confdroid/confdroid_nagios
3
0
Fork 0
Code Issues Projects Wiki Activity

forwarding is workg properly now

Browse Source
This commit is contained in:
Arne Teuke
2017-07-23 14:13:02 +01:00
parent 101aa23b1b
commit 92015e6a78
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -106,11 +106,12 @@ A working instance of PuppetDBconnected to the Puppet master is required for thi
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored. All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.
### Certbot ### Certbot
This module can optionally setup [certbot](https://certbot.eff.org/) TLS certificate management for the frontend GUI. In order to do so, set `ng_enable_certbot` to true (default). Effectively, this will manage the certs before even installing Nagios, so there will be no problems with the Nagios showing up with a self-signed certificate. This module can optionally setup [certbot](https://certbot.eff.org/) TLS certificate management for the frontend GUI. In order to do so, set `$ng_enable_certbot` as well as `$ng_use_https` to `true` (default). Effectively, this will manage the certs before even installing Nagios, so there will be no problems with the Nagios showing up with a self-signed certificate. Once enabled, the module will go and try to obtain a certificate automatically. For this to work, you need to have proper DNS resolution set up for your domain / nagios server. Certs are also automatically renewed.
Once enabled, the module will go and try to obtain a certificate automatically. For this to work, you need to have proper DNS resolution set up for your domain / nagios server.
If you prefer to use https but use self-signed certs or your own CA, simply set to false. This will point the SSL vhost config file to the default location for TLS certificates.
### httpd vHost files ### httpd vHost files
by Default, Nagios creates its own nagios.conf file, which is not a vhost file and relies on the main ssd.conf. However, as Nagios might be running on a regular web server with various other web instances (not recommended through), we will not want to manage ssl.conf directly, hence the module creates a vhost for the ssl host. by Default, Nagios creates its own nagios.conf file, which is not a vhost file and relies on the main ssd.conf. However, as Nagios might be running on a regular web server with various other web instances (not recommended through for performance reasons), we will not want to manage ssl.conf directly, hence the module creates a vhost for the ssl host.
### Known Problems ### Known Problems

3
templates/httpd/forward_conf.erb
View File

@@ -1,12 +1,13 @@
<VirtualHost *:<%= @ng_http_port %>> <VirtualHost *:<%= @ng_http_port %>>
ServerAdmin root@localhost ServerAdmin root@localhost
DocumentRoot /var/www/html DocumentRoot /var/www/html
ServerName www.<%= @ng_webserver_name %> ServerName www.<%= @ng_webserver_name %>/nagios
ServerAlias <%= @ng_webserver_name %> ServerAlias <%= @ng_webserver_name %>
<% if @ng_use_https == true -%> <% if @ng_use_https == true -%>
Redirect permanent / https://<%= @ng_webserver_name %>/nagios Redirect permanent / https://<%= @ng_webserver_name %>/nagios
<% end -%> <% end -%>
<% if @ng_use_https != true -%> <% if @ng_use_https != true -%>
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/" ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
<Directory "/usr/lib64/nagios/cgi-bin/"> <Directory "/usr/lib64/nagios/cgi-bin/">

2
templates/httpd/nagios_ssl_vhost.erb
View File

@@ -113,6 +113,8 @@ Alias /nagios "/usr/share/nagios/html"
</IfVersion> </IfVersion>
</Directory> </Directory>
RedirectMatch ^/$ https://<%= @ng_webserver_name %>/nagios
SetEnvIf User-Agent ".*MSIE.*" \ SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \ nokeepalive ssl-unclean-shutdown \