confdroid/confdroid_nrpe
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

OP#421 update Readme

Browse Source
This commit is contained in:
Arne Teuke
2026-02-13 16:44:17 +01:00
parent 4c86b77b5d
commit 7ceaaa0d42
4 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.puppet-lint.rc Normal file
View File

@@ -0,0 +1 @@
--no-variable_scope-check

4
README.md
View File

@@ -40,11 +40,11 @@ NRPE allows monitoring tools like NAGIOS or ICINGA to connect to clients for mon
* nrpe.cfg * nrpe.cfg
* manage sudo role for nagios user on NRPE clients * manage sudo role for nagios user on NRPE clients
* manage dynamic NRPE check command definitions * manage dynamic NRPE check command definitions
* manage iptables (optional). set `ne_incl_fw`to `true`. Specify a custom value to `ne_nagios_source` for the nagior server IP or range. * manage iptables (optional). set `ne_incl_fw`to `true`.
* manage selinux rule exceptions (optional) * manage selinux rule exceptions (optional)
* manage NRPE service * manage NRPE service
> Note: The value for the `nagios_server` variable is derived from a global paraneter set in Foreman (`nagios_server`), because the paremeter is used across multiple modules. You need to set that manually in Foreman under "Global Parameters". > Note: The value for the `nagios_server` variable is derived from a global paraneter set in Foreman (`nagios_server`), because the paremeter is used across multiple modules. You need to set that manually in Foreman under "Global Parameters". Same for `nagios_source`, the value for the firewall source.
## Repo Documentation ## Repo Documentation

2
manifests/firewall/iptables.pp
View File

@@ -9,7 +9,7 @@ class confdroid_nrpe::firewall::iptables (
) inherits confdroid_nrpe::params { ) inherits confdroid_nrpe::params {
if $ne_incl_fw == true { if $ne_incl_fw == true {
firewall { "${ne_fw_order_no}${ne_nrpe_port} port ${ne_nrpe_port}": firewall { "${ne_fw_order_no}${ne_nrpe_port} port ${ne_nrpe_port}":
source => $ne_nagios_source, source => $nagios_source,
proto => 'tcp', proto => 'tcp',
dport => $ne_nrpe_port, dport => $ne_nrpe_port,
jump => 'accept', jump => 'accept',

5
manifests/params.pp
View File

@@ -74,9 +74,6 @@
# @param [Array] reqpackages which packages to install # @param [Array] reqpackages which packages to install
# @param [Boolean] ne_manage_cmds Whether to manage command rules for NRPE # @param [Boolean] ne_manage_cmds Whether to manage command rules for NRPE
# checks, to allow dynamic check & command rules. # checks, to allow dynamic check & command rules.
# @param [String] ne_nagios_source the source address for the firewall rule.
# Adjust to your environment if needed. Default is '0.0.0.0/0' to allow
# all sources, but it is recommended to specify the nagios server IP or subnet.
############################################################################### ###############################################################################
class confdroid_nrpe::params ( class confdroid_nrpe::params (
@@ -123,7 +120,6 @@ class confdroid_nrpe::params (
# firewall # firewall
Boolean $ne_incl_fw = true, Boolean $ne_incl_fw = true,
String $ne_fw_order_no = '50', String $ne_fw_order_no = '50',
String $ne_nagios_source = '0.0.0.0/0',
# selinux # selinux
Boolean $ne_include_selinux = true, Boolean $ne_include_selinux = true,
@@ -135,6 +131,7 @@ class confdroid_nrpe::params (
$os_name = $facts['os']['name'] $os_name = $facts['os']['name']
$os_release = $facts['os']['release']['major'] $os_release = $facts['os']['release']['major']
$nagios_server = $facts['nagios_server'] $nagios_server = $facts['nagios_server']
$nagios_source = $facts['nagios_source']
# service # service
$ne_service = 'nrpe' $ne_service = 'nrpe'