confdroid/confdroid_nagios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

OP#436 main config file

Browse Source
This commit is contained in:
Arne Teuke
2026-02-14 15:41:26 +01:00
parent 5b78a7b34f
commit df57bce33b
32 changed files with 856 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
manifests/params.pp
View File

@@ -22,6 +22,10 @@
# @param [Integer] ng_u_uid The user ID for the Nagios user. Default is 1004.
# @param [Boolean] ng_include_nrpe Whether to include the NRPE client on the
# Nagios clients. Default is true.
# @param [Boolean] ng_use_https Whether to configure the Nagios web interface
# to use HTTPS. Default is false. We recommend using a reverse proxy
# with SSL termination in front of the Nagios web interface, so this is
# disabled by default.
###############################################################################
class confdroid_nagios::params (
@@ -40,6 +44,9 @@ class confdroid_nagios::params (
String $ng_u_home = '/home/nagios',
Integer $ng_u_uid = 1004,
# httpd
Boolean $ng_use_https = false,
) {
# Default facts
$fqdn = $facts['networking']['fqdn']
@@ -66,6 +73,77 @@ class confdroid_nagios::params (
$ng_cmd_dir = "${ng_spool_dir}/cmd"
$ng_checkresults_dir = "${ng_spool_dir}/checkresults"
# files
$ng_nagios_cfg_file = "${ng_main_dir}/nagios.cfg"
$ng_nagios_cfg_erb = 'confdroid_nagios/nagios/nagios_cfg.erb'
## old
$ng_main_config = "${ng_main_dir}/nagios.cfg"
$ng_cgi_cfg_file = "${ng_main_dir}/cgi.cfg"
$ng_cgi_cfg_erb = 'confdroid_nagios/nagios/cgi_cfg.erb'
$ng_htpasswd_file = "${ng_main_dir}/passwd"
$ng_htpasswd_head = 'confdroid_nagios/nagios/htpasswd_head.erb'
$ng_htpasswd_rule = 'confdroid_nagios/nagios/htpasswd_rule.erb'
$ng_taccgi_erb = 'confdroid_nagios/selinux/taccgi.erb'
$ng_statcgi_erb = 'confdroid_nagios/selinux/statuscgi.erb'
$ng_statdat_erb = 'confdroid_nagios/selinux/statusdat.erb'
$ng_checknrpe_erb = 'confdroid_nagios/selinux/checknrpe.erb'
$ng_checknagios_erb = 'confdroid_nagios/selinux/checknagios.erb'
$ng_nagios_conf = '/etc/httpd/conf.d/nagios.conf'
$ng_nagios_conf_erb = 'confdroid_nagios/httpd/nagios_conf.erb'
$ng_welcome_conf = '/etc/httpd/conf.d/welcome.conf'
$ng_welcome_conf_erb = 'confdroid_nagios/httpd/welcome_conf.erb'
$ng_forward_conf = '/etc/httpd/conf.d/nagios_forward.conf'
$ng_forward_conf_erb = 'confdroid_nagios/httpd/forward_conf.erb'
$ng_get_cert_erb = 'confdroid_nagios/certbot/get_cert.erb'
$ng_unless_get_cert = 'confdroid_nagios/certbot/unless_get_cert.erb'
$ng_unless_renew_erb = 'confdroid_nagios/certbot/unless_renew_cert.erb'
$ng_index_html_file = '/var/www/html/index.html'
$ng_index_html_erb = 'confdroid_nagios/httpd/index_html.erb'
$ng_ssl_vhost_file = '/etc/httpd/conf.d/nagios_ssl.conf'
$ng_ssl_vhost_erb = 'confdroid_nagios/httpd/nagios_ssl_vhost.erb'
$ng_resource_erb = 'confdroid_nagios/nagios/resource_cfg.erb'
$ng_grep_erb = 'confdroid_nagios/selinux/grep.erb'
# certbot
$ng_certbot_main_dir = '/etc/letsencrypt'
$ng_certbot_archive = "${ng_certbot_main_dir}/archive"
$ng_certbot_check = "${ng_certbot_archive}/${ng_webserver_name}/cert1.pem"
$ng_certbot_live = "${ng_certbot_main_dir}/live"
# nagios
$ng_target_templates = "${ng_conf_d_dir}/nagios_templates.cfg"
$ng_templates_head_erb = 'confdroid_nagios/nagios/templates_cfg_head.erb'
$ng_templates_rule_erb = 'confdroid_nagios/nagios/templates_cfg_rule.erb'
$ng_tgt_timeperiods_base = "${ng_conf_d_dir}/nagios_timeperiods.cfg"
$ng_tgt_timep_add = "${ng_conf_d_dir}/nagios_timeperiods_add.cfg"
$ng_tgt_timep_head_erb = 'confdroid_nagios/nagios/timeperiods_cfg_head.erb'
$ng_tgt_timep_rule_erb = 'confdroid_nagios/nagios/timeperiods_cfg_rule.erb'
$ng_target_localhost = "${ng_conf_d_dir}/nagios_localhost.cfg"
$ng_target_host = "${ng_conf_d_dir}/nagios_host.cfg"
$ng_target_hostgroup_base = "${ng_conf_d_dir}/nagios_hostgroups_base.cfg"
$ng_tgt_hostgroup_add = "${ng_conf_d_dir}/nagios_hostgroups_add.cfg"
$ng_tgt_hostgrp_head_erb = 'confdroid_nagios/nagios/hostgroups_cfg_head.erb'
$ng_tgt_hostgrp_rule_erb = 'confdroid_nagios/nagios/hostgroups_cfg_rule.erb'
$ng_target_hostdep = "${ng_conf_d_dir}/nagios_hostdependency.cfg"
$ng_target_hostesc = "${ng_conf_d_dir}/nagios_hostescalation.cfg"
$ng_target_hostext = "${ng_conf_d_dir}/nagios_hostextinfo.cfg"
$ng_target_service = "${ng_conf_d_dir}/nagios_service.cfg"
$ng_target_svcgrp_base = "${ng_conf_d_dir}/nagios_servicegroups_base.cfg"
$ng_tgt_servicegroup_add = "${ng_conf_d_dir}/nagios_servicegroups_add.cfg"
$ng_tgt_svcgrp_head_erb = 'confdroid_nagios/nagios/svcgroups_cfg_head.erb'
$ng_tgt_svcgrp_rule_erb = 'confdroid_nagios/nagios/svcgroups_cfg_rule.erb'
$ng_target_base_contact = "${ng_conf_d_dir}/nagios_contact_base.cfg"
$ng_target_add_contact = "${ng_conf_d_dir}/nagios_contact_add.cfg"
$ng_contacts_head_erb = 'confdroid_nagios/nagios/contacts_cfg_head.erb'
$ng_contacts_rule_erb = 'confdroid_nagios/nagios/contacts_cfg_rule.erb'
$ng_tgt_contactgroup_base = "${ng_conf_d_dir}/nagios_contactgroup_base.cfg"
$ng_tgt_contactgroup_add = "${ng_conf_d_dir}/nagios_contactgroup_add.cfg"
$ng_cntctgrps_head_erb = 'confdroid_nagios/nagios/contactgroups_cfg_head.erb'
$ng_cntctgrps_rule_erb = 'confdroid_nagios/nagios/contactgroups_cfg_rule.erb'
$ng_target_command = "${ng_conf_d_dir}/nagios_commands_base.cfg"
$ng_nagios_service_cmd = 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios'
# includes must be last
include confdroid_nagios::main::config
}

14
manifests/server/files.pp
View File

@@ -1,13 +1,19 @@
## confdroid_nagios::server::files.pp
# Module name: confdroid_nagios
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary Class manages server file configuration for the confdroid_nagios module.
# @summary Class manages configuration files for the confdroid_nagios module.
###############################################################################
class confdroid_nagios::server::files (
) inherits confdroid_nagios::params {
require confdroid_nagios::main::dirs
# if $ng_nagios_server == $fqdn {
# #config here
# }
if $ng_nagios_server == $fqdn {
file { $ng_nagios_cfg_file:
ensure => file,
owner => $ng_user,
group => $ng_user,
mode => '0644',
content => template($ng_nagios_cfg_erb),
}
}
}

10
manifests/server/nagios.pp Normal file
View File

@@ -0,0 +1,10 @@
## confdroid_nagios::server::nagios.pp
# Module name: confdroid_nagios
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary Class manages nagios resources for the confdroid_nagios module.
###############################################################################
class confdroid_nagios::server::nagios (
) inherits confdroid_nagios::params {
# config here
}

1
templates/certbot/get_cert.erb Normal file
View File

@@ -0,0 +1 @@
certbot certonly -t -n --agree-tos --webroot -w <%= @ng_certbot_webroot %>/ -d <%= @ng_webserver_name %> --email <%= @ng_mail_user %>

4
templates/certbot/unless_get_cert.erb Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
<% if @ng_enable_certbot == true %>
test -d /etc/letsencrypt/archive/<%= @ng_nagios_server %>
<% end %>

7
templates/certbot/unless_renew_cert.erb Normal file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
<% if @ng_enable_certbot == true %>
case `find /etc/letsencrypt/renewal -type f -name "<%= @ng_nagios_server %>.conf" -mtime +80` in
'') echo 'No filename found' exit 0 ;;
*) echo 'Found filename' exit 1 ;;
esac
<% end %>

96
templates/httpd/forward_conf.erb Normal file
View File

@@ -0,0 +1,96 @@
<VirtualHost *:<%= @ng_http_port %>>
ServerAdmin root@localhost
DocumentRoot /var/www/html
ServerName www.<%= @ng_webserver_name %>/nagios
ServerAlias <%= @ng_webserver_name %>
<% if @ng_use_https == true -%>
Redirect permanent / https://<%= @ng_webserver_name %>/
<% end -%>
<% if @ng_use_https != true -%>
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
<Directory "/usr/lib64/nagios/cgi-bin/">
<% if @ng_use_https == true -%>
SSLRequireSSL
<% else -%>
# SSLRequireSSL
<% end -%>
Options ExecCGI
AllowOverride None
<IfVersion >= 2.3>
<RequireAll>
Require all granted
<% unless @ng_required_hosts.empty? -%>
Require host <%= @ng_required_hosts %>
<% end -%>
<% unless @ng_required_ips.empty? -%>
Require ip <%= @ng_required_ips %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</RequireAll>
</IfVersion>
<IfVersion < 2.3>
Order allow,deny
<% unless @ng_required_hosts.empty? -%>
Allow from <%= @ng_required_hosts %>
<% end -%>
<% unless @ng_required_ips.empty? -%>
Allow from <%= @ng_required_ips %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</IfVersion>
</Directory>
Alias /nagios "/usr/share/nagios/html"
<Directory "/usr/share/nagios/html">
<% if @ng_use_https == true -%>
SSLRequireSSL
<% else -%>
# SSLRequireSSL
<% end -%>
Options None
AllowOverride None
<IfVersion >= 2.3>
<RequireAll>
Require all granted
<% unless @ng_required_hosts.empty? -%>
Require host <%= @ng_required_hosts %>
<% end -%>
<% unless @ng_required_ips.empty? -%>
Require ip <%= @ng_required_ips %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</RequireAll>
</IfVersion>
<IfVersion < 2.3>
Order allow,deny
<% unless @ng_required_hosts.empty? -%>
Allow from <%= @ng_required_hosts %>
<% end -%>
<% unless @ng_required_ips.empty? -%>
Allow from <%= @ng_required_ips %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</IfVersion>
</Directory>
<% end -%>
<Directory />
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/<%= @ng_webserver_name %>-error_log
CustomLog /var/log/httpd/<%= @ng_webserver_name %>-access_log common
</VirtualHost>

0
templates/httpd/index_html.erb Normal file
View File

126
templates/httpd/nagios_ssl_vhost.erb Normal file
View File

@@ -0,0 +1,126 @@
###############################################################################
##### virtual_host file created by puppet, changes will be overwritten ######
###############################################################################
<VirtualHost *:<%= @ng_https_port %>>
ServerAdmin root@localhost
DocumentRoot /var/www/html
ServerName <%= @ng_webserver_name %>
ServerAlias <%= @ng_webserver_name %>
ErrorLog /var/log/httpd/nagios_ssl_error_log
# ErrorLog syslog:local1
TransferLog /var/log/httpd/nagios_ssl_transfer_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
<% if @ng_enable_certbot == true -%>
SSLCertificateFile <%= @ng_certbot_live %>/<%= @ng_webserver_name %>/cert.pem
SSLCertificateKeyFile <%= @ng_certbot_live %>/<%= @ng_webserver_name %>/privkey.pem
SSLCACertificateFile <%= @ng_certbot_live %>/<%= @ng_webserver_name %>/fullchain.pem
<% elsif @ng_enable_certbot != true -%>
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
<% end -%>
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
<Directory "/usr/lib64/nagios/cgi-bin/">
<% if @ng_use_https == true -%>
SSLRequireSSL
<% else -%>
# SSLRequireSSL
<% end -%>
Options ExecCGI
AllowOverride None
<IfVersion >= 2.3>
<RequireAll>
Require all granted
<% unless @ng_required_hosts.empty? -%>
Require host <%= @ng_required_hosts %>
<% end -%>
<% unless @source_range.empty? -%>
Require ip <%= @source_range %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</RequireAll>
</IfVersion>
<IfVersion < 2.3>
Order allow,deny
<% unless @ng_required_hosts.empty? -%>
Allow from <%= @ng_required_hosts %>
<% end -%>
<% unless @source_range.empty? -%>
Allow from <%= @source_range %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</IfVersion>
</Directory>
Alias /nagios "/usr/share/nagios/html"
<Directory "/usr/share/nagios/html">
<% if @ng_use_https == true -%>
SSLRequireSSL
<% else -%>
# SSLRequireSSL
<% end -%>
Options None
AllowOverride None
<IfVersion >= 2.3>
<RequireAll>
Require all granted
<% unless @ng_required_hosts.empty? -%>
Require host <%= @ng_required_hosts %>
<% end -%>
<% unless @source_range.empty? -%>
Require ip <%= @source_range %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</RequireAll>
</IfVersion>
<IfVersion < 2.3>
Order allow,deny
<% unless @ng_required_hosts.empty? -%>
Allow from <%= @ng_required_hosts %>
<% end -%>
<% unless @source_range.empty? -%>
Allow from <%= @source_range %>
<% end -%>
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/passwd
Require valid-user
</IfVersion>
</Directory>
RedirectMatch ^/$ https://<%= @ng_webserver_name %>/nagios
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

90
templates/nagios/cgi_cfg.erb Normal file
View File

@@ -0,0 +1,90 @@
###############################################################################
########## parameterized cgi.cfg created by Puppet ##########
########## manual changes will be overwritten !!! ##########
###############################################################################
main_config_file=<%= @ng_main_config %>
physical_html_path=<%= @ng_share_html %>
url_html_path=/nagios
show_context_help=<%= @ng_context_help %>
use_pending_states=<%= @ng_pending_state %>
use_authentication=<%= @ng_use_auth %>
use_ssl_authentication=<%= @ng_use_ssl_auth %>
<% if @ng_enable_def_user == true -%>
default_user_name=<%= @ng_def_user_name %>
<% else -%>
#default_user_name=guest
<% end -%>
authorized_for_system_information=<%= @ng_nagios_admin %>,<%= @ng_sysinfo_auth %>
authorized_for_configuration_information=<%= @ng_nagios_admin %>,<%= @ng_confinfo_auth %>
authorized_for_system_commands=<%= @ng_nagios_admin %>,<%= @ng_command_auth %>
authorized_for_all_services=<%= @ng_nagios_admin %>,<%= @ng_serviceview_auth %>
authorized_for_all_hosts=<%= @ng_nagios_admin %>,<%= @ng_hostview_auth %>
authorized_for_all_service_commands=<%= @ng_nagios_admin %>,<%= @ng_svc_cmd_auth %>
authorized_for_all_host_commands=<%= @ng_nagios_admin %>,<%= @ng_host_cmd_auth %>
authorized_for_read_only=<%= @ng_readonly_auth %>
statusmap_background_image=<%= @ng_statusmap_img %>
<% if @ng_use_colormap == true -%>
color_transparency_index_r=<%= @ng_colormap_red %>
color_transparency_index_g=<%= @ng_colormap_green %>
color_transparency_index_b=<%= @ng_colormap_blue %>
<% else -%>
#color_transparency_index_r=255
#color_transparency_index_g=255
#color_transparency_index_b=255
<% end -%>
default_statusmap_layout=<%= @ng_statusmap_layout%>
default_statuswrl_layout=<%= @ng_wrl_layout %>
<% if @ng_incl_own_wrl == true -%>
statuswrl_include=<%= @ng_statuswrl_include %>
<% else -%>
#statuswrl_include=myworld.wrl
<% end -%>
ping_syntax=<%= @ng_ping_syntax %>
refresh_rate=<%= @ng_refresh_rate %>
result_limit=1<%= @ng_result_limit %>
escape_html_tags=<%= @ng_escape_html %>
<% if @ng_use_sound == true -%>
host_unreachable_sound=<%= @ng_host_unreachable %>
host_down_sound=<%= @ng_host_down %>
service_critical_sound=<%= @ng_svc_critical %>
service_warning_sound=<%= @ng_svc_warn %>
service_unknown_sound=<%= @ng_svc_unknown %>
normal_sound=<%= @ng_normal_sound %>
<% else -%>
#host_unreachable_sound=hostdown.wav
#host_down_sound=hostdown.wav
#service_critical_sound=critical.wav
#service_warning_sound=warning.wav
#service_unknown_sound=warning.wav
#normal_sound=noproblem.wav
<% end -%>
action_url_target=<%= @ng_action_url_target %>
notes_url_target=<%= @ng_notes_url_target %>
lock_author_names=<%= @ng_lock_author_names %>
<% if @ng_enable_splunk -%>
enable_splunk_integration=1
splunk_url=<%= @ng_splunk_url %>
<% else -%>
enable_splunk_integration=0
#splunk_url=http://127.0.0.1:8000/
<% end -%>
navbar_search_for_addresses=<%= @ng_navbar_addresses %>
navbar_search_for_aliases=<%= @ng_navbar_aliases %>
ack_no_sticky=<%= @ng_ack_no_sticky %>
ack_no_send=<%= @ng_ack_no_send %>

6
templates/nagios/contactgroups_cfg_head.erb Normal file
View File

@@ -0,0 +1,6 @@
###############################################################################
########## nagios_add_contactgroups.cfg created by Puppet ##########
########## manual changes are overwritten! ##########
###############################################################################
# rules are created below by external puppet rules.

6
templates/nagios/contactgroups_cfg_rule.erb Normal file
View File

@@ -0,0 +1,6 @@
define contactgroup {
contactgroup_name <%= @ng_contactgroup_name %>
alias <%= @ng_contactgroup_alias %>
register <%= @ng_contactgroup_register %>
}

8
templates/nagios/contacts_cfg_head.erb Normal file
View File

@@ -0,0 +1,8 @@
###############################################################################
########## nagios_add_contact.cfg created by Puppet ##########
########## manual changes are overwritten! ##########
###############################################################################
########## Full reference file available at ##########
########## https://confdroid.com/2017/07/nagios-contacts-cfg/ ##########
###############################################################################
# rules are created below by external puppet rules.

8
templates/nagios/contacts_cfg_rule.erb Normal file
View File

@@ -0,0 +1,8 @@
define contact {
contact_name <%= @ng_contact_name %>
use <%= @ng_contact_use %>
alias <%= @ng_contact_alias %>
email <%= @ng_contact_email %>
contactgroups <%= @ng_contact_groups %>
}

5
templates/nagios/hostgroups_cfg_head.erb Normal file
View File

@@ -0,0 +1,5 @@
###############################################################################
########## nagios_hostgroups_add.cfg created by Puppet ##########
########## manual changes are overwritten! ##########
###############################################################################
# rules are created below by external puppet rules.

6
templates/nagios/hostgroups_cfg_rule.erb Normal file
View File

@@ -0,0 +1,6 @@
define hostgroup {
hostgroup_name <%= @ng_hostgroup_name %>
alias <%= @ng_hostgroup_alias %>
register <%= @ng_hostgroup_register %>
}

1
templates/nagios/htpasswd_rule.erb Normal file
View File

@@ -0,0 +1 @@
<%= @ng_htpasswd_user %>:<%= @ng_htpasswd_password %>

214
templates/nagios/nagios_cfg.erb Normal file
View File

@@ -0,0 +1,214 @@
################################################################################
##### nagios.cfg created by Puppet | manual changes will be overwritten #####
################################################################################
log_file=<%= @ng_log_file %>
cfg_dir=<%= @ng_conf_d_dir %>
object_cache_file=<%= @ng_object_cache_file %>
precached_object_file=<%= @ng_precached_obj_file %>
resource_file=<%= @ng_resource_file %>
status_file=<%= @ng_status_file %>
status_update_interval=<%= @ng_status_upd_interval %>
nagios_user=<%= @ng_user %>
nagios_group=<%= @ng_user %>
check_external_commands=<%= @ng_check_ext_commands %>
command_file=<%= @ng_command_file %>
<% if @ng_enable_query_handler == true -%>
query_socket=<%= @ng_query_socket %>
<% end -%>
lock_file=<%= @ng_lock_file %>
temp_file=<%= @ng_temp_file %>
temp_path=<%= @ng_temp_path %>
event_broker_options=<%= @ng_event_broker_options %>
<% unless @ng_event_broker_module.empty? -%>
<% @ng_event_broker_module.each do |broker_module| -%>
broker_module=<%= broker_module %>
<% end end -%>
log_rotation_method=<%= @ng_log_rotation_method %>
log_archive_path=<%= @ng_log_archive_path %>
use_syslog=<%= @ng_use_syslog %>
log_notifications=<%= @ng_log_notifications %>
log_service_retries=<%= @ng_log_service_retries %>
log_host_retries=<%= @ng_log_host_retries %>
log_event_handlers=<%= @ng_log_event_handlers %>
log_initial_states=<%= @ng_log_initial_states %>
log_current_states=<%= @ng_log_current_states %>
log_external_commands=<%= @ng_log_external_commands %>
log_passive_checks=<%= @ng_log_passive_checks %>
<% unless @ng_glob_host_evt_handler.empty? -%>
<% @ng_glob_host_evt_handler.each do |global_host_event_handler| -%>
global_host_event_handler=<%= @ng_glob_host_evt_handler %>
<% end end -%>
<% unless @ng_glob_svc_evt_handler.empty? -%>
<% @ng_glob_svc_evt_handler.each do |global_service_event_handler| -%>
global_service_event_handler=<%= @ng_glob_svc_evt_handler %>
<% end end -%>
service_inter_check_delay_method=<%= @ng_svc_int_check_delay %>
max_service_check_spread=<%= @ng_max_svc_check_spread %>
service_interleave_factor=<%= @ng_svc_interleave_factor %>
host_inter_check_delay_method=<%= @ng_host_int_check_delay %>
max_host_check_spread=<%= @ng_max_host_check_spread %>
max_concurrent_checks=<%= @ng_max_concurrent_checks %>
check_result_reaper_frequency=<%= @ng_check_res_reaper_freq %>
max_check_result_reaper_time=<%= @ng_max_check_res_reap_time %>
check_result_path=<%= @ng_check_result_path %>
max_check_result_file_age=<%= @ng_max_check_res_file_age %>
cached_host_check_horizon=<%= @ng_cached_h_check_horizon %>
cached_service_check_horizon=<%= @ng_cached_s_check_horizon %>
enable_predictive_host_dependency_checks=<%= @ng_pred_host_dep_checks %>
enable_predictive_service_dependency_checks=<%= @ng_pred_svc_dep_checks %>
soft_state_dependencies=<%= @ng_soft_state_dependencies %>
time_change_threshold=<%= @ng_time_change_threshold %>
auto_reschedule_checks=<%= @ng_auto_reschedule_checks %>
auto_rescheduling_interval=<%= @ng_auto_reschedule_intval %>
auto_rescheduling_window=<%= @ng_auto_reschedule_window %>
service_check_timeout=<%= @ng_service_check_timeout %>
host_check_timeout=<%= @ng_host_check_timeout %>
event_handler_timeout=<%= @ng_event_handler_timeout %>
notification_timeout=<%= @ng_notification_timeout %>
ocsp_timeout=<%= @ng_ocsp_timeout %>
perfdata_timeout=<%= @ng_perfdata_timeout %>
retain_state_information=<%= @ng_retain_state_inf %>
state_retention_file=<%= @ng_state_retention_file %>
retention_update_interval=<%= @ng_retention_update_intval %>
use_retained_program_state=<%= @ng_use_ret_program_state %>
use_retained_scheduling_info=<%= @ng_use_ret_scheduling_info %>
retained_host_attribute_mask=<%= @ng_ret_host_attr_mask %>
retained_service_attribute_mask=<%= @ng_ret_service_attr_mask %>
retained_process_host_attribute_mask=<%= @ng_ret_proc_host_attr_mask %>
retained_process_service_attribute_mask=<%= @ng_ret_proc_svc_attr_mask %>
retained_contact_host_attribute_mask=<%= @ng_ret_contact_h_attr_mask %>
retained_contact_service_attribute_mask=<%= @ng_ret_contact_s_attr_mask %>
interval_length=<%= @ng_interval_length %>
check_for_updates=<%= @ng_check_for_updates %>
bare_update_check=<%= @ng_bare_update_check %>
use_aggressive_host_checking=<%= @ng_use_aggr_host_checking %>
execute_service_checks=<%= @ng_execute_service_checks %>
accept_passive_service_checks=<%= @ng_accept_pass_svc_checks %>
execute_host_checks=<%= @ng_execute_host_checks %>
accept_passive_host_checks=<%= @ng_accept_pass_host_checks %>
enable_notifications=<%= @ng_enable_notifications %>
enable_event_handlers=<%= @ng_enable_event_handlers %>
process_performance_data=<%= @ng_process_perf_data %>
<% if @ng_process_perf_data == '1' -%>
host_perfdata_command=<%= @ng_host_perfdata_command %>
service_perfdata_command=<%= @ng_svc_perfdata_command %>
host_perfdata_file=<%= @ng_host_perfdata_file %>
service_perfdata_file=<%= @ng_service_perfdata_file %>
host_perfdata_file_template=<%= @ng_host_perfdata_template %>
service_perfdata_file_template=<%= @ng_svc_perfdata_template %>
host_perfdata_file_mode=<%= @ng_host_perfdata_file_mode %>
service_perfdata_file_mode=<%= @ng_svc_perfdata_file_mode %>
host_perfdata_file_processing_interval=<%= @ng_h_perfdata_proc_intval %>
service_perfdata_file_processing_interval=<%= @ng_s_perfdata_proc_intval %>
host_perfdata_file_processing_command=<%= @ng_h_perfdata_proc_cmd %>
service_perfdata_file_processing_command=<%= @ng_s_perfdata_proc_cmd %>
host_perfdata_process_empty_results=<%= @ng_h_perfdata_proc_e_res %>
service_perfdata_process_empty_results=<%= @ng_s_perfdata_proc_e_res %>
<% end -%>
obsess_over_services=<%= @ng_obsess_over_services %>
<% if @ng_obsess_over_services == '1' -%>
ocsp_command=<%= @ng_ocsp_command %>
<% end -%>
obsess_over_hosts=<%= @ng_obsess_over_hosts %>
<% if @ng_obsess_over_hosts == '1' -%>
ochp_command=<%= @ng_ochp_command %>
<% end -%>
translate_passive_host_checks=<%= @ng_translate_pass_h_checks %>
passive_host_checks_are_soft=<%= @ng_pass_h_checks_are_soft %>
check_for_orphaned_services=<%= @ng_check_orphaned_svc %>
check_for_orphaned_hosts=<%= @ng_check_orphaned_hosts %>
check_service_freshness=<%= @ng_check_service_freshness %>
<% if @ng_check_service_freshness == '1' -%>
service_freshness_check_interval=<%= @ng_svc_fresh_check_intval %>
<% end -%>
service_check_timeout_state=<%= @ng_svc_check_timeout_state %>
check_host_freshness=<%= @ng_check_host_freshness %>
<% if @ng_check_host_freshness == '1' -%>
host_freshness_check_interval=<%= @ng_host_fresh_check_intval %>
<% end -%>
additional_freshness_latency=<%= @ng_add_freshness_latency %>
enable_flap_detection=<%= @ng_enable_flap_detection %>
<% if @ng_enable_flap_detection == '1' -%>
low_service_flap_threshold=<%= @ng_low_svc_flap_threshold %>
high_service_flap_threshold=<%= @ng_high_svc_flap_threshold %>
low_host_flap_threshold=<%= @ng_low_h_flap_threshold %>
high_host_flap_threshold=<%= @ng_high_h_flap_threshold %>
<% end -%>
date_format=<%= @ng_date_format %>
<% if @ng_use_timezone_offset == true -%>
use_timezone=<%= @ng_use_timezone %>
<% end -%>
illegal_object_name_chars=<%= @ng_illegal_obj_name_chars %>
illegal_macro_output_chars=<%= @ng_ill_macro_output_chars %>
use_regexp_matching=<%= @ng_use_regexp_matching %>
use_true_regexp_matching=<%= @ng_true_regexp_matching %>
admin_email=<%= @ng_mail_user %>
admin_pager=<%= @ng_page_user %>
daemon_dumps_core=<%= @ng_daemon_dumps_core %>
use_large_installation_tweaks=<%= @ng_use_large_inst_tweaks %>
enable_environment_macros=<%= @ng_enable_env_macros %>
free_child_process_memory=<%= @ng_free_child_process_mem %>
child_processes_fork_twice=<%= @ng_child_proc_fork_twice %>
debug_level=<%= @ng_debug_level %>
debug_verbosity=<%= @ng_debug_verbosity %>
debug_file=<%= @ng_debug_file %>
max_debug_file_size=<%= @ng_max_debug_file_size %>
allow_empty_hostgroup_assignment=<%= @ng_allow_empty_hostgroups %>
<% unless @ng_check_workers.empty? -%>
check_workers=<%= @ng_check_workers %>
<% end -%>
host_down_disable_service_checks=<%= @ng_host_down_svc_checks %>
<% if @ng_enable_load_ctl_options == true -%>
loadctl_options=<%= @ng_loadctl_options %>
<% end -%>

5
templates/nagios/resource_cfg.erb Normal file
View File

@@ -0,0 +1,5 @@
################################################################################
##### resource.cfg created by Puppet | manual changes will be overwritten #####
################################################################################
# $user$ arguments are created below through defines.

3
templates/nagios/resource_cfg_rule.erb Normal file
View File

@@ -0,0 +1,3 @@
# <%= @ng_user_arg_comment %>
$<%= @ng_user_arg_name %>$=<%= @ng_user_arg_value %>

5
templates/nagios/svcgroups_cfg_head.erb Normal file
View File

@@ -0,0 +1,5 @@
###############################################################################
########## nagios_servicegroups_add.cfg created by Puppet ##########
########## manual changes are overwritten! ##########
###############################################################################
# rules are created below by external puppet rules.

6
templates/nagios/svcgroups_cfg_rule.erb Normal file
View File

@@ -0,0 +1,6 @@
define servicegroup {
servicegroup_name <%= @ng_servicegroup_name %>
alias <%= @ng_servicegroup_alias %>
register <%= @ng_servicegroup_register %>
}

5
templates/nagios/templates_cfg_head.erb Normal file
View File

@@ -0,0 +1,5 @@
###############################################################################
### nagios_templates.cfg created by Puppet | manual changes are overwritten!###
###############################################################################
# rules are created below by external puppet rules.

133
templates/nagios/templates_cfg_rule.erb Normal file
View File

@@ -0,0 +1,133 @@
<% if @ng_template_object == 'contact' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
service_notification_period <%= @ng_svc_notification_period %>
host_notification_period <%= @ng_host_notification_period %>
service_notification_options <%= @ng_service_notification_options %>
host_notification_options <%= @ng_host_notification_options %>
service_notification_commands <%= @ng_service_notification_commands %>
host_notification_commands <%= @ng_host_notification_commands %>
register <%= @ng_object_register %>
}
<% elsif @ng_template_object == 'host' -%>
<% if @ng_template_object_name == 'generic-host' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
notifications_enabled <%= @ng_notifications_enabled %>
event_handler_enabled <%= @ng_event_handler_enabled %>
flap_detection_enabled <%= @ng_flap_detection_enabled %>
process_perf_data <%= @ng_process_perf_data %>
retain_status_information <%= @ng_retain_status_information %>
retain_nonstatus_information <%= @ng_retain_nonstatus_information %>
notification_period <%= @ng_notification_period %>
notification_options <%= @ng_host_notification_options %>
register <%= @ng_object_register %>
}
<% end -%>
<% if @ng_template_object_name == 'linux-server' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
use <%= @ng_template_object_use %>
check_period <%= @ng_check_period %>
check_interval <%= @ng_check_interval %>
retry_interval <%= @ng_retry_interval %>
max_check_attempts <%= @ng_ng_max_check_attempts %>
check_command <%= @ng_host_check_command %>
notification_period <%= @ng_notification_period %>
notification_interval <%= @ng_notification_interval %>
notification_options <%= @ng_notification_options %>
contact_groups <%= @ng_contact_groups %>
hostgroups linux-servers
register <%= @ng_object_register %>
}
<% end -%>
<% if @ng_template_object_name == 'windows-server' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
use <%= @ng_template_object_use %>
check_period <%= @ng_check_period %>
check_interval <%= @ng_check_interval %>
retry_interval <%= @ng_retry_interval %>
max_check_attempts <%= @ng_max_check_attempts %>
check_command <%= @ng_host_check_command %>
notification_period <%= @ng_notification_period %>
notification_interval <%= @ng_notification_interval %>
notification_options <%= @ng_notification_options %>
contact_groups <%= @ng_contact_groups %>
hostgroups windows-servers
register <%= @ng_object_register %>
}
<% end -%>
<% if @ng_template_object_name == 'generic_printer' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
use <%= @ng_template_object_use %>
check_period <%= @ng_check_period %>
check_interval <%= @ng_check_interval %>
retry_interval <%= @ng_retry_interval %>
max_check_attempts <%= @ng_max_check_attempts %>
check_command <%= @ng_host_check_command %>
notification_period <%= @ng_notification_period %>
notification_interval <%= @ng_notification_interval %>
notification_options <%= @ng_notification_options %>
contact_groups <%= @ng_contact_groups %>
statusmap_image printer.png
register <%= @ng_object_register %>
}
<% end -%>
<% if @ng_template_object_name == 'generic_switch' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
use <%= @ng_template_object_use %>
check_period <%= @ng_check_period %>
check_interval <%= @ng_check_interval %>
retry_interval <%= @ng_retry_interval %>
max_check_attempts <%= @ng_max_check_attempts %>
check_command <%= @ng_host_check_command %>
notification_period <%= @ng_notification_period %>
notification_interval <%= @ng_notification_interval %>
notification_options <%= @ng_notification_options %>
contact_groups <%= @ng_contact_groups %>
statusmap_image switch.png
register <%= @ng_object_register %>
}
<% end -%>
<% elsif @ng_template_object == 'service' -%>
<% if @ng_template_object_name == 'generic-service' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
active_checks_enabled <%= @ng_active_checks_enabled %>
passive_checks_enabled <%= @ng_passive_checks_enabled %>
parallelize_check <%= @ng_parallelize_check %>
obsess_over_service <%= @ng_obsess_over_service %>
check_freshness <%= @ng_check_freshness %>
notifications_enabled <%= @ng_notifications_enabled %>
event_handler_enabled <%= @ng_event_handler_enabled %>
flap_detection_enabled <%= @ng_flap_detection_enabled %>
process_perf_data <%= @ng_process_perf_data %>
retain_status_information <%= @ng_retain_status_information %>
retain_nonstatus_information <%= @ng_retain_nonstatus_information %>
is_volatile <%= @ng_is_volatile %>
check_period <%= @ng_check_period %>
max_check_attempts <%= @ng_max_check_attempts %>
check_interval <%= @ng_check_interval %>
retry_interval <%= @ng_retry_interval %>
contact_groups <%= @ng_contact_groups %>
notification_options <%= @ng_service_notification_options %>
notification_interval <%= @ng_notification_interval %>
notification_period <%= @ng_notification_period %>
register <%= @ng_object_register %>
}
<% end -%>
<% if @ng_template_object_name == 'local-service' -%>
define <%= @ng_template_object %>{
name <%= @ng_template_object_name %>
use <%= @ng_template_object_use %>
max_check_attempts <%= @ng_max_check_attempts %>
check_interval <%= @ng_check_interval %>
retry_interval <%= @ng_retry_interval %>
register <%= @ng_object_register %>
}
<% end -%>
<% end -%>

5
templates/nagios/timeperiods_cfg_head.erb Normal file
View File

@@ -0,0 +1,5 @@
###############################################################################
########## nagios_timeperiods_add.cfg created by Puppet ##########
########## manual changes are overwritten! ##########
###############################################################################
# rules are created below by external puppet rules.

12
templates/nagios/timeperiods_cfg_rule.erb Normal file
View File

@@ -0,0 +1,12 @@
define timeperiod {
timeperiod_name <%= @ng_timep_name %>
alias <%= @ng_timep_alias %>
monday <%= @ng_timep_monday %>
tuesday <%= @ng_timep_tuesday %>
wednesday <%= @ng_timep_wednesday %>
thursday <%= @ng_timep_thursday %>
friday <%= @ng_timep_friday %>
saturday <%= @ng_timep_saturday %>
sunday <%= @ng_timep_sunday %>
}

1
templates/selinux/checknagios.erb Normal file
View File

@@ -0,0 +1 @@
ausearch -c 'check_nagios' --raw | audit2allow -M my-checknagios

1
templates/selinux/checknrpe.erb Normal file
View File

@@ -0,0 +1 @@
ausearch -c 'check_nrpe' --raw | audit2allow -M my-checknrpe

1
templates/selinux/grep.erb Normal file
View File

@@ -0,0 +1 @@
ausearch -c 'grep' --raw | audit2allow -M my-grep

1
templates/selinux/statuscgi.erb Normal file
View File

@@ -0,0 +1 @@
ausearch -c 'status.cgi' --raw | audit2allow -M my-statuscgi

1
templates/selinux/statusdat.erb Normal file
View File

@@ -0,0 +1 @@
ausearch -c 'httpd' --raw | audit2allow -M my-httpd

1
templates/selinux/taccgi.erb Normal file
View File

@@ -0,0 +1 @@
ausearch -c 'tac.cgi' --raw | audit2allow -M my-taccgi