Recommit for updates in build 47

Jenkinsfile

@@ -1,124 +0,0 @@
-pipeline {
-    agent any
-
-    post {
-        always {
-            deleteDir() /* clean up our workspace */
-        }
-        success {
-            updateGitlabCommitStatus state: 'success'
-        }
-        failure {
-            updateGitlabCommitStatus state: 'failed'
-            step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
-        }
-    }
-
-    options {
-          gitLabConnection('gitlab.confdroid.com')
-    }
-
-    stages {
-
-      stage('pull master') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                # Ensure we're on the development branch (triggered by push)
-                git checkout development
-                # Create jenkins branch from development
-                git checkout -b jenkins-build-$BUILD_NUMBER
-                # Optionally merge master into jenkins to ensure compatibility
-                git merge origin/master --no-ff || { echo "Merge conflict detected"; exit 1; }
-            '''
-        }
-      }
-    }
-
-      stage('puppet parser') {
-        steps {
-          sh '''for file in $(find . -iname \'*.pp\'); do
-            /opt/puppetlabs/bin/puppet parser validate --color false --render-as s --modulepath=modules $file || exit 1;
-            done;'''
-          }
-        }
-
-      stage('check templates') {
-        steps{
-          sh '''for file in $(find . -iname \'*.erb\');
-            do erb -P -x -T "-" $file | ruby -c || exit 1;
-            done;'''
-        }
-      }
-
-      stage('puppet-lint') {
-        steps {
-          sh '''/usr/local/bin/puppet-lint . \\
-                --no-variable_scope-check \\
-                || { echo "Puppet lint failed"; exit 1; }
-            '''
-          }
-        }
-
-      stage('SonarScan') {
-         steps {
-            withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) {
-              sh '''
-              /opt/sonar-scanner/bin/sonar-scanner \
-                -Dsonar.projectKey=confdroid_nrpe \
-                -Dsonar.sources=. \
-                -Dsonar.host.url=https://sonarqube.confdroid.com \
-                -Dsonar.token=$SONAR_TOKEN
-                '''
-              }
-            }
-          }
-
-      stage('create Puppet documentation') {
-        steps {
-          sh '/opt/puppetlabs/bin/puppet strings'
-        }
-      }
-
-      stage('update repo') {
-        steps {
-          sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
-            sh '''
-                git config user.name "Jenkins Server"
-                git config user.email jenkins@confdroid.com
-                git rm -r --cached .vscode || echo "No .vscode to remove from git"
-                git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
-                git push origin HEAD:master
-            '''
-        }
-      }
-    }
-
-      stage('Mirror to Gitea') {
-        steps {
-          withCredentials([usernamePassword(
-            credentialsId: 'Jenkins-gitea',
-            usernameVariable: 'GITEA_USER',
-            passwordVariable: 'GITEA_TOKEN')]) {
-            script {
-              // Checkout from GitLab (already done implicitly)
-                sh '''
-                  git checkout master
-                  git pull origin master
-                  git branch -D development
-                  git branch -D jenkins-build-$BUILD_NUMBER
-                  git rm -f Jenkinsfile
-                  git rm -r --cached .vscode || echo "No .vscode to remove from git"
-                  git commit --amend --no-edit --allow-empty
-                  git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_nrpe.git
-                  git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
-                  push master --mirror
-                  '''
-          }
-        }
-      }
-    }
-  }
-}

README.md

@@ -102,13 +102,13 @@ It is very recommendable to define such commands directly within Puppet modules
 
 ## managing TLS certificates
 
-When `ne_enable_ssl` is enabled (default), the certificates for the ca (root if standalone or intermediate), the nagios server and the key for the nagios server have to be provided through the following values:
+When `ne_enable_ssl` is enabled, the certificates for the ca (root if standalone or intermediate), the nagios server and the key for the nagios server have to be provided through the following values:
 
 - `ne_ssl_ca_cert_pem`
 - `ne_ssl_cert_pem`
 - `ne_ssl_privatekey_pem`
 
-via Hiera (if you use it) or ENC.
+via Hiera (if you use it) or ENC. At the ENC need  to add confdroid_nrpe::params and set those values.
 
 ## SELINUX
 

doc/file.README.html

@@ -193,7 +193,7 @@
 
 <h2 id="label-managing+TLS+certificates">managing TLS certificates</h2>
 
-<p>When <code>ne_enable_ssl</code> is enabled (default), the certificates for the ca (root if standalone or intermediate), the nagios server and the key for the nagios server have to be provided through the following values:</p>
+<p>When <code>ne_enable_ssl</code> is enabled, the certificates for the ca (root if standalone or intermediate), the nagios server and the key for the nagios server have to be provided through the following values:</p>
 <ul><li>
 <p><code>ne_ssl_ca_cert_pem</code></p>
 </li><li>
@@ -202,7 +202,7 @@
 <p><code>ne_ssl_privatekey_pem</code></p>
 </li></ul>
 
-<p>via Hiera (if you use it) or ENC.</p>
+<p>via Hiera (if you use it) or ENC. At the ENC need to add confdroid_nrpe::params and set those values.</p>
 
 <h2 id="label-SELINUX">SELINUX</h2>
 

doc/index.html

@@ -193,7 +193,7 @@
 
 <h2 id="label-managing+TLS+certificates">managing TLS certificates</h2>
 
-<p>When <code>ne_enable_ssl</code> is enabled (default), the certificates for the ca (root if standalone or intermediate), the nagios server and the key for the nagios server have to be provided through the following values:</p>
+<p>When <code>ne_enable_ssl</code> is enabled, the certificates for the ca (root if standalone or intermediate), the nagios server and the key for the nagios server have to be provided through the following values:</p>
 <ul><li>
 <p><code>ne_ssl_ca_cert_pem</code></p>
 </li><li>
@@ -202,7 +202,7 @@
 <p><code>ne_ssl_privatekey_pem</code></p>
 </li></ul>
 
-<p>via Hiera (if you use it) or ENC.</p>
+<p>via Hiera (if you use it) or ENC. At the ENC need to add confdroid_nrpe::params and set those values.</p>
 
 <h2 id="label-SELINUX">SELINUX</h2>
 

doc/puppet_classes/confdroid_nrpe_3A_3Aparams.html

@@ -699,7 +699,7 @@ inherited by all classes except defines.
         <span class='type'>(<tt>Boolean</tt>)</span>
       
       
-        <em class="default">(defaults to: <tt>true</tt>)</em>
+        <em class="default">(defaults to: <tt>false</tt>)</em>
       
       
         &mdash;
@@ -945,7 +945,7 @@ class confdroid_nrpe::params (
   String $ne_command_timeout              = &#39;60&#39;,
   String $ne_connection_timeout           = &#39;300&#39;,
   String $ne_allow_weak_rnd_seed          = &#39;1&#39;,
-  Boolean $ne_enable_ssl                  = true,
+  Boolean $ne_enable_ssl                  = false,
   String $ne_ssl_version                  = &#39;TLSv2+&#39;,
   String $ne_ssl_use_adh                  = &#39;1&#39;,
   String $ne_ssl_cipher_list              = &#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;,
@@ -1001,11 +1001,11 @@ class confdroid_nrpe::params (
   $ne_checkmodule_nrpe_erb    = &#39;confdroid_nrpe/checkmodule_nrpe.erb&#39;
   $ne_nrpe_pp_file            = &quot;${ne_main_conf_d_dir}/nrpe.pp&quot;
   $ne_semodule_erb            =  &#39;confdroid_nrpe/semodule_nrpe.erb&#39;
-  $ne_ssl_cert_file           = &quot;/etc/pki/tls/certs/${fqdn}.crt.pem&quot;
+  $ne_ssl_cert_file           = &#39;/etc/pki/tls/certs/nagios.crt.pem&#39;
   $ne_ssl_cert_erb            = &#39;confdroid_nrpe/ssl_cert.erb&#39;
-  $ne_ssl_privatekey_file     = &quot;/etc/pki/tls/private/${fqdn}.key.pem&quot;
+  $ne_ssl_privatekey_file     = &#39;/etc/pki/tls/private/nagios.key.pem&#39;
   $ne_ssl_privatekey_erb      = &#39;confdroid_nrpe/ssl_privatekey.erb&#39;
-  $ne_ssl_ca_cert_file        = &quot;/etc/pki/tls/certs/${fqdn}-ca-chain.crt.pem&quot;
+  $ne_ssl_ca_cert_file        = &#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;
   $ne_ssl_ca_cert_erb         = &#39;confdroid_nrpe/ssl_ca_cert.erb&#39;
 
 # includes must be last

manifests/params.pp

@@ -115,7 +115,7 @@ class confdroid_nrpe::params (
   String $ne_command_timeout              = '60',
   String $ne_connection_timeout           = '300',
   String $ne_allow_weak_rnd_seed          = '1',
-  Boolean $ne_enable_ssl                  = true,
+  Boolean $ne_enable_ssl                  = false,
   String $ne_ssl_version                  = 'TLSv2+',
   String $ne_ssl_use_adh                  = '1',
   String $ne_ssl_cipher_list              = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',