confdroid/confdroid_nrpe
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'jenkins' into 'master'

Browse Source 
Jenkins

See merge request !31
This commit is contained in:
12ww1160
2017-07-30 15:57:41 +02:00
parent 8519ffa0b7 e683f873a3
commit ff231bf47d
24 changed files with 208 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
CHANGELOG.md
View File

@@ -8,6 +8,21 @@ Changelog of Git Changelog.
<h2> No issue </h2> <h2> No issue </h2>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/c0a5382d2c4cd88">c0a5382d2c4cd88</a> Arne Teuke <i>2017-07-30 12:07:53</i>
<p>
<h3>added basic command examples</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/2e89f817d99fb64">2e89f817d99fb64</a> Jenkins Server <i>2017-07-30 12:07:49</i>
<p>
<h3>recommit for updates in build 43</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/5f91d2a4715fe48">5f91d2a4715fe48</a> Arne Teuke <i>2017-07-30 12:06:19</i>
<p>
<h3>added basic command examples</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/5c0374245dc1e72">5c0374245dc1e72</a> Arne Teuke <i>2017-07-30 11:50:55</i> <a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/5c0374245dc1e72">5c0374245dc1e72</a> Arne Teuke <i>2017-07-30 11:50:55</i>
<p> <p>
<h3>added test command</h3> <h3>added test command</h3>

12
README.md
View File

@@ -38,8 +38,10 @@ CONFIGURATION
* manage configuration files through parameters: * manage configuration files through parameters:
* nrpe.conf * nrpe.conf
* nrpe.cfg * nrpe.cfg
* commands.cfg (optional) * manage sudo role for nagios user on NRPE clients
* manage iptables (optionals ) * manage dynamic NRPE check command definitions
* manage iptables (optional)
* manage selinux rule exceptions (optional)
SERVICE SERVICE
* manage NRPE service * manage NRPE service
@@ -85,10 +87,13 @@ There are currently no mandatory parameters, i.e. the module will function right
* `$ne_manage_cmds` : Whether to manage check command definitions dynamically through a define, i.e. from other Puppet modules or profiles. Defaults to `true`. * `$ne_manage_cmds` : Whether to manage check command definitions dynamically through a define, i.e. from other Puppet modules or profiles. Defaults to `true`.
* `$ne_incl_fw` : Whether to manage relevant firewall rules through this modules. Defaults to `true`. * `$ne_incl_fw` : Whether to manage relevant firewall rules through this modules. Defaults to `true`.
* `$ne_include_selinux` : Whether to manage selinux exception rules. Defaults to `true`. * `$ne_include_selinux` : Whether to manage selinux exception rules. Defaults to `true`.
* `$ne_enable_ssl` : Whether to allow SSL settings. See [known problems](#konwn-problems) for more details.
### Managing Check Commands ### Managing Check Commands
In order to connect a Nagios monitoring server to clients through NRPE, you must define commands and the desired argument strings on the clients. The default NRPE installation comes with a few examples of such commands, which are also included in this module. However, every environment is very different in their requirements and Nagios via Puppet is all about the ability to dynamicically set command arguments based on default variables / overrides. For that reason no hard-coded commands are included, but instead all commands are set via argument strings, where possible. In order to connect a Nagios monitoring server to clients through NRPE, you must define commands and the desired argument strings on the clients. The default NRPE installation comes with a few examples of such commands, which are also included in this module. However, every environment is very different in their requirements and Nagios via Puppet is all about the ability to dynamicically set command arguments based on default variables / overrides. For that reason no hard-coded commands are included, but instead all commands are set via argument strings, where possible.
The commands are created within /etc/nrpe.d/command.cfg , every set of instructions creates a new line.
Defining commands is as simple as that: Defining commands is as simple as that:
``` ```
`cd_nrpe::commands::definitions` { 'check_users': `cd_nrpe::commands::definitions` { 'check_users':
@@ -96,13 +101,14 @@ Defining commands is as simple as that:
`ne_cmd_argstring` => '-w $ARG1$ -c $ARG2$', `ne_cmd_argstring` => '-w $ARG1$ -c $ARG2$',
} }
``` ```
It is very recommendable to define such commands within Puppet modules controlling services, so any node running the particular service will automatically get the required check commands defined as well. It is very recommendable to define such commands within Puppet modules controlling services, so any node running the particular service will automatically get the required check commands defined as well, while nodes not running the service also do not contain the command check.
### SELINUX ### SELINUX
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored. All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.
### Known Problems ### Known Problems
* SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs. However, at the time of writing this module, this seems to be buggy, as I was unable to start the NRPE service as soon as the `ssl_cert_file` line was uncommented in teh configuration file, despite having valid certs in the right position on the node. This happened when installing manually, not through this Puppet module. For that reason I included the `$ne_enable_ssl` boolean parameter, which is set to `false` by default, hence disabling SSL/TLS options until this has been fixed upstream, or a valid workaround has been found. Setting this option to `true` will include all SSL / TLS settings.
### Support ### Support
* OS: CentOS 6, 7 * OS: CentOS 6, 7

5
REPOSTRUCTURE.md
View File

@@ -50,7 +50,8 @@
| |-- cmd_head.erb | |-- cmd_head.erb
| |-- cmd_rule.erb | |-- cmd_rule.erb
| |-- nrpe_cfg.erb | |-- nrpe_cfg.erb
| `-- nrpe_conf.erb | |-- nrpe_conf.erb
| `-- sudo_rule.erb
|-- tests |-- tests
| `-- UTF_Files | `-- UTF_Files
|-- CHANGELOG.md |-- CHANGELOG.md
@@ -61,4 +62,4 @@
|-- README.md |-- README.md
`-- REPOSTRUCTURE.md `-- REPOSTRUCTURE.md
11 directories, 50 files 11 directories, 51 files

2
doc/_index.html
View File

@@ -171,7 +171,7 @@
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:44 2017 by Generated on Sun Jul 30 16:03:54 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

33
doc/file.README.html
View File

@@ -132,9 +132,13 @@ structure (file system permissions, selinux context) through parameters
manage configuration files through parameters: manage configuration files through parameters:
* nrpe.conf * nrpe.conf
* nrpe.cfg * nrpe.cfg
* *
commands.cfg (optional) manage sudo role for nagios user on NRPE clients
* manage iptables (optionals )</p> * manage dynamic NRPE
check command definitions
* manage iptables (optional)
* manage selinux
rule exceptions (optional)</p>
<p>SERVICE <p>SERVICE
* manage NRPE service</p> * manage NRPE service</p>
@@ -213,6 +217,9 @@ through this modules. Defaults to <code>true</code>.</p>
</li><li> </li><li>
<p><code>$ne_include_selinux</code> : Whether to manage selinux exception <p><code>$ne_include_selinux</code> : Whether to manage selinux exception
rules. Defaults to <code>true</code>.</p> rules. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ne_enable_ssl</code> : Whether to allow SSL settings. See <a
href="#konwn-problems">known problems</a> for more details.</p>
</li></ul> </li></ul>
<h3 id="label-Managing+Check+Commands">Managing Check Commands</h3> <h3 id="label-Managing+Check+Commands">Managing Check Commands</h3>
@@ -226,6 +233,9 @@ ability to dynamicically set command arguments based on default variables /
overrides. For that reason no hard-coded commands are included, but instead overrides. For that reason no hard-coded commands are included, but instead
all commands are set via argument strings, where possible.</p> all commands are set via argument strings, where possible.</p>
<p>The commands are created within /etc/nrpe.d/command.cfg , every set of
instructions creates a new line.</p>
<p>Defining commands is as simple as <p>Defining commands is as simple as
that: that:
&lt;code&gt; &lt;code&gt;
@@ -240,7 +250,8 @@ $ARG2$&#39;,
It is very recommendable to define such It is very recommendable to define such
commands within Puppet modules controlling services, so any node running commands within Puppet modules controlling services, so any node running
the particular service will automatically get the required check commands the particular service will automatically get the required check commands
defined as well.</p> defined as well, while nodes not running the service also do not contain
the command check.</p>
<h3 id="label-SELINUX">SELINUX</h3> <h3 id="label-SELINUX">SELINUX</h3>
@@ -248,6 +259,18 @@ defined as well.</p>
selinux is disabled, these contexts are ignored.</p> selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Known+Problems">Known Problems</h3> <h3 id="label-Known+Problems">Known Problems</h3>
<ul><li>
<p>SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs.
However, at the time of writing this module, this seems to be buggy, as I
was unable to start the NRPE service as soon as the
<code>ssl_cert_file</code> line was uncommented in teh configuration file,
despite having valid certs in the right position on the node. This happened
when installing manually, not through this Puppet module. For that reason I
included the <code>$ne_enable_ssl</code> boolean parameter, which is set to
<code>false</code> by default, hence disabling SSL/TLS options until this
has been fixed upstream, or a valid workaround has been found. Setting this
option to <code>true</code> will include all SSL / TLS settings.</p>
</li></ul>
<h3 id="label-Support">Support</h3> <h3 id="label-Support">Support</h3>
<ul><li> <ul><li>
@@ -302,7 +325,7 @@ environments.</p>
</div></div> </div></div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by Generated on Sun Jul 30 16:03:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

33
doc/index.html
View File

@@ -132,9 +132,13 @@ structure (file system permissions, selinux context) through parameters
manage configuration files through parameters: manage configuration files through parameters:
* nrpe.conf * nrpe.conf
* nrpe.cfg * nrpe.cfg
* *
commands.cfg (optional) manage sudo role for nagios user on NRPE clients
* manage iptables (optionals )</p> * manage dynamic NRPE
check command definitions
* manage iptables (optional)
* manage selinux
rule exceptions (optional)</p>
<p>SERVICE <p>SERVICE
* manage NRPE service</p> * manage NRPE service</p>
@@ -213,6 +217,9 @@ through this modules. Defaults to <code>true</code>.</p>
</li><li> </li><li>
<p><code>$ne_include_selinux</code> : Whether to manage selinux exception <p><code>$ne_include_selinux</code> : Whether to manage selinux exception
rules. Defaults to <code>true</code>.</p> rules. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ne_enable_ssl</code> : Whether to allow SSL settings. See <a
href="#konwn-problems">known problems</a> for more details.</p>
</li></ul> </li></ul>
<h3 id="label-Managing+Check+Commands">Managing Check Commands</h3> <h3 id="label-Managing+Check+Commands">Managing Check Commands</h3>
@@ -226,6 +233,9 @@ ability to dynamicically set command arguments based on default variables /
overrides. For that reason no hard-coded commands are included, but instead overrides. For that reason no hard-coded commands are included, but instead
all commands are set via argument strings, where possible.</p> all commands are set via argument strings, where possible.</p>
<p>The commands are created within /etc/nrpe.d/command.cfg , every set of
instructions creates a new line.</p>
<p>Defining commands is as simple as <p>Defining commands is as simple as
that: that:
&lt;code&gt; &lt;code&gt;
@@ -240,7 +250,8 @@ $ARG2$&#39;,
It is very recommendable to define such It is very recommendable to define such
commands within Puppet modules controlling services, so any node running commands within Puppet modules controlling services, so any node running
the particular service will automatically get the required check commands the particular service will automatically get the required check commands
defined as well.</p> defined as well, while nodes not running the service also do not contain
the command check.</p>
<h3 id="label-SELINUX">SELINUX</h3> <h3 id="label-SELINUX">SELINUX</h3>
@@ -248,6 +259,18 @@ defined as well.</p>
selinux is disabled, these contexts are ignored.</p> selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Known+Problems">Known Problems</h3> <h3 id="label-Known+Problems">Known Problems</h3>
<ul><li>
<p>SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs.
However, at the time of writing this module, this seems to be buggy, as I
was unable to start the NRPE service as soon as the
<code>ssl_cert_file</code> line was uncommented in teh configuration file,
despite having valid certs in the right position on the node. This happened
when installing manually, not through this Puppet module. For that reason I
included the <code>$ne_enable_ssl</code> boolean parameter, which is set to
<code>false</code> by default, hence disabling SSL/TLS options until this
has been fixed upstream, or a valid workaround has been found. Setting this
option to <code>true</code> will include all SSL / TLS settings.</p>
</li></ul>
<h3 id="label-Support">Support</h3> <h3 id="label-Support">Support</h3>
<ul><li> <ul><li>
@@ -302,7 +325,7 @@ environments.</p>
</div></div> </div></div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by Generated on Sun Jul 30 16:03:54 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe.html
View File

@@ -140,7 +140,7 @@ class cd_nrpe {
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by Generated on Sun Jul 30 16:03:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

15
doc/puppet_classes/cd_nrpe_3A_3Acommands_3A_3Adefinition_rules.html
View File

@@ -127,6 +127,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
<pre class="example code"><code>cd_nrpe::commands::definitions { &#39;check_users&#39;: <pre class="example code"><code>cd_nrpe::commands::definitions { &#39;check_users&#39;:
ne_check_cmd =&gt; &#39;check_users&#39;, ne_check_cmd =&gt; &#39;check_users&#39;,
ne_cmd_argstring =&gt; &#39;-w $ARG1$ -c $ARG2$&#39;, ne_cmd_argstring =&gt; &#39;-w $ARG1$ -c $ARG2$&#39;,
ne_cmd_comment =&gt; &#39;check the amount of user logged in locally&#39;,
}</code></pre> }</code></pre>
</div> </div>
@@ -139,7 +140,6 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
<pre class="lines"> <pre class="lines">
28
29 29
30 30
31 31
@@ -195,10 +195,12 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
81 81
82 82
83 83
84</pre> 84
85
86</pre>
</td> </td>
<td> <td>
<pre class="code"><span class="info file"># File 'manifests/commands/definition_rules.pp', line 28</span> <pre class="code"><span class="info file"># File 'manifests/commands/definition_rules.pp', line 29</span>
class cd_nrpe::commands::definition_rules ( class cd_nrpe::commands::definition_rules (
@@ -211,8 +213,8 @@ class cd_nrpe::commands::definition_rules (
concat { $ne_cmd_file: concat { $ne_cmd_file:
ensure =&gt; present, ensure =&gt; present,
path =&gt; $ne_cmd_file, path =&gt; $ne_cmd_file,
owner =&gt; &#39;root&#39;, owner =&gt; $ne_user,
group =&gt; &#39;root&#39;, group =&gt; $ne_user,
mode =&gt; &#39;0640&#39;, mode =&gt; &#39;0640&#39;,
selrange =&gt; s0, selrange =&gt; s0,
selrole =&gt; object_r, selrole =&gt; object_r,
@@ -234,6 +236,7 @@ class cd_nrpe::commands::definition_rules (
cd_nrpe::commands::definitions { &#39;check_users&#39;: cd_nrpe::commands::definitions { &#39;check_users&#39;:
ne_check_cmd =&gt; &#39;check_users&#39;, ne_check_cmd =&gt; &#39;check_users&#39;,
ne_cmd_argstring =&gt; &#39;-w $ARG1$ -c $ARG2$&#39;, ne_cmd_argstring =&gt; &#39;-w $ARG1$ -c $ARG2$&#39;,
ne_cmd_comment =&gt; &#39;check the amount of user logged in locally&#39;,
} }
cd_nrpe::commands::definitions { &#39;check_load&#39;: cd_nrpe::commands::definitions { &#39;check_load&#39;:
@@ -264,7 +267,7 @@ class cd_nrpe::commands::definition_rules (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:47 2017 by Generated on Sun Jul 30 16:03:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -165,7 +165,7 @@ class cd_nrpe::firewall::iptables (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:47 2017 by Generated on Sun Jul 30 16:03:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html
View File

@@ -154,7 +154,7 @@ class cd_nrpe::main::config (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html
View File

@@ -205,7 +205,7 @@ class cd_nrpe::main::dirs (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

34
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html
View File

@@ -166,7 +166,22 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
58 58
59 59
60 60
61</pre> 61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76</pre>
</td> </td>
<td> <td>
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 23</span> <pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 23</span>
@@ -209,6 +224,21 @@ class cd_nrpe::main::files (
notify =&gt; Service[$ne_service], notify =&gt; Service[$ne_service],
} }
if $ne_allow_sudo == true {
file { $ne_sudo_file:
ensure =&gt; file,
path =&gt; $ne_sudo_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0440&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
content =&gt; template($ne_sudo_rule_erb),
}
}
}</pre> }</pre>
</td> </td>
</tr> </tr>
@@ -217,7 +247,7 @@ class cd_nrpe::main::files (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html
View File

@@ -160,7 +160,7 @@ class cd_nrpe::main::install (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html
View File

@@ -183,7 +183,7 @@ class cd_nrpe::main::service (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html
View File

@@ -193,7 +193,7 @@ class cd_nrpe::main::user (
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

14
doc/puppet_classes/cd_nrpe_3A_3Aparams.html
View File

@@ -494,7 +494,7 @@ changed in a later version of NRPE.</p>
&mdash; &mdash;
<div class='inline'> <div class='inline'>
<p>path and name of the ssl certificate <p>path and name of the ssl certificate
authority ( ca) file / chain. must be authority (ca) file / chain. must be
full path.</p> full path.</p>
</div> </div>
@@ -966,7 +966,10 @@ checks, to allow dynamic check
178 178
179 179
180 180
181</pre> 181
182
183
184</pre>
</td> </td>
<td> <td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 101</span> <pre class="code"><span class="info file"># File 'manifests/params.pp', line 101</span>
@@ -977,7 +980,7 @@ $pkg_ensure = &#39;latest&#39;,
$ne_manage_cmds = true, $ne_manage_cmds = true,
# user settings # NRPE user settings
$ne_user = &#39;nrpe&#39;, $ne_user = &#39;nrpe&#39;,
$ne_user_comment = &#39;NRPE service user&#39;, $ne_user_comment = &#39;NRPE service user&#39;,
$ne_user_uid = &#39;1005&#39;, $ne_user_uid = &#39;1005&#39;,
@@ -985,6 +988,7 @@ $ne_user_home = &#39;/var/run/nrpe&#39;,
$ne_user_groups = undef, $ne_user_groups = undef,
$ne_user_shell = &#39;/sbin/nologin&#39;, $ne_user_shell = &#39;/sbin/nologin&#39;,
# nrpe.cfg # nrpe.cfg
$ne_log_facility = &#39;daemon&#39;, $ne_log_facility = &#39;daemon&#39;,
$ne_log_file = &#39;&#39;, $ne_log_file = &#39;&#39;,
@@ -1046,6 +1050,8 @@ $ne_nrpe_conf_erb = &#39;cd_nrpe/nrpe_conf.erb&#39;
$ne_cmd_file = &quot;${ne_main_conf_d_dir}/commands.cfg&quot; $ne_cmd_file = &quot;${ne_main_conf_d_dir}/commands.cfg&quot;
$ne_cmd_head_erb = &#39;cd_nrpe/cmd_head.erb&#39; $ne_cmd_head_erb = &#39;cd_nrpe/cmd_head.erb&#39;
$ne_cmd_rule_erb = &#39;cd_nrpe/cmd_rule.erb&#39; $ne_cmd_rule_erb = &#39;cd_nrpe/cmd_rule.erb&#39;
$ne_sudo_file = &#39;/etc/sudoers.d/nagios_sudo&#39;
$ne_sudo_rule_erb = &#39;cd_nrpe/sudo_rule.erb&#39;
# includes must be last # includes must be last
@@ -1059,7 +1065,7 @@ $ne_cmd_rule_erb = &#39;cd_nrpe/cmd_rule.erb&#39;
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

31
doc/puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html
View File

@@ -173,6 +173,25 @@ the custom location
, i.e. -w $ARG1$ -c , i.e. -w $ARG1$ -c
$ARG2$. See the arguments in th eman pages for the $ARG2$. See the arguments in th eman pages for the
checks.</p> checks.</p>
</div>
</li>
<li>
<span class='name'>ne_cmd_comment</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>undef</tt>)</em>
&mdash;
<div class='inline'>
<p>Specify an optional comment for your command
definition</p>
</div> </div>
</li> </li>
@@ -187,8 +206,6 @@ checks.</p>
<pre class="lines"> <pre class="lines">
31
32
33 33
34 34
35 35
@@ -206,16 +223,20 @@ checks.</p>
47 47
48 48
49 49
50</pre> 50
51
52
53</pre>
</td> </td>
<td> <td>
<pre class="code"><span class="info file"># File 'manifests/commands/definitions.pp', line 31</span> <pre class="code"><span class="info file"># File 'manifests/commands/definitions.pp', line 33</span>
define cd_nrpe::commands::definitions ( define cd_nrpe::commands::definitions (
$ne_check_cmd = undef, $ne_check_cmd = undef,
$ne_cmd_path = &#39;/usr/lib64/nagios/plugins/&#39;, $ne_cmd_path = &#39;/usr/lib64/nagios/plugins/&#39;,
$ne_cmd_argstring = undef, $ne_cmd_argstring = undef,
$ne_cmd_comment = undef,
) { ) {
@@ -238,7 +259,7 @@ $ne_manage_cmds = $::cd_nrpe::params::ne_manage_cmds
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:47 2017 by Generated on Sun Jul 30 16:03:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

2
doc/top-level-namespace.html
View File

@@ -90,7 +90,7 @@
</div> </div>
<div id="footer"> <div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by Generated on Sun Jul 30 16:03:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0). 0.9.9 (ruby-2.0.0).
</div> </div>

6
manifests/commands/definition_rules.pp
View File

@@ -23,6 +23,7 @@
# cd_nrpe::commands::definitions { 'check_users': # cd_nrpe::commands::definitions { 'check_users':
# ne_check_cmd => 'check_users', # ne_check_cmd => 'check_users',
# ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', # ne_cmd_argstring => '-w $ARG1$ -c $ARG2$',
# ne_cmd_comment => 'check the amount of user logged in locally',
# } # }
############################################################################### ###############################################################################
class cd_nrpe::commands::definition_rules ( class cd_nrpe::commands::definition_rules (
@@ -36,8 +37,8 @@ class cd_nrpe::commands::definition_rules (
concat { $ne_cmd_file: concat { $ne_cmd_file:
ensure => present, ensure => present,
path => $ne_cmd_file, path => $ne_cmd_file,
owner => 'root', owner => $ne_user,
group => 'root', group => $ne_user,
mode => '0640', mode => '0640',
selrange => s0, selrange => s0,
selrole => object_r, selrole => object_r,
@@ -59,6 +60,7 @@ class cd_nrpe::commands::definition_rules (
cd_nrpe::commands::definitions { 'check_users': cd_nrpe::commands::definitions { 'check_users':
ne_check_cmd => 'check_users', ne_check_cmd => 'check_users',
ne_cmd_argstring => '-w $ARG1$ -c $ARG2$', ne_cmd_argstring => '-w $ARG1$ -c $ARG2$',
ne_cmd_comment => 'check the amount of user logged in locally',
} }
cd_nrpe::commands::definitions { 'check_load': cd_nrpe::commands::definitions { 'check_load':

3
manifests/commands/definitions.pp
View File

@@ -27,12 +27,15 @@
# @param ne_cmd_argstring Specify the string of valid argument for the command # @param ne_cmd_argstring Specify the string of valid argument for the command
# , i.e. -w $ARG1$ -c $ARG2$. See the arguments in th eman pages for the # , i.e. -w $ARG1$ -c $ARG2$. See the arguments in th eman pages for the
# checks. # checks.
# @param [string] ne_cmd_comment Specify an optional comment for your command
# definition
############################################################################### ###############################################################################
define cd_nrpe::commands::definitions ( define cd_nrpe::commands::definitions (
$ne_check_cmd = undef, $ne_check_cmd = undef,
$ne_cmd_path = '/usr/lib64/nagios/plugins/', $ne_cmd_path = '/usr/lib64/nagios/plugins/',
$ne_cmd_argstring = undef, $ne_cmd_argstring = undef,
$ne_cmd_comment = undef,
) { ) {

15
manifests/main/files.pp
View File

@@ -58,4 +58,19 @@ class cd_nrpe::main::files (
notify => Service[$ne_service], notify => Service[$ne_service],
} }
if $ne_allow_sudo == true {
file { $ne_sudo_file:
ensure => file,
path => $ne_sudo_file,
owner => 'root',
group => 'root',
mode => '0440',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
content => template($ne_sudo_rule_erb),
}
}
} }

7
manifests/params.pp
View File

@@ -59,7 +59,7 @@
# compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in # compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
# this version but will be changed in a later version of NRPE. # this version but will be changed in a later version of NRPE.
# @param [string] ne_ssl_cacert_file path and name of the ssl certificate # @param [string] ne_ssl_cacert_file path and name of the ssl certificate
# authority ( ca) file / chain. must be full path. # authority (ca) file / chain. must be full path.
# @param [string] ne_ssl_cert_file path and name of the server ssl certificate. # @param [string] ne_ssl_cert_file path and name of the server ssl certificate.
# must include full path. # must include full path.
# @param [string] ne_ssl_privatekey_file path and name of the server ssl # @param [string] ne_ssl_privatekey_file path and name of the server ssl
@@ -104,7 +104,7 @@ $pkg_ensure = 'latest',
$ne_manage_cmds = true, $ne_manage_cmds = true,
# user settings # NRPE user settings
$ne_user = 'nrpe', $ne_user = 'nrpe',
$ne_user_comment = 'NRPE service user', $ne_user_comment = 'NRPE service user',
$ne_user_uid = '1005', $ne_user_uid = '1005',
@@ -112,6 +112,7 @@ $ne_user_home = '/var/run/nrpe',
$ne_user_groups = undef, $ne_user_groups = undef,
$ne_user_shell = '/sbin/nologin', $ne_user_shell = '/sbin/nologin',
# nrpe.cfg # nrpe.cfg
$ne_log_facility = 'daemon', $ne_log_facility = 'daemon',
$ne_log_file = '', $ne_log_file = '',
@@ -173,6 +174,8 @@ $ne_nrpe_conf_erb = 'cd_nrpe/nrpe_conf.erb'
$ne_cmd_file = "${ne_main_conf_d_dir}/commands.cfg" $ne_cmd_file = "${ne_main_conf_d_dir}/commands.cfg"
$ne_cmd_head_erb = 'cd_nrpe/cmd_head.erb' $ne_cmd_head_erb = 'cd_nrpe/cmd_head.erb'
$ne_cmd_rule_erb = 'cd_nrpe/cmd_rule.erb' $ne_cmd_rule_erb = 'cd_nrpe/cmd_rule.erb'
$ne_sudo_file = '/etc/sudoers.d/nagios_sudo'
$ne_sudo_rule_erb = 'cd_nrpe/sudo_rule.erb'
# includes must be last # includes must be last

3
templates/cmd_rule.erb
View File

@@ -1,2 +1,5 @@
<% unless @ne_cmd_comment.empty? -%>
# <%= @ne_cmd_comment %>
<% end -%>
command[<%= @ne_check_cmd %>]=<%= @ne_cmd_path %><%= @ne_check_cmd %> <%= @ne_cmd_argstring %> command[<%= @ne_check_cmd %>]=<%= @ne_cmd_path %><%= @ne_check_cmd %> <%= @ne_cmd_argstring %>

5
templates/sudo_rule.erb Normal file
View File

@@ -0,0 +1,5 @@
################################################################################
##### sudo_rule managed by Puppet | manual changes will be overwritten #####
################################################################################
nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/