diff --git a/.spelling b/.spelling index 1b15540..8d44e9a 100644 --- a/.spelling +++ b/.spelling @@ -112,3 +112,6 @@ cd_stdlib puppetlabs cd_concat stdlib +cd_puppetdb +SSL +vhost diff --git a/README.md b/README.md index 4903305..5e08ce9 100644 --- a/README.md +++ b/README.md @@ -95,7 +95,7 @@ node 'example.example.net' { * through Foreman: -In order to apply parameters through Foreman, **__cd_nagios::params__** must be added to the host or hostgroup in question. +In order to apply parameters through Foreman, **__cd_nagios::params__** must be added to the host or host group in question. See [more details about class deployment on Confdroid.com](https://confdroid.com/2017/05/deploying-our-puppet-modules/). @@ -109,13 +109,13 @@ All files and directories are configured with correct selinux context. If selinu ## Certbot -This module can optionally setup [certbot](https://certbot.eff.org/) TLS certificate management for the frontend GUI. In order to do so, set `$ng_enable_certbot` as well as `$ng_use_https` to `true` (default). Effectively, this will manage the certs before even installing Nagios, so there will be no problems with the Nagios showing up with a self-signed certificate. Once enabled, the module will go and try to obtain a certificate automatically. For this to work, you need to have proper DNS resolution set up for your domain / nagios server. Certs are also automatically renewed. +This module can optionally setup [certbot](https://certbot.eff.org/) TLS certificate management for the front-end GUI. In order to do so, set `$ng_enable_certbot` as well as `$ng_use_https` to `true` (default). Effectively, this will manage the certs before even installing Nagios, so there will be no problems with the Nagios showing up with a self-signed certificate. Once enabled, the module will go and try to obtain a certificate automatically. For this to work, you need to have proper DNS resolution set up for your domain / nagios server. Certs are also automatically renewed. If you prefer to use https but use self-signed certs or your own CA, simply set to false. This will point the SSL vhost config file to the default location for TLS certificates. ## httpd vHost files -by default, Nagios creates its own nagios.conf file, which is not a vhost file and relies on the main ssd.conf. However, as Nagios might be running on a regular web server with various other web instances (not recommended through for performance reasons), we will not want to manage ssl.conf directly, hence the module creates a vhost for the ssl host. +by default, Nagios creates its own `nagios.conf` file, which is not a vhost file and relies on the main ssd.conf. However, as Nagios might be running on a regular web server with various other web instances (not recommended through for performance reasons), we do not want to manage ssl.conf directly, hence the module creates a vhost for the ssl host. ## Client Connections