## confdroid_nrpe::main::files.pp
# Module name: confdroid_nrpe
# Author: 12ww1160 (12ww1160@ConfDroid.com)
# @summary  Class manages all configuration files required for confdroid_nrpe.
##############################################################################
class confdroid_nrpe::main::files (

) inherits confdroid_nrpe::params {
  require confdroid_nrpe::main::dirs

  # manage /etc/nagios/nrpe.cfg

  file { $ne_main_conf_file:
    ensure   => file,
    path     => $ne_main_conf_file,
    owner    => 'root',
    group    => 'root',
    mode     => '0644',
    selrange => s0,
    selrole  => object_r,
    seltype  => nrpe_etc_t,
    seluser  => system_u,
    content  => template($ne_main_conf_erb),
    notify   => Service[$ne_service],
  }

  # manage /etc/sysconfig/nrpe

  file { $ne_nrpe_conf_file:
    ensure   => file,
    path     => $ne_nrpe_conf_file,
    owner    => 'root',
    group    => 'root',
    mode     => '0644',
    selrange => s0,
    selrole  => object_r,
    seltype  => etc_t,
    seluser  => system_u,
    content  => template($ne_nrpe_conf_erb),
    notify   => Service[$ne_service],
  }

  if $ne_allow_sudo == true {
    file { $ne_sudo_file:
      ensure   => file,
      path     => $ne_sudo_file,
      owner    => 'root',
      group    => 'root',
      mode     => '0440',
      selrange => s0,
      selrole  => object_r,
      seltype  => etc_t,
      seluser  => system_u,
      content  => template($ne_sudo_rule_erb),
    }

    # file for sudo  selinux policy
    file { $ne_nrpe_te_file:
      ensure   => file,
      path     => $ne_nrpe_te_file,
      owner    => 'root',
      group    => 'root',
      mode     => '0440',
      selrange => s0,
      selrole  => object_r,
      seltype  => nrpe_etc_t,
      seluser  => system_u,
      content  => template($ne_nrpe_te_erb),
      notify   => Exec['create_nrpe_pp'],
    }
  }
  # file for ssl certificate
  if $ne_enable_ssl == true {
    file { $ne_ssl_cert_file:
      ensure   => file,
      path     => $ne_ssl_cert_file,
      owner    => $ne_user,
      group    => $ne_user,
      mode     => '0440',
      selrange => s0,
      selrole  => object_r,
      seltype  => cert_t,
      seluser  => system_u,
      content  => template($ne_ssl_cert_erb),
    }
    file { $ne_ssl_privatekey_file:
      ensure   => file,
      path     => $ne_ssl_privatekey_file,
      owner    => $ne_user,
      group    => $ne_user,
      mode     => '0400',
      selrange => s0,
      selrole  => object_r,
      seltype  => cert_t,
      seluser  => system_u,
      content  => template($ne_ssl_privatekey_erb),
    }
    file { $ne_ssl_ca_cert_file:
      ensure   => file,
      path     => $ne_ssl_ca_cert_file,
      owner    => $ne_user,
      group    => $ne_user,
      mode     => '0440',
      selrange => s0,
      selrole  => object_r,
      seltype  => cert_t,
      seluser  => system_u,
      content  => template($ne_ssl_ca_cert_erb),
    }
  }
}