From b287591b321cbbc9ae0a45f5d23b80bb180fd226 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Thu, 18 Mar 2021 22:35:11 +0000
Subject: [PATCH] munin-node: Initial version of munin-node role

---
 roles/munin-node/handlers/main.yml            |  5 +++
 roles/munin-node/tasks/main.yml               | 20 +++++++++++
 roles/munin-node/templates/munin-node.conf.j2 | 33 +++++++++++++++++++
 3 files changed, 58 insertions(+)
 create mode 100644 roles/munin-node/handlers/main.yml
 create mode 100644 roles/munin-node/tasks/main.yml
 create mode 100644 roles/munin-node/templates/munin-node.conf.j2

diff --git a/roles/munin-node/handlers/main.yml b/roles/munin-node/handlers/main.yml
new file mode 100644
index 0000000..0b7f394
--- /dev/null
+++ b/roles/munin-node/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart munin-node
+  service:
+    name: munin-node
+    state: restarted
diff --git a/roles/munin-node/tasks/main.yml b/roles/munin-node/tasks/main.yml
new file mode 100644
index 0000000..0c7b87d
--- /dev/null
+++ b/roles/munin-node/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: install packages
+  package:
+    name: munin-node
+    state: installed
+
+- name: create config
+  template:
+    dest: /etc/munin/munin-node.conf
+    src: munin-node.conf.j2
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart munin-node
+
+- name: enable service
+  service:
+    name: munin-node
+    state: started
+    enabled: true
diff --git a/roles/munin-node/templates/munin-node.conf.j2 b/roles/munin-node/templates/munin-node.conf.j2
new file mode 100644
index 0000000..52bdac3
--- /dev/null
+++ b/roles/munin-node/templates/munin-node.conf.j2
@@ -0,0 +1,33 @@
+
+log_level 4
+log_file /var/log/munin-node/munin-node.log
+pid_file /var/run/munin/munin-node.pid
+
+background 1
+setsid 1
+
+user root
+group {{ ansible_wheel }}
+
+# Regexps for files to ignore
+ignore_file ~$
+ignore_file \.bak$
+ignore_file %$
+ignore_file \.dpkg-(tmp|new|old|dist)$
+ignore_file \.rpm(save|new)$
+ignore_file \.pod$
+
+host_name {{ inventory_hostname }}
+
+# Which address to bind to;
+host *
+
+# And which port
+port 4949
+
+# Require TLS
+tls paranoid
+tls_verify_certificate yes
+tls_ca_certificate {{ tls_certs }}/ca.crt
+tls_certificate {{ tls_certs }}/{{ inventory_hostname }}.crt
+tls_private_key {{ tls_private }}/{{ inventory_hostname }}.key