Compare commits
10 Commits
21d123dbf8
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
18543aec3d | ||
|
|
ef06b4691b | ||
| 4a7d06d0ca | |||
|
|
3cdb09827d | ||
|
|
fd84c389aa | ||
| 95d2344f7f | |||
|
|
b655cb4c56 | ||
|
|
f928537e34 | ||
| b7036ae8e7 | |||
|
|
ae13e6fde5 |
@@ -206,8 +206,7 @@
|
|||||||
108
|
108
|
||||||
109
|
109
|
||||||
110
|
110
|
||||||
111
|
111</pre>
|
||||||
112</pre>
|
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 6</span>
|
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 6</span>
|
||||||
@@ -278,15 +277,14 @@ class confdroid_nrpe::main::files (
|
|||||||
notify => Exec['create_nrpe_pp'],
|
notify => Exec['create_nrpe_pp'],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# file for ssl certificate
|
# file for ssl certificate
|
||||||
if $ne_enable_ssl == true {
|
if $ne_enable_ssl == true {
|
||||||
file { $ne_ssl_cert_file:
|
file { $ne_ssl_cert_file:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
path => $ne_ssl_cert_file,
|
path => $ne_ssl_cert_file,
|
||||||
owner => 'root',
|
owner => $ne_user,
|
||||||
group => 'root',
|
group => $ne_user,
|
||||||
mode => '0644',
|
mode => '0440',
|
||||||
selrange => s0,
|
selrange => s0,
|
||||||
selrole => object_r,
|
selrole => object_r,
|
||||||
seltype => cert_t,
|
seltype => cert_t,
|
||||||
@@ -296,9 +294,9 @@ class confdroid_nrpe::main::files (
|
|||||||
file { $ne_ssl_privatekey_file:
|
file { $ne_ssl_privatekey_file:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
path => $ne_ssl_privatekey_file,
|
path => $ne_ssl_privatekey_file,
|
||||||
owner => 'root',
|
owner => $ne_user,
|
||||||
group => 'root',
|
group => $ne_user,
|
||||||
mode => '0600',
|
mode => '0400',
|
||||||
selrange => s0,
|
selrange => s0,
|
||||||
selrole => object_r,
|
selrole => object_r,
|
||||||
seltype => cert_t,
|
seltype => cert_t,
|
||||||
@@ -308,9 +306,9 @@ class confdroid_nrpe::main::files (
|
|||||||
file { $ne_ssl_ca_cert_file:
|
file { $ne_ssl_ca_cert_file:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
path => $ne_ssl_ca_cert_file,
|
path => $ne_ssl_ca_cert_file,
|
||||||
owner => 'root',
|
owner => $ne_user,
|
||||||
group => 'root',
|
group => $ne_user,
|
||||||
mode => '0644',
|
mode => '0440',
|
||||||
selrange => s0,
|
selrange => s0,
|
||||||
selrole => object_r,
|
selrole => object_r,
|
||||||
seltype => cert_t,
|
seltype => cert_t,
|
||||||
|
|||||||
@@ -349,24 +349,6 @@ inherited by all classes except defines.
|
|||||||
|
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li>
|
|
||||||
|
|
||||||
<span class='name'>ne_ssl_version</span>
|
|
||||||
|
|
||||||
|
|
||||||
<span class='type'>(<tt>String</tt>)</span>
|
|
||||||
|
|
||||||
|
|
||||||
<em class="default">(defaults to: <tt>'TLSv2+'</tt>)</em>
|
|
||||||
|
|
||||||
|
|
||||||
—
|
|
||||||
<div class='inline'>
|
|
||||||
<p>These directives allow you to specify how to use SSL/TLS.</p>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</li>
|
|
||||||
|
|
||||||
<li>
|
<li>
|
||||||
|
|
||||||
<span class='name'>ne_ssl_cipher_list</span>
|
<span class='name'>ne_ssl_cipher_list</span>
|
||||||
@@ -781,6 +763,8 @@ inherited by all classes except defines.
|
|||||||
<pre class="lines">
|
<pre class="lines">
|
||||||
|
|
||||||
|
|
||||||
|
82
|
||||||
|
83
|
||||||
84
|
84
|
||||||
85
|
85
|
||||||
86
|
86
|
||||||
@@ -871,13 +855,10 @@ inherited by all classes except defines.
|
|||||||
171
|
171
|
||||||
172
|
172
|
||||||
173
|
173
|
||||||
174
|
174</pre>
|
||||||
175
|
|
||||||
176
|
|
||||||
177</pre>
|
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 84</span>
|
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 82</span>
|
||||||
|
|
||||||
class confdroid_nrpe::params (
|
class confdroid_nrpe::params (
|
||||||
|
|
||||||
@@ -909,7 +890,6 @@ class confdroid_nrpe::params (
|
|||||||
String $ne_connection_timeout = '300',
|
String $ne_connection_timeout = '300',
|
||||||
String $ne_allow_weak_rnd_seed = '1',
|
String $ne_allow_weak_rnd_seed = '1',
|
||||||
Boolean $ne_enable_ssl = false,
|
Boolean $ne_enable_ssl = false,
|
||||||
String $ne_ssl_version = 'TLSv2+',
|
|
||||||
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
||||||
String $ne_ssl_client_certs = '0',
|
String $ne_ssl_client_certs = '0',
|
||||||
String $ne_ssl_logging = '0x00',
|
String $ne_ssl_logging = '0x00',
|
||||||
@@ -944,7 +924,7 @@ class confdroid_nrpe::params (
|
|||||||
# directories
|
# directories
|
||||||
$ne_main_conf_d_dir = '/etc/nrpe.d'
|
$ne_main_conf_d_dir = '/etc/nrpe.d'
|
||||||
$ne_run_dir = '/var/run/nrpe'
|
$ne_run_dir = '/var/run/nrpe'
|
||||||
$ne_servercert_dir = '/etc/pki/tls/servercerts'
|
$ne_servercert_dir = '/etc/pki/tls/servercerts'
|
||||||
|
|
||||||
# files
|
# files
|
||||||
$ne_main_conf_file = '/etc/nagios/nrpe.cfg'
|
$ne_main_conf_file = '/etc/nagios/nrpe.cfg'
|
||||||
|
|||||||
@@ -69,15 +69,14 @@ class confdroid_nrpe::main::files (
|
|||||||
notify => Exec['create_nrpe_pp'],
|
notify => Exec['create_nrpe_pp'],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# file for ssl certificate
|
# file for ssl certificate
|
||||||
if $ne_enable_ssl == true {
|
if $ne_enable_ssl == true {
|
||||||
file { $ne_ssl_cert_file:
|
file { $ne_ssl_cert_file:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
path => $ne_ssl_cert_file,
|
path => $ne_ssl_cert_file,
|
||||||
owner => 'root',
|
owner => $ne_user,
|
||||||
group => 'root',
|
group => $ne_user,
|
||||||
mode => '0644',
|
mode => '0440',
|
||||||
selrange => s0,
|
selrange => s0,
|
||||||
selrole => object_r,
|
selrole => object_r,
|
||||||
seltype => cert_t,
|
seltype => cert_t,
|
||||||
@@ -87,9 +86,9 @@ class confdroid_nrpe::main::files (
|
|||||||
file { $ne_ssl_privatekey_file:
|
file { $ne_ssl_privatekey_file:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
path => $ne_ssl_privatekey_file,
|
path => $ne_ssl_privatekey_file,
|
||||||
owner => 'root',
|
owner => $ne_user,
|
||||||
group => 'root',
|
group => $ne_user,
|
||||||
mode => '0600',
|
mode => '0400',
|
||||||
selrange => s0,
|
selrange => s0,
|
||||||
selrole => object_r,
|
selrole => object_r,
|
||||||
seltype => cert_t,
|
seltype => cert_t,
|
||||||
@@ -99,9 +98,9 @@ class confdroid_nrpe::main::files (
|
|||||||
file { $ne_ssl_ca_cert_file:
|
file { $ne_ssl_ca_cert_file:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
path => $ne_ssl_ca_cert_file,
|
path => $ne_ssl_ca_cert_file,
|
||||||
owner => 'root',
|
owner => $ne_user,
|
||||||
group => 'root',
|
group => $ne_user,
|
||||||
mode => '0644',
|
mode => '0440',
|
||||||
selrange => s0,
|
selrange => s0,
|
||||||
selrole => object_r,
|
selrole => object_r,
|
||||||
seltype => cert_t,
|
seltype => cert_t,
|
||||||
|
|||||||
@@ -30,8 +30,6 @@
|
|||||||
# daemon will allow plugins to finish executing before killing them off.
|
# daemon will allow plugins to finish executing before killing them off.
|
||||||
# @param [String] ne_connection_timeout maximum number of seconds that the
|
# @param [String] ne_connection_timeout maximum number of seconds that the
|
||||||
# NRPE daemon will wait for a connection to be established before exiting.
|
# NRPE daemon will wait for a connection to be established before exiting.
|
||||||
# @param [String] ne_ssl_version These directives allow you to specify how to
|
|
||||||
# use SSL/TLS.
|
|
||||||
# @param [String] ne_ssl_cipher_list ciphers can be used. For backward
|
# @param [String] ne_ssl_cipher_list ciphers can be used. For backward
|
||||||
# compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
|
# compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
|
||||||
# this version but will be changed in a later version of NRPE.
|
# this version but will be changed in a later version of NRPE.
|
||||||
@@ -111,7 +109,6 @@ class confdroid_nrpe::params (
|
|||||||
String $ne_connection_timeout = '300',
|
String $ne_connection_timeout = '300',
|
||||||
String $ne_allow_weak_rnd_seed = '1',
|
String $ne_allow_weak_rnd_seed = '1',
|
||||||
Boolean $ne_enable_ssl = false,
|
Boolean $ne_enable_ssl = false,
|
||||||
String $ne_ssl_version = 'TLSv2+',
|
|
||||||
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
||||||
String $ne_ssl_client_certs = '0',
|
String $ne_ssl_client_certs = '0',
|
||||||
String $ne_ssl_logging = '0x00',
|
String $ne_ssl_logging = '0x00',
|
||||||
@@ -146,7 +143,7 @@ class confdroid_nrpe::params (
|
|||||||
# directories
|
# directories
|
||||||
$ne_main_conf_d_dir = '/etc/nrpe.d'
|
$ne_main_conf_d_dir = '/etc/nrpe.d'
|
||||||
$ne_run_dir = '/var/run/nrpe'
|
$ne_run_dir = '/var/run/nrpe'
|
||||||
$ne_servercert_dir = '/etc/pki/tls/servercerts'
|
$ne_servercert_dir = '/etc/pki/tls/servercerts'
|
||||||
|
|
||||||
# files
|
# files
|
||||||
$ne_main_conf_file = '/etc/nagios/nrpe.cfg'
|
$ne_main_conf_file = '/etc/nagios/nrpe.cfg'
|
||||||
|
|||||||
@@ -34,7 +34,6 @@ connection_timeout=<%= @ne_connection_timeout %>
|
|||||||
allow_weak_random_seed=<%= @ne_allow_weak_rnd_seed %>
|
allow_weak_random_seed=<%= @ne_allow_weak_rnd_seed %>
|
||||||
|
|
||||||
<% if @ne_enable_ssl == true -%>
|
<% if @ne_enable_ssl == true -%>
|
||||||
ssl_version=<%= @ne_ssl_version %>
|
|
||||||
ssl_cipher_list=<%= @ne_ssl_cipher_list %>
|
ssl_cipher_list=<%= @ne_ssl_cipher_list %>
|
||||||
ssl_cacert_file=<%= @ne_ssl_ca_cert_file %>
|
ssl_cacert_file=<%= @ne_ssl_ca_cert_file %>
|
||||||
ssl_cert_file=<%= @ne_ssl_cert_file %>
|
ssl_cert_file=<%= @ne_ssl_cert_file %>
|
||||||
|
|||||||
Reference in New Issue
Block a user