From f7087950c38297d80549c52bf24a7c70d3583ad4 Mon Sep 17 00:00:00 2001
From: 12ww1160 <12ww1160@confdroid.com>
Date: Sat, 14 Mar 2026 13:18:54 +0100
Subject: [PATCH] OP#493 remove LB balancer option as that has been moved to
 confdroid_apache

---
 README.md                                |  1 -
 manifests/params.pp                      |  7 -------
 manifests/server/files.pp                | 15 ---------------
 templates/loadbalancer/remoteip.conf.erb | 12 ------------
 4 files changed, 35 deletions(-)
 delete mode 100644 templates/loadbalancer/remoteip.conf.erb

diff --git a/README.md b/README.md
index e0a8fc0..a59e3ac 100644
--- a/README.md
+++ b/README.md
@@ -50,7 +50,6 @@ At this stage, the module is being redeveloped and being built to the latest sta
 - configures the main nagios configuration file and sets values as (pre)configured per values in params, which can be overwritten.
 - if `ng_include_nrpe`is set to `true`, the confdroid_nrpe module is automatically applied on clients ([confdroid_nrpe](https://sourcecode.confdroid.com/confdroid/confdroid_nrpe) must be in the catalogue then)
 - if `ng_enable_fail2ban`is set to `true`, a fail2ban jail and filter will be added for the Nagios service (requires confdroid_fail2ban).
-- manage remoteIP logging if running behind a Loadbalancer like HAproxy: if `ng_use_lb` is set to `true`, a configuration file `etc/httpd/conf.d/loadbalancer-remoteip.conf`is created and configures apache/httpd to use the remote header. This allows proper fail2ban protection even behind the Loadbalancer. Make sure to set `ng_trusted_proxy`to the proper IP or range for the loadbalancer!
 
 ## Repo Documentation
 
diff --git a/manifests/params.pp b/manifests/params.pp
index df5d2ca..71f9a6b 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -441,10 +441,6 @@
 #   in fail2ban. Default is '3600'.
 # @param [String] ng_fail2ban_ignoreip A comma-separated list of IP addresses 
 #   to ignore in fail2ban. Default is '127.0.0.1/8 ::1 192.168.1.0/24'.
-# @param [Boolean] ng_use_lb Whether to use load balancing for the Nagios server. 
-#   Default is false.
-# @param [String] ng_trusted_proxy The IP address of the trusted proxy to access 
-#   the Nagios server. Default is '10.0.0.10'.
 ###############################################################################
 class confdroid_nagios::params (
 
@@ -462,8 +458,6 @@ class confdroid_nagios::params (
   String $ng_user                       = 'nagios',
   Boolean $ng_enable_target             = true,
   Boolean $ng_purge_target              = true,
-  Boolean $ng_use_lb                    = false,
-  String $ng_trusted_proxy              = '10.0.0.10',
 
 # contact groups
   String $ng_contactgroup_name          = 'admins',
@@ -734,7 +728,6 @@ class confdroid_nagios::params (
   $ng_nagios_cfg_erb          = 'confdroid_nagios/nagios/nagios_cfg.erb'
   $ng_cgi_cfg_file            = "${ng_main_dir}/cgi.cfg"
   $ng_cgi_cfg_erb             = 'confdroid_nagios/nagios/cgi_cfg.erb'
-  $ng_remoteip_file           = '/etc/httpd/conf.d/loadbalancer-remoteip.conf'
 
 # nagios
   $ng_target_templates        = "${ng_conf_d_dir}/nagios_templates.cfg"
diff --git a/manifests/server/files.pp b/manifests/server/files.pp
index 0ca6a1c..9feef19 100644
--- a/manifests/server/files.pp
+++ b/manifests/server/files.pp
@@ -44,20 +44,5 @@ class confdroid_nagios::server::files (
       seltype  => nagios_var_run_t,
       seluser  => system_u,
     }
-
-    if $ng_use_lb == true {
-      file { $ng_remoteip_file:
-        ensure   => file,
-        owner    => 'root',
-        group    => 'root',
-        mode     => '0644',
-        selrange => s0,
-        selrole  => object_r,
-        seltype  => httpd_conf_t,
-        seluser  => system_u,
-        content  => template('confdroid_nagios/loadbalancer/remoteip.conf.erb'),
-        notify   => Service['httpd'],
-      }
-    }
   }
 }
diff --git a/templates/loadbalancer/remoteip.conf.erb b/templates/loadbalancer/remoteip.conf.erb
deleted file mode 100644
index a4cc74a..0000000
--- a/templates/loadbalancer/remoteip.conf.erb
+++ /dev/null
@@ -1,12 +0,0 @@
-###############################################################################
-##########    parameterized remoteip config created by Puppet        ##########
-##########      manual changes will be overwritten !!!               ##########
-###############################################################################
-
-RemoteIPHeader X-Forwarded-For
-RemoteIPTrustedProxy <%= @ng_trusted_proxy %>
-RemoteIPInternalProxy <%= @ng_trusted_proxy %>
-
-# mod_remoteip rewrites client address for %a; use it in common/combined logs.
-LogFormat "%a %l %u %t \"%r\" %>s %b" common
-LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined