From b408390ae9311b7d703ce57c25a78dce23c31b16 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 10 Jun 2015 15:35:13 +0200 Subject: Configure munin nodes & master. Interhost communications are protected by stunnel4. The graphs are only visible on the master itself, and content is generated by Fast CGI. --- .../files/etc/nginx/sites-available/munin | 31 ++++++++++++++++++++++ .../lib/systemd/system/munin-cgi-graph.service | 14 ++++++++++ .../lib/systemd/system/munin-cgi-graph.socket | 11 ++++++++ .../lib/systemd/system/munin-cgi-html.service | 14 ++++++++++ .../files/lib/systemd/system/munin-cgi-html.socket | 11 ++++++++ 5 files changed, 81 insertions(+) create mode 100644 roles/munin-master/files/etc/nginx/sites-available/munin create mode 100644 roles/munin-master/files/lib/systemd/system/munin-cgi-graph.service create mode 100644 roles/munin-master/files/lib/systemd/system/munin-cgi-graph.socket create mode 100644 roles/munin-master/files/lib/systemd/system/munin-cgi-html.service create mode 100644 roles/munin-master/files/lib/systemd/system/munin-cgi-html.socket (limited to 'roles/munin-master/files') diff --git a/roles/munin-master/files/etc/nginx/sites-available/munin b/roles/munin-master/files/etc/nginx/sites-available/munin new file mode 100644 index 0000000..ade1888 --- /dev/null +++ b/roles/munin-master/files/etc/nginx/sites-available/munin @@ -0,0 +1,31 @@ +server { + listen 127.0.0.1:80; + listen [::1]:80; + + server_name munin.fripost.org; + + access_log /var/log/nginx/munin.access.log; + error_log /var/log/nginx/munin.error.log info; + + location = / { + return 302 /munin$args; + } + + location /munin/static/ { + alias /etc/munin/static/; + } + + location /munin-cgi/munin-cgi-graph/ { + fastcgi_split_path_info ^(/munin-cgi/munin-cgi-graph)(.*); + include fastcgi/params; + fastcgi_pass unix:/run/munin/cgi-graph.socket; + gzip off; + } + + location /munin/ { + fastcgi_split_path_info ^(/munin)(.*); + include fastcgi/params; + fastcgi_pass unix:/run/munin/cgi-html.socket; + gzip off; + } +} diff --git a/roles/munin-master/files/lib/systemd/system/munin-cgi-graph.service b/roles/munin-master/files/lib/systemd/system/munin-cgi-graph.service new file mode 100644 index 0000000..9e4d820 --- /dev/null +++ b/roles/munin-master/files/lib/systemd/system/munin-cgi-graph.service @@ -0,0 +1,14 @@ +[Unit] +Description=Munin CGI Graph Service +After=network.target +PartOf=munin.service +Requires=munin-cgi-graph.socket + +[Service] +StandardInput=socket +User=www-data +Group=munin +ExecStart=/usr/lib/munin/cgi/munin-cgi-graph + +[Install] +WantedBy=multi-user.target diff --git a/roles/munin-master/files/lib/systemd/system/munin-cgi-graph.socket b/roles/munin-master/files/lib/systemd/system/munin-cgi-graph.socket new file mode 100644 index 0000000..d4d2e27 --- /dev/null +++ b/roles/munin-master/files/lib/systemd/system/munin-cgi-graph.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Munin CGI Graph Listen Socket + +[Socket] +SocketUser=www-data +SocketGroup=www-data +SocketMode=0600 +ListenStream=/run/munin/cgi-graph.socket + +[Install] +WantedBy=sockets.target diff --git a/roles/munin-master/files/lib/systemd/system/munin-cgi-html.service b/roles/munin-master/files/lib/systemd/system/munin-cgi-html.service new file mode 100644 index 0000000..11a7470 --- /dev/null +++ b/roles/munin-master/files/lib/systemd/system/munin-cgi-html.service @@ -0,0 +1,14 @@ +[Unit] +Description=Munin CGI HTML Service +After=network.target +PartOf=munin.service +Requires=munin-cgi-html.socket + +[Service] +StandardInput=socket +User=www-data +Group=munin +ExecStart=/usr/lib/munin/cgi/munin-cgi-html + +[Install] +WantedBy=multi-user.target diff --git a/roles/munin-master/files/lib/systemd/system/munin-cgi-html.socket b/roles/munin-master/files/lib/systemd/system/munin-cgi-html.socket new file mode 100644 index 0000000..77be2cf --- /dev/null +++ b/roles/munin-master/files/lib/systemd/system/munin-cgi-html.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Munin CGI HTML Listen Socket + +[Socket] +SocketUser=www-data +SocketGroup=www-data +SocketMode=0600 +ListenStream=/run/munin/cgi-html.socket + +[Install] +WantedBy=sockets.target -- cgit v1.2.3