116 lines
2.5 KiB
YAML
116 lines
2.5 KiB
YAML
---
|
|
- name: Install packages
|
|
ansible.builtin.package:
|
|
name: munin
|
|
state: installed
|
|
|
|
- name: Set file contexts for data directory
|
|
community.general.sefcontext:
|
|
path: "/export/munin(/.*)?"
|
|
setype: munin_var_lib_t
|
|
|
|
- name: Create data direcory
|
|
ansible.builtin.file:
|
|
path: /export/munin
|
|
state: directory
|
|
mode: 0755
|
|
owner: munin
|
|
group: munin
|
|
setype: _default
|
|
|
|
- name: Link data directory
|
|
ansible.builtin.file:
|
|
dest: /srv/munin
|
|
src: /export/munin
|
|
state: link
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
follow: false
|
|
|
|
# for some reason this is owned by adm default
|
|
- name: Fix log directory group
|
|
ansible.builtin.file:
|
|
path: /var/log/munin
|
|
state: directory
|
|
mode: 0750
|
|
owner: munin
|
|
group: apache
|
|
|
|
- name: Add munin to hostkey group
|
|
ansible.builtin.user:
|
|
name: munin
|
|
groups: hostkey
|
|
append: true
|
|
|
|
# this needs better rule
|
|
- name: Fix SELinux write errors
|
|
ansible.posix.seboolean:
|
|
name: domain_can_mmap_files
|
|
state: true
|
|
persistent: true
|
|
|
|
- name: Create apache config
|
|
ansible.builtin.copy:
|
|
dest: /etc/httpd/conf.local.d/munin.conf
|
|
src: munin-apache.conf
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
notify: Restart apache
|
|
|
|
- name: Fix SELinx contexts from cache directory
|
|
community.general.sefcontext:
|
|
path: "/var/run/munin/cgi-tmp(/.*)?"
|
|
setype: munin_rw_content_t
|
|
|
|
- name: Add cache direcory to tmpfiles
|
|
ansible.builtin.copy:
|
|
dest: /etc/tmpfiles.d/munin.conf
|
|
src: munin-tmpfiles.conf
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Create cache directory
|
|
ansible.builtin.file:
|
|
path: /var/run/munin/cgi-tmp
|
|
state: directory
|
|
mode: 0755
|
|
owner: apache
|
|
group: apache
|
|
setype: _default
|
|
|
|
- name: Create tls config
|
|
ansible.builtin.template:
|
|
dest: /etc/munin/munin-conf.d/00-tls.conf
|
|
src: tls.conf.j2
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Create host config
|
|
ansible.builtin.template:
|
|
dest: /etc/munin/munin-conf.d/hosts.conf
|
|
src: hosts.conf.j2
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Create override config
|
|
ansible.builtin.copy:
|
|
dest: /etc/munin/munin-conf.d/00-override.conf
|
|
src: override.conf
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Remove localhost node
|
|
ansible.builtin.file:
|
|
path: /etc/munin/munin-conf.d/local.conf
|
|
state: absent
|
|
|
|
- name: Enable cron job
|
|
ansible.builtin.systemd:
|
|
name: munin.timer
|
|
state: started
|
|
enabled: true
|