#
# Example config-file for munin-node
#

log_level 4
<% if ['CentOS','Fedora','RedHat'].index(@operatingsystem) -%>
log_file /var/log/munin-node/munin-node.log
<% else -%>
log_file /var/log/munin/munin-node.log
<% end -%>
pid_file /var/run/munin/munin-node.pid

background 1
setsid 1

user root
<% if @operatingsystem == "OpenBSD" -%>
group wheel
<% else -%>
group root
<% end -%>

# Regexps for files to ignore
ignore_file ~$
ignore_file \.bak$
ignore_file %$
ignore_file \.dpkg-(tmp|new|old|dist)$
ignore_file \.rpm(save|new)$
ignore_file \.pod$

# Set this if the client doesn't report the correct hostname when
# telnetting to localhost, port 4949
#
host_name <%= @homename %>

# A list of addresses that are allowed to connect.  This must be a
# regular expression, due to brain damage in Net::Server, which
# doesn't understand CIDR-style network notation.  You may repeat
# the allow line as many times as you'd like
<% @munin_allow.each do |allow| -%>
allow <%= "^%s$" % allow.gsub('.', '\.') %>
<% end -%>

# Which address to bind to;
host *

# And which port
port 4949
<% if @munin_tls == "true" -%>

# Require TLS
tls paranoid
tls_verify_certificate yes
tls_ca_certificate <%= @puppet_ssldir %>/certs/ca.pem
tls_certificate <%= @puppet_ssldir %>/certs/<%= @homename %>.pem
tls_private_key <%= @puppet_ssldir %>/private_keys/<%= @homename %>.pem
<% end -%>