--- - name: install packages package: name: munin state: installed - name: set file contexts for data directory sefcontext: path: "/export/munin(/.*)?" setype: munin_var_lib_t - name: create data direcory file: path: /export/munin state: directory mode: 0755 owner: munin group: munin setype: _default - name: link data directory file: dest: /srv/munin src: /export/munin state: link owner: root group: "{{ ansible_wheel }}" follow: false # for some reason this is owned by adm default - name: fix log directory group file: path: /var/log/munin state: directory owner: munin group: apache - name: add munin to hostkey group user: name: munin groups: hostkey append: yes # this needs better rule - name: fix selinux write errors seboolean: name: domain_can_mmap_files state: true persistent: true - name: create apache config copy: dest: /etc/httpd/conf.local.d/munin.conf src: munin-apache.conf mode: 0644 owner: root group: "{{ ansible_wheel }}" notify: restart apache - name: fix selinx contexts from cache directory sefcontext: path: "/var/run/munin/cgi-tmp(/.*)?" setype: munin_rw_content_t - name: add cache direcory to tmpfiles copy: dest: /etc/tmpfiles.d/munin.conf content: "d /run/munin/cgi-tmp 0755 apache apache -" mode: 0644 owner: root group: "{{ ansible_wheel }}" - name: create cache directory file: path: /var/run/munin/cgi-tmp state: directory mode: 0755 owner: apache group: apache setype: _default - name: create tls config template: dest: /etc/munin/conf.d/00-tls.conf src: tls.conf.j2 mode: 0644 owner: root group: "{{ ansible_wheel }}" - name: create host config template: dest: /etc/munin/conf.d/hosts.conf src: hosts.conf.j2 mode: 0644 owner: root group: "{{ ansible_wheel }}" - name: create override config copy: dest: /etc/munin/conf.d/00-override.conf src: override.conf mode: 0644 owner: root group: "{{ ansible_wheel }}" - name: remove localhost node file: path: /etc/munin/conf.d/local.conf state: absent - name: enable cron job systemd: name: munin.timer state: started enabled: true