confdroid/confdroid_nrpe
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'jenkins' into 'master'

Browse Source 
Jenkins

See merge request !31
This commit is contained in:
12ww1160
2017-07-30 15:57:41 +02:00
parent 8519ffa0b7 e683f873a3
commit ff231bf47d
24 changed files with 208 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
CHANGELOG.md
View File

@@ -8,6 +8,21 @@ Changelog of Git Changelog.
<h2> No issue </h2>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/c0a5382d2c4cd88">c0a5382d2c4cd88</a> Arne Teuke <i>2017-07-30 12:07:53</i>
<p>
<h3>added basic command examples</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/2e89f817d99fb64">2e89f817d99fb64</a> Jenkins Server <i>2017-07-30 12:07:49</i>
<p>
<h3>recommit for updates in build 43</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/5f91d2a4715fe48">5f91d2a4715fe48</a> Arne Teuke <i>2017-07-30 12:06:19</i>
<p>
<h3>added basic command examples</h3>
</p>
<a href="https://gitlab.puppetsoft.com/12WW1160/git-changelog-lib/commit/5c0374245dc1e72">5c0374245dc1e72</a> Arne Teuke <i>2017-07-30 11:50:55</i>
<p>
<h3>added test command</h3>

12
README.md
View File

@@ -38,8 +38,10 @@ CONFIGURATION
* manage configuration files through parameters:
* nrpe.conf
* nrpe.cfg
* commands.cfg (optional)
* manage iptables (optionals )
* manage sudo role for nagios user on NRPE clients
* manage dynamic NRPE check command definitions
* manage iptables (optional)
* manage selinux rule exceptions (optional)
SERVICE
* manage NRPE service
@@ -85,10 +87,13 @@ There are currently no mandatory parameters, i.e. the module will function right
* `$ne_manage_cmds` : Whether to manage check command definitions dynamically through a define, i.e. from other Puppet modules or profiles. Defaults to `true`.
* `$ne_incl_fw` : Whether to manage relevant firewall rules through this modules. Defaults to `true`.
* `$ne_include_selinux` : Whether to manage selinux exception rules. Defaults to `true`.
* `$ne_enable_ssl` : Whether to allow SSL settings. See [known problems](#konwn-problems) for more details.
### Managing Check Commands
In order to connect a Nagios monitoring server to clients through NRPE, you must define commands and the desired argument strings on the clients. The default NRPE installation comes with a few examples of such commands, which are also included in this module. However, every environment is very different in their requirements and Nagios via Puppet is all about the ability to dynamicically set command arguments based on default variables / overrides. For that reason no hard-coded commands are included, but instead all commands are set via argument strings, where possible.
The commands are created within /etc/nrpe.d/command.cfg , every set of instructions creates a new line.
Defining commands is as simple as that:
```
`cd_nrpe::commands::definitions` { 'check_users':
@@ -96,13 +101,14 @@ Defining commands is as simple as that:
`ne_cmd_argstring` => '-w $ARG1$ -c $ARG2$',
}
```
It is very recommendable to define such commands within Puppet modules controlling services, so any node running the particular service will automatically get the required check commands defined as well.
It is very recommendable to define such commands within Puppet modules controlling services, so any node running the particular service will automatically get the required check commands defined as well, while nodes not running the service also do not contain the command check.
### SELINUX
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.
### Known Problems
* SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs. However, at the time of writing this module, this seems to be buggy, as I was unable to start the NRPE service as soon as the `ssl_cert_file` line was uncommented in teh configuration file, despite having valid certs in the right position on the node. This happened when installing manually, not through this Puppet module. For that reason I included the `$ne_enable_ssl` boolean parameter, which is set to `false` by default, hence disabling SSL/TLS options until this has been fixed upstream, or a valid workaround has been found. Setting this option to `true` will include all SSL / TLS settings.
### Support
* OS: CentOS 6, 7

5
REPOSTRUCTURE.md
View File

@@ -50,7 +50,8 @@
| |-- cmd_head.erb
| |-- cmd_rule.erb
| |-- nrpe_cfg.erb
| `-- nrpe_conf.erb
| |-- nrpe_conf.erb
| `-- sudo_rule.erb
|-- tests
| `-- UTF_Files
|-- CHANGELOG.md
@@ -61,4 +62,4 @@
|-- README.md
`-- REPOSTRUCTURE.md
11 directories, 50 files
11 directories, 51 files

2
doc/_index.html
View File

@@ -171,7 +171,7 @@
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:44 2017 by
Generated on Sun Jul 30 16:03:54 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

31
doc/file.README.html
View File

@@ -133,8 +133,12 @@ manage configuration files through parameters:
* nrpe.conf
* nrpe.cfg
*
commands.cfg (optional)
* manage iptables (optionals )</p>
manage sudo role for nagios user on NRPE clients
* manage dynamic NRPE
check command definitions
* manage iptables (optional)
* manage selinux
rule exceptions (optional)</p>
<p>SERVICE
* manage NRPE service</p>
@@ -213,6 +217,9 @@ through this modules. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ne_include_selinux</code> : Whether to manage selinux exception
rules. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ne_enable_ssl</code> : Whether to allow SSL settings. See <a
href="#konwn-problems">known problems</a> for more details.</p>
</li></ul>
<h3 id="label-Managing+Check+Commands">Managing Check Commands</h3>
@@ -226,6 +233,9 @@ ability to dynamicically set command arguments based on default variables /
overrides. For that reason no hard-coded commands are included, but instead
all commands are set via argument strings, where possible.</p>
<p>The commands are created within /etc/nrpe.d/command.cfg , every set of
instructions creates a new line.</p>
<p>Defining commands is as simple as
that:
&lt;code&gt;
@@ -240,7 +250,8 @@ $ARG2$&#39;,
It is very recommendable to define such
commands within Puppet modules controlling services, so any node running
the particular service will automatically get the required check commands
defined as well.</p>
defined as well, while nodes not running the service also do not contain
the command check.</p>
<h3 id="label-SELINUX">SELINUX</h3>
@@ -248,6 +259,18 @@ defined as well.</p>
selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Known+Problems">Known Problems</h3>
<ul><li>
<p>SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs.
However, at the time of writing this module, this seems to be buggy, as I
was unable to start the NRPE service as soon as the
<code>ssl_cert_file</code> line was uncommented in teh configuration file,
despite having valid certs in the right position on the node. This happened
when installing manually, not through this Puppet module. For that reason I
included the <code>$ne_enable_ssl</code> boolean parameter, which is set to
<code>false</code> by default, hence disabling SSL/TLS options until this
has been fixed upstream, or a valid workaround has been found. Setting this
option to <code>true</code> will include all SSL / TLS settings.</p>
</li></ul>
<h3 id="label-Support">Support</h3>
<ul><li>
@@ -302,7 +325,7 @@ environments.</p>
</div></div>
<div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by
Generated on Sun Jul 30 16:03:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

31
doc/index.html
View File

@@ -133,8 +133,12 @@ manage configuration files through parameters:
* nrpe.conf
* nrpe.cfg
*
commands.cfg (optional)
* manage iptables (optionals )</p>
manage sudo role for nagios user on NRPE clients
* manage dynamic NRPE
check command definitions
* manage iptables (optional)
* manage selinux
rule exceptions (optional)</p>
<p>SERVICE
* manage NRPE service</p>
@@ -213,6 +217,9 @@ through this modules. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ne_include_selinux</code> : Whether to manage selinux exception
rules. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ne_enable_ssl</code> : Whether to allow SSL settings. See <a
href="#konwn-problems">known problems</a> for more details.</p>
</li></ul>
<h3 id="label-Managing+Check+Commands">Managing Check Commands</h3>
@@ -226,6 +233,9 @@ ability to dynamicically set command arguments based on default variables /
overrides. For that reason no hard-coded commands are included, but instead
all commands are set via argument strings, where possible.</p>
<p>The commands are created within /etc/nrpe.d/command.cfg , every set of
instructions creates a new line.</p>
<p>Defining commands is as simple as
that:
&lt;code&gt;
@@ -240,7 +250,8 @@ $ARG2$&#39;,
It is very recommendable to define such
commands within Puppet modules controlling services, so any node running
the particular service will automatically get the required check commands
defined as well.</p>
defined as well, while nodes not running the service also do not contain
the command check.</p>
<h3 id="label-SELINUX">SELINUX</h3>
@@ -248,6 +259,18 @@ defined as well.</p>
selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Known+Problems">Known Problems</h3>
<ul><li>
<p>SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs.
However, at the time of writing this module, this seems to be buggy, as I
was unable to start the NRPE service as soon as the
<code>ssl_cert_file</code> line was uncommented in teh configuration file,
despite having valid certs in the right position on the node. This happened
when installing manually, not through this Puppet module. For that reason I
included the <code>$ne_enable_ssl</code> boolean parameter, which is set to
<code>false</code> by default, hence disabling SSL/TLS options until this
has been fixed upstream, or a valid workaround has been found. Setting this
option to <code>true</code> will include all SSL / TLS settings.</p>
</li></ul>
<h3 id="label-Support">Support</h3>
<ul><li>
@@ -302,7 +325,7 @@ environments.</p>
</div></div>
<div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by
Generated on Sun Jul 30 16:03:54 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe.html
View File

@@ -140,7 +140,7 @@ class cd_nrpe {
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by
Generated on Sun Jul 30 16:03:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

15
doc/puppet_classes/cd_nrpe_3A_3Acommands_3A_3Adefinition_rules.html
View File

@@ -127,6 +127,7 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
<pre class="example code"><code>cd_nrpe::commands::definitions { &#39;check_users&#39;:
ne_check_cmd =&gt; &#39;check_users&#39;,
ne_cmd_argstring =&gt; &#39;-w $ARG1$ -c $ARG2$&#39;,
ne_cmd_comment =&gt; &#39;check the amount of user logged in locally&#39;,
}</code></pre>
</div>
@@ -139,7 +140,6 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
<pre class="lines">
28
29
30
31
@@ -195,10 +195,12 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
81
82
83
84</pre>
84
85
86</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/commands/definition_rules.pp', line 28</span>
<pre class="code"><span class="info file"># File 'manifests/commands/definition_rules.pp', line 29</span>
class cd_nrpe::commands::definition_rules (
@@ -211,8 +213,8 @@ class cd_nrpe::commands::definition_rules (
concat { $ne_cmd_file:
ensure =&gt; present,
path =&gt; $ne_cmd_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
owner =&gt; $ne_user,
group =&gt; $ne_user,
mode =&gt; &#39;0640&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
@@ -234,6 +236,7 @@ class cd_nrpe::commands::definition_rules (
cd_nrpe::commands::definitions { &#39;check_users&#39;:
ne_check_cmd =&gt; &#39;check_users&#39;,
ne_cmd_argstring =&gt; &#39;-w $ARG1$ -c $ARG2$&#39;,
ne_cmd_comment =&gt; &#39;check the amount of user logged in locally&#39;,
}
cd_nrpe::commands::definitions { &#39;check_load&#39;:
@@ -264,7 +267,7 @@ class cd_nrpe::commands::definition_rules (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:47 2017 by
Generated on Sun Jul 30 16:03:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -165,7 +165,7 @@ class cd_nrpe::firewall::iptables (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:47 2017 by
Generated on Sun Jul 30 16:03:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aconfig.html
View File

@@ -154,7 +154,7 @@ class cd_nrpe::main::config (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Adirs.html
View File

@@ -205,7 +205,7 @@ class cd_nrpe::main::dirs (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

34
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Afiles.html
View File

@@ -166,7 +166,22 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/.</p>
58
59
60
61</pre>
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 23</span>
@@ -209,6 +224,21 @@ class cd_nrpe::main::files (
notify =&gt; Service[$ne_service],
}
if $ne_allow_sudo == true {
file { $ne_sudo_file:
ensure =&gt; file,
path =&gt; $ne_sudo_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0440&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; etc_t,
seluser =&gt; system_u,
content =&gt; template($ne_sudo_rule_erb),
}
}
}</pre>
</td>
</tr>
@@ -217,7 +247,7 @@ class cd_nrpe::main::files (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Ainstall.html
View File

@@ -160,7 +160,7 @@ class cd_nrpe::main::install (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Aservice.html
View File

@@ -183,7 +183,7 @@ class cd_nrpe::main::service (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/puppet_classes/cd_nrpe_3A_3Amain_3A_3Auser.html
View File

@@ -193,7 +193,7 @@ class cd_nrpe::main::user (
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

12
doc/puppet_classes/cd_nrpe_3A_3Aparams.html
View File

@@ -966,7 +966,10 @@ checks, to allow dynamic check
178
179
180
181</pre>
181
182
183
184</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 101</span>
@@ -977,7 +980,7 @@ $pkg_ensure = &#39;latest&#39;,
$ne_manage_cmds = true,
# user settings
# NRPE user settings
$ne_user = &#39;nrpe&#39;,
$ne_user_comment = &#39;NRPE service user&#39;,
$ne_user_uid = &#39;1005&#39;,
@@ -985,6 +988,7 @@ $ne_user_home = &#39;/var/run/nrpe&#39;,
$ne_user_groups = undef,
$ne_user_shell = &#39;/sbin/nologin&#39;,
# nrpe.cfg
$ne_log_facility = &#39;daemon&#39;,
$ne_log_file = &#39;&#39;,
@@ -1046,6 +1050,8 @@ $ne_nrpe_conf_erb = &#39;cd_nrpe/nrpe_conf.erb&#39;
$ne_cmd_file = &quot;${ne_main_conf_d_dir}/commands.cfg&quot;
$ne_cmd_head_erb = &#39;cd_nrpe/cmd_head.erb&#39;
$ne_cmd_rule_erb = &#39;cd_nrpe/cmd_rule.erb&#39;
$ne_sudo_file = &#39;/etc/sudoers.d/nagios_sudo&#39;
$ne_sudo_rule_erb = &#39;cd_nrpe/sudo_rule.erb&#39;
# includes must be last
@@ -1059,7 +1065,7 @@ $ne_cmd_rule_erb = &#39;cd_nrpe/cmd_rule.erb&#39;
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:46 2017 by
Generated on Sun Jul 30 16:03:56 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

31
doc/puppet_defined_types/cd_nrpe_3A_3Acommands_3A_3Adefinitions.html
View File

@@ -173,6 +173,25 @@ the custom location
, i.e. -w $ARG1$ -c
$ARG2$. See the arguments in th eman pages for the
checks.</p>
</div>
</li>
<li>
<span class='name'>ne_cmd_comment</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>undef</tt>)</em>
&mdash;
<div class='inline'>
<p>Specify an optional comment for your command
definition</p>
</div>
</li>
@@ -187,8 +206,6 @@ checks.</p>
<pre class="lines">
31
32
33
34
35
@@ -206,16 +223,20 @@ checks.</p>
47
48
49
50</pre>
50
51
52
53</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/commands/definitions.pp', line 31</span>
<pre class="code"><span class="info file"># File 'manifests/commands/definitions.pp', line 33</span>
define cd_nrpe::commands::definitions (
$ne_check_cmd = undef,
$ne_cmd_path = &#39;/usr/lib64/nagios/plugins/&#39;,
$ne_cmd_argstring = undef,
$ne_cmd_comment = undef,
) {
@@ -238,7 +259,7 @@ $ne_manage_cmds = $::cd_nrpe::params::ne_manage_cmds
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:47 2017 by
Generated on Sun Jul 30 16:03:57 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

2
doc/top-level-namespace.html
View File

@@ -90,7 +90,7 @@
</div>
<div id="footer">
Generated on Sun Jul 30 14:07:45 2017 by
Generated on Sun Jul 30 16:03:55 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>

6
manifests/commands/definition_rules.pp
View File

@@ -23,6 +23,7 @@
# cd_nrpe::commands::definitions { 'check_users':
# ne_check_cmd => 'check_users',
# ne_cmd_argstring => '-w $ARG1$ -c $ARG2$',
# ne_cmd_comment => 'check the amount of user logged in locally',
# }
###############################################################################
class cd_nrpe::commands::definition_rules (
@@ -36,8 +37,8 @@ class cd_nrpe::commands::definition_rules (
concat { $ne_cmd_file:
ensure => present,
path => $ne_cmd_file,
owner => 'root',
group => 'root',
owner => $ne_user,
group => $ne_user,
mode => '0640',
selrange => s0,
selrole => object_r,
@@ -59,6 +60,7 @@ class cd_nrpe::commands::definition_rules (
cd_nrpe::commands::definitions { 'check_users':
ne_check_cmd => 'check_users',
ne_cmd_argstring => '-w $ARG1$ -c $ARG2$',
ne_cmd_comment => 'check the amount of user logged in locally',
}
cd_nrpe::commands::definitions { 'check_load':

3
manifests/commands/definitions.pp
View File

@@ -27,12 +27,15 @@
# @param ne_cmd_argstring Specify the string of valid argument for the command
# , i.e. -w $ARG1$ -c $ARG2$. See the arguments in th eman pages for the
# checks.
# @param [string] ne_cmd_comment Specify an optional comment for your command
# definition
###############################################################################
define cd_nrpe::commands::definitions (
$ne_check_cmd = undef,
$ne_cmd_path = '/usr/lib64/nagios/plugins/',
$ne_cmd_argstring = undef,
$ne_cmd_comment = undef,
) {

15
manifests/main/files.pp
View File

@@ -58,4 +58,19 @@ class cd_nrpe::main::files (
notify => Service[$ne_service],
}
if $ne_allow_sudo == true {
file { $ne_sudo_file:
ensure => file,
path => $ne_sudo_file,
owner => 'root',
group => 'root',
mode => '0440',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
content => template($ne_sudo_rule_erb),
}
}
}

5
manifests/params.pp
View File

@@ -104,7 +104,7 @@ $pkg_ensure = 'latest',
$ne_manage_cmds = true,
# user settings
# NRPE user settings
$ne_user = 'nrpe',
$ne_user_comment = 'NRPE service user',
$ne_user_uid = '1005',
@@ -112,6 +112,7 @@ $ne_user_home = '/var/run/nrpe',
$ne_user_groups = undef,
$ne_user_shell = '/sbin/nologin',
# nrpe.cfg
$ne_log_facility = 'daemon',
$ne_log_file = '',
@@ -173,6 +174,8 @@ $ne_nrpe_conf_erb = 'cd_nrpe/nrpe_conf.erb'
$ne_cmd_file = "${ne_main_conf_d_dir}/commands.cfg"
$ne_cmd_head_erb = 'cd_nrpe/cmd_head.erb'
$ne_cmd_rule_erb = 'cd_nrpe/cmd_rule.erb'
$ne_sudo_file = '/etc/sudoers.d/nagios_sudo'
$ne_sudo_rule_erb = 'cd_nrpe/sudo_rule.erb'
# includes must be last

3
templates/cmd_rule.erb
View File

@@ -1,2 +1,5 @@
<% unless @ne_cmd_comment.empty? -%>
# <%= @ne_cmd_comment %>
<% end -%>
command[<%= @ne_check_cmd %>]=<%= @ne_cmd_path %><%= @ne_check_cmd %> <%= @ne_cmd_argstring %>

5
templates/sudo_rule.erb Normal file
View File

@@ -0,0 +1,5 @@
################################################################################
##### sudo_rule managed by Puppet | manual changes will be overwritten #####
################################################################################
nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/