fgf

group_vars/all.yml

@@ -213,8 +213,8 @@ munin_node_disabled_plugins:
   - squid_traffic # proxmox
   - timesync
   - docker_volumesize2
-
   - docker_multi
+
 munin_node_plugins:
   - name: chrony
     src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/chrony/chrony

group_vars/munin.yml

@@ -42,6 +42,11 @@ munin_node_bind_port: "4949"
 munin_node_allowed_cidrs: [127.0.0.1]
 
 ###  mgrote_munin_master
+munin_mail_user: munin@mgrote.net
+munin_mail_server: "{{ postfix_smtp_server }}"
+munin_mail_port: "{{ 1025 }}"
+munin_mail_tls: false
+
 munin_enable_alerts: true
 munin_alerts_to: info@mgrote.net
 munin_hosts:

roles/mgrote_munin_server/defaults/main.yml

@@ -26,8 +26,15 @@ munin_server_plugins:
 munin_cron_job: present
 munin_dbdir: "/var/lib/munin"
 munin_enable_alerts: true
-munin_alerts_to: nobody@nowhere.com
 munin_hosts:
   - name: "{{ ansible_fqdn }}"
     address: "127.0.0.1"
     extra: ["use_node_name yes"]
+    
+munin_mail_user: user
+munin_mail_pass: geheim
+munin_mail_server: mail.server.com
+munin_mail_port: 25
+munin_mail_tls: false
+
+munin_alerts_to: nobody@nowhere.com

roles/mgrote_munin_server/tasks/mail.yml

@@ -0,0 +1,32 @@
+---
+- name: ensure packages are installed
+  become: true
+  ansible.builtin.package:
+    name: "{{ munin_packages }}"
+    state: present
+
+- name: Ensure needed dirs exists
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    mode: '0755'
+    owner: munin
+    group: munin
+  loop: "{{ munin_dirs }}"
+
+- name: Ensure permissions are set
+  ansible.builtin.file:
+    path: /var/lib/munin/cgi-tmp
+    mode: 'ugo+rw'
+    state: directory
+    owner: munin
+    group: munin
+    recurse: true
+
+- name: Template apache config
+  ansible.builtin.template:
+    src: apache.conf
+    dest: /etc/apache2/sites-available/000-default.conf
+  notify: "restart apache2"
+
+...

roles/mgrote_munin_server/tasks/main.yml

@@ -72,4 +72,7 @@
     owner: munin
     group: munin
   when: not placeholder.stat.exists
+
+- name: Include alerting tasks
+  ansible.builtin.include_tasks: mail.yml
 ...

roles/mgrote_munin_server/templates/ssmtp.conf

@@ -0,0 +1,14 @@
+# The user that gets all the mails (UID < 1000, usually the admin)
+root={{ munin_alerts_to }}
+
+# The mail server (where the mail is sent to), both port 465 or 587 should be acceptable
+# See also https://support.google.com/mail/answer/78799
+mailhub={{ munin_mail_server }}:{{ munin_mail_port }}
+
+# The full hostname. Must be correctly formed, fully qualified domain name or GMail will reject connection.
+hostname={{ munin_servername }}
+
+# Use implicit TLS (port 465). When using port 587, change UseSTARTTLS=Yes
+TLS_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+UseTLS={{ munin_mail_tls }}
+UseSTARTTLS=No