diff --git a/CHANGELOG.md b/CHANGELOG.md index 223b60b..1814ec0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ Changelog of Git Changelog.

No issue

+60407116a503868 Jenkins Server 2017-07-21 13:47:34 +

+

recommit for updates in build 27

+ +

+409ec084543f0d8 Arne Teuke 2017-07-21 13:47:12 +

+

added control for forward.conf

+ +

1fc9ffeacdebd20 Jenkins Server 2017-07-21 13:43:26

recommit for updates in build 26

diff --git a/REPOSTRUCTURE.md b/REPOSTRUCTURE.md index c4685b9..055e76b 100644 --- a/REPOSTRUCTURE.md +++ b/REPOSTRUCTURE.md @@ -31,6 +31,8 @@ | |-- puppet_defined_type_list.html | `-- top-level-namespace.html |-- manifests +| |-- certbot +| | `-- config.pp | |-- client | | `-- target.pp | |-- firewall @@ -50,6 +52,9 @@ | |-- init.pp | `-- params.pp |-- templates +| |-- certbot +| | |-- get_cert.erb +| | `-- unless_get_cert.erb | |-- httpd | | |-- forward_conf.erb | | |-- nagios_conf.erb @@ -70,4 +75,4 @@ |-- README.md `-- REPOSTRUCTURE.md -16 directories, 54 files +18 directories, 57 files diff --git a/doc/_index.html b/doc/_index.html index d9d83c8..7386db1 100644 --- a/doc/_index.html +++ b/doc/_index.html @@ -73,6 +73,11 @@ +
  • + cd_nagios::certbot::config + +
    • +
  • cd_nagios::client::target @@ -181,7 +186,7 @@ diff --git a/doc/file.README.html b/doc/file.README.html index 492304a..c8e1439 100644 --- a/doc/file.README.html +++ b/doc/file.README.html @@ -61,7 +61,7 @@

    |Repo Name| version | Build Status| |---|---|---|---| -|cd_nagios| 0.0.0.7 | cd_nagios| 0.0.0.8 | {Build Status/]|

    @@ -174,6 +174,9 @@ firewall (optional)

  • cd_selinux for selinux policy adjustments

    +
  • +

    cd_certbot +to auto-manage TLS certificates (optional)

    • Deployment

    @@ -299,7 +302,7 @@ environments.

    diff --git a/doc/index.html b/doc/index.html index b244631..cae5a69 100644 --- a/doc/index.html +++ b/doc/index.html @@ -61,7 +61,7 @@

    |Repo Name| version | Build Status| |---|---|---|---| -|cd_nagios| 0.0.0.7 | cd_nagios| 0.0.0.8 | {Build Status/]|

    @@ -174,6 +174,9 @@ firewall (optional)

  • cd_selinux for selinux policy adjustments

    +
  • +

    cd_certbot +to auto-manage TLS certificates (optional)

    • Deployment

    @@ -299,7 +302,7 @@ environments.

    diff --git a/doc/puppet_class_list.html b/doc/puppet_class_list.html index d7b54ba..898b58e 100644 --- a/doc/puppet_class_list.html +++ b/doc/puppet_class_list.html @@ -47,77 +47,84 @@ -
  • +
  • +
    + cd_nagios::certbot::config +
    +
    • + + +
  • cd_nagios::client::target
    • -
  • +
  • cd_nagios::firewall::iptables
    • -
  • +
  • cd_nagios::main::config
    • -
  • +
  • cd_nagios::main::dirs
    • -
  • +
  • cd_nagios::main::install
    • -
  • +
  • cd_nagios::main::user
    • -
  • +
  • cd_nagios::params
    • -
  • +
  • cd_nagios::selinux::config
    • -
  • +
  • cd_nagios::server::access_rules
    • -
  • +
  • cd_nagios::server::files
    • -
  • +
  • cd_nagios::server::service
    diff --git a/doc/puppet_classes/cd_nagios.html b/doc/puppet_classes/cd_nagios.html index a406761..02516ee 100644 --- a/doc/puppet_classes/cd_nagios.html +++ b/doc/puppet_classes/cd_nagios.html @@ -139,7 +139,7 @@ class cd_nagios { diff --git a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html new file mode 100644 index 0000000..ce54145 --- /dev/null +++ b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html @@ -0,0 +1,218 @@ + + + + + + + Puppet Class: cd_nagios::certbot::config + + — Documentation by YARD 0.9.9 + + + + + + + + + + + + + + + + + +
    + +
    +
    + +
    + + +

    Puppet Class: cd_nagios::certbot::config

    +
    + +
    +
    Inherits:
    +
    cd_nagios::params
    +
    + + +
    +
    Defined in:
    +
    + manifests/certbot/config.pp +
    +
    +
    + +

    Summary

    + Class manages all configuration files required for cd_nagios. + +

    Overview

    +
    +
    + +

    cd_nagios::certbot::config.pp +Module name: cd_nagios +Author: Arne Teuke +(arne_teuke@ConfDroid.com)

    + +

    License:

    + +

    This file is part of cd_nagios.

    + +

    cd_nagios is used for providing automatic configuration of Nagios + +Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com) + This program is +free software: you can redistribute it and/or modify + it under the terms of +the GNU General Public License as published by + the Free Software +Foundation, either version 3 of the License, or + (at your option) any later +version.

    + +

    This program is distributed in the hope that it will be useful, + but +WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY +or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License +for more details.

    + +

    You should have received a copy of the GNU General Public License + along +with this program. If not, see www.gnu.org/licenses/.

    + +
    +
    +
    + + +
    + + + + + +
    + 
    +
+
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
    +     		+ 
    # File 'manifests/certbot/config.pp', line 23
+
+class cd_nagios::certbot::config (
+
+) inherits cd_nagios::params {
+
+  if $::fqdn == $ng_nagios_server {
+    if $ng_enable_certbot == true {
+
+      require cd_certbot
+
+      # create cert
+
+      exec { 'create_cert':
+        command   =>  template('cd_nagios/certbot/get_cert.erb'),
+        cwd       =>  '/tmp',
+        path      =>  ['/bin','/usr/bin'],
+        provider  =>  'shell',
+        unless    =>  template('cd_nagios/certbot/unless_get_cert.erb'),
+        notify    =>  Service['httpd'],
+        creates   =>  '/etc/httpd/conf.d/.cert_created',
+       }
+
+      # renew certs
+
+      exec {  'renew_cert':
+        command   =>  'certbot renew',
+        cwd       =>  '/tmp',
+        path      =>  ['/bin','/usr/bin','/opt/'],
+        provider  =>  'shell',
+        notify    =>  Service['httpd'],
+        unless    =>  template('cd_nagios/certbot/unless_renew_cert.erb'),
+      }
+    }
+  }
+}
    +
    +
    +
    + + + +
    + + \ No newline at end of file diff --git a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html index 66eed35..b879f96 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html @@ -368,7 +368,7 @@ class cd_nagios::client::target ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html index 1192f9c..f51a4bb 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html +++ b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html @@ -207,7 +207,7 @@ class cd_nagios::firewall::iptables ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html index 3b3f42e..e8d073e 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html @@ -187,7 +187,7 @@ class cd_nagios::main::config ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html index f40f521..ee2f010 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html @@ -468,7 +468,7 @@ class cd_nagios::main::dirs ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html index 66076d7..806b849 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html @@ -235,7 +235,7 @@ class cd_nagios::main::install ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html index 51fcf3b..bcaf6f4 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html @@ -200,7 +200,7 @@ class cd_nagios::main::user ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aparams.html b/doc/puppet_classes/cd_nagios_3A_3Aparams.html index 5c15df8..ea160d8 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aparams.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aparams.html @@ -79,6 +79,8 @@ cd_nagios::client::target
    + cd_nagios::certbot::config
    + cd_nagios::selinux::config
    cd_nagios::server::service
    @@ -1826,7 +1828,7 @@ enabled.

    should be allowed/required. Requires format 'host1.example.com -host2.example.com'

    +host2.example.com'. If you want no restriction, chose 'all'.

    • @@ -1846,10 +1848,14 @@ host2.example.com'

    string of <b>_<em>Ip addresses __** for hosts which should be -allowed/reqired. Requires format 'ipaddress ip address range'Ip -addresses _</em></b> for hosts which -should be allowed/reqired. -Requires format 'ipaddress ip address range'

    +allowed/reqired. Requires format 'ipaddress ip address range'. +If +you want no restriction, choose '0.0.0.0/0'Ip addresses +_</em></b> for hosts which +should be allowed/reqired. Requires +format 'ipaddress ip address range'. +If you want no restriction, +choose '0.0.0.0/0'

    @@ -1875,6 +1881,64 @@ the nagios http check on the nagios server +
  • + + ng_enable_certbot + + + (boolean) + + + (defaults to: true) + + + — +
    +

    Whether to use certbot for automated TLS +certificate management

    +
    + +
    • + +
  • + + ng_certbot_cert_path + + + (string) + + + (defaults to: '/var/www/html') + + + — +
    +

    the path for certbot to place +challenges for teh certification process.

    +
    + +
    • + +
  • + + ng_mail_user + + + (string) + + + (defaults to: "admin@${::domain}") + + + — +
    +

    email address to receive administrative mail. +used for nagios itself as +well as for certbot.

    +
    + +
    • + @@ -1892,13 +1956,6 @@ the nagios http check on the nagios server 
     
 
-206
-207
-208
-209
-210
-211
-212
 213
 214
 215
@@ -2055,10 +2112,22 @@ the nagios http check on the nagios server
 366
 367
 368
-369
    +369 +370 +371 +372 +373 +374 +375 +376 +377 +378 +379 +380 +381 - 
    # File 'manifests/params.pp', line 206
+        
    # File 'manifests/params.pp', line 213
 
 class cd_nagios::params (
 
@@ -2066,6 +2135,7 @@ $pkg_ensure           = 'latest',
 
 $ng_nagios_server     = "nagios.${::domain}",
 $ng_nagios_ext_ip     = undef,
+$ng_mail_user         = "admin@${::domain}",
 
 $ng_include_nrpe      = true,
 
@@ -2171,6 +2241,10 @@ $ng_required_hosts    = '',
 $ng_required_ips      = '127.0.0.0/8',
 $ng_disable_welcome   = true,
 
+# certbot
+$ng_enable_certbot    = true,
+$ng_certbot_cert_path = '/var/www/html',
+
 ) {
 
 # installation section
@@ -2231,7 +2305,7 @@ $ng_forward_conf_erb  = 'cd_nagios/httpd/forward_conf.erb'
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
index 2134869..92fee8d 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
@@ -249,7 +249,7 @@ class cd_nagios::selinux::config (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
index a30527c..e15fb30 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
@@ -195,7 +195,7 @@ class cd_nagios::server::access_rules (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
index e24c31a..7894bb0 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
@@ -300,7 +300,7 @@ class cd_nagios::server::files (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
index c081b85..35cb2f0 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
@@ -174,7 +174,7 @@ class cd_nagios::server::service (
 
 
       
diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
index 7c879fa..4d4a689 100644
--- a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
+++ b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
@@ -220,7 +220,7 @@ $ng_service       = $::cd_nagios::params::ng_service
 
 
       
diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html
index adbdd9e..aa02f34 100644
--- a/doc/top-level-namespace.html
+++ b/doc/top-level-namespace.html
@@ -90,7 +90,7 @@