +58 +59 +60 +61 +62 +63 +64 +65 +66 +67 +68 +69 +70 +71 +72 +73 +74 +75 +76 +77 +78 +79 +80 +81 +82 +83 +84 +85 +86 
# File 'manifests/certbot/config.pp', line 23
@@ -176,6 +206,24 @@ class cd_nagios::certbot::config (
 
       require cd_certbot
 
+      # ensure there is no forward vhost file
+
+      exec { 'remove forward vhost':
+        command   =>  "rm -Rf  $ng_forward_conf",
+        creates   =>  '/etc/httpd/conf.d/.cert_created',
+      }
+
+      # create temp vhost file
+
+      exec { 'create_temp_vhost':
+        command   =>  template('cd_nagios/certbot/create_tempfile.erb'),
+        cwd       =>  '/tmp',
+        path      =>  ['/bin','/usr/bin'],
+        provider  =>  'shell',
+        creates   =>  '/etc/httpd/conf.d/.created',
+        notify    =>  Service['httpd'],
+      }
+
       # create cert
 
       exec { 'create_cert':
@@ -188,6 +236,18 @@ class cd_nagios::certbot::config (
         creates   =>  '/etc/httpd/conf.d/.cert_created',
       }
 
+      # remove temp_vhost
+
+      exec { 'remove_temp_vhost':
+        command   =>  "rm -Rf ${ng_certbot_temp_file}",
+        cwd       =>  '/tmp',
+        path      =>  ['/bin','/usr/bin'],
+        provider  =>  'shell',
+        notify    =>  Service['httpd'],
+        require   =>  Exec['create_cert'],
+        creates   =>  "/etc/letsencrypt/live/${ng_nagios_server}/cert.pem",
+      }
+
       # renew certs
 
       exec {  'renew_cert':
@@ -208,7 +268,7 @@ class cd_nagios::certbot::config (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
index f5ceb15..54a4c3e 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
@@ -368,7 +368,7 @@ class cd_nagios::client::target (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
index 01309fa..8133710 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
@@ -207,7 +207,7 @@ class cd_nagios::firewall::iptables (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
index a6179c4..e3cd2fc 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
@@ -152,12 +152,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses/.

 43
 44
 45
-46
-47
-48
-49
-50
-51
+46 
# File 'manifests/main/config.pp', line 24
@@ -178,11 +173,6 @@ class cd_nagios::main::config (
     if $ng_use_selinux_tools == true {
       include cd_nagios::selinux::config
     }
-
-    if $ng_enable_certbot == true {
-      include cd_nagios::certbot::config
-    }
-
   }
 
   if $::fqdn != $ng_nagios_server {
@@ -197,7 +187,7 @@ class cd_nagios::main::config (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
index 63e1d00..7d90536 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
@@ -468,7 +468,7 @@ class cd_nagios::main::dirs (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
index b850153..454b52b 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
@@ -235,7 +235,7 @@ class cd_nagios::main::install (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
index 1c7f136..2483cec 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
@@ -200,7 +200,7 @@ class cd_nagios::main::user (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aparams.html b/doc/puppet_classes/cd_nagios_3A_3Aparams.html
index 38826e2..acd537f 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aparams.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aparams.html
@@ -2126,7 +2126,9 @@ well as for certbot.

 380
 381
 382
-383
+383 +384 +385 
# File 'manifests/params.pp', line 213
@@ -2295,7 +2297,9 @@ $ng_forward_conf      = '/etc/httpd/conf.d/nagios_forward.conf'
 $ng_forward_conf_erb  = 'cd_nagios/httpd/forward_conf.erb'
 $ng_get_cert_erb      = 'cd_nagios/certbot/get_cert.erb'
 $ng_unless_get_cert   = 'cd_nagios/certbot/unless_get_cert.erb'
-$ng_unless_renew_erb  =  'cd_nagios/certbot/unless_renew_cert.erb'
+$ng_unless_renew_erb  = 'cd_nagios/certbot/unless_renew_cert.erb'
+$ng_create_tempvhost  = 'cd_nagios/certbot/create_tempfile.erb'
+$ng_certbot_temp_file = '/etc/httpd/conf.d/certbot_temp.conf'
 
 # includes must be last
 
@@ -2309,7 +2313,7 @@ $ng_unless_renew_erb  =  'cd_nagios/certbot/unless_renew_cert.erb'
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
index b114d14..958c178 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
@@ -249,7 +249,7 @@ class cd_nagios::selinux::config (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
index d440991..622252f 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
@@ -195,7 +195,7 @@ class cd_nagios::server::access_rules (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
index 2307339..0687719 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
@@ -208,7 +208,83 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses/.

 99
 100
 101
-102
+102 +103 +104 +105 +106 +107 +108 +109 +110 +111 +112 +113 +114 +115 +116 +117 +118 +119 +120 +121 +122 +123 +124 +125 +126 +127 +128 +129 +130 +131 +132 +133 +134 +135 +136 +137 +138 +139 +140 +141 +142 +143 +144 +145 +146 +147 +148 +149 +150 +151 +152 +153 +154 +155 +156 +157 +158 +159 +160 +161 +162 +163 +164 +165 +166 +167 +168 +169 +170 +171 +172 +173 +174 +175 +176 +177 +178 
# File 'manifests/server/files.pp', line 23
@@ -218,49 +294,34 @@ class cd_nagios::server::files (
 ) inherits cd_nagios::params {
 
   if $::fqdn == $ng_nagios_server {
+    if $ng_enable_certbot == true {
+      require cd_nagios::certbot::config
+      require cd_nagios::main::dirs
 
-  require cd_nagios::main::dirs
-
-    # manage nagios.cfg
+      # manage nagios.cfg
 
 
-    # manage cgi.cfg
+      # manage cgi.cfg
 
-    file { $ng_cgi_cfg_file:
-      ensure    =>  file,
-      path      =>  $ng_cgi_cfg_file,
-      owner     =>  'root',
-      group     =>  'root',
-      mode      =>  '0644',
-      selrange  =>  s0,
-      selrole   =>  object_r,
-      seltype   =>  nagios_etc_t,
-      seluser   =>  system_u,
-      content   =>  template($ng_cgi_cfg_erb),
-      notify    =>  Service[$ng_service],
-    }
-
-    # manage nagios.conf for httpd
-
-    file { $ng_nagios_conf:
-      ensure    =>  file,
-      path      =>  $ng_nagios_conf,
-      owner     =>  'root',
-      group     =>  'root',
-      mode      =>  '0644',
-      selrange  =>  s0,
-      selrole   =>  object_r,
-      seltype   =>  httpd_config_t,
-      seluser   =>  system_u,
-      content   =>  template($ng_nagios_conf_erb),
-      notify    =>  Service[$ae_service],
-    }
-
-    if $ng_http_https_fw == true {
-
-      file { $ng_forward_conf:
+      file { $ng_cgi_cfg_file:
         ensure    =>  file,
-        path      =>  $ng_forward_conf,
+        path      =>  $ng_cgi_cfg_file,
+        owner     =>  'root',
+        group     =>  'root',
+        mode      =>  '0644',
+        selrange  =>  s0,
+        selrole   =>  object_r,
+        seltype   =>  nagios_etc_t,
+        seluser   =>  system_u,
+        content   =>  template($ng_cgi_cfg_erb),
+        notify    =>  Service[$ng_service],
+      }
+
+      # manage nagios.conf for httpd
+
+      file { $ng_nagios_conf:
+        ensure    =>  file,
+        path      =>  $ng_nagios_conf,
         owner     =>  'root',
         group     =>  'root',
         mode      =>  '0644',
@@ -268,18 +329,73 @@ class cd_nagios::server::files (
         selrole   =>  object_r,
         seltype   =>  httpd_config_t,
         seluser   =>  system_u,
-        content   =>  template($ng_forward_conf_erb),
+        content   =>  template($ng_nagios_conf_erb),
         notify    =>  Service[$ae_service],
       }
+
+      if $ng_http_https_fw == true {
+        file { $ng_forward_conf:
+          ensure    =>  file,
+          path      =>  $ng_forward_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_forward_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
+
+      # manage welcome.conf for nagios web server
+
+      if $ng_disable_welcome == true {
+        file { $ng_welcome_conf:
+          ensure    =>  file,
+          path      =>  $ng_welcome_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_welcome_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
     }
 
-    # manage welcome.conf for nagios web server
+  else {
 
-    if $ng_disable_welcome == true {
+    require cd_nagios::main::dirs
 
-      file { $ng_welcome_conf:
+      # manage nagios.cfg
+
+
+      # manage cgi.cfg
+
+      file { $ng_cgi_cfg_file:
         ensure    =>  file,
-        path      =>  $ng_welcome_conf,
+        path      =>  $ng_cgi_cfg_file,
+        owner     =>  'root',
+        group     =>  'root',
+        mode      =>  '0644',
+        selrange  =>  s0,
+        selrole   =>  object_r,
+        seltype   =>  nagios_etc_t,
+        seluser   =>  system_u,
+        content   =>  template($ng_cgi_cfg_erb),
+        notify    =>  Service[$ng_service],
+      }
+
+      # manage nagios.conf for httpd
+
+      file { $ng_nagios_conf:
+        ensure    =>  file,
+        path      =>  $ng_nagios_conf,
         owner     =>  'root',
         group     =>  'root',
         mode      =>  '0644',
@@ -287,9 +403,45 @@ class cd_nagios::server::files (
         selrole   =>  object_r,
         seltype   =>  httpd_config_t,
         seluser   =>  system_u,
-        content   =>  template($ng_welcome_conf_erb),
+        content   =>  template($ng_nagios_conf_erb),
         notify    =>  Service[$ae_service],
       }
+
+      if $ng_http_https_fw == true {
+
+        file { $ng_forward_conf:
+          ensure    =>  file,
+          path      =>  $ng_forward_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_forward_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
+
+      # manage welcome.conf for nagios web server
+
+      if $ng_disable_welcome == true {
+
+        file { $ng_welcome_conf:
+          ensure    =>  file,
+          path      =>  $ng_welcome_conf,
+          owner     =>  'root',
+          group     =>  'root',
+          mode      =>  '0644',
+          selrange  =>  s0,
+          selrole   =>  object_r,
+          seltype   =>  httpd_config_t,
+          seluser   =>  system_u,
+          content   =>  template($ng_welcome_conf_erb),
+          notify    =>  Service[$ae_service],
+        }
+      }
     }
   }
 }
@@ -300,7 +452,7 @@ class cd_nagios::server::files ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html index bf2038b..b436392 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html @@ -174,7 +174,7 @@ class cd_nagios::server::service ( diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html index dabcfee..a1e4efe 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html @@ -220,7 +220,7 @@ $ng_service = $::cd_nagios::params::ng_service diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html index a3baa7c..cc03c40 100644 --- a/doc/top-level-namespace.html +++ b/doc/top-level-namespace.html @@ -90,7 +90,7 @@