# Install and configure munin node. # # === Global variables # # $munin_allow: # Array of IP addresses allowed to connect to munin-node. # # $munin_tls: # Enable and require TLS if set to "true". # class munin::node { if !$munin_allow { $munin_allow = [ "127.0.0.1" ] } package { "munin-node": ensure => installed, } if $munin_tls == "true" { case $::operatingsystem { "centos", "redhat", "fedora": { package { "perl-Net-SSLeay": ensure => installed, before => Service["munin-node"], } } "debian", "ubuntu": { package { "libnet-ssleay-perl": ensure => installed, before => Service["munin-node"], } } "openbsd": { package { "p5-Net-SSLeay": ensure => installed, before => Service["munin-node"], } } } } service { "munin-node": name => $::operatingsystem ? { "openbsd" => "munin_node", default => "munin-node", }, ensure => running, enable => true, require => Package["munin-node"], } file { "/etc/munin/munin-node.conf": ensure => present, content => template("munin/munin-node.conf.erb"), owner => "root", group => $::operatingsystem ? { OpenBSD => "wheel", default => "root", }, mode => "0644", require => Package["munin-node"], notify => Exec["munin-node-configure"], } @@file { "/etc/munin/conf.d/${::homename}.conf": ensure => present, content => "[${::homename}]\n address ${::homename}\n use_node_name yes\n", tag => "munin", } exec { "munin-node-configure": command => "munin-node-configure --shell --remove-also 2>/dev/null | /bin/sh", path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin", user => "root", refreshonly => true, notify => Service["munin-node"], } # Temporary fix for broken config case $::operatingsystem { "centos","fedora","redhat": { file { "/etc/logrotate.d/munin-node": ensure => present, mode => "0644", owner => "root", group => "root", source => "puppet:///modules/munin/munin-node.logrotate", } } } } # Configure SNMP node. # # === Parameters # # $name: # Target SNMP host. # $snmp_community: # SNMP community. Defaults to public. # $snmp_version: # SNMP version. Defaults to 2. # # === Sample usage # # munin::snmpnode { "sw1.example.com": # snmp_community => "mycommunity", # } # define munin::snmpnode($snmp_community="public", $snmp_version="2") { file { "/etc/munin/plugin-conf.d/snmp_${name}": ensure => present, content => "[snmp_${name}_*]\nenv.community ${snmp_community}\nenv.version ${snmp_version}\n", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, mode => "0600", notify => Exec["munin-snmp-configure-${name}"], } exec { "munin-snmp-configure-${name}": path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin", command => "munin-node-configure --snmp ${name} --snmpcommunity ${snmp_community} --shell 2>/dev/null | /bin/sh", user => "root", refreshonly => true, notify => Service["munin-node"], } @@file { "/etc/munin/conf.d/${name}.conf": ensure => present, content => "[${name}]\n address ${::homename}\n use_node_name no\n", tag => "munin", } } # Add new munin plugin or plugin configuration. # # === Parameters # # $name: # Plugin name to install. # $enable: # Set to false to disable plugin. # $force: # Skip munin-node-configure and always enable or disable plugin. # Defaults to false. # $source: # Source path of the plugin. # $config: # Source path of plugin configuration file. # # === Sample usage # # munin::plugin { "nagios_multi_": # source => "puppet:///files/munin/plugins/nagios_multi_", # config => "puppet:///files/munin/plugins/nagios_multi_.conf", # } # define munin::plugin( $enable=true, $force=false, $source=undef, $config=undef, ) { $notify = $force ? { true => undef, default => Exec["munin-node-configure"], } if $enable == true { case $::operatingsystem { "openbsd": { $plugindir = "/usr/local/libexec/munin/plugins" } default: { $plugindir = "/usr/share/munin/plugins" } } if $source { file { "${plugindir}/${name}": ensure => present, mode => "0755", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, source => $source, notify => $notify, require => Package["munin-node"], } } if $config { file { "/etc/munin/plugin-conf.d/${name}": ensure => present, mode => "0644", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, source => $config, notify => $notify, require => Package["munin-node"], } } if $force == true { file { "/etc/munin/plugins/${name}": ensure => link, target => "${plugindir}/${name}", require => Exec["munin-node-configure"], notify => Service["munin-node"], } } } else { file { "/etc/munin/plugin-conf.d/${name}": ensure => present, mode => "0644", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, content => "[${name}]\ncommand /bin/true\n", notify => $notify, require => Package["munin-node"], } if $force == true { file { "/etc/munin/plugins/${name}": ensure => absent, require => Exec["munin-node-configure"], notify => Service["munin-node"], } } } } # Install and configure munin server. # # === Requires # # * Storedconfigs # # === Global variables # # $munin_tls: # Enable and require TLS if set to "true". # class munin::server { package { [ "munin", "munin-cgi" ] : ensure => installed, } if $munin_datadir { file { $munin_datadir: ensure => directory, mode => "0755", owner => "munin", group => "munin", seltype => "munin_var_lib_t", require => Package["munin"], } selinux::manage_fcontext { "${munin_datadir}(/.*)?": type => "munin_var_lib_t", before => File[$munin_datadir], } selinux::manage_fcontext { "${munin_datadir}/plugin-state(/.*)?": type => "munin_plugin_state_t", before => File[$munin_datadir], } file { "/var/lib/munin": ensure => $munin_datadir, force => true, backup => ".orig", require => File[$munin_datadir], } } file { "/var/cache/munin": ensure => directory, mode => "0775", owner => "munin", group => $apache::sslserver::group, seltype => "httpd_sys_rw_content_t", require => Package["munin"], } selinux::manage_fcontext { "/var/cache/munin(/.*)?": type => "httpd_sys_rw_content_t", before => File["/var/cache/munin"], } mount { "/var/cache/munin": ensure => mounted, atboot => true, device => "none", fstype => "tmpfs", options => "uid=munin,gid=${apache::sslserver::group},mode=0775", dump => "0", pass => "0", require => File["/var/cache/munin"], } file { "/var/log/munin": ensure => directory, mode => "0775", owner => $apache::sslserver::user, group => "munin", require => Package["munin"], } file { "/etc/logrotate.d/munin-cgi": ensure => present, content => template("munin/munin-cgi.logrotate.erb"), mode => "0644", owner => "root", group => "root", } file { "/var/www/html/munin/.htaccess": ensure => present, mode => "0644", owner => "root", group => "root", source => [ "puppet:///files/munin/htaccess", "puppet:///modules/munin/munin-htaccess", ], require => Package["munin"], } file { "/var/www/html/munin/cgi": ensure => directory, mode => "0755", owner => "root", group => "root", require => Package["munin"], } file { "/var/www/html/munin/cgi/.htaccess": ensure => present, mode => "0644", owner => "root", group => "root", source => "puppet:///modules/munin/cgi-htaccess", require => File["/var/www/html/munin/cgi"], } file { "/var/www/html/munin/cgi/munin-cgi-graph": ensure => link, target => "/var/www/cgi-bin/munin-cgi-graph", require => File["/var/www/html/munin/cgi"], } file { "/var/www/html/munin/cgi/munin-cgi-html": ensure => link, target => "/var/www/cgi-bin/munin-cgi-html", require => File["/var/www/html/munin/cgi"], } if $munin_tls == "true" { include ssl file { "${ssl::certs}/munin.crt": ensure => present, source => "${::puppet_ssldir}/certs/${::homename}.pem", mode => "0640", owner => "root", group => "munin", require => Package["munin"], } file { "${ssl::private}/munin.key": ensure => present, source => "${::puppet_ssldir}/private_keys/${::homename}.pem", mode => "0640", owner => "root", group => "munin", require => Package["munin"], } } file { "/etc/munin/conf.d": ensure => directory, purge => true, force => true, recurse => true, owner => "root", group => "root", mode => "0644", source => "puppet:///modules/custom/empty", require => Package["munin"], } file { "/etc/munin/munin.conf": ensure => present, owner => "root", group => "root", mode => "0644", content => template("munin/munin.conf.erb"), require => Package["munin"], } File <<| tag == "munin" |>> define configwebhost() { file { "/srv/www/https/${name}/munin": ensure => link, target => "/var/www/html/munin", require => File["/srv/www/https/${name}"], } } if $munin_webhosts { apache::configfile { "munin.conf": http => false, source => "puppet:///modules/munin/munin-httpd.conf", } configwebhost { $munin_webhosts: } } }