Configuration - saint-lascivious/munin-pihole-plugins GitHub Wiki
Configuration
Provided munin-node and Pi-hole® exist on the same host, the default configuration should Just Work™.
Plugin Configuration
The munin-pihole-plugins plugin uses Pi-hole®'s telnet (default) API, but can be alternately configured to use Pi-hole®'s json API, the latter is useful for monitoring a Pi-hole® instance on another host but requires Pi-hole®'s web interface to be installed.
If you have a non-standard configuration or Pi-hole® is running on a separate host, you will need to edit the plugin configuration file /etc/munin/plugin-conf.d/pihole.conf (default). The plugin attempts to obtain a local Pi-hole®'s web password (env.webpassword) value itself if required (Pi-hole®'s json API requires authentication for some functions), if it can not do so the required value for env.webpassword can be located within the intended target Pi-hole® host's /etc/pihole/setupVars.conf (default) file.
The Pi-hole® FTL port env.ftlport is derived from the /etc/pihole/pihole-FTL.conf (default) file if present, or is otherwise assumed to be 4711 (default). Likewise, the Pi-hole® setupVars.conf file path env.setupvars is derived from the /etc/pihole/pihole-FTL.conf (default) file if present, or is otherwise assumed to be /etc/pihole/setupVars.conf (default).
Default munin-pihole-plugins pihole_ plugin configuration
- Default
/etc/munin/plugin-conf.d/pihole.confplugin configuration
[pihole_*]
user root
env.api_method telnet
env.ftl_conf /etc/pihole/pihole-FTL.conf
#env.ftl_port 4711
env.host 127.0.0.1
env.json_api /admin/api.php
env.json_cachesuffix ?getCacheInfo&auth=
env.json_port 80
env.json_querysuffix ?getQueryTypes&auth=
#env.setupvars /etc/pihole/setupVars.conf
#env.webpassword PIHOLE_SETUPVARS_WEBPASSWORD_HERE
env.graph_category dns
env.graph_height 200
env.graph_scale no
env.graph_type GAUGE
env.graph_width 400
# pihole_blocked
env.blocked_rate 3600
# pihole_cache
#env.cache_rate
# pihole_cache_by_type
#env.cache_by_type_rate
# pihole_clients
#env.clients_rate
# pihole_percent
#env.percent_rate
# pihole_privacy
#env.privacy_rate
# pihole_queries
#env.queries_rate
# pihole_queries_by_type
#env.queries_by_type_rate
# pihole_replies_by_type
#env.replies_by_type_rate
# pihole_status
#env.status_rate
# pihole_unique_domains
#env.unique_domains_rate
Uncomment and/or (re-)define relevant env.* variables to override the default values to suit your requirement.
The graph_category value determines which category munin-pihole-plugins graphs will appear in Munin's interface. This value MUST be lower case, allowed characters [a-z0-9].
The graph_scale value determines graph y axis value scaling and may be either no or yes.
The graph_type value determines the graph data type, and can be one of ABSOLUTE, COUNTER, DERIVE, or GAUGE. This value MUST be upper case.
The values for *_rate is a value in seconds. E.g. "60", "300", "3600".
The values for graph_height and graph_width specify the dimensions of the graph in pixels, not including the graph legend.
More specific definitions will override less specific definitions, allowing for a very high degree of customisation on a per-plugin basis. For example:
[pihole_*]
env.graph_category pihole
[pihole_clients]
env.graph_type COUNTER
[pihole_replies_by_type]
env.graph_type DERIVE
Default munin-pihole-plugins pihole_alerts plugin configuration
- Default
/etc/munin/plugin-conf.d/pihole_alerts.confplugin configuration
[pihole_*]
# pihole_blocked
env.domains_being_blocked_crit 1:5000000
env.domains_being_blocked_warn 0:3000000
# pihole_cache
#env.cache_expired_crit
#env.cache_expired_warn
#env.cache_immortal_crit
#env.cache_immortal_warn
#env.cache_inserted_crit
#env.cache_inserted_warn
#env.cache_live_freed_crit
#env.cache_live_freed_warn
env.cache_size_crit 1:10000
env.cache_size_warn 10000:10000
# pihole_cache_by_type
#env.cache_A_crit
#env.cache_A_warn
#env.cache_AAAA_crit
#env.cache_AAAA_warn
#env.cache_CNAME_crit
#env.cache_CNAME_warn
#env.cache_DNSKEY_crit
#env.cache_DNSKEY_warn
#env.cache_DS_crit
#env.cache_DS_warn
#env.cache_OTHER_crit
#env.cache_OTHER_warn
#env.cache_SRV_crit
#env.cache_SRV_warn
# pihole_clients
#env.clients_ever_seen_crit
#env.clients_ever_seen_warn
env.unique_clients_crit 100
env.unique_clients_warn 1:50
# pihole_percent
env.ads_percentage_today_crit 95
env.ads_percentage_today_warn 1:85
# pihole_privacy
env.privacy_level_crit 1:3
env.privacy_level_warn 3:3
# pihole_queries
#env.dns_queries_today_crit
#env.dns_queries_today_warn
#env.ads_blocked_today_crit
#env.ads_blocked_today_warn
#env.queries_forwarded_crit
#env.queries_forwarded_warn
#env.queries_cached_crit
#env.queries_cached_warn
# pihole_queries_by_type
#env.query_A_crit
#env.query_AAAA_warn
#env.query_ANY_crit
#env.query_ANY_warn
#env.query_DNSKEY_crit
#env.query_DNSKEY_warn
#env.query_DS_crit
#env.query_DS_warn
#env.query_HTTPS_crit
#env.query_HTTPS_warn
#env.query_MX_crit
#env.query_MX_warn
#env.query_NAPTR_crit
#env.query_NAPTR_warn
#env.query_NS_crit
#env.query_NS_warn
#env.query_OTHER_crit
#env.query_OTHER_warn
#env.query_PTR_crit
#env.query_PTR_warn
#env.query_RRSIG_crit
#env.query_RRSIG_warn
#env.query_SOA_crit
#env.query_SOA_warn
#env.query_SRV_crit
#env.query_SRV_warn
#env.query_SVCB_crit
#env.query_SVCB_warn
#env.query_TXT_crit
#env.query_TXT_warn
# pihole_replies_by_type
#env.reply_BLOB_crit
#env.reply_BLOB_warn
#env.reply_CNAME_crit
#env.reply_CNAME_warn
#env.reply_DNSSEC_crit
#env.reply_DNSSEC_warn
#env.reply_DOMAIN_crit
#env.reply_DOMAIN_warn
#env.reply_IP_crit
#env.reply_IP_warn
#env.reply_NOTIMP_crit
#env.reply_NOTIMP_warn
#env.reply_NODATA_crit
#env.reply_NODATA_warn
#env.reply_NONE_crit
#env.reply_NONE_warn
#env.reply_NXDOMAIN_crit
#env.reply_NXDOMAIN_warn
#env.reply_OTHER_crit
#env.reply_OTHER_warn
#env.reply_REFUSED_crit
#env.reply_REFUSED_warn
#env.reply_RRNAME_crit
#env.reply_RRNAME_warn
#env.reply_SERVFAIL_crit
#env.reply_SERVFAIL_warn
#env.reply_UNKNOWN_crit
#env.reply_UNKNOWN_warn
# pihole_status
env.status_crit 0:1
env.status_warn 1:1
# pihole_unique_domains
env.unique_domains_crit 1:20000
env.unique_domains_warn 0:10000
Uncomment and/or (re-)define relevant env.* variables to override the default values to suit your requirement.
The values for *_crit and *_warn can be a max value or a range separated by colon. E.g. "min:", ":max", "min:max", "max".
Script Configuration
Usage
Initial installation, or without the munin-pihole-plugins script being locally installed: export VARIABLE="VALUE"
Example: export VERBOSITY_LEVEL="4"
Subsequent runs, with the munin-pihole-plugins script locally installed: munin-pihole-plugins --configure VARIABLE VALUE
Example: munin-pihole-plugins --configure VERBOSITY_LEVEL 4
Reset example: munin-pihole-plugins --configure VERBOSITY_LEVEL RESET
The configuration file, of which the default is /etc/munin-pihole-plugins/munin-pihole-plugins.conf, may be manually created or generated ahead of time if desired, useful for packaging or other automated deployment. This configuration file MUST be a plain text file and MUST consist of the format VARIABLE=VALUE (or VARIABLE="VALUE" for arrays, like PLUGIN_LIST), one variable per line, with no leading whitespace or indentation. Comments to assist usability may exist but MUST be preceeded with a hash (#) character.
The -C, configure, --configure command
- Usage: munin-pihole-plugins {--configure [RESET_ALL]|[VARIABLE [VALUE]]}
| Option | GNU long option | Function |
|---|---|---|
-C, configure |
--configure |
Display or set environment variables |
Display a full list of environment variables used by the munin-pihole-plugins script, and their current values. These variables and this command can be used to customise various aspects of the munin-pihole-plugins script's operation.
Takes an optional parameter in the form of a munin-pihole-plugins environment variable to list the value of that variable alone.
Example: munin-pihole-plugins --configure INSTALL_PLUGINS
Takes an optional value for a munin-pihole-plugins environment variable to set the value of that variable.
If the optional value passed is RESET, the corresponding environment variable will be reset to its default value. This functionality is only available if the munin-pihole-plugins script is found to exist within SCRIPT_DIR.
Example: munin-pihole-plugins --configure DNS_SERVER RESET
Takes an optional parameter in the form of RESET_ALL to restore all munin-pihole-plugins environment variables to their default values. Again, this functionality is only available if the munin-pihole-plugins script is found to exist within SCRIPT_DIR, whereby it's considered "installed".
Example: munin-pihole-plugins --configure RESET_ALL
Default script configuration
- Default
munin-pihole-pluginsscript environment variables
| Variable | Default Value |
|---|---|
| BRANCH | master |
| DNS_PORT | 53 |
| DNS_SERVER | 208.67.222.222 |
| EXTERNAL_CONFIG_DIR | /etc/munin-pihole-plugins |
| EXTERNAL_CONFIG_FILE | munin-pihole-plugins.conf |
| FORCE_UPDATE_PLUGIN_CONFIG | false |
| HOLD_DURATION | 0 |
| IGNORE_PIHOLE_ON_HOST | false |
| INSTALL_PLUGINS | true |
| INSTALL_SCRIPT | true |
| INSTALL_WEBSERVER | true |
| LIGHTTPD_WEBROOT | /var/www/html |
| MUNIN_BRANCH | stable |
| MUNIN_DIR | /etc/munin |
| MUNIN_CONFIG_DIR | /etc/munin/munin-conf.d |
| MUNIN_PLUGIN_DIR | /usr/share/munin/plugins |
| NODE_PLUGIN_DIR | /etc/munin/plugins |
| PLUGIN_CONFIG_DIR | /etc/munin/plugin-conf.d |
| PLUGIN_CONFIG_LIST | pihole pihole_alerts |
| PLUGIN_LIST | blocked cache cache_by_type clients percent privacy queries queries_by_type replies_by_type status unique_domains |
| PROXY_CONFIG_DIR | /etc/lighttpd |
| SCRIPT_DIR | /usr/local/bin |
| SHOW_COLOUR | true |
| SHOW_HEADER | true |
| SKIP_DEPENDENCY_CHECK | false |
| UPDATE_SELF | true |
| VERBOSITY_LEVEL | 3 |
BRANCH
BRANCH
The branch used when checking the munin-pihole-plugins script version or installing munin-pihole-plugins. Valid options are development and master, of which the default is master. Invalid options will be rejected.
Example munin-pihole-plugins --configure BRANCH development
DNS_PORT
DNS_PORT
The port which the munin-pihole-plugins script will use in order to contact DNS_SERVER.
Example munin-pihole-plugins --configure DNS_PORT 53
DNS_SERVER
DNS_SERVER
The DNS server which the munin-pihole-plugins script will contact in order to retrieve its version information (from a TXT record at munin-pihole-plugins.sainternet.xyz). This SHOULD be an IP address rather than a hostname or FQDN when configured manually, and it SHOULD be external. When configured via -c, -configure, --configure this value MUST be an IPv4 address.
When the munin-pihole-plugins script is installed locally, the -c, configure, --configure command can set the value of DNS_SERVER using user input, or one of the following optional presets:
DNS_SERVER Preset |
Value |
|---|---|
CLOUDFLARE |
1.1.1.1 |
COMODO |
8.26.56.26 |
GOOGLE |
8.8.8.8 |
LOCALHOST |
127.0.0.1 |
OPENDNS |
208.67.222.222 (default) |
QUAD9 |
9.9.9.9 |
SAINTERNET |
119.224.127.171 |
Example: munin-pihole-plugins --configure DNS_SERVER LOCALHOST
If this server is operating on a port other than 53 (default), you can change this using the DNS_PORT variable.
EXTERNAL_CONFIG_DIR
EXTERNAL_CONFIG_DIR
The directory in which an external configuration file should be located, to be created if required.
Example: munin-pihole-plugins --configure EXTERNAL_CONFIG_DIR "/etc/munin-pihole-plugins"
EXTERNAL_CONFIG_FILE
EXTERNAL_CONFIG_FILE
The name of external configuration file munin-pihole-plugins should use, to be created if required.
Example: munin-pihole-plugins --configure EXTERNAL_CONFIG_FILE "munin-pihole-plugins.conf"
FORCE_UPDATE_PLUGIN_CONFIG
FORCE_UPDATE_PLUGIN_CONFIG
Forces the re-installation of the default munin-pihole-plugins plugin configuration files pihole.conf and/or /etc/munin/plugin-conf.d/pihole_alerts.conf (default: false), which changes periodically. If the configured external configuration directory exists, the currently installed plugin configuration will be saved to the EXTERNAL_CONFIG_DIR as *.conf.save before being overwritten.
Example: munin-pihole-plugins --configure FORCE_UPDATE_PLUGIN_CONFIG true
HOLD_DURATION
HOLD_DURATION
Sets the dwell time on a scale from 0 to 5 seconds (default: 0) which the munin-pihole-plugins script should wait between outputting user information, allowing the user to see what's happening more easily.
Example: munin-pihole-plugins --configure HOLD_DURATION 2
Note: Somewhat of an oddity this one. Added upon user request (I'm happy to accomodate), to help prevent the munin-pihole-plugins script output from "whizzing by too fast to be seen", which might normally be considered a good thing. The maximum value is capped at five seconds, which doesn't seem like very much at all but (depending on the VERBOSITY_LEVEL) will slow things down considerably.
IGNORE_PIHOLE_ON_HOST
IGNORE_PIHOLE_ON_HOST
Ignore the existance of any pihole binary on the host server.
Example: munin-pihole-plugins --configure IGNORE_PIHOLE_ON_HOST true
INSTALL_PLUGINS
INSTALL_PLUGINS
Disables installation of munin-node and munin-pihole-plugins plugins if set to any value other than true.
Example munin-pihole-plugins --configure INSTALL_PLUGINS false
INSTALL_SCRIPT
INSTALL_SCRIPT
Disables installation of the munin-pihole-plugins script if set to any value other than true.
Example munin-pihole-plugins --configure INSTALL_SCRIPT false
INSTALL_WEBSERVER
INSTALL_WEBSERVER
Disables installation of the munin webserver and lighttpd proxy if set to any value other than true. Useful for additional Munin nodes in a multi-node, single-server environment.
Example munin-pihole-plugins --configure INSTALL_WEBSERVER false
LIGHTTPD_WEBROOT
LIGHTTPD_WEBROOT
The directory in which, if installed, the Pi-hole® AdminLTE web interface should be found. The presence or absence of a pihole directory here is used to determine whether or not munin-pihole-plugins should offer to remove lighttpd during munin-pihole-plugins uninstallation. The admin directory is not used for this purpose due to the ambiguity of its name.
Example munin-pihole-plugins --configure LIGHTTPD_WEBROOT "/var/www/html"
MUNIN_BRANCH
MUNIN_BRANCH
The Munin branch to target when configuring the lighttpd proxy. Available options are latest and stable, with stable being the default value. The latest branch should be selected for Munin versions 2.99 or higher.
| Tag | Munin Version Target |
|---|---|
latest |
munin 2.99+ |
stable |
munin 2.* |
Example munin-pihole-plugins --configure MUNIN_BRANCH latest
MUNIN_DIR
MUNIN_DIR
The directory in which the munin munin.conf file should be located.
Example munin-pihole-plugins --configure MUNIN_DIR "/etc/munin"
MUNIN_CONFIG_DIR
MUNIN_CONFIG_DIR
The directory in which additional munin configuration files may be placed, the munin-pihole-plugins script will attempt to use this in favour of editing munin.conf directly.
Example munin-pihole-plugins --configure MUNIN_CONFIG_DIR "/etc/munin/munin-conf.d"
MUNIN_PLUGIN_DIR
MUNIN_PLUGIN_DIR
The directory in which munin plugins should be located.
Example munin-pihole-plugins --configure MUNIN_PLUGIN_DIR "/usr/share/munin/plugins"
NODE_PLUGIN_DIR
NODE_PLUGIN_DIR
The directory in which munin-node plugin symbolic links should be created.
Example munin-pihole-plugins --configure NODE_PLUGIN_DIR "/etc/munin/plugins"
PLUGIN_CONFIG_DIR
PLUGIN_CONFIG_DIR
The directory in which individual munin-node plugin configurations should be located.
Example munin-pihole-plugins --configure PLUGIN_CONFIG_DIR "/etc/munin/plugin-conf.d"
PLUGIN_CONFIG_LIST
PLUGIN_CONFIG_LIST
A comma separated list of configuration file IDs used to determine which plugin configuration files will be installed.
| Config ID | Config Name | Description |
|---|---|---|
pihole |
pihole.conf | Plugin configuration base file. |
pihole_alerts |
pihole_alerts.conf | Plugin warning/critical alert configuration file. |
Example munin-pihole-plugins --configure PLUGIN_CONFIG_LIST "pihole"
PLUGIN_LIST
PLUGIN_LIST
A space separated list of munin-pihole-plugins plugin IDs used to determine which plugins will be installed.
| Plugin ID | Plugin Name | Description |
|---|---|---|
| blocked | pihole_blocked | This plugin shows the number of domains blocked by Pi-hole®. |
| cache | pihole_cache | This plugin shows Pi-hole®'s cache. |
| cache_by_type | pihole_cache_by_type | This plugin shows Pi-hole®'s cache by type. |
| clients | pihole_clients | This plugin shows clients seen by Pi-hole®. |
| percent | pihole_percent | This plugin shows Pi-hole®'s blocked query percentage. |
| privacy | pihole_privacy | This plugin shows Pi-hole®'s privacy level. |
| queries | pihole_queries | This plugin shows queries seen by Pi-hole®. |
| queries_by_type | pihole_queries_by_type | This plugin shows Pi-hole®'s queries by type. |
| replies_by_type | pihole_replies_by_type | This plugin shows Pi-hole®'s replies by type. |
| status | pihole_status | This plugin shows Pi-hole®'s blocking status. |
| unique_domains | pihole_unique_domains | This plugin shows unique domains seen by Pi-hole®. |
Example: munin-pihole-plugins --configure PLUGIN_LIST "blocked percent unique_domains"
PROXY_CONFIG_DIR
PROXY_CONFIG_DIR
The directory in which lighttpd's external.conf should be located.
Example munin-pihole-plugins --configure PROXY_CONFIG_DIR "/etc/lighttpd"
SCRIPT_DIR
SCRIPT_DIR
The directory in which the munin-pihole-plugins script should be located when installed, the munin-pihole-plugins script will warn if this directory is not located in the host's $PATH variable and suggest how to correct this.
Example munin-pihole-plugins --configure SCRIPT_DIR "/etc/munin-pihole-plugins"
SHOW_COLOUR
SHOW_COLOUR
Disables coloured terminal output if set to any value other than true.
Example munin-pihole-plugins --configure SHOW_COLOUR false
SHOW_HEADER
SHOW_HEADER
I get it. It's not for everyone.
Disables the (super-duper, totally awesome) munin-pihole-plugins script ascii header if set to any value other than true.
Example munin-pihole-plugins --configure SHOW_HEADER false
SKIP_DEPENDENCY_CHECK
SKIP_DEPENDENCY_CHECK
Disables apt and dpkg-query based dependency management if set to any value other than false.
Example munin-pihole-plugins --configure SKIP_DEPENDENCY_CHECK true
Note: Basic test-before-use for required binaries is still performed in either case.
UPDATE_SELF
UPDATE_SELF
Disables self update of the munin-pihole-plugins script if set to any value other than true.
Example munin-pihole-plugins --configure UPDATE_SELF false
VERBOSITY_LEVEL
VERBOSITY_LEVEL
Sets the munin-pihole-plugins script verbosity level on a scale from 0 to 4, with 0 being total silence and 4 being the highest level of verbosity.
| Verbosity Level | Output |
|---|---|
0 |
Silent |
1 |
+ Errors |
2 |
++ Questions and Warnings |
3 |
+++ Information |
4 |
++++ Additional Information |
Example: munin-pihole-plugins --configure VERBOSITY_LEVEL 4
Munin Node Configuration
- Example
/etc/munin/munin-node.confmulti-server, multi-node access control configuration
# Set this if the client doesn't report the correct hostname when
# telnetting to localhost, port 4949
host_name primary.home
# A list of addresses that are allowed to connect. This must be a
# regular expression, since Net::Server does not understand CIDR-style
# network notation unless the perl module Net::CIDR is installed. You
# may repeat the allow line as many times as you'd like
allow ^127\.0\.0\.1$
allow ^::1$
# If you have installed the Net::CIDR perl module, you can use one or more
# cidr_allow and cidr_deny address/mask patterns. A connecting client must
# match any cidr_allow, and not match any cidr_deny. Note that a netmask
# *must* be provided, even if it's /32
# primary.home
cidr_allow 192.168.1.10/32
# secondary.home
cidr_allow 192.168.1.20/32
# desktop.home
cidr_allow 192.168.1.40/32
# laptop.home
cidr_allow 192.168.1.100/32
Munin Server Configuration
- Example
/etc/munin/munin.confor/etc/munin/munin-conf.d/00-nodes.confmulti-server, multi-node access control configuration
# primary.home
[primary.home]
address 192.168.1.10
use_node_name yes
# secondary.home
[secondary.home]
address 192.168.1.20
use_node_name yes
# desktop.home
[desktop.home]
address 192.168.1.40
use_node_name yes
# laptop.home
[laptop.home]
address 192.168.1.100
use_node_name yes