recommit for updates in build 50

doc/index.html

@@ -132,9 +132,13 @@ structure (file system permissions, selinux context) through parameters
 manage configuration files through parameters:
  * nrpe.conf
  * nrpe.cfg
- *
-commands.cfg (optional)
-* manage iptables (optionals )</p>
+*
+manage sudo role for nagios user on NRPE clients
+* manage dynamic NRPE
+check command definitions
+* manage iptables (optional)
+* manage selinux
+rule exceptions (optional)</p>
 
 <p>SERVICE
 * manage NRPE service</p>
@@ -213,6 +217,9 @@ through this modules. Defaults to <code>true</code>.</p>
 </li><li>
 <p><code>$ne_include_selinux</code> : Whether to manage selinux exception
 rules. Defaults to <code>true</code>.</p>
+</li><li>
+<p><code>$ne_enable_ssl</code> : Whether to allow SSL settings. See <a
+href="#konwn-problems">known problems</a> for more details.</p>
 </li></ul>
 
 <h3 id="label-Managing+Check+Commands">Managing Check Commands</h3>
@@ -226,6 +233,9 @@ ability to dynamicically set command arguments based on default variables /
 overrides. For that reason no hard-coded commands are included, but instead
 all commands are set via argument strings, where possible.</p>
 
+<p>The commands are created within /etc/nrpe.d/command.cfg , every set of
+instructions creates a new line.</p>
+
 <p>Defining commands is as simple as
 that:
 &lt;code&gt;
@@ -240,7 +250,8 @@ $ARG2$&#39;,
 It is very recommendable to define such
 commands within Puppet modules controlling services, so any node running
 the particular service will automatically get the required check commands
-defined as well.</p>
+defined as well, while nodes not running the service also do not contain
+the command check.</p>
 
 <h3 id="label-SELINUX">SELINUX</h3>
 
@@ -248,6 +259,18 @@ defined as well.</p>
 selinux is disabled, these contexts are ignored.</p>
 
 <h3 id="label-Known+Problems">Known Problems</h3>
+<ul><li>
+<p>SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs.
+However, at the time of writing this module, this seems to be buggy, as I
+was unable to start the NRPE service as soon as the
+<code>ssl_cert_file</code> line was uncommented in teh configuration file,
+despite having valid certs in the right position on the node. This happened
+when installing manually, not through this Puppet module. For that reason I
+included the <code>$ne_enable_ssl</code> boolean parameter, which is set to
+<code>false</code> by default, hence disabling SSL/TLS options until this
+has been fixed upstream, or a valid workaround has been found. Setting this
+option to <code>true</code> will include all SSL / TLS settings.</p>
+</li></ul>
 
 <h3 id="label-Support">Support</h3>
 <ul><li>
@@ -302,7 +325,7 @@ environments.</p>
 </div></div>
 
       <div id="footer">
-  Generated on Sun Jul 30 14:07:45 2017 by
+  Generated on Sun Jul 30 16:03:54 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.9 (ruby-2.0.0).
 </div>