+# our nagios server class
+#
+# it includes stored ferm configs for all the things it needs to access
+# which are then collected by the monitored services
class nagios::server {
include apache2
include apache2::ssl
port => '5666',
saddr => $base::public_addresses,
}
+ @@concat::fragment { "nrpe-debian-allow-${::fqdn}":
+ tag => 'nagios-nrpe::server::debianorg.cfg',
+ target => '/etc/nagios/nrpe.d/debianorg.cfg',
+ content => "allowed_hosts=${ $base::public_addresses.join(', ') }",
+ }
+ # and we want to monitor smtp servers
+ @@ferm::rule::simple { "dsa-smtp-from-nagios-${::fqdn}":
+ tag => 'smtp::server::to::mail-satellite',
+ description => 'Allow smtp access from the nagios server',
+ port => '7', # will be overwritten on collection
+ saddr => $base::public_addresses,
+ }
+ # and we want to monitor ssh
+ @@ferm::rule::simple { "dsa-ssh-from-nagios-${::fqdn}":
+ tag => 'ssh::server::from::nagios',
+ description => 'Allow ssh access from the nagios server',
+ chain => 'ssh',
+ saddr => $base::public_addresses,
+ }
}