confdroid/confdroid_nrpe
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Compare commits

base: confdroid:f50eae8df03abfa82b1206ef633818edea718f25
Branches Tags
confdroid:master
...
compare: confdroid:62208f1f4f5ed2a76c8d8fe44a8ad06b5a31e788
Branches Tags
confdroid:master

5 Commits
f50eae8df0 ... 62208f1f4f

Author SHA1 Message Date
Jenkins Server
62208f1f4f Recommit for updates in build 41 2026-03-15 14:51:14 +01:00
Jenkins Server
31a122baec Merge remote-tracking branch 'origin/master' into jenkins-build-41 2026-03-15 14:50:07 +01:00
12ww1160
502b028440 OP#501 adding variables and place holders for certs 2026-03-15 14:49:49 +01:00
12ww1160
80dcda911b adding variables and place holders for certs 2026-03-15 14:46:33 +01:00
Jenkins Server
95ef686415 Merge remote-tracking branch 'origin/master' into jenkins-build-39 2026-03-14 11:39:02 +01:00
10 changed files with 245 additions and 208 deletions
Expand all files Collapse all files

124
Jenkinsfile vendored
View File

@@ -1,124 +0,0 @@
pipeline {
agent any
post {
always {
deleteDir() /* clean up our workspace */
}
success {
updateGitlabCommitStatus state: 'success'
}
failure {
updateGitlabCommitStatus state: 'failed'
step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
}
}
options {
gitLabConnection('gitlab.confdroid.com')
}
stages {
stage('pull master') {
steps {
sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
sh '''
git config user.name "Jenkins Server"
git config user.email jenkins@confdroid.com
# Ensure we're on the development branch (triggered by push)
git checkout development
# Create jenkins branch from development
git checkout -b jenkins-build-$BUILD_NUMBER
# Optionally merge master into jenkins to ensure compatibility
git merge origin/master --no-ff || { echo "Merge conflict detected"; exit 1; }
'''
}
}
}
stage('puppet parser') {
steps {
sh '''for file in $(find . -iname \'*.pp\'); do
/opt/puppetlabs/bin/puppet parser validate --color false --render-as s --modulepath=modules $file || exit 1;
done;'''
}
}
stage('check templates') {
steps{
sh '''for file in $(find . -iname \'*.erb\');
do erb -P -x -T "-" $file | ruby -c || exit 1;
done;'''
}
}
stage('puppet-lint') {
steps {
sh '''/usr/local/bin/puppet-lint . \\
--no-variable_scope-check \\
|| { echo "Puppet lint failed"; exit 1; }
'''
}
}
stage('SonarScan') {
steps {
withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) {
sh '''
/opt/sonar-scanner/bin/sonar-scanner \
-Dsonar.projectKey=confdroid_nrpe \
-Dsonar.sources=. \
-Dsonar.host.url=https://sonarqube.confdroid.com \
-Dsonar.token=$SONAR_TOKEN
'''
}
}
}
stage('create Puppet documentation') {
steps {
sh '/opt/puppetlabs/bin/puppet strings'
}
}
stage('update repo') {
steps {
sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
sh '''
git config user.name "Jenkins Server"
git config user.email jenkins@confdroid.com
git rm -r --cached .vscode || echo "No .vscode to remove from git"
git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
git push origin HEAD:master
'''
}
}
}
stage('Mirror to Gitea') {
steps {
withCredentials([usernamePassword(
credentialsId: 'Jenkins-gitea',
usernameVariable: 'GITEA_USER',
passwordVariable: 'GITEA_TOKEN')]) {
script {
// Checkout from GitLab (already done implicitly)
sh '''
git checkout master
git pull origin master
git branch -D development
git branch -D jenkins-build-$BUILD_NUMBER
git rm -f Jenkinsfile
git rm -r --cached .vscode || echo "No .vscode to remove from git"
git commit --amend --no-edit --allow-empty
git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_nrpe.git
git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
push master --mirror
'''
}
}
}
}
}
}

5
README.md
View File

@@ -12,6 +12,7 @@
- [Dependencies](#dependencies)
- [Deployment](#deployment)
- [Managing Check Commands](#managing-check-commands)
- [managing TLS serts](#managing-tls-serts)
- [SELINUX](#selinux)
- [Known Problems](#known-problems)
- [Troubleshooting](#troubleshooting)
@@ -28,7 +29,7 @@ NRPE allows monitoring tools like NAGIOS or ICINGA to connect to clients for mon
## WARNING
***Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production***
> **Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production**
## Features
@@ -99,6 +100,8 @@ A: Sometimes the name of the check is different, like this:
It is very recommendable to define such commands directly within Puppet modules or profiles, so any node running the particular service controlled by the module will automatically get the required check commands defined as well, while nodes not running the service also do not contain the command check. The same then is true for Nagios checks, so you would have both the NRPE command definition and the Nagios check contained in Puppet modules or profiles to have it in one location.
## managing TLS serts
## SELINUX
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.

8
doc/file.README.html
View File

@@ -78,6 +78,8 @@
</li><li>
<p><a href="#managing-check-commands">Managing Check Commands</a></p>
</li><li>
<p><a href="#managing-tls-serts">managing TLS serts</a></p>
</li><li>
<p><a href="#selinux">SELINUX</a></p>
</li><li>
<p><a href="#known-problems">Known Problems</a></p>
@@ -101,7 +103,9 @@
<h2 id="label-WARNING">WARNING</h2>
<p><strong><em>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</em></strong></p>
<blockquote>
<p><strong>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</strong></p>
</blockquote>
<h2 id="label-Features">Features</h2>
<ul><li>
@@ -187,6 +191,8 @@
<p>It is very recommendable to define such commands directly within Puppet modules or profiles, so any node running the particular service controlled by the module will automatically get the required check commands defined as well, while nodes not running the service also do not contain the command check. The same then is true for Nagios checks, so you would have both the NRPE command definition and the Nagios check contained in Puppet modules or profiles to have it in one location.</p>
<h2 id="label-managing+TLS+serts">managing TLS serts</h2>
<h2 id="label-SELINUX">SELINUX</h2>
<p>All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.</p>

8
doc/index.html
View File

@@ -78,6 +78,8 @@
</li><li>
<p><a href="#managing-check-commands">Managing Check Commands</a></p>
</li><li>
<p><a href="#managing-tls-serts">managing TLS serts</a></p>
</li><li>
<p><a href="#selinux">SELINUX</a></p>
</li><li>
<p><a href="#known-problems">Known Problems</a></p>
@@ -101,7 +103,9 @@
<h2 id="label-WARNING">WARNING</h2>
<p><strong><em>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</em></strong></p>
<blockquote>
<p><strong>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</strong></p>
</blockquote>
<h2 id="label-Features">Features</h2>
<ul><li>
@@ -187,6 +191,8 @@
<p>It is very recommendable to define such commands directly within Puppet modules or profiles, so any node running the particular service controlled by the module will automatically get the required check commands defined as well, while nodes not running the service also do not contain the command check. The same then is true for Nagios checks, so you would have both the NRPE command definition and the Nagios check contained in Puppet modules or profiles to have it in one location.</p>
<h2 id="label-managing+TLS+serts">managing TLS serts</h2>
<h2 id="label-SELINUX">SELINUX</h2>
<p>All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.</p>

58
doc/puppet_classes/confdroid_nrpe_3A_3Amain_3A_3Afiles.html
View File

@@ -168,7 +168,35 @@
70
71
72
73</pre>
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 6</span>
@@ -239,6 +267,34 @@ class confdroid_nrpe::main::files (
content =&gt; template($ne_nrpe_te_erb),
notify =&gt; Exec[&#39;create_nrpe_pp&#39;],
}
# file for ssl certificate
if $ne_enable_ssl == true {
file { $ne_ssl_cert_file:
ensure =&gt; file,
path =&gt; $ne_ssl_cert_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0644&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; cert_t,
seluser =&gt; system_u,
content =&gt; template($ne_ssl_cert_erb),
}
file { $ne_ssl_privatekey_file:
ensure =&gt; file,
path =&gt; $ne_ssl_privatekey_file,
owner =&gt; &#39;root&#39;,
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0600&#39;,
selrange =&gt; s0,
selrole =&gt; object_r,
seltype =&gt; cert_t,
seluser =&gt; system_u,
content =&gt; template($ne_ssl_privatekey_erb),
}
}
}
}</pre>
</td>

134
doc/puppet_classes/confdroid_nrpe_3A_3Aparams.html
View File

@@ -741,6 +741,42 @@ inherited by all classes except defines.
&mdash;
<div class='inline'>
<p>Whether to manage command rules for NRPE checks, to allow dynamic check &amp; command rules.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_cert_pem</span>
<span class='type'>(<tt>Optional[String]</tt>)</span>
<em class="default">(defaults to: <tt>undef</tt>)</em>
&mdash;
<div class='inline'>
<p>Optional parameter to specify the content of the nagios server ssl certificate. This is used for the nagios server certificate and has to be provided via Hiera or ENC. Must be specified if SSL is enabled.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_privatekey_pem</span>
<span class='type'>(<tt>Optional[String]</tt>)</span>
<em class="default">(defaults to: <tt>undef</tt>)</em>
&mdash;
<div class='inline'>
<p>Optional parameter to specify the content of the nagios server ssl private key. This is used for the nagios server private key and has to be provided via Hiera or ENC. Must be specified if SSL is enabled.</p>
</div>
</li>
@@ -763,14 +799,6 @@ inherited by all classes except defines.
<pre class="lines">
78
79
80
81
82
83
84
85
86
87
88
@@ -850,59 +878,73 @@ inherited by all classes except defines.
162
163
164
165</pre>
165
166
167
168
169
170
171
172
173
174
175
176
177</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 78</span>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 86</span>
class confdroid_nrpe::params (
String $pkg_ensure = &#39;present&#39;,
Array $reqpackages = [&#39;nrpe&#39;,&#39;nrpe-selinux&#39;,&#39;selinux-policy-devel&#39;],
String $pkg_ensure = &#39;present&#39;,
Array $reqpackages = [&#39;nrpe&#39;,&#39;nrpe-selinux&#39;,&#39;selinux-policy-devel&#39;],
Boolean $ne_manage_cmds = true,
Boolean $ne_manage_cmds = true,
# NRPE user settings
String $ne_user = &#39;nrpe&#39;,
String $ne_user_comment = &#39;NRPE service user&#39;,
String $ne_user_uid = &#39;1005&#39;,
String $ne_user_home = &#39;/var/run/nrpe&#39;,
Optional[String] $ne_user_groups = undef,
String $ne_user_shell = &#39;/sbin/nologin&#39;,
String $ne_user = &#39;nrpe&#39;,
String $ne_user_comment = &#39;NRPE service user&#39;,
String $ne_user_uid = &#39;1005&#39;,
String $ne_user_home = &#39;/var/run/nrpe&#39;,
Optional[String] $ne_user_groups = undef,
String $ne_user_shell = &#39;/sbin/nologin&#39;,
# nrpe.cfg
String $ne_log_facility = &#39;daemon&#39;,
String $ne_log_file = &#39;&#39;,
String $ne_debug = &#39;0&#39;,
String $ne_nrpe_port = &#39;5666&#39;,
String $ne_server_address = &#39;0.0.0.0&#39;,
String $ne_listen_queue_size = &#39;5&#39;,
String $ne_dont_blame_nrpe = &#39;1&#39;,
String $ne_allow_bash_cmd_subst = &#39;1&#39;,
Boolean $ne_allow_sudo = true,
String $ne_command_prefix = &#39;/usr/bin/sudo&#39;,
String $ne_command_timeout = &#39;60&#39;,
String $ne_connection_timeout = &#39;300&#39;,
String $ne_allow_weak_rnd_seed = &#39;1&#39;,
Boolean $ne_enable_ssl = false,
String $ne_ssl_version = &#39;TLSv2+&#39;,
String $ne_ssl_use_adh = &#39;1&#39;,
String $ne_ssl_cipher_list = &#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;,
String $ne_ssl_cacert_file = &#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;,
String $ne_ssl_client_certs = &#39;2&#39;,
String $ne_ssl_logging = &#39;0x00&#39;,
Array $ne_nasty_metachars = [&quot;|`&amp;&gt;&lt;&#39;\\[]{};\r\n&quot;],
String $ne_include_file = &#39;&#39;,
String $ne_log_facility = &#39;daemon&#39;,
String $ne_log_file = &#39;&#39;,
String $ne_debug = &#39;0&#39;,
String $ne_nrpe_port = &#39;5666&#39;,
String $ne_server_address = &#39;0.0.0.0&#39;,
String $ne_listen_queue_size = &#39;5&#39;,
String $ne_dont_blame_nrpe = &#39;1&#39;,
String $ne_allow_bash_cmd_subst = &#39;1&#39;,
Boolean $ne_allow_sudo = true,
String $ne_command_prefix = &#39;/usr/bin/sudo&#39;,
String $ne_command_timeout = &#39;60&#39;,
String $ne_connection_timeout = &#39;300&#39;,
String $ne_allow_weak_rnd_seed = &#39;1&#39;,
Boolean $ne_enable_ssl = false,
String $ne_ssl_version = &#39;TLSv2+&#39;,
String $ne_ssl_use_adh = &#39;1&#39;,
String $ne_ssl_cipher_list = &#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;,
String $ne_ssl_cacert_file = &#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;,
String $ne_ssl_client_certs = &#39;2&#39;,
String $ne_ssl_logging = &#39;0x00&#39;,
Array $ne_nasty_metachars = [&quot;|`&amp;&gt;&lt;&#39;\\[]{};\r\n&quot;],
String $ne_include_file = &#39;&#39;,
Optional[String] $ne_ssl_cert_pem = undef,
Optional[String] $ne_ssl_privatekey_pem = undef,
# nrpe.conf
String $ne_ssl_opts = &#39;&#39;,
String $ne_ssl_opts = &#39;&#39;,
# firewall
Boolean $ne_incl_fw = true,
String $ne_fw_order_no = &#39;50&#39;,
Boolean $ne_incl_fw = true,
String $ne_fw_order_no = &#39;50&#39;,
# selinux
Boolean $ne_include_selinux = true,
Boolean $ne_include_selinux = true,
) {
# Default facts
@@ -938,7 +980,9 @@ class confdroid_nrpe::params (
$ne_nrpe_pp_file = &quot;${ne_main_conf_d_dir}/nrpe.pp&quot;
$ne_semodule_erb = &#39;confdroid_nrpe/semodule_nrpe.erb&#39;
$ne_ssl_cert_file = &quot;/etc/pki/tls/certs/${fqdn}.crt.pem&quot;
$ne_ssl_cert_erb = &#39;confdroid_nrpe/ssl_cert.erb&#39;
$ne_ssl_privatekey_file = &quot;/etc/pki/tls/private/${fqdn}.key.pem&quot;
$ne_ssl_privatekey_erb = &#39;confdroid_nrpe/ssl_privatekey.erb&#39;
# includes must be last
include confdroid_nrpe::main::config

28
manifests/main/files.pp
View File

@@ -69,5 +69,33 @@ class confdroid_nrpe::main::files (
content => template($ne_nrpe_te_erb),
notify => Exec['create_nrpe_pp'],
}
# file for ssl certificate
if $ne_enable_ssl == true {
file { $ne_ssl_cert_file:
ensure => file,
path => $ne_ssl_cert_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => cert_t,
seluser => system_u,
content => template($ne_ssl_cert_erb),
}
file { $ne_ssl_privatekey_file:
ensure => file,
path => $ne_ssl_privatekey_file,
owner => 'root',
group => 'root',
mode => '0600',
selrange => s0,
selrole => object_r,
seltype => cert_t,
seluser => system_u,
content => template($ne_ssl_privatekey_erb),
}
}
}
}

82
manifests/params.pp
View File

@@ -74,55 +74,65 @@
# @param [Array] reqpackages which packages to install
# @param [Boolean] ne_manage_cmds Whether to manage command rules for NRPE
# checks, to allow dynamic check & command rules.
# @param [String] ne_ssl_cert_pem Optional parameter to specify the content of
# the nagios server ssl certificate. This is used for the nagios server
# certificate and has to be provided via Hiera or ENC. Must be specified if
# SSL is enabled.
# @param [String] ne_ssl_privatekey_pem Optional parameter to specify the content of
# the nagios server ssl private key. This is used for the nagios server
# private key and has to be provided via Hiera or ENC. Must be specified if
# SSL is enabled.
###############################################################################
class confdroid_nrpe::params (
String $pkg_ensure = 'present',
Array $reqpackages = ['nrpe','nrpe-selinux','selinux-policy-devel'],
String $pkg_ensure = 'present',
Array $reqpackages = ['nrpe','nrpe-selinux','selinux-policy-devel'],
Boolean $ne_manage_cmds = true,
Boolean $ne_manage_cmds = true,
# NRPE user settings
String $ne_user = 'nrpe',
String $ne_user_comment = 'NRPE service user',
String $ne_user_uid = '1005',
String $ne_user_home = '/var/run/nrpe',
Optional[String] $ne_user_groups = undef,
String $ne_user_shell = '/sbin/nologin',
String $ne_user = 'nrpe',
String $ne_user_comment = 'NRPE service user',
String $ne_user_uid = '1005',
String $ne_user_home = '/var/run/nrpe',
Optional[String] $ne_user_groups = undef,
String $ne_user_shell = '/sbin/nologin',
# nrpe.cfg
String $ne_log_facility = 'daemon',
String $ne_log_file = '',
String $ne_debug = '0',
String $ne_nrpe_port = '5666',
String $ne_server_address = '0.0.0.0',
String $ne_listen_queue_size = '5',
String $ne_dont_blame_nrpe = '1',
String $ne_allow_bash_cmd_subst = '1',
Boolean $ne_allow_sudo = true,
String $ne_command_prefix = '/usr/bin/sudo',
String $ne_command_timeout = '60',
String $ne_connection_timeout = '300',
String $ne_allow_weak_rnd_seed = '1',
Boolean $ne_enable_ssl = false,
String $ne_ssl_version = 'TLSv2+',
String $ne_ssl_use_adh = '1',
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
String $ne_ssl_cacert_file = '/etc/pki/tls/certs/ca-chain.crt.pem',
String $ne_ssl_client_certs = '2',
String $ne_ssl_logging = '0x00',
Array $ne_nasty_metachars = ["|`&><'\\[]{};\r\n"],
String $ne_include_file = '',
String $ne_log_facility = 'daemon',
String $ne_log_file = '',
String $ne_debug = '0',
String $ne_nrpe_port = '5666',
String $ne_server_address = '0.0.0.0',
String $ne_listen_queue_size = '5',
String $ne_dont_blame_nrpe = '1',
String $ne_allow_bash_cmd_subst = '1',
Boolean $ne_allow_sudo = true,
String $ne_command_prefix = '/usr/bin/sudo',
String $ne_command_timeout = '60',
String $ne_connection_timeout = '300',
String $ne_allow_weak_rnd_seed = '1',
Boolean $ne_enable_ssl = false,
String $ne_ssl_version = 'TLSv2+',
String $ne_ssl_use_adh = '1',
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
String $ne_ssl_cacert_file = '/etc/pki/tls/certs/ca-chain.crt.pem',
String $ne_ssl_client_certs = '2',
String $ne_ssl_logging = '0x00',
Array $ne_nasty_metachars = ["|`&><'\\[]{};\r\n"],
String $ne_include_file = '',
Optional[String] $ne_ssl_cert_pem = undef,
Optional[String] $ne_ssl_privatekey_pem = undef,
# nrpe.conf
String $ne_ssl_opts = '',
String $ne_ssl_opts = '',
# firewall
Boolean $ne_incl_fw = true,
String $ne_fw_order_no = '50',
Boolean $ne_incl_fw = true,
String $ne_fw_order_no = '50',
# selinux
Boolean $ne_include_selinux = true,
Boolean $ne_include_selinux = true,
) {
# Default facts
@@ -158,7 +168,9 @@ class confdroid_nrpe::params (
$ne_nrpe_pp_file = "${ne_main_conf_d_dir}/nrpe.pp"
$ne_semodule_erb = 'confdroid_nrpe/semodule_nrpe.erb'
$ne_ssl_cert_file = "/etc/pki/tls/certs/${fqdn}.crt.pem"
$ne_ssl_cert_erb = 'confdroid_nrpe/ssl_cert.erb'
$ne_ssl_privatekey_file = "/etc/pki/tls/private/${fqdn}.key.pem"
$ne_ssl_privatekey_erb = 'confdroid_nrpe/ssl_privatekey.erb'
# includes must be last
include confdroid_nrpe::main::config

3
templates/ssl_cert.erb Normal file
View File

@@ -0,0 +1,3 @@
<% unless @ne_ssl_cert_pem.nil -%>
<%= @ne_ssl_cert_pem %>
<% end -%>

3
templates/ssl_privatekey.erb Normal file
View File

@@ -0,0 +1,3 @@
<% unless @ne_ssl_privatekey_pem.nil -%>
<%= @ne_ssl_privatekey_pem %>
<% end -%>