I've made a few changes to Jeremy's proposal, because I wanted to make use of the configuration file that the NRPE plugin already deploys.
Attached is my proposed change to the Ansible repo.

If that works I'll add more checks later on.


OK I deployed that config but now SELinux is preventing NRPE from connecting to the RabbitMQ management interface:
avc:  denied  { name_connect } for  pid=5182 comm="perl" dest=15672 scontext=system_u:system_r:nrpe_t:s0 tcontext=system_u:object_r:amqp_port_t:s0 tclass=tcp_socket permissive=0

What should I do? Create a SELinux module to allow that connection? Do we have a policy regarding that sort of module creation?

A.