414 lines
11 KiB
Puppet
414 lines
11 KiB
Puppet
|
|
# Install and configure munin node.
|
|
#
|
|
# === Global variables
|
|
#
|
|
# $munin_allow:
|
|
# Array of IP addresses allowed to connect to munin-node.
|
|
#
|
|
# $munin_tls:
|
|
# Enable and require TLS if set to "true".
|
|
#
|
|
class munin::node {
|
|
|
|
if !$munin_allow {
|
|
$munin_allow = [ "127.0.0.1" ]
|
|
}
|
|
|
|
package { "munin-node":
|
|
ensure => installed,
|
|
}
|
|
|
|
if $munin_tls == "true" {
|
|
case $::operatingsystem {
|
|
"centos", "redhat", "fedora": {
|
|
package { "perl-Net-SSLeay":
|
|
ensure => installed,
|
|
before => Service["munin-node"],
|
|
}
|
|
}
|
|
"debian", "ubuntu": {
|
|
package { "libnet-ssleay-perl":
|
|
ensure => installed,
|
|
before => Service["munin-node"],
|
|
}
|
|
}
|
|
"openbsd": {
|
|
package { "p5-Net-SSLeay":
|
|
ensure => installed,
|
|
before => Service["munin-node"],
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
service { "munin-node":
|
|
name => $::operatingsystem ? {
|
|
"openbsd" => "munin_node",
|
|
default => "munin-node",
|
|
},
|
|
ensure => running,
|
|
enable => true,
|
|
require => Package["munin-node"],
|
|
}
|
|
|
|
file { "/etc/munin/munin-node.conf":
|
|
ensure => present,
|
|
content => template("munin/munin-node.conf.erb"),
|
|
owner => "root",
|
|
group => $::operatingsystem ? {
|
|
OpenBSD => "wheel",
|
|
default => "root",
|
|
},
|
|
mode => "0644",
|
|
require => Package["munin-node"],
|
|
notify => Exec["munin-node-configure"],
|
|
}
|
|
|
|
@@file { "/etc/munin/conf.d/${::homename}.conf":
|
|
ensure => present,
|
|
content => "[${::homename}]\n address ${::homename}\n use_node_name yes\n",
|
|
tag => "munin",
|
|
}
|
|
|
|
exec { "munin-node-configure":
|
|
command => "munin-node-configure --shell --remove-also 2>/dev/null | /bin/sh",
|
|
path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
|
|
user => "root",
|
|
refreshonly => true,
|
|
notify => Service["munin-node"],
|
|
}
|
|
|
|
# Temporary fix for broken config
|
|
case $::operatingsystem {
|
|
"centos","fedora","redhat": {
|
|
file { "/etc/logrotate.d/munin-node":
|
|
ensure => present,
|
|
mode => "0644",
|
|
owner => "root",
|
|
group => "root",
|
|
source => "puppet:///modules/munin/munin-node.logrotate",
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
|
|
# Configure SNMP node.
|
|
#
|
|
# === Parameters
|
|
#
|
|
# $name:
|
|
# Target SNMP host.
|
|
# $snmp_community:
|
|
# SNMP community. Defaults to public.
|
|
# $snmp_version:
|
|
# SNMP version. Defaults to 2.
|
|
#
|
|
# === Sample usage
|
|
#
|
|
# munin::snmpnode { "sw1.example.com":
|
|
# snmp_community => "mycommunity",
|
|
# }
|
|
#
|
|
define munin::snmpnode($snmp_community="public", $snmp_version="2") {
|
|
|
|
file { "/etc/munin/plugin-conf.d/snmp_${name}":
|
|
ensure => present,
|
|
content => "[snmp_${name}_*]\nenv.community ${snmp_community}\nenv.version ${snmp_version}\n",
|
|
owner => "root",
|
|
group => $::operatingsystem ? {
|
|
"openbsd" => "wheel",
|
|
default => "root",
|
|
},
|
|
mode => "0600",
|
|
notify => Exec["munin-snmp-configure-${name}"],
|
|
}
|
|
|
|
exec { "munin-snmp-configure-${name}":
|
|
path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin",
|
|
command => "munin-node-configure --snmp ${name} --snmpcommunity ${snmp_community} --shell 2>/dev/null | /bin/sh",
|
|
user => "root",
|
|
refreshonly => true,
|
|
notify => Service["munin-node"],
|
|
}
|
|
|
|
@@file { "/etc/munin/conf.d/${name}.conf":
|
|
ensure => present,
|
|
content => "[${name}]\n address ${::homename}\n use_node_name no\n",
|
|
tag => "munin",
|
|
}
|
|
|
|
}
|
|
|
|
|
|
# Add new munin plugin or plugin configuration.
|
|
#
|
|
# === Parameters
|
|
#
|
|
# $name:
|
|
# Plugin name to install.
|
|
# $enable:
|
|
# Set to false to disable plugin.
|
|
# $autoconfig:
|
|
# Boolean for triggering munin-node-configure. Defaults to true.
|
|
# $source:
|
|
# Source path of the plugin.
|
|
# $config:
|
|
# Source path of plugin configuration file.
|
|
#
|
|
# === Sample usage
|
|
#
|
|
# munin::plugin { "nagios_multi_":
|
|
# source => "puppet:///files/munin/plugins/nagios_multi_",
|
|
# config => "puppet:///files/munin/plugins/nagios_multi_.conf",
|
|
# }
|
|
#
|
|
define munin::plugin(
|
|
$enable=true,
|
|
$autoconfig=true,
|
|
$source=undef,
|
|
$config=undef,
|
|
) {
|
|
|
|
$notify = $autoconfig ? {
|
|
true => Exec["munin-node-configure"],
|
|
default => undef,
|
|
}
|
|
|
|
if $enable == true {
|
|
case $::operatingsystem {
|
|
"openbsd": {
|
|
$plugindir = "/usr/local/libexec/munin/plugins"
|
|
}
|
|
default: {
|
|
$plugindir = "/usr/share/munin/plugins"
|
|
}
|
|
}
|
|
|
|
if $source {
|
|
file { "${plugindir}/${name}":
|
|
ensure => present,
|
|
mode => "0755",
|
|
owner => "root",
|
|
group => $::operatingsystem ? {
|
|
"openbsd" => "wheel",
|
|
default => "root",
|
|
},
|
|
source => $source,
|
|
notify => $notify,
|
|
require => Package["munin-node"],
|
|
}
|
|
}
|
|
|
|
if $config {
|
|
file { "/etc/munin/plugin-conf.d/${name}":
|
|
ensure => present,
|
|
mode => "0644",
|
|
owner => "root",
|
|
group => $::operatingsystem ? {
|
|
"openbsd" => "wheel",
|
|
default => "root",
|
|
},
|
|
source => $config,
|
|
notify => $notify,
|
|
require => Package["munin-node"],
|
|
}
|
|
}
|
|
} else {
|
|
file { "/etc/munin/plugin-conf.d/${name}":
|
|
ensure => present,
|
|
mode => "0644",
|
|
owner => "root",
|
|
group => $::operatingsystem ? {
|
|
"openbsd" => "wheel",
|
|
default => "root",
|
|
},
|
|
content => "[${name}]\ncommand /bin/true\n",
|
|
notify => $notify,
|
|
require => Package["munin-node"],
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
|
|
# Install and configure munin server.
|
|
#
|
|
# === Requires
|
|
#
|
|
# * Storedconfigs
|
|
#
|
|
# === Global variables
|
|
#
|
|
# $munin_tls:
|
|
# Enable and require TLS if set to "true".
|
|
#
|
|
class munin::server {
|
|
|
|
package { [ "munin", "munin-cgi" ] :
|
|
ensure => installed,
|
|
}
|
|
|
|
if $munin_datadir {
|
|
file { $munin_datadir:
|
|
ensure => directory,
|
|
mode => "0755",
|
|
owner => "munin",
|
|
group => "munin",
|
|
seltype => "munin_var_lib_t",
|
|
require => Package["munin"],
|
|
}
|
|
selinux::manage_fcontext { "${munin_datadir}(/.*)?":
|
|
type => "munin_var_lib_t",
|
|
before => File[$munin_datadir],
|
|
}
|
|
selinux::manage_fcontext { "${munin_datadir}/plugin-state(/.*)?":
|
|
type => "munin_plugin_state_t",
|
|
before => File[$munin_datadir],
|
|
}
|
|
|
|
file { "/var/lib/munin":
|
|
ensure => $munin_datadir,
|
|
force => true,
|
|
backup => ".orig",
|
|
require => File[$munin_datadir],
|
|
}
|
|
}
|
|
|
|
file { "/var/cache/munin":
|
|
ensure => directory,
|
|
mode => "0775",
|
|
owner => "munin",
|
|
group => $apache::sslserver::group,
|
|
seltype => "httpd_sys_rw_content_t",
|
|
require => Package["munin"],
|
|
}
|
|
selinux::manage_fcontext { "/var/cache/munin(/.*)?":
|
|
type => "httpd_sys_rw_content_t",
|
|
before => File["/var/cache/munin"],
|
|
}
|
|
mount { "/var/cache/munin":
|
|
ensure => mounted,
|
|
atboot => true,
|
|
device => "none",
|
|
fstype => "tmpfs",
|
|
options => "uid=munin,gid=${apache::sslserver::group},mode=0775",
|
|
dump => "0",
|
|
pass => "0",
|
|
require => File["/var/cache/munin"],
|
|
}
|
|
|
|
file { "/var/log/munin":
|
|
ensure => directory,
|
|
mode => "0775",
|
|
owner => $apache::sslserver::user,
|
|
group => "munin",
|
|
require => Package["munin"],
|
|
}
|
|
file { "/etc/logrotate.d/munin-cgi":
|
|
ensure => present,
|
|
content => template("munin/munin-cgi.logrotate.erb"),
|
|
mode => "0644",
|
|
owner => "root",
|
|
group => "root",
|
|
}
|
|
|
|
file { "/var/www/html/munin/.htaccess":
|
|
ensure => present,
|
|
mode => "0644",
|
|
owner => "root",
|
|
group => "root",
|
|
source => [ "puppet:///files/munin/htaccess",
|
|
"puppet:///modules/munin/munin-htaccess", ],
|
|
require => Package["munin"],
|
|
}
|
|
|
|
file { "/var/www/html/munin/cgi":
|
|
ensure => directory,
|
|
mode => "0755",
|
|
owner => "root",
|
|
group => "root",
|
|
require => Package["munin"],
|
|
}
|
|
file { "/var/www/html/munin/cgi/.htaccess":
|
|
ensure => present,
|
|
mode => "0644",
|
|
owner => "root",
|
|
group => "root",
|
|
source => "puppet:///modules/munin/cgi-htaccess",
|
|
require => File["/var/www/html/munin/cgi"],
|
|
}
|
|
file { "/var/www/html/munin/cgi/munin-cgi-graph":
|
|
ensure => link,
|
|
target => "/var/www/cgi-bin/munin-cgi-graph",
|
|
require => File["/var/www/html/munin/cgi"],
|
|
}
|
|
file { "/var/www/html/munin/cgi/munin-cgi-html":
|
|
ensure => link,
|
|
target => "/var/www/cgi-bin/munin-cgi-html",
|
|
require => File["/var/www/html/munin/cgi"],
|
|
}
|
|
|
|
if $munin_tls == "true" {
|
|
include ssl
|
|
file { "${ssl::certs}/munin.crt":
|
|
ensure => present,
|
|
source => "${::puppet_ssldir}/certs/${::homename}.pem",
|
|
mode => "0640",
|
|
owner => "root",
|
|
group => "munin",
|
|
require => Package["munin"],
|
|
}
|
|
file { "${ssl::private}/munin.key":
|
|
ensure => present,
|
|
source => "${::puppet_ssldir}/private_keys/${::homename}.pem",
|
|
mode => "0640",
|
|
owner => "root",
|
|
group => "munin",
|
|
require => Package["munin"],
|
|
}
|
|
}
|
|
|
|
file { "/etc/munin/conf.d":
|
|
ensure => directory,
|
|
purge => true,
|
|
force => true,
|
|
recurse => true,
|
|
owner => "root",
|
|
group => "root",
|
|
mode => "0644",
|
|
source => "puppet:///modules/custom/empty",
|
|
require => Package["munin"],
|
|
}
|
|
|
|
file { "/etc/munin/munin.conf":
|
|
ensure => present,
|
|
owner => "root",
|
|
group => "root",
|
|
mode => "0644",
|
|
content => template("munin/munin.conf.erb"),
|
|
require => Package["munin"],
|
|
}
|
|
|
|
File <<| tag == "munin" |>>
|
|
|
|
define configwebhost() {
|
|
file { "/srv/www/https/${name}/munin":
|
|
ensure => link,
|
|
target => "/var/www/html/munin",
|
|
require => File["/srv/www/https/${name}"],
|
|
}
|
|
}
|
|
|
|
if $munin_webhosts {
|
|
apache::configfile { "munin.conf":
|
|
http => false,
|
|
source => "puppet:///modules/munin/munin-httpd.conf",
|
|
}
|
|
|
|
configwebhost { $munin_webhosts: }
|
|
}
|
|
|
|
}
|