Merge branch 'jenkins' into 'master'

Jenkins See merge request !17
2017-07-21 17:07:20 +02:00
parent 8b49ce3422 183e17f460
commit 917a0a791f
25 changed files with 459 additions and 128 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,16 @@ Changelog of Git Changelog.
 <h2> No issue </h2>
 <a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/2c6b5f8656e9fef">2c6b5f8656e9fef</a> Jenkins Server <i>2017-07-21 14:51:54</i>
 <p>
 <h3>recommit for updates in build 34</h3>
 </p>
 <a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/3923a4adc5e4443">3923a4adc5e4443</a> Arne Teuke <i>2017-07-21 14:51:28</i>
 <p>
 <h3>changed config to use variables, added parameters</h3>
 </p>
 <a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/353e7e99cf92594">353e7e99cf92594</a> Jenkins Server <i>2017-07-21 14:42:28</i>
 <p>
 <h3>recommit for updates in build 33</h3>
--- a/REPOSTRUCTURE.md
+++ b/REPOSTRUCTURE.md
@@ -54,6 +54,7 @@
 |   `-- params.pp
 |-- templates
 |   |-- certbot
 |   |   |-- create_tempfile.erb
 |   |   |-- get_cert.erb
 |   |   |-- unless_get_cert.erb
 |   |   `-- unless_renew_cert.erb
@@ -77,4 +78,4 @@
 |-- README.md
 `-- REPOSTRUCTURE.md
-18 directories, 59 files
+18 directories, 60 files
--- a/doc/_index.html
+++ b/doc/_index.html
@@ -186,7 +186,7 @@
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:46 2017 by
+  Generated on Fri Jul 21 17:16:21 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/file.README.html
+++ b/doc/file.README.html
@@ -304,7 +304,7 @@ environments.</p>
 </div></div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:47 2017 by
+  Generated on Fri Jul 21 17:16:23 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/index.html
+++ b/doc/index.html
@@ -304,7 +304,7 @@ environments.</p>
 </div></div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:47 2017 by
+  Generated on Fri Jul 21 17:16:22 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios.html
+++ b/doc/puppet_classes/cd_nagios.html
@@ -139,7 +139,7 @@ class cd_nagios {
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:47 2017 by
+  Generated on Fri Jul 21 17:16:23 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Aconfig.html
@@ -162,7 +162,37 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
 53
 54
 55
-56</pre>
+56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/certbot/config.pp', line 23</span>
@@ -176,6 +206,24 @@ class cd_nagios::certbot::config (
      require cd_certbot
      # ensure there is no forward vhost file
      exec { &#39;remove forward vhost&#39;:
        command   =&gt;  &quot;rm -Rf  $ng_forward_conf&quot;,
        creates   =&gt;  &#39;/etc/httpd/conf.d/.cert_created&#39;,
      }
      # create temp vhost file
      exec { &#39;create_temp_vhost&#39;:
        command   =&gt;  template(&#39;cd_nagios/certbot/create_tempfile.erb&#39;),
        cwd       =&gt;  &#39;/tmp&#39;,
        path      =&gt;  [&#39;/bin&#39;,&#39;/usr/bin&#39;],
        provider  =&gt;  &#39;shell&#39;,
        creates   =&gt;  &#39;/etc/httpd/conf.d/.created&#39;,
        notify    =&gt;  Service[&#39;httpd&#39;],
      }
      # create cert
      exec { &#39;create_cert&#39;:
@@ -188,6 +236,18 @@ class cd_nagios::certbot::config (
        creates   =&gt;  &#39;/etc/httpd/conf.d/.cert_created&#39;,
      }
      # remove temp_vhost
      exec { &#39;remove_temp_vhost&#39;:
        command   =&gt;  &quot;rm -Rf ${ng_certbot_temp_file}&quot;,
        cwd       =&gt;  &#39;/tmp&#39;,
        path      =&gt;  [&#39;/bin&#39;,&#39;/usr/bin&#39;],
        provider  =&gt;  &#39;shell&#39;,
        notify    =&gt;  Service[&#39;httpd&#39;],
        require   =&gt;  Exec[&#39;create_cert&#39;],
        creates   =&gt;  &quot;/etc/letsencrypt/live/${ng_nagios_server}/cert.pem&quot;,
      }
      # renew certs
      exec {  &#39;renew_cert&#39;:
@@ -208,7 +268,7 @@ class cd_nagios::certbot::config (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html
@@ -368,7 +368,7 @@ class cd_nagios::client::target (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html
@@ -207,7 +207,7 @@ class cd_nagios::firewall::iptables (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:51 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html
@@ -152,12 +152,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
 43
 44
 45
-46
+46</pre>
 47
 48
 49
 50
 51</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/main/config.pp', line 24</span>
@@ -178,11 +173,6 @@ class cd_nagios::main::config (
    if $ng_use_selinux_tools == true {
      include cd_nagios::selinux::config
    }
    if $ng_enable_certbot == true {
      include cd_nagios::certbot::config
    }
  }
  if $::fqdn != $ng_nagios_server {
@@ -197,7 +187,7 @@ class cd_nagios::main::config (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html
@@ -468,7 +468,7 @@ class cd_nagios::main::dirs (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:49 2017 by
+  Generated on Fri Jul 21 17:16:24 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html
@@ -235,7 +235,7 @@ class cd_nagios::main::install (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html
@@ -200,7 +200,7 @@ class cd_nagios::main::user (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:49 2017 by
+  Generated on Fri Jul 21 17:16:24 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Aparams.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aparams.html
@@ -2126,7 +2126,9 @@ well as for certbot.</p>
 380
 381
 382
-383</pre>
+383
 384
 385</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 213</span>
@@ -2295,7 +2297,9 @@ $ng_forward_conf      = &#39;/etc/httpd/conf.d/nagios_forward.conf&#39;
 $ng_forward_conf_erb  = &#39;cd_nagios/httpd/forward_conf.erb&#39;
 $ng_get_cert_erb      = &#39;cd_nagios/certbot/get_cert.erb&#39;
 $ng_unless_get_cert   = &#39;cd_nagios/certbot/unless_get_cert.erb&#39;
-$ng_unless_renew_erb  =  &#39;cd_nagios/certbot/unless_renew_cert.erb&#39;
+$ng_unless_renew_erb  = &#39;cd_nagios/certbot/unless_renew_cert.erb&#39;
 $ng_create_tempvhost  = &#39;cd_nagios/certbot/create_tempfile.erb&#39;
 $ng_certbot_temp_file = &#39;/etc/httpd/conf.d/certbot_temp.conf&#39;
 # includes must be last
@@ -2309,7 +2313,7 @@ $ng_unless_renew_erb  =  &#39;cd_nagios/certbot/unless_renew_cert.erb&#39;
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:49 2017 by
+  Generated on Fri Jul 21 17:16:24 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
@@ -249,7 +249,7 @@ class cd_nagios::selinux::config (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
@@ -195,7 +195,7 @@ class cd_nagios::server::access_rules (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:51 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
@@ -208,7 +208,83 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
 99
 100
 101
-102</pre>
+102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/server/files.pp', line 23</span>
@@ -218,49 +294,34 @@ class cd_nagios::server::files (
 ) inherits cd_nagios::params {
  if $::fqdn == $ng_nagios_server {
    if $ng_enable_certbot == true {
      require cd_nagios::certbot::config
      require cd_nagios::main::dirs
-  require cd_nagios::main::dirs
+      # manage nagios.cfg
    # manage nagios.cfg
-    # manage cgi.cfg
+      # manage cgi.cfg
-    file { $ng_cgi_cfg_file:
+      file { $ng_cgi_cfg_file:
      ensure    =&gt;  file,
      path      =&gt;  $ng_cgi_cfg_file,
      owner     =&gt;  &#39;root&#39;,
      group     =&gt;  &#39;root&#39;,
      mode      =&gt;  &#39;0644&#39;,
      selrange  =&gt;  s0,
      selrole   =&gt;  object_r,
      seltype   =&gt;  nagios_etc_t,
      seluser   =&gt;  system_u,
      content   =&gt;  template($ng_cgi_cfg_erb),
      notify    =&gt;  Service[$ng_service],
    }
    # manage nagios.conf for httpd
    file { $ng_nagios_conf:
      ensure    =&gt;  file,
      path      =&gt;  $ng_nagios_conf,
      owner     =&gt;  &#39;root&#39;,
      group     =&gt;  &#39;root&#39;,
      mode      =&gt;  &#39;0644&#39;,
      selrange  =&gt;  s0,
      selrole   =&gt;  object_r,
      seltype   =&gt;  httpd_config_t,
      seluser   =&gt;  system_u,
      content   =&gt;  template($ng_nagios_conf_erb),
      notify    =&gt;  Service[$ae_service],
    }
    if $ng_http_https_fw == true {
      file { $ng_forward_conf:
        ensure    =&gt;  file,
-        path      =&gt;  $ng_forward_conf,
+        path      =&gt;  $ng_cgi_cfg_file,
        owner     =&gt;  &#39;root&#39;,
        group     =&gt;  &#39;root&#39;,
        mode      =&gt;  &#39;0644&#39;,
        selrange  =&gt;  s0,
        selrole   =&gt;  object_r,
        seltype   =&gt;  nagios_etc_t,
        seluser   =&gt;  system_u,
        content   =&gt;  template($ng_cgi_cfg_erb),
        notify    =&gt;  Service[$ng_service],
      }
      # manage nagios.conf for httpd
      file { $ng_nagios_conf:
        ensure    =&gt;  file,
        path      =&gt;  $ng_nagios_conf,
        owner     =&gt;  &#39;root&#39;,
        group     =&gt;  &#39;root&#39;,
        mode      =&gt;  &#39;0644&#39;,
@@ -268,18 +329,73 @@ class cd_nagios::server::files (
        selrole   =&gt;  object_r,
        seltype   =&gt;  httpd_config_t,
        seluser   =&gt;  system_u,
-        content   =&gt;  template($ng_forward_conf_erb),
+        content   =&gt;  template($ng_nagios_conf_erb),
        notify    =&gt;  Service[$ae_service],
      }
      if $ng_http_https_fw == true {
        file { $ng_forward_conf:
          ensure    =&gt;  file,
          path      =&gt;  $ng_forward_conf,
          owner     =&gt;  &#39;root&#39;,
          group     =&gt;  &#39;root&#39;,
          mode      =&gt;  &#39;0644&#39;,
          selrange  =&gt;  s0,
          selrole   =&gt;  object_r,
          seltype   =&gt;  httpd_config_t,
          seluser   =&gt;  system_u,
          content   =&gt;  template($ng_forward_conf_erb),
          notify    =&gt;  Service[$ae_service],
        }
      }
      # manage welcome.conf for nagios web server
      if $ng_disable_welcome == true {
        file { $ng_welcome_conf:
          ensure    =&gt;  file,
          path      =&gt;  $ng_welcome_conf,
          owner     =&gt;  &#39;root&#39;,
          group     =&gt;  &#39;root&#39;,
          mode      =&gt;  &#39;0644&#39;,
          selrange  =&gt;  s0,
          selrole   =&gt;  object_r,
          seltype   =&gt;  httpd_config_t,
          seluser   =&gt;  system_u,
          content   =&gt;  template($ng_welcome_conf_erb),
          notify    =&gt;  Service[$ae_service],
        }
      }
    }
-    # manage welcome.conf for nagios web server
+  else {
-    if $ng_disable_welcome == true {
+    require cd_nagios::main::dirs
-      file { $ng_welcome_conf:
+      # manage nagios.cfg
      # manage cgi.cfg
      file { $ng_cgi_cfg_file:
        ensure    =&gt;  file,
-        path      =&gt;  $ng_welcome_conf,
+        path      =&gt;  $ng_cgi_cfg_file,
        owner     =&gt;  &#39;root&#39;,
        group     =&gt;  &#39;root&#39;,
        mode      =&gt;  &#39;0644&#39;,
        selrange  =&gt;  s0,
        selrole   =&gt;  object_r,
        seltype   =&gt;  nagios_etc_t,
        seluser   =&gt;  system_u,
        content   =&gt;  template($ng_cgi_cfg_erb),
        notify    =&gt;  Service[$ng_service],
      }
      # manage nagios.conf for httpd
      file { $ng_nagios_conf:
        ensure    =&gt;  file,
        path      =&gt;  $ng_nagios_conf,
        owner     =&gt;  &#39;root&#39;,
        group     =&gt;  &#39;root&#39;,
        mode      =&gt;  &#39;0644&#39;,
@@ -287,9 +403,45 @@ class cd_nagios::server::files (
        selrole   =&gt;  object_r,
        seltype   =&gt;  httpd_config_t,
        seluser   =&gt;  system_u,
-        content   =&gt;  template($ng_welcome_conf_erb),
+        content   =&gt;  template($ng_nagios_conf_erb),
        notify    =&gt;  Service[$ae_service],
      }
      if $ng_http_https_fw == true {
        file { $ng_forward_conf:
          ensure    =&gt;  file,
          path      =&gt;  $ng_forward_conf,
          owner     =&gt;  &#39;root&#39;,
          group     =&gt;  &#39;root&#39;,
          mode      =&gt;  &#39;0644&#39;,
          selrange  =&gt;  s0,
          selrole   =&gt;  object_r,
          seltype   =&gt;  httpd_config_t,
          seluser   =&gt;  system_u,
          content   =&gt;  template($ng_forward_conf_erb),
          notify    =&gt;  Service[$ae_service],
        }
      }
      # manage welcome.conf for nagios web server
      if $ng_disable_welcome == true {
        file { $ng_welcome_conf:
          ensure    =&gt;  file,
          path      =&gt;  $ng_welcome_conf,
          owner     =&gt;  &#39;root&#39;,
          group     =&gt;  &#39;root&#39;,
          mode      =&gt;  &#39;0644&#39;,
          selrange  =&gt;  s0,
          selrole   =&gt;  object_r,
          seltype   =&gt;  httpd_config_t,
          seluser   =&gt;  system_u,
          content   =&gt;  template($ng_welcome_conf_erb),
          notify    =&gt;  Service[$ae_service],
        }
      }
    }
  }
 }</pre>
@@ -300,7 +452,7 @@ class cd_nagios::server::files (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
@@ -174,7 +174,7 @@ class cd_nagios::server::service (
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:50 2017 by
+  Generated on Fri Jul 21 17:16:25 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
+++ b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html
@@ -220,7 +220,7 @@ $ng_service       = $::cd_nagios::params::ng_service
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:51 2017 by
+  Generated on Fri Jul 21 17:16:26 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/doc/top-level-namespace.html
+++ b/doc/top-level-namespace.html
@@ -90,7 +90,7 @@
 </div>
      <div id="footer">
-  Generated on Fri Jul 21 16:51:47 2017 by
+  Generated on Fri Jul 21 17:16:23 2017 by
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.9 (ruby-2.0.0).
 </div>
--- a/manifests/certbot/config.pp
+++ b/manifests/certbot/config.pp
@@ -29,6 +29,24 @@ class cd_nagios::certbot::config (
      require cd_certbot
      # ensure there is no forward vhost file
      exec { 'remove forward vhost':
        command   =>  "rm -Rf  $ng_forward_conf",
        creates   =>  '/etc/httpd/conf.d/.cert_created',
      }
      # create temp vhost file
      exec { 'create_temp_vhost':
        command   =>  template('cd_nagios/certbot/create_tempfile.erb'),
        cwd       =>  '/tmp',
        path      =>  ['/bin','/usr/bin'],
        provider  =>  'shell',
        creates   =>  '/etc/httpd/conf.d/.created',
        notify    =>  Service['httpd'],
      }
      # create cert
      exec { 'create_cert':
@@ -41,6 +59,18 @@ class cd_nagios::certbot::config (
        creates   =>  '/etc/httpd/conf.d/.cert_created',
      }
      # remove temp_vhost
      exec { 'remove_temp_vhost':
        command   =>  "rm -Rf ${ng_certbot_temp_file}",
        cwd       =>  '/tmp',
        path      =>  ['/bin','/usr/bin'],
        provider  =>  'shell',
        notify    =>  Service['httpd'],
        require   =>  Exec['create_cert'],
        creates   =>  "/etc/letsencrypt/live/${ng_nagios_server}/cert.pem",
      }
      # renew certs
      exec {  'renew_cert':
--- a/manifests/main/config.pp
+++ b/manifests/main/config.pp
@@ -37,11 +37,6 @@ class cd_nagios::main::config (
    if $ng_use_selinux_tools == true {
      include cd_nagios::selinux::config
    }
    if $ng_enable_certbot == true {
      include cd_nagios::certbot::config
    }
  }
  if $::fqdn != $ng_nagios_server {
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -374,7 +374,9 @@ $ng_forward_conf      = '/etc/httpd/conf.d/nagios_forward.conf'
 $ng_forward_conf_erb  = 'cd_nagios/httpd/forward_conf.erb'
 $ng_get_cert_erb      = 'cd_nagios/certbot/get_cert.erb'
 $ng_unless_get_cert   = 'cd_nagios/certbot/unless_get_cert.erb'
-$ng_unless_renew_erb  =  'cd_nagios/certbot/unless_renew_cert.erb'
+$ng_unless_renew_erb  = 'cd_nagios/certbot/unless_renew_cert.erb'
 $ng_create_tempvhost  = 'cd_nagios/certbot/create_tempfile.erb'
 $ng_certbot_temp_file = '/etc/httpd/conf.d/certbot_temp.conf'
 # includes must be last
--- a/manifests/server/files.pp
+++ b/manifests/server/files.pp
@@ -25,49 +25,34 @@ class cd_nagios::server::files (
 ) inherits cd_nagios::params {
  if $::fqdn == $ng_nagios_server {
    if $ng_enable_certbot == true {
      require cd_nagios::certbot::config
      require cd_nagios::main::dirs
-  require cd_nagios::main::dirs
+      # manage nagios.cfg
    # manage nagios.cfg
-    # manage cgi.cfg
+      # manage cgi.cfg
-    file { $ng_cgi_cfg_file:
+      file { $ng_cgi_cfg_file:
      ensure    =>  file,
      path      =>  $ng_cgi_cfg_file,
      owner     =>  'root',
      group     =>  'root',
      mode      =>  '0644',
      selrange  =>  s0,
      selrole   =>  object_r,
      seltype   =>  nagios_etc_t,
      seluser   =>  system_u,
      content   =>  template($ng_cgi_cfg_erb),
      notify    =>  Service[$ng_service],
    }
    # manage nagios.conf for httpd
    file { $ng_nagios_conf:
      ensure    =>  file,
      path      =>  $ng_nagios_conf,
      owner     =>  'root',
      group     =>  'root',
      mode      =>  '0644',
      selrange  =>  s0,
      selrole   =>  object_r,
      seltype   =>  httpd_config_t,
      seluser   =>  system_u,
      content   =>  template($ng_nagios_conf_erb),
      notify    =>  Service[$ae_service],
    }
    if $ng_http_https_fw == true {
      file { $ng_forward_conf:
        ensure    =>  file,
-        path      =>  $ng_forward_conf,
+        path      =>  $ng_cgi_cfg_file,
        owner     =>  'root',
        group     =>  'root',
        mode      =>  '0644',
        selrange  =>  s0,
        selrole   =>  object_r,
        seltype   =>  nagios_etc_t,
        seluser   =>  system_u,
        content   =>  template($ng_cgi_cfg_erb),
        notify    =>  Service[$ng_service],
      }
      # manage nagios.conf for httpd
      file { $ng_nagios_conf:
        ensure    =>  file,
        path      =>  $ng_nagios_conf,
        owner     =>  'root',
        group     =>  'root',
        mode      =>  '0644',
@@ -75,18 +60,73 @@ class cd_nagios::server::files (
        selrole   =>  object_r,
        seltype   =>  httpd_config_t,
        seluser   =>  system_u,
-        content   =>  template($ng_forward_conf_erb),
+        content   =>  template($ng_nagios_conf_erb),
        notify    =>  Service[$ae_service],
      }
      if $ng_http_https_fw == true {
        file { $ng_forward_conf:
          ensure    =>  file,
          path      =>  $ng_forward_conf,
          owner     =>  'root',
          group     =>  'root',
          mode      =>  '0644',
          selrange  =>  s0,
          selrole   =>  object_r,
          seltype   =>  httpd_config_t,
          seluser   =>  system_u,
          content   =>  template($ng_forward_conf_erb),
          notify    =>  Service[$ae_service],
        }
      }
      # manage welcome.conf for nagios web server
      if $ng_disable_welcome == true {
        file { $ng_welcome_conf:
          ensure    =>  file,
          path      =>  $ng_welcome_conf,
          owner     =>  'root',
          group     =>  'root',
          mode      =>  '0644',
          selrange  =>  s0,
          selrole   =>  object_r,
          seltype   =>  httpd_config_t,
          seluser   =>  system_u,
          content   =>  template($ng_welcome_conf_erb),
          notify    =>  Service[$ae_service],
        }
      }
    }
-    # manage welcome.conf for nagios web server
+  else {
-    if $ng_disable_welcome == true {
+    require cd_nagios::main::dirs
-      file { $ng_welcome_conf:
+      # manage nagios.cfg
      # manage cgi.cfg
      file { $ng_cgi_cfg_file:
        ensure    =>  file,
-        path      =>  $ng_welcome_conf,
+        path      =>  $ng_cgi_cfg_file,
        owner     =>  'root',
        group     =>  'root',
        mode      =>  '0644',
        selrange  =>  s0,
        selrole   =>  object_r,
        seltype   =>  nagios_etc_t,
        seluser   =>  system_u,
        content   =>  template($ng_cgi_cfg_erb),
        notify    =>  Service[$ng_service],
      }
      # manage nagios.conf for httpd
      file { $ng_nagios_conf:
        ensure    =>  file,
        path      =>  $ng_nagios_conf,
        owner     =>  'root',
        group     =>  'root',
        mode      =>  '0644',
@@ -94,9 +134,45 @@ class cd_nagios::server::files (
        selrole   =>  object_r,
        seltype   =>  httpd_config_t,
        seluser   =>  system_u,
-        content   =>  template($ng_welcome_conf_erb),
+        content   =>  template($ng_nagios_conf_erb),
        notify    =>  Service[$ae_service],
      }
      if $ng_http_https_fw == true {
        file { $ng_forward_conf:
          ensure    =>  file,
          path      =>  $ng_forward_conf,
          owner     =>  'root',
          group     =>  'root',
          mode      =>  '0644',
          selrange  =>  s0,
          selrole   =>  object_r,
          seltype   =>  httpd_config_t,
          seluser   =>  system_u,
          content   =>  template($ng_forward_conf_erb),
          notify    =>  Service[$ae_service],
        }
      }
      # manage welcome.conf for nagios web server
      if $ng_disable_welcome == true {
        file { $ng_welcome_conf:
          ensure    =>  file,
          path      =>  $ng_welcome_conf,
          owner     =>  'root',
          group     =>  'root',
          mode      =>  '0644',
          selrange  =>  s0,
          selrole   =>  object_r,
          seltype   =>  httpd_config_t,
          seluser   =>  system_u,
          content   =>  template($ng_welcome_conf_erb),
          notify    =>  Service[$ae_service],
        }
      }
    }
  }
 }
--- a/templates/certbot/create_tempfile.erb
+++ b/templates/certbot/create_tempfile.erb
@@ -0,0 +1,11 @@
 echo "# temporary vhost file
  <VirtualHost *:80>
    ServerAdmin root@localhost
    DocumentRoot /var/www/html
    ServerName <%= @ng_nagios_server %>
    <Directory />
    AllowOverride All
    </Directory>
  </VirtualHost>
    " > <%= @ng_certbot_temp_file %>
 touch /etc/httpd/conf.d/.created