Update munin configuration: refactoring and add support of apache2 web stats display

group_vars/monitoring

@@ -8,12 +8,8 @@ with_munin: False
 with_munin_node: False
 
 munin_master_vhostname: localhost
-munin_master_vhostport: 80
 
 with_munin_http_auth: False
-munin_http_auth_file: /etc/nginx/auth_munin
-munin_http_auth_username: munin
-munin_http_auth_password_hash: kRNB9HYFOWHgo # openssl passwd -crypt mu1234nin
 
 munin_masters:
   - 127.0.0.1/32

roles/monitoring/handlers/munin.yml

@@ -3,3 +3,6 @@
 
 - name: Reload nginx for munin
   action: service name=nginx state=reloaded
+
+- name: Reload apache2 for munin
+  action: service name=apache2 state=reloaded

roles/monitoring/tasks/munin.yml

@@ -6,22 +6,6 @@
   action: template src=munin/munin.conf.j2 dest=/etc/munin/munin.conf owner=root group=root mode=0644
   when_boolean: ${with_munin}
 
-- name: Create basic authentication file for munin web interface
-  action: template src=munin/nginx_auth.j2 dest=${munin_http_auth_file} owner=root group=www-data mode=0640
-  when_boolean: ${with_munin} and ${with_munin_http_auth}
-
-- name: Install munin nginx virtual host (sites-available)
-  action: template src=munin/nginx_vhost.j2 dest=/etc/nginx/sites-available/munin owner=root group=root mode=0644
-  notify:
-    - Reload nginx for munin
-  when_boolean: ${with_munin}
-
-- name: Install munin nginx virtual host (sites-enabled)
-  action: file src=/etc/nginx/sites-available/munin path=/etc/nginx/sites-enabled/munin state=link
-  notify:
-    - Reload nginx for munin
-  when_boolean: ${with_munin}
-
 - name: Install munin-node packages
   action: ${ansible_pkg_mgr} pkg=${item} state=installed update_cache=yes
   with_items:
@@ -59,6 +43,30 @@
     - Restart munin-node
   when_boolean: ${with_munin_node}
 
+- name: Install nginx virtual host for munin (sites-available)
+  action: template src=munin/nginx_vhost.j2 dest=/etc/nginx/sites-available/munin owner=root group=root mode=0644
+  notify:
+    - Reload nginx for munin
+  when_boolean: ${with_munin} and ${with_nginx}
+
+- name: Install nginx virtual host for munin (sites-enabled)
+  action: file src=/etc/nginx/sites-available/munin path=/etc/nginx/sites-enabled/munin state=link
+  notify:
+    - Reload nginx for munin
+  when_boolean: ${with_munin} and ${with_nginx}
+
+- name: Install apache2 virtual host for munin (sites-available)
+  action: template src=munin/apache2_vhost.j2 dest=/etc/apache2/sites-available/munin owner=root group=root mode=0644
+  notify:
+    - Reload apache2 for munin
+  when_boolean: ${with_munin} and ${with_apache2}
+
+- name: Install apache2 virtual host for munin (sites-enabled)
+  action: file src=/etc/apache2/sites-available/munin path=/etc/apache2/sites-enabled/munin state=link
+  notify:
+    - Reload apache2 for munin
+  when_boolean: ${with_munin} and ${with_apache2}
+
 - name: Ensure munin-node is running
   action: service name=munin-node state=started
   when_boolean: ${with_munin_node}

roles/monitoring/templates/munin/apache2_vhost.j2

@@ -0,0 +1,31 @@
+{% if ansible_prolog -%}
+{% from 'templates/ansible/prolog.j2' import prolog with context %}
+{{ prolog() }}
+{% endif -%}
+# Apache vhost for munin
+
+<VirtualHost *:80>
+    ServerName {{ munin_master_vhostname }}
+
+    DocumentRoot /var/cache/munin/www
+    DirectoryIndex index.html
+
+    <Location />
+        AuthType basic
+        AuthName "Restricted Access"
+        AuthUserFile /etc/apache2/auth_admin
+        Require valid-user
+    </Location>
+
+    <Directory /var/cache/munin/www>
+        Options None
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+    </Directory>
+
+    LogLevel warn
+    CustomLog ${APACHE_LOG_DIR}/munin.access.log combined
+    ErrorLog ${APACHE_LOG_DIR}/munin.error.log
+
+</VirtualHost>

roles/monitoring/templates/munin/nginx_auth.j2

@@ -1 +0,0 @@
-{{ munin_http_auth_username }}:{{ munin_http_auth_password_hash }}

roles/monitoring/templates/munin/nginx_vhost.j2

@@ -6,7 +6,6 @@
 
 server {
     server_name {{ munin_master_vhostname }};
-    listen {{ munin_master_vhostport }};
 
     access_log  /var/log/nginx/munin.access.log;
     error_log   /var/log/nginx/munin.error.log;
@@ -14,7 +13,7 @@ server {
     location / {
 {% if with_munin_http_auth %}
         auth_basic "Restricted Access";
-        auth_basic_user_file {{ munin_http_auth_file }};
+        auth_basic_user_file /etc/nginx/auth_admin;
 {% endif %}
         root /var/cache/munin/www/;
         break;