diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9db616f..63aa5cd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,16 @@ Changelog of Git Changelog.
No issue
+f8c596b9bcca053 Jenkins Server 2017-07-23 12:32:43
+
+
recommit for updates in build 63
+
+
+101aa23b1bbec64 Arne Teuke 2017-07-23 12:32:28
+
+
changed logic for http vs https and removed index+ welcome file control
+
+
d203cd87815c979 Jenkins Server 2017-07-23 12:28:46
recommit for updates in build 62
diff --git a/README.md b/README.md
index ee78d59..9811da6 100644
--- a/README.md
+++ b/README.md
@@ -106,11 +106,12 @@ A working instance of PuppetDBconnected to the Puppet master is required for thi
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.
### Certbot
-This module can optionally setup [certbot](https://certbot.eff.org/) TLS certificate management for the frontend GUI. In order to do so, set `ng_enable_certbot` to true (default). Effectively, this will manage the certs before even installing Nagios, so there will be no problems with the Nagios showing up with a self-signed certificate.
-Once enabled, the module will go and try to obtain a certificate automatically. For this to work, you need to have proper DNS resolution set up for your domain / nagios server.
+This module can optionally setup [certbot](https://certbot.eff.org/) TLS certificate management for the frontend GUI. In order to do so, set `$ng_enable_certbot` as well as `$ng_use_https` to `true` (default). Effectively, this will manage the certs before even installing Nagios, so there will be no problems with the Nagios showing up with a self-signed certificate. Once enabled, the module will go and try to obtain a certificate automatically. For this to work, you need to have proper DNS resolution set up for your domain / nagios server. Certs are also automatically renewed.
+
+If you prefer to use https but use self-signed certs or your own CA, simply set to false. This will point the SSL vhost config file to the default location for TLS certificates.
### httpd vHost files
-by Default, Nagios creates its own nagios.conf file, which is not a vhost file and relies on the main ssd.conf. However, as Nagios might be running on a regular web server with various other web instances (not recommended through), we will not want to manage ssl.conf directly, hence the module creates a vhost for the ssl host.
+by Default, Nagios creates its own nagios.conf file, which is not a vhost file and relies on the main ssd.conf. However, as Nagios might be running on a regular web server with various other web instances (not recommended through for performance reasons), we will not want to manage ssl.conf directly, hence the module creates a vhost for the ssl host.
### Known Problems
diff --git a/doc/_index.html b/doc/_index.html
index 9083dc1..edf4177 100644
--- a/doc/_index.html
+++ b/doc/_index.html
@@ -186,7 +186,7 @@
diff --git a/doc/file.README.html b/doc/file.README.html
index fd19b46..89bee97 100644
--- a/doc/file.README.html
+++ b/doc/file.README.html
@@ -255,21 +255,26 @@ selinux is disabled, these contexts are ignored.
This module can optionally setup certbot TLS certificate management for
-the frontend GUI. In order to do so, set ng_enable_certbot to
-true (default). Effectively, this will manage the certs before even
-installing Nagios, so there will be no problems with the Nagios showing up
-with a self-signed certificate.
-Once enabled, the module will go and try to
-obtain a certificate automatically. For this to work, you need to have
-proper DNS resolution set up for your domain / nagios server.
+the frontend GUI. In order to do so, set $ng_enable_certbot as
+well as $ng_use_https to true (default).
+Effectively, this will manage the certs before even installing Nagios, so
+there will be no problems with the Nagios showing up with a self-signed
+certificate. Once enabled, the module will go and try to obtain a
+certificate automatically. For this to work, you need to have proper DNS
+resolution set up for your domain / nagios server. Certs are also
+automatically renewed.
+
+If you prefer to use https but use self-signed certs or your own CA, simply
+set to false. This will point the SSL vhost config file to the default
+location for TLS certificates.
httpd vHost files
by Default, Nagios creates its own nagios.conf file, which is not a vhost
file and relies on the main ssd.conf. However, as Nagios might be running
on a regular web server with various other web instances (not recommended
-through), we will not want to manage ssl.conf directly, hence the module
-creates a vhost for the ssl host.
+through for performance reasons), we will not want to manage ssl.conf
+directly, hence the module creates a vhost for the ssl host.
Known Problems
@@ -326,7 +331,7 @@ environments.
diff --git a/doc/index.html b/doc/index.html
index c2f135b..425d3c9 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -255,21 +255,26 @@ selinux is disabled, these contexts are ignored.
This module can optionally setup certbot TLS certificate management for
-the frontend GUI. In order to do so, set ng_enable_certbot to
-true (default). Effectively, this will manage the certs before even
-installing Nagios, so there will be no problems with the Nagios showing up
-with a self-signed certificate.
-Once enabled, the module will go and try to
-obtain a certificate automatically. For this to work, you need to have
-proper DNS resolution set up for your domain / nagios server.
+the frontend GUI. In order to do so, set $ng_enable_certbot as
+well as $ng_use_https to true (default).
+Effectively, this will manage the certs before even installing Nagios, so
+there will be no problems with the Nagios showing up with a self-signed
+certificate. Once enabled, the module will go and try to obtain a
+certificate automatically. For this to work, you need to have proper DNS
+resolution set up for your domain / nagios server. Certs are also
+automatically renewed.
+
+If you prefer to use https but use self-signed certs or your own CA, simply
+set to false. This will point the SSL vhost config file to the default
+location for TLS certificates.
httpd vHost files
by Default, Nagios creates its own nagios.conf file, which is not a vhost
file and relies on the main ssd.conf. However, as Nagios might be running
on a regular web server with various other web instances (not recommended
-through), we will not want to manage ssl.conf directly, hence the module
-creates a vhost for the ssl host.
+through for performance reasons), we will not want to manage ssl.conf
+directly, hence the module creates a vhost for the ssl host.
Known Problems
@@ -326,7 +331,7 @@ environments.
diff --git a/doc/puppet_classes/cd_nagios.html b/doc/puppet_classes/cd_nagios.html
index 9ed70dc..3409161 100644
--- a/doc/puppet_classes/cd_nagios.html
+++ b/doc/puppet_classes/cd_nagios.html
@@ -139,7 +139,7 @@ class cd_nagios {
diff --git a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html
index fab099e..0f51c40 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html
@@ -230,7 +230,7 @@ class cd_nagios::certbot::certs (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
index dfad2c1..25d1062 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
@@ -368,7 +368,7 @@ class cd_nagios::client::target (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
index 73a9408..e429604 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
@@ -207,7 +207,7 @@ class cd_nagios::firewall::iptables (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
index 71aa24c..f3dc22b 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
@@ -195,7 +195,7 @@ class cd_nagios::main::config (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
index d5b7751..4a7cfb5 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
@@ -468,7 +468,7 @@ class cd_nagios::main::dirs (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
index a3c11d1..906239b 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
@@ -235,7 +235,7 @@ class cd_nagios::main::install (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
index 8d45162..802f1c1 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
@@ -200,7 +200,7 @@ class cd_nagios::main::user (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aparams.html b/doc/puppet_classes/cd_nagios_3A_3Aparams.html
index 755b511..6d41ef1 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aparams.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aparams.html
@@ -2356,7 +2356,7 @@ $ng_certbot_live = "${ng_certbot_main_dir}/live"
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
index 1280d23..0c148fa 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
@@ -249,7 +249,7 @@ class cd_nagios::selinux::config (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
index 5681de6..b6c3e4f 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
@@ -195,7 +195,7 @@ class cd_nagios::server::access_rules (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
index 71fc094..ebbadd4 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
@@ -324,7 +324,7 @@ class cd_nagios::server::files (
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
index c3fad35..deac555 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
@@ -174,7 +174,7 @@ class cd_nagios::server::service (
diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
index 09942e4..752b4d5 100644
--- a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
+++ b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
@@ -220,7 +220,7 @@ $ng_service = $::cd_nagios::params::ng_service
diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html
index c74e379..9db8911 100644
--- a/doc/top-level-namespace.html
+++ b/doc/top-level-namespace.html
@@ -90,7 +90,7 @@
diff --git a/templates/httpd/forward_conf.erb b/templates/httpd/forward_conf.erb
index ffde1a8..d7728b5 100644
--- a/templates/httpd/forward_conf.erb
+++ b/templates/httpd/forward_conf.erb
@@ -1,12 +1,13 @@
>
ServerAdmin root@localhost
DocumentRoot /var/www/html
- ServerName www.<%= @ng_webserver_name %>
+ ServerName www.<%= @ng_webserver_name %>/nagios
ServerAlias <%= @ng_webserver_name %>
<% if @ng_use_https == true -%>
Redirect permanent / https://<%= @ng_webserver_name %>/nagios
<% end -%>
<% if @ng_use_https != true -%>
+
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
diff --git a/templates/httpd/nagios_ssl_vhost.erb b/templates/httpd/nagios_ssl_vhost.erb
index d147661..63eefae 100644
--- a/templates/httpd/nagios_ssl_vhost.erb
+++ b/templates/httpd/nagios_ssl_vhost.erb
@@ -113,6 +113,8 @@ Alias /nagios "/usr/share/nagios/html"
+RedirectMatch ^/$ https://<%= @ng_webserver_name %>/nagios
+
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \