Compare commits
1 Commits
master
...
21d123dbf8
| Author | SHA1 | Date | |
|---|---|---|---|
|
21d123dbf8 |
@@ -206,7 +206,8 @@
|
||||
108
|
||||
109
|
||||
110
|
||||
111</pre>
|
||||
111
|
||||
112</pre>
|
||||
</td>
|
||||
<td>
|
||||
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 6</span>
|
||||
@@ -277,14 +278,15 @@ class confdroid_nrpe::main::files (
|
||||
notify => Exec['create_nrpe_pp'],
|
||||
}
|
||||
}
|
||||
|
||||
# file for ssl certificate
|
||||
if $ne_enable_ssl == true {
|
||||
file { $ne_ssl_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_cert_file,
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -294,9 +296,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_privatekey_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_privatekey_file,
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0400',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0600',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -306,9 +308,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_ca_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_ca_cert_file,
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
|
||||
@@ -349,6 +349,24 @@ inherited by all classes except defines.
|
||||
|
||||
</li>
|
||||
|
||||
<li>
|
||||
|
||||
<span class='name'>ne_ssl_version</span>
|
||||
|
||||
|
||||
<span class='type'>(<tt>String</tt>)</span>
|
||||
|
||||
|
||||
<em class="default">(defaults to: <tt>'TLSv2+'</tt>)</em>
|
||||
|
||||
|
||||
—
|
||||
<div class='inline'>
|
||||
<p>These directives allow you to specify how to use SSL/TLS.</p>
|
||||
</div>
|
||||
|
||||
</li>
|
||||
|
||||
<li>
|
||||
|
||||
<span class='name'>ne_ssl_cipher_list</span>
|
||||
@@ -763,8 +781,6 @@ inherited by all classes except defines.
|
||||
<pre class="lines">
|
||||
|
||||
|
||||
82
|
||||
83
|
||||
84
|
||||
85
|
||||
86
|
||||
@@ -855,10 +871,13 @@ inherited by all classes except defines.
|
||||
171
|
||||
172
|
||||
173
|
||||
174</pre>
|
||||
174
|
||||
175
|
||||
176
|
||||
177</pre>
|
||||
</td>
|
||||
<td>
|
||||
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 82</span>
|
||||
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 84</span>
|
||||
|
||||
class confdroid_nrpe::params (
|
||||
|
||||
@@ -890,6 +909,7 @@ class confdroid_nrpe::params (
|
||||
String $ne_connection_timeout = '300',
|
||||
String $ne_allow_weak_rnd_seed = '1',
|
||||
Boolean $ne_enable_ssl = false,
|
||||
String $ne_ssl_version = 'TLSv2+',
|
||||
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
||||
String $ne_ssl_client_certs = '0',
|
||||
String $ne_ssl_logging = '0x00',
|
||||
|
||||
@@ -69,14 +69,15 @@ class confdroid_nrpe::main::files (
|
||||
notify => Exec['create_nrpe_pp'],
|
||||
}
|
||||
}
|
||||
|
||||
# file for ssl certificate
|
||||
if $ne_enable_ssl == true {
|
||||
file { $ne_ssl_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_cert_file,
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -86,9 +87,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_privatekey_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_privatekey_file,
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0400',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0600',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -98,9 +99,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_ca_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_ca_cert_file,
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
|
||||
@@ -30,6 +30,8 @@
|
||||
# daemon will allow plugins to finish executing before killing them off.
|
||||
# @param [String] ne_connection_timeout maximum number of seconds that the
|
||||
# NRPE daemon will wait for a connection to be established before exiting.
|
||||
# @param [String] ne_ssl_version These directives allow you to specify how to
|
||||
# use SSL/TLS.
|
||||
# @param [String] ne_ssl_cipher_list ciphers can be used. For backward
|
||||
# compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
|
||||
# this version but will be changed in a later version of NRPE.
|
||||
@@ -109,6 +111,7 @@ class confdroid_nrpe::params (
|
||||
String $ne_connection_timeout = '300',
|
||||
String $ne_allow_weak_rnd_seed = '1',
|
||||
Boolean $ne_enable_ssl = false,
|
||||
String $ne_ssl_version = 'TLSv2+',
|
||||
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
||||
String $ne_ssl_client_certs = '0',
|
||||
String $ne_ssl_logging = '0x00',
|
||||
|
||||
@@ -34,6 +34,7 @@ connection_timeout=<%= @ne_connection_timeout %>
|
||||
allow_weak_random_seed=<%= @ne_allow_weak_rnd_seed %>
|
||||
|
||||
<% if @ne_enable_ssl == true -%>
|
||||
ssl_version=<%= @ne_ssl_version %>
|
||||
ssl_cipher_list=<%= @ne_ssl_cipher_list %>
|
||||
ssl_cacert_file=<%= @ne_ssl_ca_cert_file %>
|
||||
ssl_cert_file=<%= @ne_ssl_cert_file %>
|
||||
|
||||
Reference in New Issue
Block a user