nagios-nrpe: configure server certificate for nrpe daemon

2024-02-16 11:00:48 +01:00 · 2024-02-16 11:00:48 +01:00 · 28851698e6
parent 9fe7825499
commit 28851698e6
2 changed files with 5 additions and 0 deletions
--- a/1
+++ b/1
@ -87,6 +87,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * accounts, etc-git, evocheck, nagios-nrpe: multiple changes to not fail when run in check mode
 * base: configure "/var/log" for servers that have a mount on it
 * nagios-nrpe: configure allowed_hosts in template and make use of the 'nagios_nrpe_additional_allowed_hosts' var in inventory for additional IP
+* nagios-nrpe: configure server certificate for nrpe daemon

 ### Fixed

--- a/roles/nagios-nrpe/templates/evolix_bsd.cfg.j2
+++ b/roles/nagios-nrpe/templates/evolix_bsd.cfg.j2
@ -1,6 +1,10 @@
 # Allowed IPs
 allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}

+# SSL Certificate
+ssl_cert_file=/etc/ssl/certs/{{ ansible_fqdn }}.crt
+ssl_privatekey_file=/etc/ssl/private/{{ ansible_fqdn }}.key
+
 {% if ansible_distribution_version is version_compare("7.2",'>=') %}
 # Allow older cipher suites for older Icinga version
 ssl_cipher_list=ALL:!MD5:@STRENGTH:@SECLEVEL=0