diff --git a/.gitignore b/.gitignore index a356406..2a1f95d 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ Gemfile.lock FileList .scannerwork +.vscode diff --git a/Jenkinsfile b/Jenkinsfile index ad0a792..17655d3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,7 +1,5 @@ pipeline { - agent { - label 'puppet' - } + agent any post { always { @@ -69,7 +67,7 @@ pipeline { withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) { sh ''' /opt/sonar-scanner/bin/sonar-scanner \ - -Dsonar.projectKey=cd_nrpe \ + -Dsonar.projectKey=confdroid_nrpe \ -Dsonar.sources=. \ -Dsonar.host.url=https://sonarqube.confdroid.com \ -Dsonar.token=$SONAR_TOKEN @@ -90,16 +88,37 @@ pipeline { sh ''' git config user.name "Jenkins Server" git config user.email jenkins@confdroid.com + git rm -r --cached .vscode || echo "No .vscode to remove from git" git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit" - git push -o merge_request.create \ - -o merge_request.target=master \ - -o merge_request.title="Auto-merge for build $BUILD_NUMBER" \ - -o merge_request.description="Automated changes from Jenkins build $BUILD_NUMBER" \ - -o merge_request.merge_when_pipeline_succeeds=true \ - origin jenkins-build-$BUILD_NUMBER + git push origin HEAD:master ''' } } } + + stage('Mirror to Gitea') { + steps { + withCredentials([usernamePassword( + credentialsId: 'Jenkins-gitea', + usernameVariable: 'GITEA_USER', + passwordVariable: 'GITEA_TOKEN')]) { + script { + // Checkout from GitLab (already done implicitly) + sh ''' + git checkout master + git pull origin master + git branch -D development + git branch -D jenkins-build-$BUILD_NUMBER + git rm -f Jenkinsfile + git rm -r --cached .vscode || echo "No .vscode to remove from git" + git commit --amend --no-edit --allow-empty + git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_nrpe.git + git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \ + push master --mirror + ''' + } + } + } + } } } \ No newline at end of file diff --git a/README.md b/README.md index 8918c99..aedea8c 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Readme -[![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_nrpe)](https://jenkins.confdroid.com/job/cd_nrpe/) +[![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=confdroid_nrpe)](https://jenkins.confdroid.com/job/confdroid_nrpe/) [[_TOC_]] @@ -8,7 +8,7 @@ NRPE allows monitoring tools like NAGIOS or ICINGA to connect to clients for monitoring purposes. -`cd_nrpe` is a fully parameterized Puppet module to automate NRPE installation and configuration. +`confdroid_nrpe` is a fully parameterized Puppet module to automate NRPE installation and configuration. ## WARNING @@ -51,7 +51,7 @@ All dependencies must be included in the catalogue. ## Deployment -`cd_nrpe` does typically not need to be specifically declared. It will be auto-required by `cd_nagios` with default settings. Only if you want to override settings declare it specifically. +`confdroid_nrpe` does typically not need to be specifically declared. It will be auto-required by `cd_nagios` with default settings. Only if you want to override settings declare it specifically. * native Puppet deployment @@ -65,7 +65,7 @@ node 'example.example.net' { * through Foreman: -In order to apply parameters through Foreman, **__cd_nrpe::params__** must be added to the host or host group in question, unless the defaults are fully acceptable across the estate. +In order to apply parameters through Foreman, **__confdroid_nrpe::params__** must be added to the host or host group in question, unless the defaults are fully acceptable across the estate. See [more details about class deployment on Confdroid.com](https://confdroid.com/2017/05/deploying-our-puppet-modules/). @@ -78,7 +78,7 @@ The commands are created within `/etc/nrpe.d/command.cfg` , every set of instruc Defining commands is as simple as that: ```ruby -cd_nrpe::commands::definitions { 'check_users': +confdroid_nrpe::commands::definitions { 'check_users': ne_check_cmd => 'check_users', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', } diff --git a/manifests/commands/definition_rules.pp b/manifests/commands/definition_rules.pp index 2c56eb4..3222a7c 100644 --- a/manifests/commands/definition_rules.pp +++ b/manifests/commands/definition_rules.pp @@ -1,19 +1,19 @@ -## cd_nrpe::commands::definition_rules.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) +## confdroid_nrpe::commands::definition_rules.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) # @summary manage command definitions via define and Puppet rules. # @example -# cd_nrpe::commands::definitions { 'check_users': +# confdroid_nrpe::commands::definitions { 'check_users': # ne_check_cmd => 'check_users', # ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', # ne_cmd_comment => 'check the amount of user logged in locally', # } ############################################################################### -class cd_nrpe::commands::definition_rules ( +class confdroid_nrpe::commands::definition_rules ( -) inherits cd_nrpe::params { +) inherits confdroid_nrpe::params { if $ne_manage_cmds == true { - require cd_nrpe::main::files + require confdroid_nrpe::main::files # manage the commands.cfg file @@ -40,28 +40,28 @@ class cd_nrpe::commands::definition_rules ( # basic example rules - cd_nrpe::commands::definitions { 'check_users': + confdroid_nrpe::commands::definitions { 'check_users': ne_check_cmd => 'check_users', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', ne_cmd_comment => 'check the amount of user logged in locally', } - cd_nrpe::commands::definitions { 'check_load': + confdroid_nrpe::commands::definitions { 'check_load': ne_check_cmd => 'check_load', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', } - cd_nrpe::commands::definitions { 'check_disk': + confdroid_nrpe::commands::definitions { 'check_disk': ne_check_cmd => 'check_disk', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$ -p $ARG3$', } - cd_nrpe::commands::definitions { 'check_procs': + confdroid_nrpe::commands::definitions { 'check_procs': ne_check_cmd => 'check_procs', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$ -s $ARG3$', } - cd_nrpe::commands::definitions { 'check_swap': + confdroid_nrpe::commands::definitions { 'check_swap': ne_check_cmd => 'check_swap', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', } diff --git a/manifests/commands/definitions.pp b/manifests/commands/definitions.pp index aecff77..6f54e6d 100644 --- a/manifests/commands/definitions.pp +++ b/manifests/commands/definitions.pp @@ -1,6 +1,6 @@ -## cd_nrpe::commands::definitions.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) +## confdroid_nrpe::commands::definitions.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) # @summary Populate command definitions through external puppet rules, i.e. # from other modules. # @param [String] ne_check_cmd Specify the check_command to use. @@ -13,7 +13,7 @@ # @param [String] ne_cmd_comment Specify an optional comment for your command # definition ############################################################################### -define cd_nrpe::commands::definitions ( +define confdroid_nrpe::commands::definitions ( Optional[String] $ne_check_cmd = undef, String $ne_cmd_path = '/usr/lib64/nagios/plugins/', @@ -21,9 +21,9 @@ define cd_nrpe::commands::definitions ( String $ne_cmd_comment = '', ) { - $ne_cmd_file = $cd_nrpe::params::ne_cmd_file - $ne_cmd_rule_erb = $cd_nrpe::params::ne_cmd_rule_erb - $ne_manage_cmds = $cd_nrpe::params::ne_manage_cmds + $ne_cmd_file = $confdroid_nrpe::params::ne_cmd_file + $ne_cmd_rule_erb = $confdroid_nrpe::params::ne_cmd_rule_erb + $ne_manage_cmds = $confdroid_nrpe::params::ne_manage_cmds if $ne_manage_cmds == true { concat::fragment { $name: diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp index e455f5b..2c3b8cd 100644 --- a/manifests/firewall/iptables.pp +++ b/manifests/firewall/iptables.pp @@ -1,12 +1,12 @@ -## cd_nrpe::firewall::iptables.pp # -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) +## confdroid_nrpe::firewall::iptables.pp # +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) # @summary manage firewall settings through puppetlabs-firewall ############################################################################### -class cd_nrpe::firewall::iptables ( +class confdroid_nrpe::firewall::iptables ( -) inherits cd_nrpe::params { +) inherits confdroid_nrpe::params { if $ne_incl_fw == true { firewall { "${ne_fw_order_no}${ne_nrpe_port} port ${ne_nrpe_port}": # source => $nagios_server, diff --git a/manifests/init.pp b/manifests/init.pp index 95c62f1..c9b2c1f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,8 +1,8 @@ -## cd_nrpe::init.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@confdroid.com) -# @summary Class initializes the cd_nrpe Module. +## confdroid_nrpe::init.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@confdroid.com) +# @summary Class initializes the confdroid_nrpe Module. ############################################################################## -class cd_nrpe { - include cd_nrpe::params +class confdroid_nrpe { + include confdroid_nrpe::params } diff --git a/manifests/main/config.pp b/manifests/main/config.pp index 7a8b14b..eb0c10b 100644 --- a/manifests/main/config.pp +++ b/manifests/main/config.pp @@ -1,11 +1,11 @@ -## cd_nrpe::main::config.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) +## confdroid_nrpe::main::config.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) -# @summary Class manages the module logic for cd_nrpe. +# @summary Class manages the module logic for confdroid_nrpe. ############################################################################## -class cd_nrpe::main::config ( +class confdroid_nrpe::main::config ( -) inherits cd_nrpe::params { - include cd_nrpe::main::service +) inherits confdroid_nrpe::params { + include confdroid_nrpe::main::service } diff --git a/manifests/main/dirs.pp b/manifests/main/dirs.pp index a1b88b8..7008d4a 100644 --- a/manifests/main/dirs.pp +++ b/manifests/main/dirs.pp @@ -1,12 +1,12 @@ -## cd_nrpe::main::dirs.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) -# @summary Class manages all directories required for cd_nrpe. +## confdroid_nrpe::main::dirs.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) +# @summary Class manages all directories required for confdroid_nrpe. ############################################################################### -class cd_nrpe::main::dirs ( +class confdroid_nrpe::main::dirs ( -) inherits cd_nrpe::params { - require cd_nrpe::main::user +) inherits confdroid_nrpe::params { + require confdroid_nrpe::main::user # manage main conf_d_dir diff --git a/manifests/main/files.pp b/manifests/main/files.pp index 2b15587..c03d198 100644 --- a/manifests/main/files.pp +++ b/manifests/main/files.pp @@ -1,12 +1,12 @@ -## cd_nrpe::main::files.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) -# @summary Class manages all configuration files required for cd_nrpe. +## confdroid_nrpe::main::files.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) +# @summary Class manages all configuration files required for confdroid_nrpe. ############################################################################## -class cd_nrpe::main::files ( +class confdroid_nrpe::main::files ( -) inherits cd_nrpe::params { - require cd_nrpe::main::dirs +) inherits confdroid_nrpe::params { + require confdroid_nrpe::main::dirs # manage /etc/nagios/nrpe.cfg diff --git a/manifests/main/install.pp b/manifests/main/install.pp index 6ec5c35..085ccbc 100644 --- a/manifests/main/install.pp +++ b/manifests/main/install.pp @@ -1,12 +1,12 @@ -## cd_nrpe::main::install.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) -# @summary Class manages installing binaries required for cd_nrpe +## confdroid_nrpe::main::install.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) +# @summary Class manages installing binaries required for confdroid_nrpe ############################################################################### -class cd_nrpe::main::install ( +class confdroid_nrpe::main::install ( -) inherits cd_nrpe::params { - require cd_resources +) inherits confdroid_nrpe::params { + require confdroid_resources::main::epel package { $reqpackages: ensure => $pkg_ensure, diff --git a/manifests/main/service.pp b/manifests/main/service.pp index be4c128..11dab6d 100644 --- a/manifests/main/service.pp +++ b/manifests/main/service.pp @@ -1,23 +1,23 @@ -## cd_nrpe::main::service.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) -# @summary Class manages the service(s) for cd_nrpe. +## confdroid_nrpe::main::service.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) +# @summary Class manages the service(s) for confdroid_nrpe. ############################################################################# -class cd_nrpe::main::service ( +class confdroid_nrpe::main::service ( + +) inherits confdroid_nrpe::params { + require confdroid_nrpe::main::files -) inherits cd_nrpe::params { if $ne_incl_fw == true { - require cd_nrpe::firewall::iptables + require confdroid_nrpe::firewall::iptables } - require cd_nrpe::main::files - if $ne_manage_cmds == true { - require cd_nrpe::commands::definition_rules + require confdroid_nrpe::commands::definition_rules } if $ne_include_selinux == true { - require cd_nrpe::selinux::config + require confdroid_nrpe::selinux::config } service { $ne_service: diff --git a/manifests/main/user.pp b/manifests/main/user.pp index 2a7085c..a35c592 100644 --- a/manifests/main/user.pp +++ b/manifests/main/user.pp @@ -1,12 +1,12 @@ -## cd_nrpe::main::user.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) -# @summary Class manages service users for cd_nrpe. +## confdroid_nrpe::main::user.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) +# @summary Class manages service users for confdroid_nrpe. ############################################################################# -class cd_nrpe::main::user ( +class confdroid_nrpe::main::user ( -) inherits cd_nrpe::params { - require cd_nrpe::main::install +) inherits confdroid_nrpe::params { + require confdroid_nrpe::main::install group { $ne_user: ensure => present, diff --git a/manifests/params.pp b/manifests/params.pp index b3ce0d9..0b040f1 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,7 +1,7 @@ -## cd_nrpe::params.pp -# Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) -# @summary Class holds all parameters for the cd_nrpe module and is +## confdroid_nrpe::params.pp +# Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) +# @summary Class holds all parameters for the confdroid_nrpe module and is # inherited by all classes except defines. # @see https://www.nagios.org/documentation/ # @param [String] pkg_ensure @@ -43,10 +43,6 @@ # this version but will be changed in a later version of NRPE. # @param [String] ne_ssl_cacert_file path and name of the ssl certificate # authority (ca) file / chain. must be full path. -# @param [String] ne_ssl_cert_file path and name of the server ssl certificate. -# must include full path. -# @param [String] ne_ssl_privatekey_file path and name of the server ssl -# private key. Must include full path. # @param [String] ne_ssl_client_certs determines client certificate usage. # Values: 0 = Don't ask for or require client certificates # 1 = Ask for client certificates @@ -82,9 +78,9 @@ # @param [Boolean] ne_manage_cmds Whether to manage command rules for NRPE # checks, to allow dynamic check & command rules. ############################################################################### -class cd_nrpe::params ( +class confdroid_nrpe::params ( - String $pkg_ensure = 'latest', + String $pkg_ensure = 'present', Array $reqpackages = ['nrpe','nrpe-selinux'], Boolean $ne_manage_cmds = true, @@ -104,7 +100,7 @@ class cd_nrpe::params ( String $ne_nrpe_port = '5666', String $ne_server_address = '0.0.0.0', String $ne_listen_queue_size = '5', - String $ne_nagios_server = $::nagios_server, + String $ne_nagios_server = 'nagios.example.net', String $ne_dont_blame_nrpe = '1', String $ne_allow_bash_cmd_subst = '1', Boolean $ne_allow_sudo = true, @@ -117,8 +113,6 @@ class cd_nrpe::params ( String $ne_ssl_use_adh = '1', String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH', String $ne_ssl_cacert_file = '/etc/pki/tls/certs/ca-chain.crt.pem', - String $ne_ssl_cert_file = "/etc/pki/tls/certs/${::fqdn}.crt.pem", - String $ne_ssl_privatekey_file = "/etc/pki/tls/private/${::fqdn}.key.pem", String $ne_ssl_client_certs = '2', String $ne_ssl_logging = '0x00', Array $ne_nasty_metachars = ["|`&><'\\[]{};\r\n"], @@ -135,6 +129,12 @@ class cd_nrpe::params ( Boolean $ne_include_selinux = true, ) { +# Default facts + $fqdn = $facts['networking']['fqdn'] + $domain = $facts['networking']['domain'] + $os_name = $facts['os']['name'] + $os_release = $facts['os']['release']['major'] + # service $ne_service = 'nrpe' @@ -144,22 +144,24 @@ class cd_nrpe::params ( # files $ne_main_conf_file = '/etc/nagios/nrpe.cfg' - $ne_main_conf_erb = 'cd_nrpe/nrpe_cfg.erb' + $ne_main_conf_erb = 'confdroid_nrpe/nrpe_cfg.erb' $ne_nrpe_pid_file = "${ne_run_dir}/nrpe.pid" $ne_nrpe_conf_file = '/etc/sysconfig/nrpe' - $ne_nrpe_conf_erb = 'cd_nrpe/nrpe_conf.erb' + $ne_nrpe_conf_erb = 'confdroid_nrpe/nrpe_conf.erb' $ne_cmd_file = "${ne_main_conf_d_dir}/commands.cfg" - $ne_cmd_head_erb = 'cd_nrpe/cmd_head.erb' - $ne_cmd_rule_erb = 'cd_nrpe/cmd_rule.erb' + $ne_cmd_head_erb = 'confdroid_nrpe/cmd_head.erb' + $ne_cmd_rule_erb = 'confdroid_nrpe/cmd_rule.erb' $ne_sudo_file = '/etc/sudoers.d/nagios_sudo' - $ne_sudo_rule_erb = 'cd_nrpe/sudo_rule.erb' + $ne_sudo_rule_erb = 'confdroid_nrpe/sudo_rule.erb' $ne_nrpe_te_file = "${ne_main_conf_d_dir}/nrpe.te" - $ne_nrpe_te_erb = 'cd_nrpe/nrpe.te.erb' + $ne_nrpe_te_erb = 'confdroid_nrpe/nrpe.te.erb' $ne_nrpe_mod_file = "${ne_main_conf_d_dir}/nrpe.mod" - $ne_checkmodule_nrpe_erb = 'cd_nrpe/checkmodule_nrpe.erb' + $ne_checkmodule_nrpe_erb = 'confdroid_nrpe/checkmodule_nrpe.erb' $ne_nrpe_pp_file = "${ne_main_conf_d_dir}/nrpe.pp" - $ne_semodule_erb = 'cd_nrpe/semodule_nrpe.erb' + $ne_semodule_erb = 'confdroid_nrpe/semodule_nrpe.erb' + $ne_ssl_cert_file = "/etc/pki/tls/certs/${fqdn}.crt.pem" + $ne_ssl_privatekey_file = "/etc/pki/tls/private/${fqdn}.key.pem" # includes must be last - include cd_nrpe::main::config + include confdroid_nrpe::main::config } diff --git a/manifests/selinux/config.pp b/manifests/selinux/config.pp index 59a2138..21ace2f 100644 --- a/manifests/selinux/config.pp +++ b/manifests/selinux/config.pp @@ -1,10 +1,10 @@ -## cd_nrpe::selinux::config.pp # Module name: cd_nrpe -# Author: Arne Teuke (arne_teuke@ConfDroid.com) +## confdroid_nrpe::selinux::config.pp # Module name: confdroid_nrpe +# Author: 12ww1160 (12ww1160@ConfDroid.com) # @summary Class manages all aspects of configuring selinux for NRPE. ############################################################################## -class cd_nrpe::selinux::config ( +class confdroid_nrpe::selinux::config ( -) inherits cd_nrpe::params { +) inherits confdroid_nrpe::params { if $ne_include_selinux == true { # manage allow nagios sudo