confdroid/confdroid_nagios
3
0
Fork 0
Code Issues Projects Wiki Activity

added index file

Browse Source
This commit is contained in:
Arne Teuke
2017-07-21 17:04:53 +01:00
parent 09372f6865
commit 3d60841cbc
6 changed files with 41 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
manifests/certbot/config.pp
View File

@@ -30,31 +30,6 @@ class cd_nagios::certbot::config (
require cd_certbot
# ensure there is no forward vhost file
exec { 'remove_forward_vhost':
command => "rm -Rf ${ng_forward_conf}",
creates => '/etc/httpd/conf.d/.cert_created',
}
exec { 'remove_nagios_conf':
command => "rm -Rf ${ng_nagios_conf}",
creates => '/etc/httpd/conf.d/.cert_created',
require => Exec['remove_forward_vhost'],
}
# create temp vhost file
exec { 'create_temp_vhost':
command => template('cd_nagios/certbot/create_tempfile.erb'),
cwd => '/tmp',
path => ['/bin','/usr/bin'],
provider => 'shell',
creates => '/etc/httpd/conf.d/.created',
notify => Service['httpd'],
require => Exec['remove_nagios_conf'],
}
# create cert
exec { 'create_cert':
@@ -68,18 +43,6 @@ class cd_nagios::certbot::config (
require => Exec['create_temp_vhost'],
}
# remove temp_vhost
exec { 'remove_temp_vhost':
command => "rm -Rf ${ng_certbot_temp_file}",
cwd => '/tmp',
path => ['/bin','/usr/bin'],
provider => 'shell',
notify => Service['httpd'],
require => Exec['create_cert'],
creates => "/etc/letsencrypt/live/${ng_nagios_server}/cert.pem",
}
# renew certs
exec { 'renew_cert':

13
manifests/params.pp
View File

@@ -200,15 +200,14 @@
# @param [string] ng_required_ips string of **__Ip addresses __** for hosts which
# should be allowed/reqired. Requires format 'ipaddress ip address range'.
# If you want no restriction, choose '0.0.0.0/0'
# @param [boolean] ng_disable_welcome Whether the regular welcome screen should
# be disabled. this is required for the nagios http check on the nagios server
# to be successful.
# @param [boolean] ng_enable_certbot Whether to use certbot for automated TLS
# certificate management
# @param [string] ng_certbot_cert_path the path for certbot to place
# challenges for teh certification process.
# challenges for the certification process.
# @param [string] ng_mail_user email address to receive administrative mail.
# used for nagios itself as well as for certbot.
# @param [boolean] ng_enable_index Whether to create an index file to allow
# httpd checks with nagios on the nagios server.
###############################################################################
class cd_nagios::params (
@@ -320,7 +319,7 @@ $ng_use_selinux_tools = true,
# httpd
$ng_required_hosts = '',
$ng_required_ips = '127.0.0.0/8',
$ng_disable_welcome = true,
$ng_enable_index = true,
# certbot
$ng_enable_certbot = true,
@@ -375,8 +374,8 @@ $ng_forward_conf_erb = 'cd_nagios/httpd/forward_conf.erb'
$ng_get_cert_erb = 'cd_nagios/certbot/get_cert.erb'
$ng_unless_get_cert = 'cd_nagios/certbot/unless_get_cert.erb'
$ng_unless_renew_erb = 'cd_nagios/certbot/unless_renew_cert.erb'
$ng_create_tempvhost = 'cd_nagios/certbot/create_tempfile.erb'
$ng_certbot_temp_file = '/etc/httpd/conf.d/certbot_temp.conf'
$ng_index_html_file = '/var/www/html/index.html'
$ng_index_html_erb = 'cd_nagios/httpd/index_html.erb'
# includes must be last

100
manifests/server/files.pp
View File

@@ -29,6 +29,10 @@ class cd_nagios::server::files (
if $ng_enable_certbot == true {
require cd_nagios::certbot::config
}
}
require cd_nagios::main::dirs
# manage nagios.cfg
@@ -84,84 +88,6 @@ class cd_nagios::server::files (
# manage welcome.conf for nagios web server
if $ng_disable_welcome == true {
file { $ng_welcome_conf:
ensure => file,
path => $ng_welcome_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_welcome_conf_erb),
notify => Service[$ae_service],
}
}
}
}
else {
require cd_nagios::main::dirs
# manage nagios.cfg
# manage cgi.cfg
file { $ng_cgi_cfg_file:
ensure => file,
path => $ng_cgi_cfg_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
content => template($ng_cgi_cfg_erb),
notify => Service[$ng_service],
}
# manage nagios.conf for httpd
file { $ng_nagios_conf:
ensure => file,
path => $ng_nagios_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_nagios_conf_erb),
notify => Service[$ae_service],
}
if $ng_http_https_fw == true {
file { $ng_forward_conf:
ensure => file,
path => $ng_forward_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_forward_conf_erb),
notify => Service[$ae_service],
}
}
# manage welcome.conf for nagios web server
if $ng_disable_welcome == true {
file { $ng_welcome_conf:
ensure => file,
path => $ng_welcome_conf,
@@ -175,6 +101,24 @@ class cd_nagios::server::files (
content => template($ng_welcome_conf_erb),
notify => Service[$ae_service],
}
if $ng_enable_index == true {
file { $ng_index_html_file:
ensure => file,
path => $ng_index_html_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_welcome_conf_erb),
notify => Service[$ae_service],
}
}
}
}
}