From 46d3b02f7625b150639e7a9273a8e592d4f70970 Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 21 Jul 2017 14:05:55 +0100
Subject: [PATCH] added control for welcome.conf

---
 manifests/params.pp              | 50 +++++++++++++++++---------------
 manifests/server/files.pp        | 19 ++++++++++++
 templates/httpd/welcome_conf.erb | 27 +++++++++++++++++
 3 files changed, 72 insertions(+), 24 deletions(-)
 create mode 100644 templates/httpd/welcome_conf.erb

diff --git a/manifests/params.pp b/manifests/params.pp
index 2a1adee..669ed5c 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -309,7 +309,7 @@ $ng_use_selinux_tools = true,
 # httpd
 $ng_required_hosts    = '',
 $ng_required_ips      = '127.0.0.0/8',
-
+$ng_disable_welcome   = true,
 ) {
 
 # installation section
@@ -325,33 +325,35 @@ $ng_required_ips      = '127.0.0.0/8',
   }
 
 # service
-$ng_service         = 'nagios'
-$ae_service         = 'httpd'
+$ng_service           = 'nagios'
+$ae_service           = 'httpd'
 
 # directories
-$ng_main_dir        = '/etc/nagios'
-$ng_conf_d_dir      = "${ng_main_dir}/conf.d"
-$ng_objects_dir     = "${ng_main_dir}/objects"
-$ng_private_dir     = "${ng_main_dir}/private"
-$ng_usr_incl        = '/usr/include/nagios'
-$ng_lib_dir         = '/usr/lib64/nagios'
-$ng_log_dir         = '/var/log/nagios'
-$ng_log_archives    = "${ng_log_dir}/archives"
-$ng_spool_dir       = '/var/spool/nagios'
-$ng_usr_share       = '/usr/share/nagios'
-$ng_share_html      = "${ng_usr_share}/html"
+$ng_main_dir          = '/etc/nagios'
+$ng_conf_d_dir        = "${ng_main_dir}/conf.d"
+$ng_objects_dir       = "${ng_main_dir}/objects"
+$ng_private_dir       = "${ng_main_dir}/private"
+$ng_usr_incl          = '/usr/include/nagios'
+$ng_lib_dir           = '/usr/lib64/nagios'
+$ng_log_dir           = '/var/log/nagios'
+$ng_log_archives      = "${ng_log_dir}/archives"
+$ng_spool_dir         = '/var/spool/nagios'
+$ng_usr_share         = '/usr/share/nagios'
+$ng_share_html        = "${ng_usr_share}/html"
 
 # files
-$ng_main_config     = "${ng_main_dir}/nagios.cfg"
-$ng_cgi_cfg_file    = "${ng_main_dir}/cgi.cfg"
-$ng_cgi_cfg_erb     = 'cd_nagios/nagios/cgi_cfg.erb'
-$ng_htpasswd_file   = "${ng_main_dir}/passwd"
-$ng_htpasswd_head   = 'cd_nagios/nagios/htpasswd_head.erb'
-$ng_htpasswd_rule   = 'cd_nagios/nagios/htpasswd_rule.erb'
-$ng_taccgi_erb      = 'cd_nagios/selinux/taccgi.erb'
-$ng_statcgi_erb     = 'cd_nagios/selinux/statuscgi.erb'
-$ng_nagios_conf     = '/etc/httpd/conf.d/nagios.conf'
-$ng_nagios_conf_erb = 'cd_nagios/httpd/nagios_conf.erb'
+$ng_main_config       = "${ng_main_dir}/nagios.cfg"
+$ng_cgi_cfg_file      = "${ng_main_dir}/cgi.cfg"
+$ng_cgi_cfg_erb       = 'cd_nagios/nagios/cgi_cfg.erb'
+$ng_htpasswd_file     = "${ng_main_dir}/passwd"
+$ng_htpasswd_head     = 'cd_nagios/nagios/htpasswd_head.erb'
+$ng_htpasswd_rule     = 'cd_nagios/nagios/htpasswd_rule.erb'
+$ng_taccgi_erb        = 'cd_nagios/selinux/taccgi.erb'
+$ng_statcgi_erb       = 'cd_nagios/selinux/statuscgi.erb'
+$ng_nagios_conf       = '/etc/httpd/conf.d/nagios.conf'
+$ng_nagios_conf_erb   = 'cd_nagios/httpd/nagios_conf.erb'
+$ng_welcome_conf      ='/etc/httpd/conf.d/welcome.conf'
+$ng_welcome_conf_erb  = 'cd_nagios/httpd/welcome_conf.erb'
 
 # includes must be last
 
diff --git a/manifests/server/files.pp b/manifests/server/files.pp
index 16a5c47..552fdd3 100644
--- a/manifests/server/files.pp
+++ b/manifests/server/files.pp
@@ -62,5 +62,24 @@ class cd_nagios::server::files (
       content   =>  template($ng_nagios_conf_erb),
       notify    =>  Service[$ae_service],
     }
+
+    # manage index.gtml for nagios web server
+
+    if $ng_disable_welcome == true {
+
+      file { $ng_welcome_conf:
+        ensure    =>  file,
+        path      =>  $ng_welcome_conf,
+        owner     =>  'root',
+        group     =>  'root',
+        mode      =>  '0644',
+        selrange  =>  s0,
+        selrole   =>  object_r,
+        seltype   =>  httpd_config_t,
+        seluser   =>  system_u,
+        content   =>  template($ng_welcome_conf_erb),
+        notify    =>  Service[$ae_service],
+      }
+    }
   }
 }
diff --git a/templates/httpd/welcome_conf.erb b/templates/httpd/welcome_conf.erb
new file mode 100644
index 0000000..8a7646b
--- /dev/null
+++ b/templates/httpd/welcome_conf.erb
@@ -0,0 +1,27 @@
+################################################################################
+###########             welcome.conf generated by Puppet              ##########
+###########             manual changes will be overwritten !!!        ##########
+################################################################################
+
+#
+# This configuration file enables the default "Welcome" page if there
+# is no default index page present for the root URL.  To disable the
+# Welcome page, comment out all the lines below.
+#
+# NOTE: if this file is removed, it will be restored on upgrades.
+#
+#<LocationMatch "^/+$">
+#    Options -Indexes
+#    ErrorDocument 403 /.noindex.html
+#</LocationMatch>
+
+#<Directory /usr/share/httpd/noindex>
+#    AllowOverride None
+#    Require all granted
+#</Directory>
+
+#Alias /.noindex.html /usr/share/httpd/noindex/index.html
+#Alias /noindex/css/bootstrap.min.css /usr/share/httpd/noindex/css/bootstrap.min.css
+#Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
+#Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
+#Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png