Commit 4c6a7ecb authored by taggart's avatar taggart
Browse files

drop root where possible, add notes about what plugins need access to

parent cd96c114
# FIXME right now this class has some hard coded paths to the sympa spool, logs, etc.
# sympa munin plugins
# some of these plugins need database access, ensure that the munin user
# has access by giving that user a .my.cnf file that gives them read-only
# access to whereever the database is
# FIXME right now this class has some hard coded paths to the sympa spool,
# logs, etc.
class sympa::munin {
......@@ -25,19 +30,22 @@ class sympa::munin {
}
munin::plugin {
# only needs to run ps, so can run as munin
"sympaps":
ensure => "multips",
config => "user root\nenv.names wwsympa sympa archived task_manager bounced bulk\nenv.regex_sympa ^[0-9]* /usr/bin/perl /home/sympa/bin/sympa.pl\nenv.regex_archived ^[0-9]* /usr/bin/perl /home/sympa/bin/archived.pl\nenv.regex_task_manager ^[0-9]* /usr/bin/perl /home/sympa/bin/task_manager.pl\nenv.regex_bounced ^[0-9]* /usr/bin/perl /home/sympa/bin/bounced.pl\nenv.regex_bulk ^[0-9]* /usr/bin/perl /home/sympa/bin/bulk.pl\n";
config => "user munin\nenv.names wwsympa sympa archived task_manager bounced bulk\nenv.regex_sympa ^[0-9]* /usr/bin/perl /home/sympa/bin/sympa.pl\nenv.regex_archived ^[0-9]* /usr/bin/perl /home/sympa/bin/archived.pl\nenv.regex_task_manager ^[0-9]* /usr/bin/perl /home/sympa/bin/task_manager.pl\nenv.regex_bounced ^[0-9]* /usr/bin/perl /home/sympa/bin/bounced.pl\nenv.regex_bulk ^[0-9]* /usr/bin/perl /home/sympa/bin/bulk.pl\n";
}
munin::plugin {
# only needs to run find in spool/ dirs, so can run as munin
"sympa_queue":
ensure => "sympa_queue",
config => "user root\nenv.spooldir /home/sympa/spool\n",
config => "user munin\nenv.spooldir /home/sympa/spool\n",
script_path_in => "/usr/local/share/munin-plugins";
}
munin::plugin {
# needs to be able to read logs in /var/log/sympa
"sympa_stats":
ensure => "sympa_stats",
config => "user root\nenv.logfile /var/log/sympa/sympa.log\n",
......@@ -45,23 +53,26 @@ class sympa::munin {
}
munin::plugin {
# needs db access, can run as munin
"sympa_subscribers":
ensure => "sympa_subscribers",
config => "user root\n",
config => "user munin\n",
script_path_in => "/usr/local/share/munin-plugins";
}
munin::plugin {
# needs db access, can run as munin
"sympa_lists":
ensure => "sympa_lists",
config => "user root\n",
config => "user munin\n",
script_path_in => "/usr/local/share/munin-plugins";
}
munin::plugin {
# needs db access, can run as munin
"sympa_users":
ensure => "sympa_users",
config => "user root\n",
config => "user munin\n",
script_path_in => "/usr/local/share/munin-plugins";
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment