From c31761fbc06c33416fc33d4b4758e916d2967ad4 Mon Sep 17 00:00:00 2001
From: Jimmy Monin <jimmy@monin.net>
Date: Sun, 5 Mar 2017 12:20:39 +0100
Subject: [PATCH] Automatic configuration for MySQL, Nginx logs and Dovecot
 monitoring

---
 README.md                 | 16 ++++++++++++++++
 conf/netdata-deps.control |  4 ++--
 scripts/install           | 15 +++++++++++++++
 scripts/remove            |  6 ++++++
 scripts/restore           | 17 +++++++++++++++++
 scripts/upgrade           | 23 +++++++++++++++++++++++
 6 files changed, 79 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5488a84..6038b2b 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,22 @@ disrupting their core function._
 
 **Shipped version:** 1.5.0
 
+**Customization brought by the package:**
+
+* grant MySQL statistics access via a `netdata` user
+* nginx root log statistics via putting `netdata` user in the `adm` group
+* Dovecot statistics via giving access to Dovecot stats stocket to `netdata` user (works only with Dovecot 2.2.16+)
+
+**Further recommendations:**
+We don't allow YunoHost packages to make sensible changes to system files. So here are further customizations you can make to allow more monitoring:
+
+* Nginx: 
+  * requests/connections: follow [these recommandations](https://github.com/firehol/netdata/tree/master/python.d#nginx) to enable `/stab_status` (for example by putting the `location` section in `/etc/nginx/conf.d/yunohost_admin.conf`
+  * weblogs: you can monitor all your nginx weblogs for errors; follow [these recommendations](https://github.com/firehol/netdata/tree/master/python.d#nginx_log)
+* phpfpm: follow [these recommandations](https://github.com/firehol/netdata/tree/master/python.d#phpfpm)
+
+It has been tested on x86_64 and ARM.
+
 ## Features
 
 <p align="center">
diff --git a/conf/netdata-deps.control b/conf/netdata-deps.control
index f6b9ee9..0105cfe 100644
--- a/conf/netdata-deps.control
+++ b/conf/netdata-deps.control
@@ -4,8 +4,8 @@ Homepage: https://https://my-netdata.io/
 Standards-Version: 3.9.2
 
 Package: netdata-deps
-Version: 1.5.0-1
-Depends: zlib1g-dev, uuid-dev, libmnl-dev, gcc, make, git, autoconf, autoconf-archive, autogen, automake, pkg-config, curl, jq, nodejs
+Version: 1.5.0-2
+Depends: zlib1g-dev, uuid-dev, libmnl-dev, gcc, make, git, autoconf, autoconf-archive, autogen, automake, pkg-config, curl, jq, nodejs, python-mysqldb
 Architecture: all
 Description: meta package for NetData dependencies
  netdata is a system for distributed real-time performance and health monitoring. It provides unparalleled insights, in real-time, of everything happening on the system it runs  (including applications such as web and database servers), using modern interactive web dashboards.
diff --git a/scripts/install b/scripts/install
index cd924cf..df51545 100644
--- a/scripts/install
+++ b/scripts/install
@@ -41,6 +41,21 @@ ynh_package_install_from_equivs ../conf/${DEPS_PKG_NAME}.control \
 cd $NETDATA_TMPDIR
 sudo ./netdata-installer.sh --install /opt --dont-wait
 
+# Create netdata user to monitor MySQL
+ynh_mysql_execute_as_root "create user 'netdata'@'localhost';
+grant usage on *.* to 'netdata'@'localhost' with grant option;
+flush privileges;"
+
+# Give dovecot privileges to netdata user to monitor Dovecot
+# Need dovecot 2.2.16+
+sudo setfacl -m u:netdata:rw /var/run/dovecot/stats
+
+# Add netdata to the adm group to access web logs
+sudo usermod -a -G adm netdata
+
+# Restart NetData
+sudo systemctl restart netdata
+
 # Store the uninstaller for the removal script
 sudo mv ./netdata-uninstaller.sh /opt/netdata/etc/netdata
 
diff --git a/scripts/remove b/scripts/remove
index bc916be..5d89a1f 100644
--- a/scripts/remove
+++ b/scripts/remove
@@ -31,9 +31,15 @@ sudo ./${UNINSTALL_SCRIPT} --force
 # Remove app dependencies
 ynh_package_autoremove "$DEPS_PKG_NAME" || true
 
+# Remove access rights for Dovecot monitoring
+sudo setfacl -x u:netdata /var/run/dovecot/stats
+
 # Remove user and group
 sudo userdel netdata
 
+# Remove MySQL user
+echo "drop user 'netdata'@'localhost';" | mysql -uroot -p$(sudo cat /etc/yunohost/mysql)
+
 # Remove nginx configuration file
 sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf
 sudo rm -rf /home/yunohost.app/$app
diff --git a/scripts/restore b/scripts/restore
index dd2f4b7..d768445 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -33,6 +33,23 @@ ynh_package_install_from_equivs ./conf/${DEPS_PKG_NAME}.control \
 # Launch netdata installation in /opt directory
 cd $NETDATA_TMPDIR
 sudo ./netdata-installer.sh --install /opt --dont-wait
+
+# Create netdata user to monitor MySQL (if needed)
+ echo "select User from mysql.user where User = 'netdata';"| mysql -uroot -p$(sudo cat /etc/yunohost/mysql) || echo "create user 'netdata'@'localhost';
+grant usage on *.* to 'netdata'@'localhost' with grant option;
+flush privileges;" | mysql -uroot -p$(sudo cat /etc/yunohost/mysql)
+
+# Give dovecot privileges to netdata user to monitor Dovecot
+# Need dovecot 2.2.16+
+sudo setfacl -m u:netdata:rw /var/run/dovecot/stats
+
+# Add netdata to the adm group to access web logs
+sudo usermod -a -G adm netdata
+
+# Restart NetData
+sudo systemctl restart netdata
+
+# Store the uninstaller for the removal script
 sudo mv ./netdata-uninstaller.sh /opt/netdata
 
 # Restore configuration files
diff --git a/scripts/upgrade b/scripts/upgrade
index e359745..d411eff 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -22,6 +22,10 @@ is_public=$(ynh_app_setting_get "$app" is_public)
 # Fix path if needed
 path=$(fix_path $path)
 
+# Upgrade dependencies
+ynh_package_install_from_equivs ../conf/${DEPS_PKG_NAME}.control \
+|| ynh_die "Unable to upgrade dependencies"
+
 # Download and extract application 
 NETDATA_TMPDIR=$(extract_application)
 
@@ -38,6 +42,25 @@ exec 3>${tmp}
 # Launch netdata installation in /opt directory
 cd $NETDATA_TMPDIR
 sudo ./netdata-installer.sh --install /opt --dont-wait >&3 2>&3 || ynh_die "FAILED TO COMPILE/INSTALL NETDATA"
+
+# Create netdata user to monitor MySQL (if needed)
+is_mysql_user_existing=$(ynh_mysql_execute_as_root "select user from mysql.user where user = 'netdata';")
+if [ -z "$is_mysql_user_existing" ] ; then
+  ynh_mysql_execute_as_root "create user 'netdata'@'localhost';
+  grant usage on *.* to 'netdata'@'localhost' with grant option;
+  flush privileges;"
+fi
+
+# Give dovecot privileges to netdata user to monitor Dovecot
+# Need dovecot 2.2.16+
+sudo setfacl -m u:netdata:rw /var/run/dovecot/stats
+
+# Add netdata to the adm group to access web logs
+sudo usermod -a -G adm netdata
+
+# Restart NetData
+sudo systemctl restart netdata
+
 # Store the uninstaller for the removal script
 sudo mv ./netdata-uninstaller.sh /opt/netdata/etc/netdata
 # Store the local helper for backup/restore scripts