Puppet Class: nexpose

Defined in:
manifests/init.pp

Overview

Class: nexpose

Parameters:

  • port (Stdlib::Port) (defaults to: 3780)
  • server_root (String) (defaults to: '.')
  • doc_root (String) (defaults to: 'htroot')
  • min_server_threads (Integer[1,1000]) (defaults to: 10)
  • max_server_threads (Integer[1,10000]) (defaults to: 100)
  • keepalive (Boolean) (defaults to: false)
  • socket_timeout (Integer[1,1000000]) (defaults to: 10000)
  • sc_lookup_cache_size (Integer[1,10000]) (defaults to: 100)
  • debug (Integer[1,10000]) (defaults to: 10)
  • httpd_error_strings (String) (defaults to: 'conf/httpErrorStrings.properties')
  • default_start_page (String) (defaults to: '/starting.html')
  • default_login_page (String) (defaults to: '/login.html')
  • default_home_page (String) (defaults to: '/home.jsp')
  • default_setup_page (String) (defaults to: '/setup.html')
  • default_error_page (String) (defaults to: '/error.html')
  • first_time_config (Boolean) (defaults to: false)
  • bad_login_lockout (Integer[1,10]) (defaults to: 4)
  • admin_app_path (String) (defaults to: '/admin/global')
  • auth_param_username (String) (defaults to: 'nexposeccusername')
  • auth_param_password (String) (defaults to: 'nexposeccpassword')
  • server_id_string (String) (defaults to: 'NSC/0.6.4 (JVM)')
  • proglet_list (String) (defaults to: 'conf/proglet.xml')
  • taglib_list (String) (defaults to: 'conf/taglibs.xml')
  • virtualhost (Stdlib::Fqdn) (defaults to: $::fqdn)
  • api_user (String) (defaults to: 'nxadmin')
  • api_password (String) (defaults to: 'nxpassword') 


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'manifests/init.pp', line 3

class nexpose (
  Stdlib::Port       $port                 = 3780,
  String             $server_root          = '.',
  String             $doc_root             = 'htroot',
  Integer[1,1000]    $min_server_threads   = 10,
  Integer[1,10000]   $max_server_threads   = 100,
  Boolean            $keepalive            = false,
  Integer[1,1000000] $socket_timeout       = 10000,
  Integer[1,10000]   $sc_lookup_cache_size = 100,
  Integer[1,10000]   $debug                = 10,
  String             $httpd_error_strings  = 'conf/httpErrorStrings.properties',
  String             $default_start_page   = '/starting.html',
  String             $default_login_page   = '/login.html',
  String             $default_home_page    = '/home.jsp',
  String             $default_setup_page   = '/setup.html',
  String             $default_error_page   = '/error.html',
  Boolean            $first_time_config    = false,
  Integer[1,10]      $bad_login_lockout    = 4,
  String             $admin_app_path       = '/admin/global',
  String             $auth_param_username  = 'nexposeccusername',
  String             $auth_param_password  = 'nexposeccpassword',
  String             $server_id_string     = 'NSC/0.6.4 (JVM)',
  String             $proglet_list         = 'conf/proglet.xml',
  String             $taglib_list          = 'conf/taglibs.xml',
  Stdlib::Fqdn       $virtualhost          = $::fqdn,
  String             $api_user             = 'nxadmin',
  String             $api_password         = 'nxpassword',
) {
  package { 'nexpose':
    ensure   =>  '0.9.8',
    provider =>  'puppet_gem',
  }
  file {
    '/opt/rapid7/nexpose/nsc/conf/httpd.xml':
      notify  => Service['nexposeconsole'],
      content => template('nexpose/httpd.xml.erb');
    '/opt/rapid7/nexpose/nsc/conf/api.conf':
      content => "user=${api_user}\npassword=${api_password}\nserver=${virtualhost}\nport=${port}\n",
      mode    => '0400';
  }
  augeas {'/opt/rapid7/nexpose/nsc/conf/nsc.xml':
    context => '/files/opt/rapid7/nexpose/nsc/conf/nsc.xml/NeXposeSecurityConsole',
    incl    => '/opt/rapid7/nexpose/nsc/conf/nsc.xml',
    lens    => 'Xml.lns',
    changes => [
      "set WebServer/#attribute/port ${port}",
      "set WebServer/#attribute/minThreads ${min_server_threads}",
      "set WebServer/#attribute/maxThreads ${max_server_threads}",
      "set WebServer/#attribute/failureLockout ${bad_login_lockout}",
      ],
    notify  => Service['nexposeconsole'],
  }
  service { 'nexposeconsole':
    ensure  => running,
    enable  => true,
    require => File['/opt/rapid7/nexpose/nsc/conf/httpd.xml'],
  }
  user {'nexpose':
    password => '!';
  }
  # There is a bit of a chicken egg situation with this one.  
  # if we change the api password then the api function will fail
  nexpose_user {$api_user:
    ensure    => present,
    enabled   => true,
    password  => $api_password,
    full_name => 'Puppet API User',
    role      => 'global-admin';
  }
}