confdroid/confdroid_nagios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

OP#491 add remoteIP control

Browse Source
This commit is contained in:
Arne Teuke
2026-03-12 15:29:14 +01:00
parent c05ca6e823
commit d021151c47
3 changed files with 32 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
manifests/params.pp
View File

@@ -441,7 +441,11 @@
# in fail2ban. Default is '3600'. # in fail2ban. Default is '3600'.
# @param [String] ng_fail2ban_ignoreip A comma-separated list of IP addresses # @param [String] ng_fail2ban_ignoreip A comma-separated list of IP addresses
# to ignore in fail2ban. Default is '127.0.0.1/8 ::1 192.168.1.0/24'. # to ignore in fail2ban. Default is '127.0.0.1/8 ::1 192.168.1.0/24'.
################################################################################ # @param [Boolean] ng_use_lb Whether to use load balancing for the Nagios server.
# Default is false.
# @param [String] ng_trusted_proxy The IP address of the trusted proxy to access
# the Nagios server. Default is '10.0.0.10'.
###############################################################################
class confdroid_nagios::params ( class confdroid_nagios::params (
# main # main
@@ -458,6 +462,8 @@ class confdroid_nagios::params (
String $ng_user = 'nagios', String $ng_user = 'nagios',
Boolean $ng_enable_target = true, Boolean $ng_enable_target = true,
Boolean $ng_purge_target = true, Boolean $ng_purge_target = true,
Boolean $ng_use_lb = false,
String $ng_trusted_proxy = '10.0.0.10',
# contact groups # contact groups
String $ng_contactgroup_name = 'admins', String $ng_contactgroup_name = 'admins',
@@ -728,6 +734,7 @@ class confdroid_nagios::params (
$ng_nagios_cfg_erb = 'confdroid_nagios/nagios/nagios_cfg.erb' $ng_nagios_cfg_erb = 'confdroid_nagios/nagios/nagios_cfg.erb'
$ng_cgi_cfg_file = "${ng_main_dir}/cgi.cfg" $ng_cgi_cfg_file = "${ng_main_dir}/cgi.cfg"
$ng_cgi_cfg_erb = 'confdroid_nagios/nagios/cgi_cfg.erb' $ng_cgi_cfg_erb = 'confdroid_nagios/nagios/cgi_cfg.erb'
$ng_remoteip_file = '/etc/httpd/conf.d/loadbalancer-remoteip.conf'
# nagios # nagios
$ng_target_templates = "${ng_conf_d_dir}/nagios_templates.cfg" $ng_target_templates = "${ng_conf_d_dir}/nagios_templates.cfg"

15
manifests/server/files.pp
View File

@@ -44,5 +44,20 @@ class confdroid_nagios::server::files (
seltype => nagios_var_run_t, seltype => nagios_var_run_t,
seluser => system_u, seluser => system_u,
} }
if $ng_use_lb == true {
file { $ng_remoteip_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_conf_t,
seluser => system_u,
content => template('confdroid_nagios/loadbalancer/remoteip.conf.erb'),
notify => Service['httpd'],
}
}
} }
} }

9
templates/loadbalancer/remoteip.conf.erb Normal file
View File

@@ -0,0 +1,9 @@
###############################################################################
########## parameterized remoteip config created by Puppet ##########
########## manual changes will be overwritten !!! ##########
###############################################################################
LoadModule remoteip_module modules/mod_remoteip.so
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy <%= @ng_trusted_proxy %>