From 3e1a600fd559287b362dfda6a6cb0a327a14de31 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Wed, 19 Jul 2017 18:25:22 +0200
Subject: [PATCH 1/5] apache: enable Munin plugins and CGI mode

---
 apache/handlers/main.yml                  |  5 +++++
 apache/tasks/main.yml                     | 10 ++++++++++
 apache/tasks/munin.yml                    | 24 +++++++++++++++++++++++
 apache/templates/evolinux-default.conf.j2 | 19 ++++++++++++++++++
 4 files changed, 58 insertions(+)
 create mode 100644 apache/tasks/munin.yml

diff --git a/apache/handlers/main.yml b/apache/handlers/main.yml
index af4d94d2..96daa368 100644
--- a/apache/handlers/main.yml
+++ b/apache/handlers/main.yml
@@ -8,3 +8,8 @@
   service:
     name: apache2
     state: reloaded
+
+- name: restart munin-node
+  service:
+    name: munin-node
+    state: restarted
diff --git a/apache/tasks/main.yml b/apache/tasks/main.yml
index a6a46eb8..2325ba4c 100644
--- a/apache/tasks/main.yml
+++ b/apache/tasks/main.yml
@@ -209,6 +209,16 @@
 - include: phpmyadmin.yml
   when: _default_index.stat.exists
 
+- name: Check if Munin plugins exists
+  stat:
+    path: /etc/munin/plugins/
+  register: _munin_plugins
+  check_mode: no
+  tags:
+  - apache
+
+- include: munin.yml
+  when: _munin_plugins.stat.exists
 
 # - block:
 #   - name: generate random string for serverstatus suffix
diff --git a/apache/tasks/munin.yml b/apache/tasks/munin.yml
new file mode 100644
index 00000000..ce560868
--- /dev/null
+++ b/apache/tasks/munin.yml
@@ -0,0 +1,24 @@
+---
+
+- name: install packages for Apache and Munin
+  apt:
+    name: libapache2-mod-fcgid
+    state: installed
+  notify: reload apache
+  tags:
+  - apache
+  - munin
+
+- name: install munin plugins
+  file:
+    src: "/etc/munin/plugins/{{ item }}"
+    dest: "/usr/share/munin/plugins/{{ item }}"
+    state: link
+  with_items:
+  - apache_accesses
+  - apache_processes
+  - apache_volume
+  notify: restart munin-node
+  tags:
+  - apache
+  - munin
diff --git a/apache/templates/evolinux-default.conf.j2 b/apache/templates/evolinux-default.conf.j2
index 38a367d4..36ae65ad 100644
--- a/apache/templates/evolinux-default.conf.j2
+++ b/apache/templates/evolinux-default.conf.j2
@@ -53,6 +53,25 @@
         Include /etc/apache2/private_ipaddr_whitelist.conf
     </Directory>
 
+    # Munin cgi
+    # Ensure we can run (fast)cgi scripts
+    ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
+    <Location /munin-cgi/munin-cgi-graph>
+        Options +ExecCGI
+        <IfModule mod_fcgid.c>
+            SetHandler fcgid-script
+        </IfModule>
+        <IfModule mod_fastcgi.c>
+            SetHandler fastcgi-script
+        </IfModule>
+        <IfModule !mod_fastcgi.c>
+            <IfModule !mod_fcgid.c>
+                SetHandler cgi-script
+            </IfModule>
+        </IfModule>
+        Allow from all
+    </Location>
+
     # For CGI Scripts. We need to set Directory directive as ScriptAlias take precedence.
     ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
     <Directory /usr/lib/cgi-bin>

From c2f67086453ef0e6d42969180624b8b4f6aaa126 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= <bserie@evolix.fr>
Date: Thu, 20 Jul 2017 09:33:22 +0200
Subject: [PATCH 2/5] Better minimalist config in the vhost

Also install mandatory package libcgi-fast-perl.
---
 apache/tasks/munin.yml                    |  9 ++++++++-
 apache/templates/evolinux-default.conf.j2 | 23 +++--------------------
 2 files changed, 11 insertions(+), 21 deletions(-)

diff --git a/apache/tasks/munin.yml b/apache/tasks/munin.yml
index ce560868..2850b101 100644
--- a/apache/tasks/munin.yml
+++ b/apache/tasks/munin.yml
@@ -2,13 +2,20 @@
 
 - name: install packages for Apache and Munin
   apt:
-    name: libapache2-mod-fcgid
+    name: "{{ item }}"
     state: installed
+  with_items:
+  - libapache2-mod-fcgid
+  - libcgi-fast-perl
   notify: reload apache
   tags:
   - apache
   - munin
 
+- name: change group for /var/log/munin/
+  file:
+    group: www-data
+
 - name: install munin plugins
   file:
     src: "/etc/munin/plugins/{{ item }}"
diff --git a/apache/templates/evolinux-default.conf.j2 b/apache/templates/evolinux-default.conf.j2
index 36ae65ad..105edeb1 100644
--- a/apache/templates/evolinux-default.conf.j2
+++ b/apache/templates/evolinux-default.conf.j2
@@ -47,29 +47,12 @@
         Require all denied
         Include /etc/apache2/private_ipaddr_whitelist.conf
     </Directory>
-    <Directory /usr/lib/munin/cgi/>
-        Options -Indexes
-        Require all denied
-        Include /etc/apache2/private_ipaddr_whitelist.conf
-    </Directory>
-
-    # Munin cgi
-    # Ensure we can run (fast)cgi scripts
+    # munin-cgi-graph, used for zooming on graphs.
     ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
     <Location /munin-cgi/munin-cgi-graph>
         Options +ExecCGI
-        <IfModule mod_fcgid.c>
-            SetHandler fcgid-script
-        </IfModule>
-        <IfModule mod_fastcgi.c>
-            SetHandler fastcgi-script
-        </IfModule>
-        <IfModule !mod_fastcgi.c>
-            <IfModule !mod_fcgid.c>
-                SetHandler cgi-script
-            </IfModule>
-        </IfModule>
-        Allow from all
+        Require all denied
+        Include /etc/apache2/private_ipaddr_whitelist.conf
     </Location>
 
     # For CGI Scripts. We need to set Directory directive as ScriptAlias take precedence.

From 1f87d3832054eef924aadb33095657aa0048810e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= <bserie@evolix.fr>
Date: Thu, 20 Jul 2017 09:38:05 +0200
Subject: [PATCH 3/5] Be sure to enable libapache2-mod-fcgid

---
 apache/tasks/munin.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/apache/tasks/munin.yml b/apache/tasks/munin.yml
index 2850b101..1daf4a30 100644
--- a/apache/tasks/munin.yml
+++ b/apache/tasks/munin.yml
@@ -12,6 +12,15 @@
   - apache
   - munin
 
+- name: be sure to enable libapache2-mod-fcgid
+  command: a2enmod fcgid
+  register: cmd_disable_fcgid
+  changed_when: "'Module fcgid already enabled' not in cmd_disable_fcgid.stdout"
+  notify: restart apache
+  tags:
+  - apache
+  - munin
+
 - name: change group for /var/log/munin/
   file:
     group: www-data

From 5ed119eb382b0a71bfec4b69fcfa54b550b6540a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= <bserie@evolix.fr>
Date: Thu, 20 Jul 2017 09:38:39 +0200
Subject: [PATCH 4/5] Missing path and tags for a task

---
 apache/tasks/munin.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/apache/tasks/munin.yml b/apache/tasks/munin.yml
index 1daf4a30..fa377cb9 100644
--- a/apache/tasks/munin.yml
+++ b/apache/tasks/munin.yml
@@ -23,7 +23,11 @@
 
 - name: change group for /var/log/munin/
   file:
+    path: /var/log/munin/
     group: www-data
+  tags:
+  - apache
+  - munin
 
 - name: install munin plugins
   file:

From f5c8d56b6a5beeb14ccf06c57eb23b39a1a1ca7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= <bserie@evolix.fr>
Date: Thu, 20 Jul 2017 09:40:45 +0200
Subject: [PATCH 5/5] Wrong register name fixed

---
 apache/tasks/munin.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apache/tasks/munin.yml b/apache/tasks/munin.yml
index fa377cb9..150a6e87 100644
--- a/apache/tasks/munin.yml
+++ b/apache/tasks/munin.yml
@@ -14,8 +14,8 @@
 
 - name: be sure to enable libapache2-mod-fcgid
   command: a2enmod fcgid
-  register: cmd_disable_fcgid
-  changed_when: "'Module fcgid already enabled' not in cmd_disable_fcgid.stdout"
+  register: cmd_enable_fcgid
+  changed_when: "'Module fcgid already enabled' not in cmd_enable_fcgid.stdout"
   notify: restart apache
   tags:
   - apache