Commit 4c6a7ecb authored by taggart's avatar taggart
Browse files

drop root where possible, add notes about what plugins need access to

parent cd96c114
# FIXME right now this class has some hard coded paths to the sympa spool, logs, etc. # sympa munin plugins
# some of these plugins need database access, ensure that the munin user
# has access by giving that user a .my.cnf file that gives them read-only
# access to whereever the database is
# FIXME right now this class has some hard coded paths to the sympa spool,
# logs, etc.
class sympa::munin { class sympa::munin {
...@@ -25,19 +30,22 @@ class sympa::munin { ...@@ -25,19 +30,22 @@ class sympa::munin {
} }
munin::plugin { munin::plugin {
# only needs to run ps, so can run as munin
"sympaps": "sympaps":
ensure => "multips", ensure => "multips",
config => "user root\nenv.names wwsympa sympa archived task_manager bounced bulk\nenv.regex_sympa ^[0-9]* /usr/bin/perl /home/sympa/bin/sympa.pl\nenv.regex_archived ^[0-9]* /usr/bin/perl /home/sympa/bin/archived.pl\nenv.regex_task_manager ^[0-9]* /usr/bin/perl /home/sympa/bin/task_manager.pl\nenv.regex_bounced ^[0-9]* /usr/bin/perl /home/sympa/bin/bounced.pl\nenv.regex_bulk ^[0-9]* /usr/bin/perl /home/sympa/bin/bulk.pl\n"; config => "user munin\nenv.names wwsympa sympa archived task_manager bounced bulk\nenv.regex_sympa ^[0-9]* /usr/bin/perl /home/sympa/bin/sympa.pl\nenv.regex_archived ^[0-9]* /usr/bin/perl /home/sympa/bin/archived.pl\nenv.regex_task_manager ^[0-9]* /usr/bin/perl /home/sympa/bin/task_manager.pl\nenv.regex_bounced ^[0-9]* /usr/bin/perl /home/sympa/bin/bounced.pl\nenv.regex_bulk ^[0-9]* /usr/bin/perl /home/sympa/bin/bulk.pl\n";
} }
munin::plugin { munin::plugin {
# only needs to run find in spool/ dirs, so can run as munin
"sympa_queue": "sympa_queue":
ensure => "sympa_queue", ensure => "sympa_queue",
config => "user root\nenv.spooldir /home/sympa/spool\n", config => "user munin\nenv.spooldir /home/sympa/spool\n",
script_path_in => "/usr/local/share/munin-plugins"; script_path_in => "/usr/local/share/munin-plugins";
} }
munin::plugin { munin::plugin {
# needs to be able to read logs in /var/log/sympa
"sympa_stats": "sympa_stats":
ensure => "sympa_stats", ensure => "sympa_stats",
config => "user root\nenv.logfile /var/log/sympa/sympa.log\n", config => "user root\nenv.logfile /var/log/sympa/sympa.log\n",
...@@ -45,23 +53,26 @@ class sympa::munin { ...@@ -45,23 +53,26 @@ class sympa::munin {
} }
munin::plugin { munin::plugin {
# needs db access, can run as munin
"sympa_subscribers": "sympa_subscribers":
ensure => "sympa_subscribers", ensure => "sympa_subscribers",
config => "user root\n", config => "user munin\n",
script_path_in => "/usr/local/share/munin-plugins"; script_path_in => "/usr/local/share/munin-plugins";
} }
munin::plugin { munin::plugin {
# needs db access, can run as munin
"sympa_lists": "sympa_lists":
ensure => "sympa_lists", ensure => "sympa_lists",
config => "user root\n", config => "user munin\n",
script_path_in => "/usr/local/share/munin-plugins"; script_path_in => "/usr/local/share/munin-plugins";
} }
munin::plugin { munin::plugin {
# needs db access, can run as munin
"sympa_users": "sympa_users":
ensure => "sympa_users", ensure => "sympa_users",
config => "user root\n", config => "user munin\n",
script_path_in => "/usr/local/share/munin-plugins"; script_path_in => "/usr/local/share/munin-plugins";
} }
} }
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment