confdroid/confdroid_nrpe
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Files
7ad0b6864593d01e12ff1655ded024790828352f
confdroid_nrpe/doc/puppet_classes/cd_nrpe_3A_3Aparams.html
Jenkins ConfDroid 73a596d8f0 recommit for updates in build 15
2019-04-23 21:29:53 +02:00

1040 lines
24 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Puppet Class: cd_nrpe::params
&mdash; Documentation by YARD 0.9.16
</title>
<link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
<link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
<script type="text/javascript" charset="utf-8">
pathId = "puppet_classes::cd_nrpe::params";
relpath = '../';
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../puppet_class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../_index.html">Index (c)</a> &raquo;
<span class='title'><span class='object_link'>Puppet Classes</span></span>
&raquo;
<span class="title">cd_nrpe::params</span>
</div>
<div id="search">
<a class="full_list_link" id="puppet_class_list_link"
href="../puppet_class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Puppet Class: cd_nrpe::params</h1>
<div class="box_info">
<dl>
<dt>Inherited by:</dt>
<dd>
<span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Adirs.html" title="puppet_classes::cd_nrpe::main::dirs (puppet_class)">cd_nrpe::main::dirs</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Auser.html" title="puppet_classes::cd_nrpe::main::user (puppet_class)">cd_nrpe::main::user</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Afiles.html" title="puppet_classes::cd_nrpe::main::files (puppet_class)">cd_nrpe::main::files</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::cd_nrpe::main::config (puppet_class)">cd_nrpe::main::config</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Ainstall.html" title="puppet_classes::cd_nrpe::main::install (puppet_class)">cd_nrpe::main::install</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Amain_3A_3Aservice.html" title="puppet_classes::cd_nrpe::main::service (puppet_class)">cd_nrpe::main::service</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Aselinux_3A_3Aconfig.html" title="puppet_classes::cd_nrpe::selinux::config (puppet_class)">cd_nrpe::selinux::config</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::cd_nrpe::firewall::iptables (puppet_class)">cd_nrpe::firewall::iptables</a></span><br/>
<span class='object_link'><a href="cd_nrpe_3A_3Acommands_3A_3Adefinition_rules.html" title="puppet_classes::cd_nrpe::commands::definition_rules (puppet_class)">cd_nrpe::commands::definition_rules</a></span><br/>
</dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>
manifests/params.pp
</dd>
</dl>
</div>
<h2>Summary</h2>
Class holds all parameters for the cd_nrpe module and is
inherited by all classes except defines.
<h2>Overview</h2>
<div class="docstring">
<div class="discussion">
<p>cd_nrpe::params.pp Module name: cd_nrpe Author: Arne Teuke
(arne_teuke@ConfDroid.com)</p>
<h1 id="label-License-3A">License:</h1>
<p>This file is part of cd_nrpe.</p>
<p>cd_nrpe is used for providing automatic configuration of NRPE. Copyright
(C) 2016 ConfDroid (copyright@ConfDroid.com) This program is free
software: you can redistribute it and/or modify it under the terms of the
GNU General Public License as published by the Free Software Foundation,
either version 3 of the License, or (at your option) any later version.</p>
<p>This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.</p>
<p>You should have received a copy of the GNU General Public License along
with this program. If not, see <a
href="http://www.gnu.org/licenses">www.gnu.org/licenses</a>/. be passed to
the NRPE daemon.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>pkg_ensure</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;latest&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>which <a href="https://confdroid.com/2017/05/puppet-type-package/">package
type</a> to choose, i.e. <code>latest</code> or <code>present</code>.</p>
</div>
</li>
<li>
<span class='name'>ne_log_facility</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;daemon&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the log facility to use.</p>
</div>
</li>
<li>
<span class='name'>ne_log_file</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>If a log file is specified in this option, nrpe will write to that file
instead of using syslog. i.e. /var/run/nrpe.log</p>
</div>
</li>
<li>
<span class='name'>ne_debug</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether debugging messages are logged to the syslog facility.</p>
</div>
</li>
<li>
<span class='name'>ne_nrpe_port</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;5666&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the NRPE port. used in firewall ( optional) and configuration file.</p>
</div>
</li>
<li>
<span class='name'>ne_listen_queue_size</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;5&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Listen queue size (backlog) for serving incoming connections.</p>
</div>
</li>
<li>
<span class='name'>ne_nagios_server</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>$::nagios_server</tt>)</em>
&mdash;
<div class='inline'>
<p>ipaddress of the nagios server to be allowed to connect to NRPE service.
Default is to look up a global parameter from ENC.</p>
</div>
</li>
<li>
<span class='name'>ne_dont_blame_nrpe</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>whether or not the NRPE daemon will allow clients to specify arguments to
commands that are executed.</p>
</div>
</li>
<li>
<span class='name'>ne_allow_bash_cmd_subst</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>whether or not the NRPE daemon will allow clients to specify arguments that
contain bash command substitutions of the form $(…).</p>
</div>
</li>
<li>
<span class='name'>ne_allow_sudo</span>
<span class='type'>(<tt>boolean</tt>)</span>
<em class="default">(defaults to: <tt>true</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to allow sudo access. used in nrpe.cfg as well as for creating a
sudo role.</p>
</div>
</li>
<li>
<span class='name'>ne_command_prefix</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/usr/bin/sudo&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>allows you to prefix all commands with a user-defined string.</p>
</div>
</li>
<li>
<span class='name'>ne_incl_fw</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>true</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to include firewall rules</p>
</div>
</li>
<li>
<span class='name'>ne_command_timeout</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;60&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>maximum number of seconds that the NRPE daemon will allow plugins to finish
executing before killing them off.</p>
</div>
</li>
<li>
<span class='name'>ne_connection_timeout</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;300&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>maximum number of seconds that the NRPE daemon will wait for a connection
to be established before exiting.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_version</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;TLSv2+&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>These directives allow you to specify how to use SSL/TLS.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_use_adh</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>This is for backward compatibility and is DEPRECATED. Set to 1 to enable
ADH or 2 to require ADH. 1 is currently the default but will be changed in
a later version.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_cipher_list</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>ciphers can be used. For backward compatibility, this defaults to
&#39;ssl_cipher_list=ALL:!MD5:@STRENGTH&#39; in this version but will be
changed in a later version of NRPE.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_cacert_file</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>path and name of the ssl certificate authority (ca) file / chain. must be
full path.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_cert_file</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&quot;/etc/pki/tls/certs/${::fqdn}.crt.pem&quot;</tt>)</em>
&mdash;
<div class='inline'>
<p>path and name of the server ssl certificate. must include full path.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_privatekey_file</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&quot;/etc/pki/tls/private/${::fqdn}.key.pem&quot;</tt>)</em>
&mdash;
<div class='inline'>
<p>path and name of the server ssl private key. Must include full path.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_client_certs</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;2&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>determines client certificate usage. Values: 0 = Don&#39;t ask for or
require client certificates 1 = Ask for client certificates 2 = Require
client certificates</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_logging</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0x00&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>determines which SSL messages are send to syslog. OR values together to
specify multiple options. Values: 0x00 (0) = No additional logging
(default) 0x01 (1) = Log startup SSL/TLS parameters 0x02 (2) = Log remote
IP address 0x04 (4) = Log SSL/TLS version of connections 0x08 (8) = Log
which cipher is being used for the connection 0x10 (16) = Log if client has
a certificate 0x20 (32) = Log details of client&#39;s certificate if it has
one -1 or 0xff or 0x2f = All of the above</p>
</div>
</li>
<li>
<span class='name'>ne_nasty_metachars</span>
<span class='type'>(<tt>array</tt>)</span>
<em class="default">(defaults to: <tt>[&quot;|`&amp;&gt;&lt;&#39;\\[]{};\r\n&quot;]</tt>)</em>
&mdash;
<div class='inline'>
<p>list of characters that cannot</p>
</div>
</li>
<li>
<span class='name'>ne_include_file</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>include definitions from an external config file.</p>
</div>
</li>
<li>
<span class='name'>ne_fw_order_no</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;50&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>ordering prefix for he firewall rules. Adjust to your environment if
needed.</p>
</div>
</li>
<li>
<span class='name'>ne_ssl_opts</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Specify additional SSL options.</p>
</div>
</li>
<li>
<span class='name'>ne_user</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;nrpe&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the NRPE service user</p>
</div>
</li>
<li>
<span class='name'>ne_user_comment</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;NRPE service user&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>The comment for the service user /etc/passwd</p>
</div>
</li>
<li>
<span class='name'>ne_user_uid</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;1005&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the UID for the service user</p>
</div>
</li>
<li>
<span class='name'>ne_user_home</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/var/run/nrpe&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the home for the service user</p>
</div>
</li>
<li>
<span class='name'>ne_user_shell</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/sbin/nologin&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the shell for the service user.</p>
</div>
</li>
<li>
<span class='name'>ne_user_groups</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>undef</tt>)</em>
&mdash;
<div class='inline'>
<p>additional groups for the service user.</p>
</div>
</li>
<li>
<span class='name'>ne_server_address</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0.0.0.0&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the network interfaces to listen on</p>
</div>
</li>
<li>
<span class='name'>ne_allow_weak_rnd_seed</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>&#39;1&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to allow weak random seeds</p>
</div>
</li>
<li>
<span class='name'>ne_include_selinux</span>
<span class='type'>(<tt>string</tt>)</span>
<em class="default">(defaults to: <tt>true</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to manage selinux</p>
</div>
</li>
<li>
<span class='name'>ne_enable_ssl</span>
<span class='type'>(<tt>boolean</tt>)</span>
<em class="default">(defaults to: <tt>false</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to enable SSL certificates.</p>
</div>
</li>
<li>
<span class='name'>ne_manage_cmds</span>
<span class='type'>(<tt>boolean</tt>)</span>
<em class="default">(defaults to: <tt>true</tt>)</em>
&mdash;
<div class='inline'>
<p>Whether to manage command rules for NRPE checks, to allow dynamic check
&amp; command rules.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><a href="https://www.nagios.org/documentation/" target="_parent" title="https://www.nagios.org/documentation/">https://www.nagios.org/documentation/</a></li>
</ul>
</div><div class="method_details_list">
<table class="source_code">
<tr>
<td>
<pre class="lines">
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 101</span>
class cd_nrpe::params (
$pkg_ensure = &#39;latest&#39;,
$ne_manage_cmds = true,
# NRPE user settings
$ne_user = &#39;nrpe&#39;,
$ne_user_comment = &#39;NRPE service user&#39;,
$ne_user_uid = &#39;1005&#39;,
$ne_user_home = &#39;/var/run/nrpe&#39;,
$ne_user_groups = undef,
$ne_user_shell = &#39;/sbin/nologin&#39;,
# nrpe.cfg
$ne_log_facility = &#39;daemon&#39;,
$ne_log_file = &#39;&#39;,
$ne_debug = &#39;0&#39;,
$ne_nrpe_port = &#39;5666&#39;,
$ne_server_address = &#39;0.0.0.0&#39;,
$ne_listen_queue_size = &#39;5&#39;,
$ne_nagios_server = $::nagios_server,
$ne_dont_blame_nrpe = &#39;1&#39;,
$ne_allow_bash_cmd_subst = &#39;1&#39;,
$ne_allow_sudo = true,
$ne_command_prefix = &#39;/usr/bin/sudo&#39;,
$ne_command_timeout = &#39;60&#39;,
$ne_connection_timeout = &#39;300&#39;,
$ne_allow_weak_rnd_seed = &#39;1&#39;,
$ne_enable_ssl = false,
$ne_ssl_version = &#39;TLSv2+&#39;,
$ne_ssl_use_adh = &#39;1&#39;,
$ne_ssl_cipher_list = &#39;ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH&#39;,
$ne_ssl_cacert_file = &#39;/etc/pki/tls/certs/ca-chain.crt.pem&#39;,
$ne_ssl_cert_file = &quot;/etc/pki/tls/certs/${::fqdn}.crt.pem&quot;,
$ne_ssl_privatekey_file = &quot;/etc/pki/tls/private/${::fqdn}.key.pem&quot;,
$ne_ssl_client_certs = &#39;2&#39;,
$ne_ssl_logging = &#39;0x00&#39;,
$ne_nasty_metachars = [&quot;|`&amp;&gt;&lt;&#39;\\[]{};\r\n&quot;],
$ne_include_file = &#39;&#39;,
# nrpe.conf
$ne_ssl_opts = &#39;&#39;,
# firewall
$ne_incl_fw = true,
$ne_fw_order_no = &#39;50&#39;,
# selinux
$ne_include_selinux = true,
) {
# installation section
$reqpackages = $::operatingsystem ? {
/(?i-mx:centos|fedora|redhat)/ =&gt; [&#39;nrpe&#39;,&#39;nrpe-selinux&#39;],
}
# service
$ne_service = &#39;nrpe&#39;
# directories
$ne_main_conf_d_dir = &#39;/etc/nrpe.d&#39;
$ne_run_dir = &#39;/var/run/nrpe&#39;
# files
$ne_main_conf_file = &#39;/etc/nagios/nrpe.cfg&#39;
$ne_main_conf_erb = &#39;cd_nrpe/nrpe_cfg.erb&#39;
$ne_nrpe_pid_file = &quot;${ne_run_dir}/nrpe.pid&quot;
$ne_nrpe_conf_file = &#39;/etc/sysconfig/nrpe&#39;
$ne_nrpe_conf_erb = &#39;cd_nrpe/nrpe_conf.erb&#39;
$ne_cmd_file = &quot;${ne_main_conf_d_dir}/commands.cfg&quot;
$ne_cmd_head_erb = &#39;cd_nrpe/cmd_head.erb&#39;
$ne_cmd_rule_erb = &#39;cd_nrpe/cmd_rule.erb&#39;
$ne_sudo_file = &#39;/etc/sudoers.d/nagios_sudo&#39;
$ne_sudo_rule_erb = &#39;cd_nrpe/sudo_rule.erb&#39;
$ne_nrpe_te_file = &quot;${ne_main_conf_d_dir}/nrpe.te&quot;
$ne_nrpe_te_erb = &#39;cd_nrpe/nrpe.te.erb&#39;
$ne_nrpe_mod_file = &quot;${ne_main_conf_d_dir}/nrpe.mod&quot;
$ne_checkmodule_nrpe_erb = &#39;cd_nrpe/checkmodule_nrpe.erb&#39;
$ne_nrpe_pp_file = &quot;${ne_main_conf_d_dir}/nrpe.pp&quot;
$ne_semodule_erb = &#39;cd_nrpe/semodule_nrpe.erb&#39;
# includes must be last
include cd_nrpe::main::config
}</pre>
</td>
</tr>
</table>
</div>
</div>
<div id="footer">
Generated by <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>.
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink