X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fnagios%2Fmanifests%2Fclient.pp;h=44a6f3254a7064fe819371d22592ca5b89325930;hb=ed9c052bcce0377d8c9f1f7de79fe3114c8f8bf8;hp=fca1fb23a4c4378be2bb11ba39efb55f4889d7e5;hpb=e9a9bf706b669f23c60a8fc3dd204ab7cd076521;p=mirror%2Fdsa-puppet.git

diff --git a/modules/nagios/manifests/client.pp b/modules/nagios/manifests/client.pp
index fca1fb23a..44a6f3254 100644
--- a/modules/nagios/manifests/client.pp
+++ b/modules/nagios/manifests/client.pp
@@ -6,39 +6,38 @@ class nagios::client inherits nagios {
 
 	file {
 		"/etc/default/nagios-nrpe-server":
-			source  => [ "puppet:///nagios/per-host/$fqdn/default",
-			             "puppet:///nagios/common/default" ],
+			source  => [ "puppet:///modules/nagios/per-host/$fqdn/default",
+			             "puppet:///modules/nagios/common/default" ],
 			require => Package["nagios-nrpe-server"],
 			notify  => Exec["nagios-nrpe-server restart"];
 		"/etc/default/nagios-nrpe":
 			ensure  => absent,
 			notify  => Exec["nagios-nrpe-server restart"];
 		"/etc/nagios/nrpe.cfg":
-			source  => [ "puppet:///nagios/per-host/$fqdn/nrpe.cfg",
-			             "puppet:///nagios/common/nrpe.cfg" ],
+			source  => [ "puppet:///modules/nagios/per-host/$fqdn/nrpe.cfg",
+			             "puppet:///modules/nagios/common/nrpe.cfg" ],
 			require => Package["nagios-nrpe-server"],
 			notify  => Exec["nagios-nrpe-server restart"];
 		"/etc/nagios/nrpe.d":
 			mode    => 755,
+			require => Package["nagios-nrpe-server"],
 			ensure  => directory;
 		"/etc/nagios/nrpe.d/debianorg.cfg":
-			source  => [ "puppet:///nagios/per-host/$fqdn/inc-debian.org",
-			             "puppet:///nagios/common/inc-debian.org" ],
+                        content => template("nagios/inc-debian.org.erb"),
 			require => Package["nagios-nrpe-server"],
 			notify  => Exec["nagios-nrpe-server restart"];
 		"/etc/nagios/nrpe.d/nrpe_dsa.cfg":
-			source  => [ "puppet:///nagios/dsa-nagios/generated/nrpe_dsa.cfg" ],
+			source  => [ "puppet:///modules/nagios/dsa-nagios/generated/nrpe_dsa.cfg" ],
 			require => Package["dsa-nagios-checks"],
 			notify  => Exec["nagios-nrpe-server restart"];
 
 		"/etc/nagios/obsolete-packages-ignore":
-			source  => [ "puppet:///nagios/per-host/$fqdn/obsolete-packages-ignore",
-			             "puppet:///nagios/common/obsolete-packages-ignore" ],
+			source  => [ "puppet:///modules/nagios/per-host/$fqdn/obsolete-packages-ignore",
+			             "puppet:///modules/nagios/common/obsolete-packages-ignore" ],
 			require => Package["dsa-nagios-checks"];
 
 		"/etc/nagios/obsolete-packages-ignore.d/hostspecific":
-			source  => [ "puppet:///nagios/per-host/$fqdn/obsolete-packages-ignore.d-hostspecific",
-			             "puppet:///nagios/common/obsolete-packages-ignore.d-hostspecific" ],
+                        content => template("nagios/obsolete-packages-ignore.d-hostspecific.erb"),
 			require => Package["dsa-nagios-checks"];
 	}
 
@@ -46,4 +45,18 @@ class nagios::client inherits nagios {
 		path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
 		refreshonly => true,
 	}
+        @ferm::rule { "dsa-nagios-v4":
+                description     => "Allow nrpe from nagios master",
+                rule            => "proto tcp mod state state (NEW) dport (5666) @subchain 'nagios' { saddr (\$HOST_NAGIOS_V4) ACCEPT; }",
+                notarule        => true,
+        }
+        @ferm::rule { "dsa-nagios-v6":
+                description     => "Allow nrpe from nagios master",
+                domain          => "ip6",
+                rule            => "proto tcp mod state state (NEW) dport (5666) @subchain 'nagios' { saddr (\$HOST_NAGIOS_V6) ACCEPT; }",
+                notarule        => true,
+        }
 }
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4: