From a6974bf41b23de45110075d68d1f38a65677b715 Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:42:50 +0100
Subject: [PATCH 1/8] included service and pointed to files

---
 README.md                   |   9 ++-
 manifests/main/config.pp    |   2 +-
 manifests/main/dirs.pp      |  56 +++++++++++++++++++
 manifests/main/files.pp     |  44 +++++++++++++++
 manifests/main/service.pp   |  37 +++++++++++++
 manifests/params.pp         | 107 +++++++++++++++++++++++++++++++++++-
 templates/nrpe_cfg_head.erb |  59 ++++++++++++++++++++
 7 files changed, 309 insertions(+), 5 deletions(-)
 create mode 100644 manifests/main/dirs.pp
 create mode 100644 manifests/main/files.pp
 create mode 100644 manifests/main/service.pp
 create mode 100644 templates/nrpe_cfg_head.erb

diff --git a/README.md b/README.md
index 5ddc9ef..188d2c3 100644
--- a/README.md
+++ b/README.md
@@ -30,10 +30,12 @@ NRPE allows monitoring tools like NAGIOS or ICINGA to connect to clients for mon
 
 ### Features
 INSTALLATION
-* install binaries
+* install nrpe binaries
 
 CONFIGURATION
+* manage NRPE service user properties
 * manage directory structure (file system permissions, selinux context)
+*
 
 SERVICE
 
@@ -44,8 +46,11 @@ Repostructure has moved to REPOSTRUCTURE.md in repo.
 All dependencies must be included in the catalogue.
 
 * [cd_resources](https://gitlab.puppetsoft.com/12WW1160/cd_resources) to manage YUM repositories.
+* [cd_stdlib](https://gitlab.puppetsoft.com/12WW1160/cd_stdlib) or [puppetlabs stdlib](https://github.com/puppetlabs/puppetlabs-stdlib) to facilitate concat
+* [cd_concat](https://gitlab.puppetsoft.com/12WW1160/cd_stdlib)  or [puppetlabs concat](https://github.com/puppetlabs/puppetlabs-concat) for concatenating files
 
 ### Deployment
+`cd_nrpe` does typically not need to be specifically declared. It will be auto-required by `cd_nagios` with default settings. Only if you want to override settings declare it specifically.
 
 ##### native Puppet deployment
 
@@ -57,7 +62,7 @@ node 'example.example.net' {
 }
 ```
 #### through Foreman:
-In order to apply parameters through Foreman, **__cd_nrpe::params__** must be added to the host or hostgroup in question.
+In order to apply parameters through Foreman, **__cd_nrpe::params__** must be added to the host or hostgroup in question, unless the defaults are fully acceptable across the estate.
 
 See [more details about class deployment on Confdroid.com](https://confdroid.com/2017/05/deploying-our-puppet-modules/).
 
diff --git a/manifests/main/config.pp b/manifests/main/config.pp
index 10a358b..5de9f5c 100644
--- a/manifests/main/config.pp
+++ b/manifests/main/config.pp
@@ -26,6 +26,6 @@ class cd_nrpe::main::config (
 
 ) inherits cd_nrpe::params {
 
-  include cd_nrpe::main::user
+  include cd_nrpe::main::service
 
 }
diff --git a/manifests/main/dirs.pp b/manifests/main/dirs.pp
new file mode 100644
index 0000000..cf50cee
--- /dev/null
+++ b/manifests/main/dirs.pp
@@ -0,0 +1,56 @@
+## cd_nrpe::main::dirs.pp
+# Module name: cd_nrpe
+# Author: Arne Teuke (arne_teuke@ConfDroid.com)
+# # License:
+#    This file is part of cd_nrpe.
+#
+#    cd_nrpe is used for providing automatic configuration of
+#    <service / purpose>
+#    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# @summary Class manages all directories required for cd_nrpe.
+###############################################################################
+class cd_nrpe::main::dirs (
+
+) inherits cd_nrpe::params {
+
+  require cd_nrpe::main::user
+
+  # manage main conf_d_dir
+
+  file { $ne_main_conf_d_dir:
+    ensure    =>  directory,
+    path      =>  $ne_main_conf_d_dir,
+    owner     =>  'root',
+    group     =>  'root',
+    mode      =>  '0755',
+    selrange  =>  s0,
+    selrole   =>  object_r,
+    seltype   =>  etc_t,
+    seluser   =>  system_u,
+  }
+
+  file { $ne_run_dir:
+    ensure    =>  directory,
+    path      =>  $ne_run_dir,
+    owner     =>  $ne_user,
+    group     =>  $ne_user,
+    mode      =>  '0755',
+    selrange  =>  s0,
+    selrole   =>  object_r,
+    seltype   =>  var_run_t,
+    seluser   =>  system_u,
+  }
+
+}
diff --git a/manifests/main/files.pp b/manifests/main/files.pp
new file mode 100644
index 0000000..cc817b8
--- /dev/null
+++ b/manifests/main/files.pp
@@ -0,0 +1,44 @@
+## cd_nrpe::main::files.pp
+# Module name: cd_nrpe
+# Author: Arne Teuke (arne_teuke@ConfDroid.com)
+# # License:
+#    This file is part of cd_nrpe.
+#
+#    cd_nrpe is used for providing automatic configuration of
+#    <service / purpose>
+#    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# @summary  Class manages all configuration files required for cd_nrpe.
+##############################################################################
+class cd_nrpe::main::files (
+
+) inherits cd_nrpe::params {
+
+  require cd_nrpe::main::dirs
+
+  file { $ne_main_conf_file:
+    ensure    =>  file,
+    path      =>  ne_main_conf_file,
+    owner     =>  'root',
+    group     =>  'root',
+    mode      =>  '0640',
+    selrange  =>  s0,
+    selrole   =>  object_r,
+    seltype   =>  nrpe_etc_t,
+    seluser   =>  system_u,
+    content   =>  template($ne_main_conf_file),
+    notify    =>  Service[$ne_service],
+  }
+
+}
diff --git a/manifests/main/service.pp b/manifests/main/service.pp
new file mode 100644
index 0000000..782b110
--- /dev/null
+++ b/manifests/main/service.pp
@@ -0,0 +1,37 @@
+## cd_nrpe::main::service.pp
+# Module name: cd_nrpe
+# Author: Arne Teuke (arne_teuke@ConfDroid.com)
+# # License:
+#    This file is part of cd_nrpe.
+#
+#    cd_nrpe is used for providing automatic configuration of
+#    <service / purpose>
+#    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# @summary  Class manages the service(s) for cd_nrpe.
+#############################################################################
+class cd_nrpe::main::service (
+
+) inherits cd_nrpe::params {
+
+  require cd_nrpe::main::files
+
+  service { $ne_service:
+    ensure      => running,
+    hasstatus   => true,
+    hasrestart  => true,
+    enable      => true,
+  }
+
+}
diff --git a/manifests/params.pp b/manifests/params.pp
index 35343cf..0c8add9 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -24,7 +24,66 @@
 # @param  [string] pkg_ensure
 #   which [package type](https://confdroid.com/2017/05/puppet-type-package/)
 #   to choose, i.e. `latest` or `present`.
-##############################################################################
+# @param  [string] ne_log_facility the log facility to use.
+# @param  [string] ne_log_file If a log file is specified in this option,
+#   nrpe will write to that file instead of using syslog. i.e. /var/run/nrpe.log
+# @param  [string] ne_debug Whether debugging messages are logged to the
+#   syslog facility.
+# @param  [string]  ne_nrpe_port the NRPE port. used in firewall ( optional)
+#   and configuration file.
+# @param  [string] ne_listen_queue_size  Listen queue size (backlog) for
+#   serving incoming connections.
+# @param  [string] ne_nagios_server ipaddress of the nagios server to be allowed
+#   to connect to NRPE service. Default is to look up a global parameter from
+#   ENC.
+# @param  [string]  ne_dont_blame_nrpe whether or not the NRPE daemon will
+#   allow clients to specify arguments to commands that are executed.
+# @param  [string] ne_allow_bash_cmd_subst whether or not the NRPE daemon will
+#   allow clients to specify arguments that contain bash command substitutions
+#   of the form $(...).
+# @param  [boolean] ne_allow_sudo Whether to allow sudo access. used in nrpe.cfg
+#   as well as for creating a sudo role.
+# @param  [string] command_prefix allows you to prefix all commands with a
+#   user-defined string.
+# @param  [string]  ne_incl_fw Whether to include firewall rules
+# @param  [string] ne_command_timeout maximum number of seconds that the NRPE
+#   daemon will allow plugins to finish executing before killing them off.
+# @param  [string] ne_connection_timeout maximum number of seconds that the
+#   NRPE daemon will wait for a connection to be established before exiting.
+# @param  [string] ne_ssl_version These directives allow you to specify how to
+#   use SSL/TLS.
+# @param  [string] ne_ssl_use_adh This is for backward compatibility and is
+#   DEPRECATED. Set to 1 to enable ADH or 2 to require ADH. 1 is currently the
+#   default but will be changed in a later version.
+# @param  [string] ne_ssl_cipher_list ciphers can be used. For backward
+#   compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
+#   this version but will be changed in a later version of NRPE.
+# @param  [string] ne_ssl_cacert_file path and name of the ssl certificate
+#   authority  ( ca) file / chain. must be full path.
+# @param  [string] ne_ssl_cert_file path and name of the server ssl certificate.
+#   must include full path.
+# @param  [string] ne_ssl_privatekey_filepath and name of the server ssl
+#   private key.  Must include full path.
+# @param  [string] ne_ssl_client_certs determines client certificate usage.
+#   Values: 0 = Don't ask for or require client certificates
+#   1 = Ask for client certificates
+#   2 = Require client certificates
+# @param  [string] ne_ssl_logging determines which SSL messages are send to
+#   syslog. OR values together to specify multiple options.
+#   Values: 0x00 (0) = No additional logging (default)
+#   0x01 (1) = Log startup SSL/TLS parameters
+#   0x02 (2) = Log remote IP address
+#   0x04 (4) = Log SSL/TLS version of connections
+#   0x08 (8) = Log which cipher is being used for the connection
+#   0x10 (16) = Log if client has a certificate
+#   0x20 (32) = Log details of client's certificate if it has one
+#   -1 or 0xff or 0x2f = All of the above
+# @param  [string] ne_nasty_metachars  list of characters that cannot
+# be passed to the NRPE daemon.
+# @param  [string] ne_include_file include definitions from an external
+#   config file.
+# @param  [string] ne_include_dir
+###############################################################################
 class cd_nrpe::params (
 
 $pkg_ensure                 = 'latest',
@@ -33,10 +92,42 @@ $pkg_ensure                 = 'latest',
 $ne_user                    = 'nrpe',
 $ne_user_comment            = 'NRPE service user',
 $ne_user_uid                = '1005',
-$ne_user_home               = '/var/run/nagios',
+$ne_user_home               = '/var/run/nrpe',
 $ne_user_groups             = undef,
 $ne_user_shell              = '/sbin/nologin',
 
+# nrpe.cfg
+$ne_log_facility            = 'daemon'
+$ne_log_file                = '',
+$ne_debug                   = '0',
+$ne_nrpe_port               = '5666',
+$ne_server_address          = '127.0.0.1',
+$ne_listen_queue_size       = '5',
+$ne_nagios_server           = $::nagios_server,
+$ne_dont_blame_nrpe         = '1',
+$ne_allow_bash_cmd_subst    = '1',
+$ne_allow_sudo              = true,
+$ne_command_prefix          = '/usr/bin/sudo',
+$ne_command_timeout         = '60',
+$ne_connection_timeout      = '300',
+$ne_allow_weak_rnd_seed     = '1',
+$ne_ssl_version             = 'TLSv1.1+',
+$ne_ssl_use_adh             = '1',
+$ne_ssl_cipher_list         = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
+$ne_ssl_cacert_file         = '/etc/pki/tls/certs/ca-chain.crt.pem',
+$ne_ssl_cert_file           = "/etc/pki/tls/certs/${::fqdn}.crt.pem",
+$ne_ssl_privatekey_file     = "/etc/pki/tls/private/${::fqdn}.key.pem",
+$ne_ssl_client_certs        = '2',
+$ne_ssl_logging             = '0x00',
+$ne_nasty_metachars         = '\"|`&><\'\\[]{};\r\n\"',
+$ne_include_file            = '',
+
+
+# firewall
+$ne_incl_fw                 = true,
+
+
+
 ) {
 
 # installation section
@@ -44,6 +135,18 @@ $reqpackages  = $::operatingsystem ? {
     /(?i-mx:centos|fedora|redhat)/ => ['nrpe'],
   }
 
+# service
+$ne_service                 = 'nrpe'
+
+# directories
+$ne_main_conf_d_dir         = '/etc/nrpe.d'
+$ne_run_dir                 = '/var/run/nrpe'
+
+# files
+$ne_main_conf_file          = '/etc/nagios/nrpe.cfg'
+$ne_nrpe_conf_head_erb      = 'cd_nrpe/nrpe_cfg_head.erb'
+$ne_nrpe_pid_file           = "${ne_run_dir}/nrpe.pid"
+
 # includes must be last
 
   include cd_nrpe::main::config
diff --git a/templates/nrpe_cfg_head.erb b/templates/nrpe_cfg_head.erb
new file mode 100644
index 0000000..896d7e8
--- /dev/null
+++ b/templates/nrpe_cfg_head.erb
@@ -0,0 +1,59 @@
+################################################################################
+##########                nrpe.cfg managed by Puppet                  ##########
+##########            manual changes will be overwritten !!!          ##########
+################################################################################
+##########          full reference is available at                    ##########
+##########      https://confdroid.com/2017/07/nrpe-nrpe-cfg/          ##########
+################################################################################
+
+log_facility=<%= @ne_log_facility %>
+
+<% unless @ne_log_file.empty ? %>
+log_file=<%= @ne_log_file %>
+<% end %>
+
+debug=<%= @ne_debug %>
+
+pid_file=<% @ne_nrpe_pid_file %>
+server_port=<%= @ne_nrpe_port %>
+
+server_address=<%= @ne_server_address %>
+listen_queue_size=<%= @ne_listen_queue_size %>
+
+nrpe_user=<%= @ne_user %>
+nrpe_group=<%= @ne_user %>
+
+allowed_hosts=127.0.0.1,::1,<%= @ne_nagios_server %>
+dont_blame_nrpe=<%= @ne_dont_blame_nrpe %>
+allow_bash_command_substitution=<%= @ne_allow_bash_cmd_subst %>
+
+<%= if @$ne_allow_sudo == true %>
+command_prefix=<%= @ne_command_prefix %>
+<% end %>
+
+command_timeout=<%= @ne_command_timeout %>
+connection_timeout=<%= @ne_connection_timeout %>
+
+allow_weak_random_seed=<%= @ne_allow_weak_rnd_seed %>
+
+ssl_version=<%= @ne_ssl_version %>
+ssl_use_adh=<%= @ne_ssl_use_adh %>
+ssl_cipher_list=<%= @ne_ssl_cipher_list %>
+
+ssl_cacert_file=<%= @ne_ssl_cacert_file %>
+ssl_cert_file=<%= @ne_ssl_cert_file %>
+ssl_privatekey_file=<%= @ne_ssl_privatekey_file %>
+
+ssl_client_certs=<%= @ne_ssl_client_certs %>
+ssl_logging=<%= @ne_ssl_logging %>
+
+nasty_metachars=<$= @ne_nasty_metachars  %>
+
+<% unless @ne_include_file.empty? %>
+include=<%= @ne_include_file %>
+<% end %>
+
+include_dir=<%= @ne_main_conf_d_dir  %>
+
+### command definitions have been moved to include_dir for easier external
+#   management

From cd81ff2a9cb05efe950241696df62acf9cb1d70a Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:49:02 +0100
Subject: [PATCH 2/8] included firewall

---
 manifests/firewall/iptables.pp | 35 ++++++++++++++++++++++++++++++++++
 manifests/main/config.pp       |  3 +--
 manifests/main/dirs.pp         |  3 +--
 manifests/main/files.pp        |  3 +--
 manifests/main/install.pp      |  3 +--
 manifests/main/service.pp      |  7 +++++--
 manifests/main/user.pp         |  3 +--
 manifests/params.pp            |  7 ++++---
 8 files changed, 49 insertions(+), 15 deletions(-)
 create mode 100644 manifests/firewall/iptables.pp

diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp
new file mode 100644
index 0000000..6d6b767
--- /dev/null
+++ b/manifests/firewall/iptables.pp
@@ -0,0 +1,35 @@
+## cd_nrpe::firewall::iptables.pp
+# Module name: cd_nrpe
+# Author: Arne Teuke (arne_teuke@ConfDroid.com)
+# # License:
+#    This file is part of cd_nrpe.
+#
+#    cd_nrpe is used for providing automatic configuration of NRPE.
+#    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# @summary manage firewall settings through cd_firewall or puppetlabs-firewall
+###############################################################################
+class cd_nrpe::firewall::iptables (
+
+) inherits cd_nrpe::params {
+
+  if $ne_incl_fw == true {
+
+    firewall { "${ne_fw_order_no}${ne_nrpe_port} tcp ${ne_nrpe_port}":
+      proto   => ['tcp','udp'],
+      dport   => $ne_nrpe_port',
+      action  => 'accept',
+    }
+  }
+}
diff --git a/manifests/main/config.pp b/manifests/main/config.pp
index 5de9f5c..c703487 100644
--- a/manifests/main/config.pp
+++ b/manifests/main/config.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
diff --git a/manifests/main/dirs.pp b/manifests/main/dirs.pp
index cf50cee..5e7ef09 100644
--- a/manifests/main/dirs.pp
+++ b/manifests/main/dirs.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
diff --git a/manifests/main/files.pp b/manifests/main/files.pp
index cc817b8..19b999d 100644
--- a/manifests/main/files.pp
+++ b/manifests/main/files.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
diff --git a/manifests/main/install.pp b/manifests/main/install.pp
index 9c912c6..1fd4d68 100644
--- a/manifests/main/install.pp
+++ b/manifests/main/install.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
diff --git a/manifests/main/service.pp b/manifests/main/service.pp
index 782b110..dcfcc70 100644
--- a/manifests/main/service.pp
+++ b/manifests/main/service.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
@@ -25,6 +24,10 @@ class cd_nrpe::main::service (
 
 ) inherits cd_nrpe::params {
 
+  if $ne_incl_fw == true  {
+    require cd_nrpe::firewall::iptables
+  }
+
   require cd_nrpe::main::files
 
   service { $ne_service:
diff --git a/manifests/main/user.pp b/manifests/main/user.pp
index dc8e409..0544328 100644
--- a/manifests/main/user.pp
+++ b/manifests/main/user.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
diff --git a/manifests/params.pp b/manifests/params.pp
index 0c8add9..74f271d 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -4,8 +4,7 @@
 # # License:
 #    This file is part of cd_nrpe.
 #
-#    cd_nrpe is used for providing automatic configuration of
-#    <service / purpose>
+#    cd_nrpe is used for providing automatic configuration of NRPE.
 #    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
@@ -83,6 +82,8 @@
 # @param  [string] ne_include_file include definitions from an external
 #   config file.
 # @param  [string] ne_include_dir
+# @param  [string] ne_fw_order_no ordering prefix for he firewall rules. Adjust
+#   to yoru environment if needed.
 ###############################################################################
 class cd_nrpe::params (
 
@@ -125,7 +126,7 @@ $ne_include_file            = '',
 
 # firewall
 $ne_incl_fw                 = true,
-
+$ne_fw_order_no             = '50',
 
 
 ) {

From 8b6098704e8fcde56b4b3877752be6f2e82c25e3 Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:49:54 +0100
Subject: [PATCH 3/8] syntax

---
 manifests/params.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/params.pp b/manifests/params.pp
index 74f271d..2befa42 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -98,7 +98,7 @@ $ne_user_groups             = undef,
 $ne_user_shell              = '/sbin/nologin',
 
 # nrpe.cfg
-$ne_log_facility            = 'daemon'
+$ne_log_facility            = 'daemon',
 $ne_log_file                = '',
 $ne_debug                   = '0',
 $ne_nrpe_port               = '5666',

From 23ae33df2a31c0be3d8161c489a9e57de5b4e4dc Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:52:39 +0100
Subject: [PATCH 4/8] syntax

---
 manifests/commands/definitions.pp | 27 +++++++++++++++++++++++++++
 manifests/firewall/iptables.pp    |  2 +-
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 manifests/commands/definitions.pp

diff --git a/manifests/commands/definitions.pp b/manifests/commands/definitions.pp
new file mode 100644
index 0000000..7834831
--- /dev/null
+++ b/manifests/commands/definitions.pp
@@ -0,0 +1,27 @@
+## cd_nrpe::commands::definitions.pp
+# Module name: cd_nrpe
+# Author: Arne Teuke (arne_teuke@ConfDroid.com)
+# # License:
+#    This file is part of cd_nrpe.
+#
+#    cd_nrpe is used for providing automatic configuration of NRPE.
+#    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# @summary manage firewall settings through cd_firewall or puppetlabs-firewall
+###############################################################################
+define cd_nrpe::commands::definitions (
+
+) {
+  
+}
diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp
index 6d6b767..7341a94 100644
--- a/manifests/firewall/iptables.pp
+++ b/manifests/firewall/iptables.pp
@@ -28,7 +28,7 @@ class cd_nrpe::firewall::iptables (
 
     firewall { "${ne_fw_order_no}${ne_nrpe_port} tcp ${ne_nrpe_port}":
       proto   => ['tcp','udp'],
-      dport   => $ne_nrpe_port',
+      dport   => $ne_nrpe_port,
       action  => 'accept',
     }
   }

From a8e9b704b1c943930ed13f32a117296246c1dccc Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:54:28 +0100
Subject: [PATCH 5/8] syntax

---
 templates/nrpe_cfg_head.erb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates/nrpe_cfg_head.erb b/templates/nrpe_cfg_head.erb
index 896d7e8..8b4d6eb 100644
--- a/templates/nrpe_cfg_head.erb
+++ b/templates/nrpe_cfg_head.erb
@@ -8,7 +8,7 @@
 
 log_facility=<%= @ne_log_facility %>
 
-<% unless @ne_log_file.empty ? %>
+<% unless @ne_log_file.empty? %>
 log_file=<%= @ne_log_file %>
 <% end %>
 
@@ -49,9 +49,9 @@ ssl_logging=<%= @ne_ssl_logging %>
 
 nasty_metachars=<$= @ne_nasty_metachars  %>
 
-<% unless @ne_include_file.empty? %>
+<% unless @ne_include_file.empty? -%>
 include=<%= @ne_include_file %>
-<% end %>
+<% end -%>
 
 include_dir=<%= @ne_main_conf_d_dir  %>
 

From 08693a1e31472cf76a10678f28ed2d954dfcecad Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:56:18 +0100
Subject: [PATCH 6/8] syntax

---
 manifests/commands/definitions.pp | 5 ++++-
 templates/nrpe_cfg_head.erb       | 8 ++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/manifests/commands/definitions.pp b/manifests/commands/definitions.pp
index 7834831..a34327b 100644
--- a/manifests/commands/definitions.pp
+++ b/manifests/commands/definitions.pp
@@ -22,6 +22,9 @@
 ###############################################################################
 define cd_nrpe::commands::definitions (
 
+
 ) {
-  
+
+
+
 }
diff --git a/templates/nrpe_cfg_head.erb b/templates/nrpe_cfg_head.erb
index 8b4d6eb..9078b0d 100644
--- a/templates/nrpe_cfg_head.erb
+++ b/templates/nrpe_cfg_head.erb
@@ -8,9 +8,9 @@
 
 log_facility=<%= @ne_log_facility %>
 
-<% unless @ne_log_file.empty? %>
+<% unless @ne_log_file.empty? -%>
 log_file=<%= @ne_log_file %>
-<% end %>
+<% end -%>
 
 debug=<%= @ne_debug %>
 
@@ -27,9 +27,9 @@ allowed_hosts=127.0.0.1,::1,<%= @ne_nagios_server %>
 dont_blame_nrpe=<%= @ne_dont_blame_nrpe %>
 allow_bash_command_substitution=<%= @ne_allow_bash_cmd_subst %>
 
-<%= if @$ne_allow_sudo == true %>
+<%= if @ne_allow_sudo == true -%>
 command_prefix=<%= @ne_command_prefix %>
-<% end %>
+<% end -%>
 
 command_timeout=<%= @ne_command_timeout %>
 connection_timeout=<%= @ne_connection_timeout %>

From ff5a3faf9e8e1422a03b734d87b2b24621fd8ce1 Mon Sep 17 00:00:00 2001
From: Arne Teuke <arne_teuke@confdroid.com>
Date: Fri, 28 Jul 2017 16:58:16 +0100
Subject: [PATCH 7/8] syntax

---
 manifests/params.pp         | 4 +++-
 templates/nrpe_cfg_head.erb | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/manifests/params.pp b/manifests/params.pp
index 2befa42..8537cdc 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -123,11 +123,13 @@ $ne_ssl_logging             = '0x00',
 $ne_nasty_metachars         = '\"|`&><\'\\[]{};\r\n\"',
 $ne_include_file            = '',
 
-
 # firewall
 $ne_incl_fw                 = true,
 $ne_fw_order_no             = '50',
 
+# selinux
+$ne_include_selinux         = true,
+
 
 ) {
 
diff --git a/templates/nrpe_cfg_head.erb b/templates/nrpe_cfg_head.erb
index 9078b0d..c3a931d 100644
--- a/templates/nrpe_cfg_head.erb
+++ b/templates/nrpe_cfg_head.erb
@@ -27,7 +27,7 @@ allowed_hosts=127.0.0.1,::1,<%= @ne_nagios_server %>
 dont_blame_nrpe=<%= @ne_dont_blame_nrpe %>
 allow_bash_command_substitution=<%= @ne_allow_bash_cmd_subst %>
 
-<%= if @ne_allow_sudo == true -%>
+<% if @ne_allow_sudo == true -%>
 command_prefix=<%= @ne_command_prefix %>
 <% end -%>
 

From f631534d0aa40a1fb5bd3454321b46f200ca306c Mon Sep 17 00:00:00 2001
From: Jenkins Server <jenkins@confdroid.com>
Date: Fri, 28 Jul 2017 17:58:08 +0200
Subject: [PATCH 8/8] recommit for updates in build 12

---
 CHANGELOG.md                                  |  10 +
 REPOSTRUCTURE.md                              |  12 +-
 doc/_index.html                               |  46 +-
 doc/file.README.html                          |  24 +-
 doc/index.html                                |  24 +-
 doc/puppet_class_list.html                    |  36 +-
 doc/puppet_classes/cd_nrpe.html               |   2 +-
 .../cd_nrpe_3A_3Afirewall_3A_3Aiptables.html  | 175 +++++
 .../cd_nrpe_3A_3Amain_3A_3Aconfig.html        |  32 +-
 .../cd_nrpe_3A_3Amain_3A_3Adirs.html          | 215 +++++
 .../cd_nrpe_3A_3Amain_3A_3Afiles.html         | 191 +++++
 .../cd_nrpe_3A_3Amain_3A_3Ainstall.html       |  30 +-
 .../cd_nrpe_3A_3Amain_3A_3Aservice.html       | 185 +++++
 .../cd_nrpe_3A_3Amain_3A_3Auser.html          |  30 +-
 doc/puppet_classes/cd_nrpe_3A_3Aparams.html   | 742 +++++++++++++++++-
 doc/puppet_defined_type_list.html             |  54 ++
 ...d_nrpe_3A_3Acommands_3A_3Adefinitions.html | 158 ++++
 doc/top-level-namespace.html                  |   2 +-
 18 files changed, 1862 insertions(+), 106 deletions(-)
 create mode 100644 doc/puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html
 create mode 100644 doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html
 create mode 100644 doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html
 create mode 100644 doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html
 create mode 100644 doc/puppet_defined_type_list.html
 create mode 100644 doc/puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 31f6c78..2b79761 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,16 @@ Changelog of Git Changelog.
 <h2> No issue </h2>
 
 
+<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/bcfcbb00723a92c">bcfcbb00723a92c</a> Arne Teuke <i>2017-07-28 13:42:53</i>
+<p>
+<h3>fixed typo</h3>
+
+</p>
+<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/f26ae810d105694">f26ae810d105694</a> Jenkins Server <i>2017-07-28 13:42:40</i>
+<p>
+<h3>recommit for updates in build 5</h3>
+
+</p>
 <a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/a6a5d13eeda19ca">a6a5d13eeda19ca</a> Arne Teuke <i>2017-07-28 13:40:27</i>
 <p>
 <h3>fixed typo</h3>
diff --git a/REPOSTRUCTURE.md b/REPOSTRUCTURE.md
index c51b92c..97a25df 100644
--- a/REPOSTRUCTURE.md
+++ b/REPOSTRUCTURE.md
@@ -11,6 +11,7 @@
 |   |-- puppet_classes
 |   |   |-- cd_nrpe_3A_3Amain_3A_3Aconfig.html
 |   |   |-- cd_nrpe_3A_3Amain_3A_3Ainstall.html
+|   |   |-- cd_nrpe_3A_3Amain_3A_3Auser.html
 |   |   |-- cd_nrpe_3A_3Amainn_3A_3Auser.html
 |   |   |-- cd_nrpe_3A_3Aparams.html
 |   |   |-- cd_nrpe_3A_3Auser.html
@@ -22,12 +23,21 @@
 |   |-- puppet_class_list.html
 |   `-- top-level-namespace.html
 |-- manifests
+|   |-- commands
+|   |   `-- definitions.pp
+|   |-- firewall
+|   |   `-- iptables.pp
 |   |-- main
 |   |   |-- config.pp
+|   |   |-- dirs.pp
+|   |   |-- files.pp
 |   |   |-- install.pp
+|   |   |-- service.pp
 |   |   `-- user.pp
 |   |-- init.pp
 |   `-- params.pp
+|-- templates
+|   `-- nrpe_cfg_head.erb
 |-- tests
 |   `-- UTF_Files
 |-- CHANGELOG.md
@@ -38,4 +48,4 @@
 |-- README.md
 `-- REPOSTRUCTURE.md
 
-7 directories, 31 files
+10 directories, 38 files
diff --git a/doc/_index.html b/doc/_index.html
index 94b4d71..7a60b55 100644
--- a/doc/_index.html
+++ b/doc/_index.html
@@ -73,16 +73,36 @@
       
             </li>
     
+            <li>
+      <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::cd_nrpe::firewall::iptables (puppet_class)">cd_nrpe::firewall::iptables</a></span>
+      
+            </li>
+    
             <li>
       <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::cd_nrpe::main::config (puppet_class)">cd_nrpe::main::config</a></span>
       
             </li>
     
+            <li>
+      <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html" title="puppet_classes::cd_nrpe::main::dirs (puppet_class)">cd_nrpe::main::dirs</a></span>
+      
+            </li>
+    
+            <li>
+      <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html" title="puppet_classes::cd_nrpe::main::files (puppet_class)">cd_nrpe::main::files</a></span>
+      
+            </li>
+    
             <li>
       <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html" title="puppet_classes::cd_nrpe::main::install (puppet_class)">cd_nrpe::main::install</a></span>
       
             </li>
     
+            <li>
+      <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html" title="puppet_classes::cd_nrpe::main::service (puppet_class)">cd_nrpe::main::service</a></span>
+      
+            </li>
+    
             <li>
       <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html" title="puppet_classes::cd_nrpe::main::user (puppet_class)">cd_nrpe::main::user</a></span>
       
@@ -101,6 +121,30 @@
 </table>
 
 
+<h2>Defined Type Listing A-Z</h2>
+
+  
+<table>
+  <tr>
+    <td valign='top' width="33%">
+  
+    
+      <ul id="alpha_C" class="alpha">
+        <li class="letter">C</li>
+          <ul>
+    
+            <li>
+      <span class='object_link'><a href="puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html" title="puppet_defined_types::cd_nrpe::commands::definitions (puppet_defined_type)">cd_nrpe::commands::definitions</a></span>
+      
+            </li>
+    
+      </ul>
+    </ul>
+  
+    </td>
+  </tr>
+</table>
+
 
 
 
@@ -122,7 +166,7 @@
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:37 2017 by
+  Generated on Fri Jul 28 17:58:04 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/file.README.html b/doc/file.README.html
index 038112b..cf06ceb 100644
--- a/doc/file.README.html
+++ b/doc/file.README.html
@@ -120,11 +120,13 @@ href="https://gitlab.puppetsoft.com/12WW1160/cd_nrpe/blob/master/CHANGELOG.md">C
 <h3 id="label-Features">Features</h3>
 
 <p>INSTALLATION
-* install binaries</p>
+* install nrpe binaries</p>
 
 <p>CONFIGURATION
-* manage directory structure (file system permissions,
-selinux context)</p>
+* manage NRPE service user properties
+* manage directory
+structure (file system permissions, selinux context)
+*</p>
 
 <p>SERVICE</p>
 
@@ -139,10 +141,22 @@ selinux context)</p>
 <p><a
 href="https://gitlab.puppetsoft.com/12WW1160/cd_resources">cd_resources</a>
 to manage YUM repositories.</p>
+</li><li>
+<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_stdlib">cd_stdlib</a> or
+<a href="https://github.com/puppetlabs/puppetlabs-stdlib">puppetlabs
+stdlib</a> to facilitate concat</p>
+</li><li>
+<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_stdlib">cd_concat</a> or
+<a href="https://github.com/puppetlabs/puppetlabs-concat">puppetlabs
+concat</a> for concatenating files</p>
 </li></ul>
 
 <h3 id="label-Deployment">Deployment</h3>
 
+<p><code>cd_nrpe</code> does typically not need to be specifically declared.
+It will be auto-required by <code>cd_nagios</code> with default settings.
+Only if you want to override settings declare it specifically.</p>
+
 <h5 id="label-native+Puppet+deployment">native Puppet deployment</h5>
 
 <p>via site.pp or nodes.pp</p>
@@ -155,7 +169,7 @@ to manage YUM repositories.</p>
 
 <p>In order to apply parameters through Foreman,
 <strong>cd_nrpe::params</strong> must be added to the host or hostgroup in
-question.</p>
+question, unless the defaults are fully acceptable across the estate.</p>
 
 <p>See <a
 href="https://confdroid.com/2017/05/deploying-our-puppet-modules/">more
@@ -227,7 +241,7 @@ environments.</p>
 </div></div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:05 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/index.html b/doc/index.html
index 6c119a2..b74a471 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -120,11 +120,13 @@ href="https://gitlab.puppetsoft.com/12WW1160/cd_nrpe/blob/master/CHANGELOG.md">C
 <h3 id="label-Features">Features</h3>
 
 <p>INSTALLATION
-* install binaries</p>
+* install nrpe binaries</p>
 
 <p>CONFIGURATION
-* manage directory structure (file system permissions,
-selinux context)</p>
+* manage NRPE service user properties
+* manage directory
+structure (file system permissions, selinux context)
+*</p>
 
 <p>SERVICE</p>
 
@@ -139,10 +141,22 @@ selinux context)</p>
 <p><a
 href="https://gitlab.puppetsoft.com/12WW1160/cd_resources">cd_resources</a>
 to manage YUM repositories.</p>
+</li><li>
+<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_stdlib">cd_stdlib</a> or
+<a href="https://github.com/puppetlabs/puppetlabs-stdlib">puppetlabs
+stdlib</a> to facilitate concat</p>
+</li><li>
+<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_stdlib">cd_concat</a> or
+<a href="https://github.com/puppetlabs/puppetlabs-concat">puppetlabs
+concat</a> for concatenating files</p>
 </li></ul>
 
 <h3 id="label-Deployment">Deployment</h3>
 
+<p><code>cd_nrpe</code> does typically not need to be specifically declared.
+It will be auto-required by <code>cd_nagios</code> with default settings.
+Only if you want to override settings declare it specifically.</p>
+
 <h5 id="label-native+Puppet+deployment">native Puppet deployment</h5>
 
 <p>via site.pp or nodes.pp</p>
@@ -155,7 +169,7 @@ to manage YUM repositories.</p>
 
 <p>In order to apply parameters through Foreman,
 <strong>cd_nrpe::params</strong> must be added to the host or hostgroup in
-question.</p>
+question, unless the defaults are fully acceptable across the estate.</p>
 
 <p>See <a
 href="https://confdroid.com/2017/05/deploying-our-puppet-modules/">more
@@ -227,7 +241,7 @@ environments.</p>
 </div></div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:37 2017 by
+  Generated on Fri Jul 28 17:58:05 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/puppet_class_list.html b/doc/puppet_class_list.html
index 5adc7bc..aaf8948 100644
--- a/doc/puppet_class_list.html
+++ b/doc/puppet_class_list.html
@@ -28,6 +28,10 @@
               Puppet Classes
             </a></span>
           
+            <span><a target="_self" href="puppet_defined_type_list.html">
+              Defined Types
+            </a></span>
+          
         </div>
 
         <div id="search">Search: <input type="text" /></div>
@@ -43,20 +47,48 @@
     </li>
     
 
-    <li id="object_puppet_classes::cd_nrpe::main::config" class="even">
+    <li id="object_puppet_classes::cd_nrpe::firewall::iptables" class="even">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::cd_nrpe::firewall::iptables (puppet_class)">cd_nrpe::firewall::iptables</a></span>
+      </div>
+    </li>
+    
+
+    <li id="object_puppet_classes::cd_nrpe::main::config" class="odd">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::cd_nrpe::main::config (puppet_class)">cd_nrpe::main::config</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::cd_nrpe::main::install" class="odd">
+    <li id="object_puppet_classes::cd_nrpe::main::dirs" class="even">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html" title="puppet_classes::cd_nrpe::main::dirs (puppet_class)">cd_nrpe::main::dirs</a></span>
+      </div>
+    </li>
+    
+
+    <li id="object_puppet_classes::cd_nrpe::main::files" class="odd">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html" title="puppet_classes::cd_nrpe::main::files (puppet_class)">cd_nrpe::main::files</a></span>
+      </div>
+    </li>
+    
+
+    <li id="object_puppet_classes::cd_nrpe::main::install" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html" title="puppet_classes::cd_nrpe::main::install (puppet_class)">cd_nrpe::main::install</a></span>
       </div>
     </li>
     
 
+    <li id="object_puppet_classes::cd_nrpe::main::service" class="odd">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html" title="puppet_classes::cd_nrpe::main::service (puppet_class)">cd_nrpe::main::service</a></span>
+      </div>
+    </li>
+    
+
     <li id="object_puppet_classes::cd_nrpe::main::user" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html" title="puppet_classes::cd_nrpe::main::user (puppet_class)">cd_nrpe::main::user</a></span>
diff --git a/doc/puppet_classes/cd_nrpe.html b/doc/puppet_classes/cd_nrpe.html
index 81f901f..5fdd51f 100644
--- a/doc/puppet_classes/cd_nrpe.html
+++ b/doc/puppet_classes/cd_nrpe.html
@@ -140,7 +140,7 @@ class cd_nrpe {
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:05 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html
new file mode 100644
index 0000000..cefd9ab
--- /dev/null
+++ b/doc/puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html
@@ -0,0 +1,175 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Puppet Class: cd_nrpe::firewall::iptables
+  
+    &mdash; Documentation by YARD 0.9.9
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "puppet_classes::cd_nrpe::firewall::iptables";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../puppet_class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (c)</a> &raquo;
+    <span class='title'><span class='object_link'>Puppet Classes</span></span>
+     &raquo; 
+    <span class="title">cd_nrpe::firewall::iptables</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="puppet_class_list_link"
+        href="../puppet_class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Puppet Class: cd_nrpe::firewall::iptables</h1>
+<div class="box_info">
+  
+  <dl>
+    <dt>Inherits:</dt>
+    <dd><span class='object_link'><a href="cd_nrpe_3A_3Aparams.html" title="puppet_classes::cd_nrpe::params (puppet_class)">cd_nrpe::params</a></span></dd>
+  </dl>
+  
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>
+      manifests/firewall/iptables.pp
+    </dd>
+  </dl>
+</div>
+
+  <h2>Summary</h2>
+  manage firewall settings through cd_firewall or puppetlabs-firewall
+
+<h2>Overview</h2>
+<div class="docstring">
+  <div class="discussion">
+    
+<p>cd_nrpe::firewall::iptables.pp
+Module name: cd_nrpe
+Author: Arne Teuke
+(arne_teuke@ConfDroid.com)</p>
+
+<h1 id="label-License%3A">License:</h1>
+
+<p>This file is part of cd_nrpe.</p>
+
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
+
+<p>This program is distributed in the hope that it will be useful,
+ but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License
+for more details.</p>
+
+<p>You should have received a copy of the GNU General Public License
+ along
+with this program. If not, see <a
+href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
+
+  </div>
+</div>
+<div class="tags">
+  
+
+</div><div class="method_details_list">
+  <table class="source_code">
+    <tr>
+      <td>
+        <pre class="lines">
+
+
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35</pre>
+      </td>
+      <td>
+        <pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 23</span>
+
+class cd_nrpe::firewall::iptables (
+
+) inherits cd_nrpe::params {
+
+  if $ne_incl_fw == true {
+
+    firewall { &quot;${ne_fw_order_no}${ne_nrpe_port} tcp ${ne_nrpe_port}&quot;:
+      proto   =&gt; [&#39;tcp&#39;,&#39;udp&#39;],
+      dport   =&gt; $ne_nrpe_port,
+      action  =&gt; &#39;accept&#39;,
+    }
+  }
+}</pre>
+      </td>
+    </tr>
+  </table>
+</div>
+</div>
+
+      <div id="footer">
+  Generated on Fri Jul 28 17:58:06 2017 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.9 (ruby-2.0.0).
+</div>
+
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html
index 0b225d5..acd0656 100644
--- a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html
@@ -93,18 +93,16 @@ Author: Arne Teuke
 
 <p>This file is part of cd_nrpe.</p>
 
-<p>cd_nrpe is used for providing automatic configuration of
- &lt;service /
-purpose&gt;
- Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
- This
-program is free software: you can redistribute it and/or modify
- it under
-the terms of the GNU General Public License as published by
- the Free
-Software Foundation, either version 3 of the License, or
- (at your option)
-any later version.</p>
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
 
 <p>This program is distributed in the hope that it will be useful,
  but
@@ -131,22 +129,22 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
         <pre class="lines">
 
 
+24
 25
 26
 27
 28
 29
-30
-31</pre>
+30</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/main/config.pp', line 25</span>
+        <pre class="code"><span class="info file"># File 'manifests/main/config.pp', line 24</span>
 
 class cd_nrpe::main::config (
 
 ) inherits cd_nrpe::params {
 
-  include cd_nrpe::main::user
+  include cd_nrpe::main::service
 
 }</pre>
       </td>
@@ -156,7 +154,7 @@ class cd_nrpe::main::config (
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:06 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html
new file mode 100644
index 0000000..7c86ce1
--- /dev/null
+++ b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html
@@ -0,0 +1,215 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Puppet Class: cd_nrpe::main::dirs
+  
+    &mdash; Documentation by YARD 0.9.9
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "puppet_classes::cd_nrpe::main::dirs";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../puppet_class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (c)</a> &raquo;
+    <span class='title'><span class='object_link'>Puppet Classes</span></span>
+     &raquo; 
+    <span class="title">cd_nrpe::main::dirs</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="puppet_class_list_link"
+        href="../puppet_class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Puppet Class: cd_nrpe::main::dirs</h1>
+<div class="box_info">
+  
+  <dl>
+    <dt>Inherits:</dt>
+    <dd><span class='object_link'><a href="cd_nrpe_3A_3Aparams.html" title="puppet_classes::cd_nrpe::params (puppet_class)">cd_nrpe::params</a></span></dd>
+  </dl>
+  
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>
+      manifests/main/dirs.pp
+    </dd>
+  </dl>
+</div>
+
+  <h2>Summary</h2>
+  Class manages all directories required for cd_nrpe.
+
+<h2>Overview</h2>
+<div class="docstring">
+  <div class="discussion">
+    
+<p>cd_nrpe::main::dirs.pp
+Module name: cd_nrpe
+Author: Arne Teuke
+(arne_teuke@ConfDroid.com)</p>
+
+<h1 id="label-License%3A">License:</h1>
+
+<p>This file is part of cd_nrpe.</p>
+
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
+
+<p>This program is distributed in the hope that it will be useful,
+ but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License
+for more details.</p>
+
+<p>You should have received a copy of the GNU General Public License
+ along
+with this program. If not, see <a
+href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
+
+  </div>
+</div>
+<div class="tags">
+  
+
+</div><div class="method_details_list">
+  <table class="source_code">
+    <tr>
+      <td>
+        <pre class="lines">
+
+
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55</pre>
+      </td>
+      <td>
+        <pre class="code"><span class="info file"># File 'manifests/main/dirs.pp', line 23</span>
+
+class cd_nrpe::main::dirs (
+
+) inherits cd_nrpe::params {
+
+  require cd_nrpe::main::user
+
+  # manage main conf_d_dir
+
+  file { $ne_main_conf_d_dir:
+    ensure    =&gt;  directory,
+    path      =&gt;  $ne_main_conf_d_dir,
+    owner     =&gt;  &#39;root&#39;,
+    group     =&gt;  &#39;root&#39;,
+    mode      =&gt;  &#39;0755&#39;,
+    selrange  =&gt;  s0,
+    selrole   =&gt;  object_r,
+    seltype   =&gt;  etc_t,
+    seluser   =&gt;  system_u,
+  }
+
+  file { $ne_run_dir:
+    ensure    =&gt;  directory,
+    path      =&gt;  $ne_run_dir,
+    owner     =&gt;  $ne_user,
+    group     =&gt;  $ne_user,
+    mode      =&gt;  &#39;0755&#39;,
+    selrange  =&gt;  s0,
+    selrole   =&gt;  object_r,
+    seltype   =&gt;  var_run_t,
+    seluser   =&gt;  system_u,
+  }
+
+}</pre>
+      </td>
+    </tr>
+  </table>
+</div>
+</div>
+
+      <div id="footer">
+  Generated on Fri Jul 28 17:58:06 2017 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.9 (ruby-2.0.0).
+</div>
+
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html
new file mode 100644
index 0000000..eec9f92
--- /dev/null
+++ b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html
@@ -0,0 +1,191 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Puppet Class: cd_nrpe::main::files
+  
+    &mdash; Documentation by YARD 0.9.9
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "puppet_classes::cd_nrpe::main::files";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../puppet_class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (c)</a> &raquo;
+    <span class='title'><span class='object_link'>Puppet Classes</span></span>
+     &raquo; 
+    <span class="title">cd_nrpe::main::files</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="puppet_class_list_link"
+        href="../puppet_class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Puppet Class: cd_nrpe::main::files</h1>
+<div class="box_info">
+  
+  <dl>
+    <dt>Inherits:</dt>
+    <dd><span class='object_link'><a href="cd_nrpe_3A_3Aparams.html" title="puppet_classes::cd_nrpe::params (puppet_class)">cd_nrpe::params</a></span></dd>
+  </dl>
+  
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>
+      manifests/main/files.pp
+    </dd>
+  </dl>
+</div>
+
+  <h2>Summary</h2>
+  Class manages all configuration files required for cd_nrpe.
+
+<h2>Overview</h2>
+<div class="docstring">
+  <div class="discussion">
+    
+<p>cd_nrpe::main::files.pp
+Module name: cd_nrpe
+Author: Arne Teuke
+(arne_teuke@ConfDroid.com)</p>
+
+<h1 id="label-License%3A">License:</h1>
+
+<p>This file is part of cd_nrpe.</p>
+
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
+
+<p>This program is distributed in the hope that it will be useful,
+ but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License
+for more details.</p>
+
+<p>You should have received a copy of the GNU General Public License
+ along
+with this program. If not, see <a
+href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
+
+  </div>
+</div>
+<div class="tags">
+  
+
+</div><div class="method_details_list">
+  <table class="source_code">
+    <tr>
+      <td>
+        <pre class="lines">
+
+
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43</pre>
+      </td>
+      <td>
+        <pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 23</span>
+
+class cd_nrpe::main::files (
+
+) inherits cd_nrpe::params {
+
+  require cd_nrpe::main::dirs
+
+  file { $ne_main_conf_file:
+    ensure    =&gt;  file,
+    path      =&gt;  ne_main_conf_file,
+    owner     =&gt;  &#39;root&#39;,
+    group     =&gt;  &#39;root&#39;,
+    mode      =&gt;  &#39;0640&#39;,
+    selrange  =&gt;  s0,
+    selrole   =&gt;  object_r,
+    seltype   =&gt;  nrpe_etc_t,
+    seluser   =&gt;  system_u,
+    content   =&gt;  template($ne_main_conf_file),
+    notify    =&gt;  Service[$ne_service],
+  }
+
+}</pre>
+      </td>
+    </tr>
+  </table>
+</div>
+</div>
+
+      <div id="footer">
+  Generated on Fri Jul 28 17:58:06 2017 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.9 (ruby-2.0.0).
+</div>
+
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html
index c8c6cdd..a632bcb 100644
--- a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html
+++ b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html
@@ -93,18 +93,16 @@ Author: Arne Teuke
 
 <p>This file is part of cd_nrpe.</p>
 
-<p>cd_nrpe is used for providing automatic configuration of
- &lt;service /
-purpose&gt;
- Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
- This
-program is free software: you can redistribute it and/or modify
- it under
-the terms of the GNU General Public License as published by
- the Free
-Software Foundation, either version 3 of the License, or
- (at your option)
-any later version.</p>
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
 
 <p>This program is distributed in the hope that it will be useful,
  but
@@ -131,6 +129,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
         <pre class="lines">
 
 
+24
 25
 26
 27
@@ -139,11 +138,10 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
 30
 31
 32
-33
-34</pre>
+33</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/main/install.pp', line 25</span>
+        <pre class="code"><span class="info file"># File 'manifests/main/install.pp', line 24</span>
 
 class cd_nrpe::main::install (
 
@@ -162,7 +160,7 @@ class cd_nrpe::main::install (
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:06 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html
new file mode 100644
index 0000000..8bd0dc4
--- /dev/null
+++ b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html
@@ -0,0 +1,185 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Puppet Class: cd_nrpe::main::service
+  
+    &mdash; Documentation by YARD 0.9.9
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "puppet_classes::cd_nrpe::main::service";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../puppet_class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (c)</a> &raquo;
+    <span class='title'><span class='object_link'>Puppet Classes</span></span>
+     &raquo; 
+    <span class="title">cd_nrpe::main::service</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="puppet_class_list_link"
+        href="../puppet_class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Puppet Class: cd_nrpe::main::service</h1>
+<div class="box_info">
+  
+  <dl>
+    <dt>Inherits:</dt>
+    <dd><span class='object_link'><a href="cd_nrpe_3A_3Aparams.html" title="puppet_classes::cd_nrpe::params (puppet_class)">cd_nrpe::params</a></span></dd>
+  </dl>
+  
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>
+      manifests/main/service.pp
+    </dd>
+  </dl>
+</div>
+
+  <h2>Summary</h2>
+  Class manages the service(s) for cd_nrpe.
+
+<h2>Overview</h2>
+<div class="docstring">
+  <div class="discussion">
+    
+<p>cd_nrpe::main::service.pp
+Module name: cd_nrpe
+Author: Arne Teuke
+(arne_teuke@ConfDroid.com)</p>
+
+<h1 id="label-License%3A">License:</h1>
+
+<p>This file is part of cd_nrpe.</p>
+
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
+
+<p>This program is distributed in the hope that it will be useful,
+ but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License
+for more details.</p>
+
+<p>You should have received a copy of the GNU General Public License
+ along
+with this program. If not, see <a
+href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
+
+  </div>
+</div>
+<div class="tags">
+  
+
+</div><div class="method_details_list">
+  <table class="source_code">
+    <tr>
+      <td>
+        <pre class="lines">
+
+
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40</pre>
+      </td>
+      <td>
+        <pre class="code"><span class="info file"># File 'manifests/main/service.pp', line 23</span>
+
+class cd_nrpe::main::service (
+
+) inherits cd_nrpe::params {
+
+  if $ne_incl_fw == true  {
+    require cd_nrpe::firewall::iptables
+  }
+
+  require cd_nrpe::main::files
+
+  service { $ne_service:
+    ensure      =&gt; running,
+    hasstatus   =&gt; true,
+    hasrestart  =&gt; true,
+    enable      =&gt; true,
+  }
+
+}</pre>
+      </td>
+    </tr>
+  </table>
+</div>
+</div>
+
+      <div id="footer">
+  Generated on Fri Jul 28 17:58:06 2017 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.9 (ruby-2.0.0).
+</div>
+
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html
index 8a5741c..518fd1f 100644
--- a/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html
+++ b/doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html
@@ -92,18 +92,16 @@ Author: Arne Teuke
 
 <p>This file is part of cd_nrpe.</p>
 
-<p>cd_nrpe is used for providing automatic configuration of
- &lt;service /
-purpose&gt;
- Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
- This
-program is free software: you can redistribute it and/or modify
- it under
-the terms of the GNU General Public License as published by
- the Free
-Software Foundation, either version 3 of the License, or
- (at your option)
-any later version.</p>
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
 
 <p>This program is distributed in the hope that it will be useful,
  but
@@ -130,6 +128,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
         <pre class="lines">
 
 
+23
 24
 25
 26
@@ -155,11 +154,10 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
 46
 47
 48
-49
-50</pre>
+49</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/main/user.pp', line 24</span>
+        <pre class="code"><span class="info file"># File 'manifests/main/user.pp', line 23</span>
 
 class cd_nrpe::main::user (
 
@@ -195,7 +193,7 @@ class cd_nrpe::main::user (
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:06 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/puppet_classes/cd_nrpe_3A_3Aparams.html b/doc/puppet_classes/cd_nrpe_3A_3Aparams.html
index 77a946e..b69f97d 100644
--- a/doc/puppet_classes/cd_nrpe_3A_3Aparams.html
+++ b/doc/puppet_classes/cd_nrpe_3A_3Aparams.html
@@ -67,12 +67,20 @@
     <dt>Inherited by:</dt>
     <dd>
       
+      <span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Adirs.html" title="puppet_classes::cd_nrpe::main::dirs (puppet_class)">cd_nrpe::main::dirs</a></span><br/>
+      
       <span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Auser.html" title="puppet_classes::cd_nrpe::main::user (puppet_class)">cd_nrpe::main::user</a></span><br/>
       
+      <span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Afiles.html" title="puppet_classes::cd_nrpe::main::files (puppet_class)">cd_nrpe::main::files</a></span><br/>
+      
       <span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::cd_nrpe::main::config (puppet_class)">cd_nrpe::main::config</a></span><br/>
       
       <span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Ainstall.html" title="puppet_classes::cd_nrpe::main::install (puppet_class)">cd_nrpe::main::install</a></span><br/>
       
+      <span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Aservice.html" title="puppet_classes::cd_nrpe::main::service (puppet_class)">cd_nrpe::main::service</a></span><br/>
+      
+      <span class='object_link'><a href="cd_nrpe_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::cd_nrpe::firewall::iptables (puppet_class)">cd_nrpe::firewall::iptables</a></span><br/>
+      
     </dd>
   </dl>
   
@@ -101,18 +109,16 @@ Author: Arne Teuke
 
 <p>This file is part of cd_nrpe.</p>
 
-<p>cd_nrpe is used for providing automatic configuration of
- &lt;service /
-purpose&gt;
- Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
- This
-program is free software: you can redistribute it and/or modify
- it under
-the terms of the GNU General Public License as published by
- the Free
-Software Foundation, either version 3 of the License, or
- (at your option)
-any later version.</p>
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
 
 <p>This program is distributed in the hope that it will be useful,
  but
@@ -125,7 +131,9 @@ for more details.</p>
 <p>You should have received a copy of the GNU General Public License
  along
 with this program. If not, see <a
-href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
+href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.
+be passed to
+the NRPE daemon.</p>
 
   </div>
 </div>
@@ -153,6 +161,501 @@ to choose, i.e. <code>latest</code> or <code>present</code>.</p>
       
     </li>
   
+    <li>
+      
+        <span class='name'>ne_log_facility</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;daemon&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the log facility to use.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_log_file</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>If a log file is specified in this option,
+nrpe will write to that file
+instead of using syslog. i.e. /var/run/nrpe.log</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_debug</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;0&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>Whether debugging messages are logged to the
+syslog facility.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_nrpe_port</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;5666&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the NRPE port. used in firewall ( optional)
+and configuration file.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_listen_queue_size</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;5&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>Listen queue size (backlog) for
+serving incoming connections.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_nagios_server</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>$::nagios_server</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>ipaddress of the nagios server to be allowed
+to connect to NRPE service.
+Default is to look up a global parameter from
+ENC.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_dont_blame_nrpe</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>whether or not the NRPE daemon will
+allow clients to specify arguments to
+commands that are executed.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_allow_bash_cmd_subst</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>whether or not the NRPE daemon will
+allow clients to specify arguments that
+contain bash command substitutions
+of the form $(...).</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_allow_sudo</span>
+      
+      
+        <span class='type'>(<tt>boolean</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>Whether to allow sudo access. used in nrpe.cfg
+as well as for creating a
+sudo role.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>command_prefix</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>allows you to prefix all commands with a
+user-defined string.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_incl_fw</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>Whether to include firewall rules</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_command_timeout</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;60&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>maximum number of seconds that the NRPE
+daemon will allow plugins to finish
+executing before killing them off.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_connection_timeout</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;300&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>maximum number of seconds that the
+NRPE daemon will wait for a connection
+to be established before exiting.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_version</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;TLSv1.1+&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>These directives allow you to specify how to
+use SSL/TLS.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_use_adh</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>This is for backward compatibility and is
+DEPRECATED. Set to 1 to enable
+ADH or 2 to require ADH. 1 is currently the
+default but will be changed in
+a later version.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_cipher_list</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>ciphers can be used. For backward
+compatibility, this defaults to
+&#39;ssl_cipher_list=ALL:!MD5:@STRENGTH&#39; in
+this version but will be
+changed in a later version of NRPE.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_cacert_file</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>path and name of the ssl certificate
+authority ( ca) file / chain. must be
+full path.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_cert_file</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&quot;/etc/pki/tls/certs/${::fqdn}.crt.pem&quot;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>path and name of the server ssl certificate.
+must include full path.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_privatekey_filepath</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>and name of the server ssl
+private key. Must include full path.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_client_certs</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;2&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>determines client certificate usage.
+Values: 0 = Don&#39;t ask for or
+require client certificates
+1 = Ask for client certificates
+2 = Require
+client certificates</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_logging</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;0x00&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>determines which SSL messages are send to
+syslog. OR values together to
+specify multiple options.
+Values: 0x00 (0) = No additional logging
+(default)
+0x01 (1) = Log startup SSL/TLS parameters
+0x02 (2) = Log remote
+IP address
+0x04 (4) = Log SSL/TLS version of connections
+0x08 (8) = Log
+which cipher is being used for the connection
+0x10 (16) = Log if client has
+a certificate
+0x20 (32) = Log details of client&#39;s certificate if it has
+one
+-1 or 0xff or 0x2f = All of the above</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_nasty_metachars</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;\&quot;|`&amp;&gt;&lt;\&#39;\\[]{};\r\n\&quot;&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>list of characters that cannot</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_include_file</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>include definitions from an external
+config file.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_include_dir</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_fw_order_no</span>
+      
+      
+        <span class='type'>(<tt>string</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;50&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>ordering prefix for he firewall rules. Adjust
+to yoru environment if
+needed.</p>
+</div>
+      
+    </li>
+  
     <li>
       
         <span class='name'>ne_user</span>
@@ -200,7 +703,7 @@ to choose, i.e. <code>latest</code> or <code>present</code>.</p>
         <span class='type'>(<tt>Any</tt>)</span>
       
       
-        <em class="default">(defaults to: <tt>&#39;/var/run/nagios&#39;</tt>)</em>
+        <em class="default">(defaults to: <tt>&#39;/var/run/nrpe&#39;</tt>)</em>
       
       
     </li>
@@ -231,6 +734,71 @@ to choose, i.e. <code>latest</code> or <code>present</code>.</p>
       
     </li>
   
+    <li>
+      
+        <span class='name'>ne_server_address</span>
+      
+      
+        <span class='type'>(<tt>Any</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;127.0.0.1&#39;</tt>)</em>
+      
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_command_prefix</span>
+      
+      
+        <span class='type'>(<tt>Any</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/usr/bin/sudo&#39;</tt>)</em>
+      
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_allow_weak_rnd_seed</span>
+      
+      
+        <span class='type'>(<tt>Any</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
+      
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_ssl_privatekey_file</span>
+      
+      
+        <span class='type'>(<tt>Any</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&quot;/etc/pki/tls/private/${::fqdn}.key.pem&quot;</tt>)</em>
+      
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ne_include_selinux</span>
+      
+      
+        <span class='type'>(<tt>Any</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+    </li>
+  
 </ul>
 
 
@@ -241,33 +809,79 @@ to choose, i.e. <code>latest</code> or <code>present</code>.</p>
         <pre class="lines">
 
 
-28
-29
-30
-31
-32
-33
-34
-35
-36
-37
-38
-39
-40
-41
-42
-43
-44
-45
-46
-47
-48
-49
-50
-51</pre>
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143
+144
+145
+146
+147
+148
+149
+150
+151
+152
+153
+154
+155
+156
+157</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 28</span>
+        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 88</span>
 
 class cd_nrpe::params (
 
@@ -277,10 +891,44 @@ $pkg_ensure                 = &#39;latest&#39;,
 $ne_user                    = &#39;nrpe&#39;,
 $ne_user_comment            = &#39;NRPE service user&#39;,
 $ne_user_uid                = &#39;1005&#39;,
-$ne_user_home               = &#39;/var/run/nagios&#39;,
+$ne_user_home               = &#39;/var/run/nrpe&#39;,
 $ne_user_groups             = undef,
 $ne_user_shell              = &#39;/sbin/nologin&#39;,
 
+# nrpe.cfg
+$ne_log_facility            = &#39;daemon&#39;,
+$ne_log_file                = &#39;&#39;,
+$ne_debug                   = &#39;0&#39;,
+$ne_nrpe_port               = &#39;5666&#39;,
+$ne_server_address          = &#39;127.0.0.1&#39;,
+$ne_listen_queue_size       = &#39;5&#39;,
+$ne_nagios_server           = $::nagios_server,
+$ne_dont_blame_nrpe         = &#39;1&#39;,
+$ne_allow_bash_cmd_subst    = &#39;1&#39;,
+$ne_allow_sudo              = true,
+$ne_command_prefix          = &#39;/usr/bin/sudo&#39;,
+$ne_command_timeout         = &#39;60&#39;,
+$ne_connection_timeout      = &#39;300&#39;,
+$ne_allow_weak_rnd_seed     = &#39;1&#39;,
+$ne_ssl_version             = &#39;TLSv1.1+&#39;,
+$ne_ssl_use_adh             = &#39;1&#39;,
+$ne_ssl_cipher_list         = &#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;,
+$ne_ssl_cacert_file         = &#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;,
+$ne_ssl_cert_file           = &quot;/etc/pki/tls/certs/${::fqdn}.crt.pem&quot;,
+$ne_ssl_privatekey_file     = &quot;/etc/pki/tls/private/${::fqdn}.key.pem&quot;,
+$ne_ssl_client_certs        = &#39;2&#39;,
+$ne_ssl_logging             = &#39;0x00&#39;,
+$ne_nasty_metachars         = &#39;\&quot;|`&amp;&gt;&lt;\&#39;\\[]{};\r\n\&quot;&#39;,
+$ne_include_file            = &#39;&#39;,
+
+# firewall
+$ne_incl_fw                 = true,
+$ne_fw_order_no             = &#39;50&#39;,
+
+# selinux
+$ne_include_selinux         = true,
+
+
 ) {
 
 # installation section
@@ -288,6 +936,18 @@ $reqpackages  = $::operatingsystem ? {
     /(?i-mx:centos|fedora|redhat)/ =&gt; [&#39;nrpe&#39;],
   }
 
+# service
+$ne_service                 = &#39;nrpe&#39;
+
+# directories
+$ne_main_conf_d_dir         = &#39;/etc/nrpe.d&#39;
+$ne_run_dir                 = &#39;/var/run/nrpe&#39;
+
+# files
+$ne_main_conf_file          = &#39;/etc/nagios/nrpe.cfg&#39;
+$ne_nrpe_conf_head_erb      = &#39;cd_nrpe/nrpe_cfg_head.erb&#39;
+$ne_nrpe_pid_file           = &quot;${ne_run_dir}/nrpe.pid&quot;
+
 # includes must be last
 
   include cd_nrpe::main::config
@@ -300,7 +960,7 @@ $reqpackages  = $::operatingsystem ? {
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:06 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>
diff --git a/doc/puppet_defined_type_list.html b/doc/puppet_defined_type_list.html
new file mode 100644
index 0000000..c4d216e
--- /dev/null
+++ b/doc/puppet_defined_type_list.html
@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta charset="utf-8" />
+    
+      <link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" charset="utf-8" />
+    
+      <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+    
+
+    
+      <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+    
+      <script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
+    
+
+    <title>Defined Type List</title>
+    <base id="base_target" target="_parent" />
+  </head>
+  <body>
+    <div id="content">
+      <div class="fixed_header">
+        <h1 id="full_list_header">Defined Type List</h1>
+        <div id="full_list_nav">
+          
+            <span><a target="_self" href="puppet_class_list.html">
+              Puppet Classes
+            </a></span>
+          
+            <span><a target="_self" href="puppet_defined_type_list.html">
+              Defined Types
+            </a></span>
+          
+        </div>
+
+        <div id="search">Search: <input type="text" /></div>
+      </div>
+
+      <ul id="full_list" class="puppet_defined_type">
+        
+
+    <li id="object_puppet_defined_types::cd_nrpe::commands::definitions" class="odd">
+      <div class="item">
+        <span class='object_link'><a href="puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html" title="puppet_defined_types::cd_nrpe::commands::definitions (puppet_defined_type)">cd_nrpe::commands::definitions</a></span>
+      </div>
+    </li>
+    
+
+
+      </ul>
+    </div>
+  </body>
+</html>
diff --git a/doc/puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html b/doc/puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html
new file mode 100644
index 0000000..e64e54a
--- /dev/null
+++ b/doc/puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html
@@ -0,0 +1,158 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Defined Type: cd_nrpe::commands::definitions
+  
+    &mdash; Documentation by YARD 0.9.9
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "puppet_defined_types::cd_nrpe::commands::definitions";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../puppet_defined_type_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (c)</a> &raquo;
+    <span class='title'><span class='object_link'>Defined Types</span></span>
+     &raquo; 
+    <span class="title">cd_nrpe::commands::definitions</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="puppet_class_list_link"
+        href="../puppet_class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Defined Type: cd_nrpe::commands::definitions</h1>
+<div class="box_info">
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>
+      manifests/commands/definitions.pp
+    </dd>
+  </dl>
+</div>
+
+  <h2>Summary</h2>
+  manage firewall settings through cd_firewall or puppetlabs-firewall
+
+<h2>Overview</h2>
+<div class="docstring">
+  <div class="discussion">
+    
+<p>cd_nrpe::commands::definitions.pp
+Module name: cd_nrpe
+Author: Arne Teuke
+(arne_teuke@ConfDroid.com)</p>
+
+<h1 id="label-License%3A">License:</h1>
+
+<p>This file is part of cd_nrpe.</p>
+
+<p>cd_nrpe is used for providing automatic configuration of NRPE.
+ Copyright
+(C) 2016 ConfDroid (copyright@ConfDroid.com)
+ This program is free
+software: you can redistribute it and/or modify
+ it under the terms of the
+GNU General Public License as published by
+ the Free Software Foundation,
+either version 3 of the License, or
+ (at your option) any later version.</p>
+
+<p>This program is distributed in the hope that it will be useful,
+ but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License
+for more details.</p>
+
+<p>You should have received a copy of the GNU General Public License
+ along
+with this program. If not, see <a
+href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
+
+  </div>
+</div>
+<div class="tags">
+  
+
+</div><div class="method_details_list">
+  <table class="source_code">
+    <tr>
+      <td>
+        <pre class="lines">
+
+
+23
+24
+25
+26
+27
+28
+29
+30</pre>
+      </td>
+      <td>
+        <pre class="code"><span class="info file"># File 'manifests/commands/definitions.pp', line 23</span>
+
+<span class='id identifier rubyid_define'>define</span> <span class='id identifier rubyid_cd_nrpe'>cd_nrpe</span><span class='op'>::</span><span class='id identifier rubyid_commands'>commands</span><span class='op'>::</span><span class='id identifier rubyid_definitions'>definitions</span> <span class='lparen'>(</span>
+
+
+<span class='rparen'>)</span> <span class='lbrace'>{</span>
+
+
+
+<span class='rbrace'>}</span></pre>
+      </td>
+    </tr>
+  </table>
+</div>
+</div>
+
+      <div id="footer">
+  Generated on Fri Jul 28 17:58:06 2017 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.9 (ruby-2.0.0).
+</div>
+
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html
index b7da8ce..ba084e7 100644
--- a/doc/top-level-namespace.html
+++ b/doc/top-level-namespace.html
@@ -90,7 +90,7 @@
 </div>
 
       <div id="footer">
-  Generated on Fri Jul 28 15:42:38 2017 by
+  Generated on Fri Jul 28 17:58:05 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>