From 5a673baf4129db48a1d2d8054eceffacb506e704 Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Sat, 22 Jul 2017 12:59:25 +0100
Subject: [PATCH] reversing steps to create cert

---
 manifests/certbot/certs.pp | 34 ----------------------------------
 manifests/main/config.pp   | 12 ++++++------
 2 files changed, 6 insertions(+), 40 deletions(-)

diff --git a/manifests/certbot/certs.pp b/manifests/certbot/certs.pp
index fd80273..b869d15 100644
--- a/manifests/certbot/certs.pp
+++ b/manifests/certbot/certs.pp
@@ -31,33 +31,6 @@ class cd_nagios::certbot::certs (
         require cd_certbot
         require cd_apache
 
-        # ensure there is no forward vhost file
-
-        exec { 'remove_forward_vhost':
-          command   =>  "rm -Rf ${ng_forward_conf}",
-          creates   =>  '/etc/httpd/conf.d/.cert_created',
-        }
-
-        exec { 'remove_nagios_conf':
-          command   =>  "rm -Rf ${ng_nagios_conf}",
-          creates   =>  '/etc/httpd/conf.d/.cert_created',
-          require   =>  Exec['remove_forward_vhost'],
-        }
-
-        exec { 'remove_index_html':
-          command   =>  "rm -Rf ${ng_index_html_file}",
-          creates   =>  '/etc/httpd/conf.d/.cert_created',
-          require   =>  Exec['remove_nagios_conf'],
-          notify    =>  Service[$ae_service],
-        }
-
-        exec { 'disable_selinux_temporarily':
-          command   =>  'setenforce 0',
-          path      =>  ['/usr/sbin'],
-          creates   =>  '/etc/httpd/conf.d/.cert_created',
-          require   =>  Exec['remove_index_html'],
-        }
-
         # create cert
 
         exec { 'create_cert':
@@ -70,13 +43,6 @@ class cd_nagios::certbot::certs (
           creates   =>  '/etc/httpd/conf.d/.cert_created',
         }
 
-        exec { 'enable_selinux':
-          command   =>  'setenforce 1',
-          path      =>  ['/usr/sbin'],
-          creates   =>  '/etc/httpd/conf.d/.cert_created',
-          require   =>  Exec['create_cert'],
-        }
-
         # renew certs
 
         exec {  'renew_cert':
diff --git a/manifests/main/config.pp b/manifests/main/config.pp
index a4dc910..4e34dcb 100644
--- a/manifests/main/config.pp
+++ b/manifests/main/config.pp
@@ -30,13 +30,13 @@ class cd_nagios::main::config (
   if $::fqdn == $ng_nagios_server {
 #    include cd_nagios::server::service
 
-#    if $ng_include_fw == true {
-#      include cd_nagios::firewall::iptables
-#    }
+    if $ng_include_fw == true {
+      include cd_nagios::firewall::iptables
+    }
 
-#    if $ng_use_selinux_tools == true {
-#      include cd_nagios::selinux::config
-#    }
+    if $ng_use_selinux_tools == true {
+      include cd_nagios::selinux::config
+    }
 
     if $ng_enable_certbot == true {
       require cd_nagios::certbot::certs