elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

New: integration.netdata.freebsd.html.

This commit is contained in:
Zhang Huangbin 2018-02-07 23:55:31 +08:00
parent d98d5d90f2
commit b463f1fbb5
4 changed files with 737 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

278
en_US/integrations/0-integration.netdata.freebsd.md Normal file
View File

@ -0,0 +1,278 @@
# Integrate netdata monitor (on FreeBSD server)
[TOC]
!!! attention
* This tutorial is tested on FreeBSD 11.x. If you need to run netdata on
CentOS, Debian, Ubuntu, please check this tutorial instead:
[Integrate netdata on Linux](./integration.netdata.linux.html).
* netdata is an optional component since iRedMail-0.9.8.
## What's netdata
netdata (<http://my-netdata.io>) is a "Simple. Effective. Awesome!" monitor
which can monitor almost everyting on your Linux/FreeBSD system. You can visit
its website to check online demo.
We will show you how to install and configure netdata on iRedMail server
(Linux) to monitor mail service related softwares.
## Install netdata
```
cd /usr/ports/net-mgmt/netdata
make install clean
```
## Configure netdata
Main config file of netdata is `/usr/local/etc/netdata/netdata.conf`, it
contains many parameters with detailed comments. Here's the
[config file](https://bitbucket.org/zhb/iredmail/src/default/iRedMail/samples/netdata/netdata.conf)
used by iRedMail:
* It binds to address `127.0.0.1` and port `19999` by default. Since it doesn't
have ACL control, we will run netdata behind Nginx to get ACL control done in
Nginx.
```
[registry]
enabled = no
[global]
bind to = 127.0.0.1
run as user = netdata
default port = 19999
update every = 3
[plugin:proc]
# Disable IPVS check since iRedMail doesn't use ipvs by default
/proc/net/ip_vs/stats = no
# inbound packets dropped
/proc/net/dev = no
```
netdata ships a lot modular config files to gather information of softwares
running on the server, they have very good default settings and most config
files don't need your attention at all, including:
* System resources (CPU, RAM, disk I/O, etc)
* Nginx log file monitoring
* Fail2ban jails
* Memcached
* ...
But some applications do require extra settings, we will cover them below.
### Monitor Nginx and php-fpm
We need to enable `stub_status` in Nginx to get detailed server info, also
update php-fpm config file to enable similar feature.
* Create Nginx config snippet `/usr/local/etc/nginx/templates/stub_status.tmpl` with
content below:
```
location = /stub_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
location = /status {
include fastcgi_params;
fastcgi_pass php_workers;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
access_log off;
allow 127.0.0.1;
deny all;
}
```
* Update default virtual host config file `/usr/local/etc/nginx/sites-enabled/00-default.conf`,
include new snippet config file `stub_status.tmpl` after the
`redirect_to_https.tmpl` line like below:
```
server {
...
include /usr/local/etc/nginx/templates/redirect_to_https.tmpl;
include /usr/local/etc/nginx/templates/stub_status.tmpl; # <- add this line
...
}
```
* Update php-fpm pool config file `/usr/local/etc/php-fpm.d/www.conf`, enable
parameter `pm.status_path` like below:
```
pm.status_path = /status
```
* Restart both php-fpm and Nginx service.
### Monitor Dovecot
We need to enable statistics module in Dovecot.
* Please open Dovecot config file `/usr/local/etc/dovecot/dovecot.conf`,
append plugin `stats` in global parameter `mail_plugins`, and `imap_stats`
for imap protocol:
```
mail_plugins = ... stats
protocol imap {
mail_plugins = ... imap_stats
...
}
```
* Append settings below in Dovecot config file:
```
plugin {
# how often to session statistics (must be set)
stats_refresh = 30 secs
# track per-IMAP command statistics (optional)
stats_track_cmds = yes
}
service stats {
fifo_listener stats-mail {
user = vmail
mode = 0644
}
inet_listener {
address = 127.0.0.1
port = 24242
}
}
```
* Restart Dovecot service.
### Monitor MySQL/MariaDB server
netdata requires a SQL user (we use `netdata` here) with privilege `USAGE` to
gather MySQL server information.
* Create the SQL user with a strong password (please replace `<password>` in
command below by the real (and strong) password).
```
# mysql -u root
sql> GRANT USAGE ON *.* TO netdata@localhost IDENTIFIED BY '<password>';
sql> FLUSH PRIVILEGES;
```
* Create file `/usr/local/etc/netdata/python.d/mysql.conf` with content below.
!!! attention
* This file already exists, feel free to remove all content in this file
and copy content below as its new content.
* Please replace `<password>` below by the real password.
```
tcp:
name: 'local'
host: '127.0.0.1'
port: '3306'
user: 'netdata'
pass: '<password>'
```
### Monitor PostgreSQL server
netdata requires a SQL user (we use `netdata` here) to gather PostgreSQL server
information.
* Create the SQL user with a strong password (please replace `<password>` in
command below by the real (and strong) password).
```
# su - postgres
$ psql
sql> CREATE USER netdata WITH ENCRYPTED PASSWORD '<password>' NOSUPERUSER NOCREATEDB NOCREATEROLE;
```
* Create file `/usr/local/etc/netdata/python.d/mysql.conf` with content below.
!!! attention
* This file already exists, feel free to remove all content in this file
and copy content below as its new content.
* Please replace `<password>` below by the real password.
```
socket:
name : 'local'
user : 'netdata'
password : '<password>'
database : 'postgres'
```
## Configure Nginx to forward requests to netdata
* Create Nginx config snippet `/usr/local/etc/nginx/templates/netdata.tmpl` with
content below:
```
# Running netdata as a subfolder to an existing virtual host
# FYI: https://github.com/firehol/netdata/wiki/Running-behind-nginx
location = /netdata {
return 301 /netdata/;
}
location ~ /netdata/(?<ndpath>.*) {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
proxy_pass http://netdata/$ndpath$is_args$args;
gzip on;
gzip_proxied any;
gzip_types *;
auth_basic "Authentication Required";
auth_basic_user_file /usr/local/etc/nginx/netdata.users;
}
```
* Update default virtual host (https site) config file
`/usr/local/etc/nginx/sites-enabled/00-default-ssl.conf`,
include new snippet config file `netdata.tmpl` before the
`misc.tmpl` line like below:
```
server {
...
include /usr/local/etc/nginx/templates/netdata.tmpl; # <- add this line
include /usr/local/etc/nginx/templates/misc.tmpl;
...
}
```
* Create new file `/usr/local/etc/nginx/netdata.users` and an account used to access
netdata. NOTE: Please replace `<password>` below by a real, strong password.
```
touch /usr/local/etc/nginx/netdata.users
doveadm pw -s SSHA -p '<password>'
```
* Now restart nginx service and access url `https://your-server/netdata/`
(please replace `your-server` by the real domain name).

81
en_US/integrations/0-integration.netdata.linux.md
View File

@ -4,9 +4,10 @@
!!! attention
This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
For FreeBSD, please check this tutorial instead:
[Integrate netdata on FreeBSD](./integration.netdata.freebsd.html).
* This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
For FreeBSD, please check this tutorial instead:
[Integrate netdata on FreeBSD](./integration.netdata.freebsd.html).
* netdata is an optional component since iRedMail-0.9.8.
## What's netdata
@ -148,8 +149,6 @@ server {
* On RHEL/CentOS, it's `/etc/php-fpm.d/www.conf`
* On Debian, it's `/etc/php5/fpm/pool.d/www.conf`
* On Ubuntu, it's `/etc/php/7.0/fpm/pool.d/www.conf` (note: php version number may be different on your server)
* On FreeBSD, it's `/usr/local/etc/php-fpm.d/www.conf`
* On OpenBSD, it's `/etc/php-fpm.conf`
```
pm.status_path = /status
@ -161,18 +160,16 @@ pm.status_path = /status
We need to enable statistics module in Dovecot.
* Please open Dovecot config file:
* on Linux and OpenBSD, its `/etc/dovecot/dovecot.conf`.
* on FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`.
* Append plugin `stats` in global parameter `mail_plugins`, and `imap_stats`
for imap protocol:
* Please open Dovecot config file `/etc/dovecot/dovecot.conf`, append plugin
`stats` in global parameter `mail_plugins`, and `imap_stats` for imap protocol:
```
mail_plugins = ... stats
protocol imap {
mail_plugins = ... imap_stats
...
}
```
* Append settings below in Dovecot config file:
@ -261,8 +258,6 @@ socket:
database : 'postgres'
```
## Configure Nginx to forward requests to netdata
## System tuning
To get better performance, netdata requires few sysctl settings. Please add
@ -292,3 +287,63 @@ Reload systemd daemon:
```
systemctl daemon-reload
```
## Configure Nginx to forward requests to netdata
* Create Nginx config snippet `/etc/nginx/templates/netdata.tmpl` with
content below:
```
# Running netdata as a subfolder to an existing virtual host
# FYI: https://github.com/firehol/netdata/wiki/Running-behind-nginx
location = /netdata {
return 301 /netdata/;
}
location ~ /netdata/(?<ndpath>.*) {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
proxy_pass http://netdata/$ndpath$is_args$args;
gzip on;
gzip_proxied any;
gzip_types *;
auth_basic "Authentication Required";
auth_basic_user_file /etc/nginx/netdata.users;
}
```
* Update default virtual host (https site) config file
`/etc/nginx/sites-enabled/00-default-ssl.conf`,
include new snippet config file `netdata.tmpl` before the
`misc.tmpl` line like below:
```
server {
...
include /etc/nginx/templates/netdata.tmpl; # <- add this line
include /etc/nginx/templates/misc.tmpl;
...
}
```
* Create new file `/etc/nginx/netdata.users` and an account used to access
netdata. NOTE: Please replace `<password>` below by a real, strong password.
```
touch /etc/nginx/netdata.users
doveadm pw -s SSHA -p '<password>'
```
* Now restart nginx service and access url `https://your-server/netdata/`
(please replace `your-server` by the real domain name).

318
html/integration.netdata.freebsd.html Normal file
View File

@ -0,0 +1,318 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Integrate netdata monitor (on FreeBSD server)</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
</head>
<body>
<div id="navigation">
<a href="https://www.iredmail.org" target="_blank">
<img alt="iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>&nbsp;
<span>iRedMail</span>
</a>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><h1 id="integrate-netdata-monitor-on-freebsd-server">Integrate netdata monitor (on FreeBSD server)</h1>
<div class="toc">
<ul>
<li><a href="#integrate-netdata-monitor-on-freebsd-server">Integrate netdata monitor (on FreeBSD server)</a><ul>
<li><a href="#whats-netdata">What's netdata</a></li>
<li><a href="#install-netdata">Install netdata</a></li>
<li><a href="#configure-netdata">Configure netdata</a><ul>
<li><a href="#monitor-nginx-and-php-fpm">Monitor Nginx and php-fpm</a></li>
<li><a href="#monitor-dovecot">Monitor Dovecot</a></li>
<li><a href="#monitor-mysqlmariadb-server">Monitor MySQL/MariaDB server</a></li>
<li><a href="#monitor-postgresql-server">Monitor PostgreSQL server</a></li>
</ul>
</li>
<li><a href="#configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</a></li>
</ul>
</li>
</ul>
</div>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<ul>
<li>This tutorial is tested on FreeBSD 11.x. If you need to run netdata on
CentOS, Debian, Ubuntu, please check this tutorial instead:
<a href="./integration.netdata.linux.html">Integrate netdata on Linux</a>.</li>
<li>netdata is an optional component since iRedMail-0.9.8.</li>
</ul>
</div>
<h2 id="whats-netdata">What's netdata</h2>
<p>netdata (<a href="http://my-netdata.io">http://my-netdata.io</a>) is a "Simple. Effective. Awesome!" monitor
which can monitor almost everyting on your Linux/FreeBSD system. You can visit
its website to check online demo.</p>
<p>We will show you how to install and configure netdata on iRedMail server
(Linux) to monitor mail service related softwares.</p>
<h2 id="install-netdata">Install netdata</h2>
<pre><code>cd /usr/ports/net-mgmt/netdata
make install clean
</code></pre>
<h2 id="configure-netdata">Configure netdata</h2>
<p>Main config file of netdata is <code>/usr/local/etc/netdata/netdata.conf</code>, it
contains many parameters with detailed comments. Here's the
<a href="https://bitbucket.org/zhb/iredmail/src/default/iRedMail/samples/netdata/netdata.conf">config file</a>
used by iRedMail:</p>
<ul>
<li>It binds to address <code>127.0.0.1</code> and port <code>19999</code> by default. Since it doesn't
have ACL control, we will run netdata behind Nginx to get ACL control done in
Nginx.</li>
</ul>
<pre><code>[registry]
enabled = no
[global]
bind to = 127.0.0.1
run as user = netdata
default port = 19999
update every = 3
[plugin:proc]
# Disable IPVS check since iRedMail doesn't use ipvs by default
/proc/net/ip_vs/stats = no
# inbound packets dropped
/proc/net/dev = no
</code></pre>
<p>netdata ships a lot modular config files to gather information of softwares
running on the server, they have very good default settings and most config
files don't need your attention at all, including:</p>
<ul>
<li>System resources (CPU, RAM, disk I/O, etc)</li>
<li>Nginx log file monitoring</li>
<li>Fail2ban jails</li>
<li>Memcached</li>
<li>...</li>
</ul>
<p>But some applications do require extra settings, we will cover them below.</p>
<h3 id="monitor-nginx-and-php-fpm">Monitor Nginx and php-fpm</h3>
<p>We need to enable <code>stub_status</code> in Nginx to get detailed server info, also
update php-fpm config file to enable similar feature.</p>
<ul>
<li>Create Nginx config snippet <code>/usr/local/etc/nginx/templates/stub_status.tmpl</code> with
content below:</li>
</ul>
<pre><code>location = /stub_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
location = /status {
include fastcgi_params;
fastcgi_pass php_workers;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
access_log off;
allow 127.0.0.1;
deny all;
}
</code></pre>
<ul>
<li>Update default virtual host config file <code>/usr/local/etc/nginx/sites-enabled/00-default.conf</code>,
include new snippet config file <code>stub_status.tmpl</code> after the
<code>redirect_to_https.tmpl</code> line like below:</li>
</ul>
<pre><code>server {
...
include /usr/local/etc/nginx/templates/redirect_to_https.tmpl;
include /usr/local/etc/nginx/templates/stub_status.tmpl; # &lt;- add this line
...
}
</code></pre>
<ul>
<li>Update php-fpm pool config file <code>/usr/local/etc/php-fpm.d/www.conf</code>, enable
parameter <code>pm.status_path</code> like below:</li>
</ul>
<pre><code>pm.status_path = /status
</code></pre>
<ul>
<li>Restart both php-fpm and Nginx service.</li>
</ul>
<h3 id="monitor-dovecot">Monitor Dovecot</h3>
<p>We need to enable statistics module in Dovecot.</p>
<ul>
<li>Please open Dovecot config file <code>/usr/local/etc/dovecot/dovecot.conf</code>,
append plugin <code>stats</code> in global parameter <code>mail_plugins</code>, and <code>imap_stats</code>
for imap protocol:</li>
</ul>
<pre><code>mail_plugins = ... stats
protocol imap {
mail_plugins = ... imap_stats
...
}
</code></pre>
<ul>
<li>Append settings below in Dovecot config file:</li>
</ul>
<pre><code>plugin {
# how often to session statistics (must be set)
stats_refresh = 30 secs
# track per-IMAP command statistics (optional)
stats_track_cmds = yes
}
service stats {
fifo_listener stats-mail {
user = vmail
mode = 0644
}
inet_listener {
address = 127.0.0.1
port = 24242
}
}
</code></pre>
<ul>
<li>Restart Dovecot service.</li>
</ul>
<h3 id="monitor-mysqlmariadb-server">Monitor MySQL/MariaDB server</h3>
<p>netdata requires a SQL user (we use <code>netdata</code> here) with privilege <code>USAGE</code> to
gather MySQL server information.</p>
<ul>
<li>Create the SQL user with a strong password (please replace <code>&lt;password&gt;</code> in
command below by the real (and strong) password).</li>
</ul>
<pre><code># mysql -u root
sql&gt; GRANT USAGE ON *.* TO netdata@localhost IDENTIFIED BY '&lt;password&gt;';
sql&gt; FLUSH PRIVILEGES;
</code></pre>
<ul>
<li>
<p>Create file <code>/usr/local/etc/netdata/python.d/mysql.conf</code> with content below.</p>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<ul>
<li>This file already exists, feel free to remove all content in this file
and copy content below as its new content.</li>
<li>Please replace <code>&lt;password&gt;</code> below by the real password.</li>
</ul>
</div>
</li>
</ul>
<pre><code>tcp:
name: 'local'
host: '127.0.0.1'
port: '3306'
user: 'netdata'
pass: '&lt;password&gt;'
</code></pre>
<h3 id="monitor-postgresql-server">Monitor PostgreSQL server</h3>
<p>netdata requires a SQL user (we use <code>netdata</code> here) to gather PostgreSQL server
information.</p>
<ul>
<li>Create the SQL user with a strong password (please replace <code>&lt;password&gt;</code> in
command below by the real (and strong) password).</li>
</ul>
<pre><code># su - postgres
$ psql
sql&gt; CREATE USER netdata WITH ENCRYPTED PASSWORD '&lt;password&gt;' NOSUPERUSER NOCREATEDB NOCREATEROLE;
</code></pre>
<ul>
<li>
<p>Create file <code>/usr/local/etc/netdata/python.d/mysql.conf</code> with content below.</p>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<ul>
<li>This file already exists, feel free to remove all content in this file
and copy content below as its new content.</li>
<li>Please replace <code>&lt;password&gt;</code> below by the real password.</li>
</ul>
</div>
</li>
</ul>
<pre><code>socket:
name : 'local'
user : 'netdata'
password : '&lt;password&gt;'
database : 'postgres'
</code></pre>
<h2 id="configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</h2>
<ul>
<li>Create Nginx config snippet <code>/usr/local/etc/nginx/templates/netdata.tmpl</code> with
content below:</li>
</ul>
<pre><code># Running netdata as a subfolder to an existing virtual host
# FYI: https://github.com/firehol/netdata/wiki/Running-behind-nginx
location = /netdata {
return 301 /netdata/;
}
location ~ /netdata/(?&lt;ndpath&gt;.*) {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection &quot;keep-alive&quot;;
proxy_store off;
proxy_pass http://netdata/$ndpath$is_args$args;
gzip on;
gzip_proxied any;
gzip_types *;
auth_basic &quot;Authentication Required&quot;;
auth_basic_user_file /usr/local/etc/nginx/netdata.users;
}
</code></pre>
<ul>
<li>Update default virtual host (https site) config file
<code>/usr/local/etc/nginx/sites-enabled/00-default-ssl.conf</code>,
include new snippet config file <code>netdata.tmpl</code> before the
<code>misc.tmpl</code> line like below:</li>
</ul>
<pre><code>server {
...
include /usr/local/etc/nginx/templates/netdata.tmpl; # &lt;- add this line
include /usr/local/etc/nginx/templates/misc.tmpl;
...
}
</code></pre>
<ul>
<li>Create new file <code>/usr/local/etc/nginx/netdata.users</code> and an account used to access
netdata. NOTE: Please replace <code>&lt;password&gt;</code> below by a real, strong password.</li>
</ul>
<pre><code>touch /usr/local/etc/nginx/netdata.users
doveadm pw -s SSHA -p '&lt;password&gt;'
</code></pre>
<ul>
<li>Now restart nginx service and access url <code>https://your-server/netdata/</code>
(please replace <code>your-server</code> by the real domain name).</li>
</ul><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-3293801-21"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-3293801-21');
</script>
</body></html>

92
html/integration.netdata.linux.html
View File

@ -29,17 +29,20 @@
<li><a href="#monitor-postgresql-server">Monitor PostgreSQL server</a></li>
</ul>
</li>
<li><a href="#configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</a></li>
<li><a href="#system-tuning">System tuning</a></li>
<li><a href="#configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</a></li>
</ul>
</li>
</ul>
</div>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
For FreeBSD, please check this tutorial instead:
<a href="./integration.netdata.freebsd.html">Integrate netdata on FreeBSD</a>.</p>
<ul>
<li>This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
For FreeBSD, please check this tutorial instead:
<a href="./integration.netdata.freebsd.html">Integrate netdata on FreeBSD</a>.</li>
<li>netdata is an optional component since iRedMail-0.9.8.</li>
</ul>
</div>
<h2 id="whats-netdata">What's netdata</h2>
<p>netdata (<a href="http://my-netdata.io">http://my-netdata.io</a>) is a "Simple. Effective. Awesome!" monitor
@ -169,8 +172,6 @@ location = /status {
<li>On RHEL/CentOS, it's <code>/etc/php-fpm.d/www.conf</code></li>
<li>On Debian, it's <code>/etc/php5/fpm/pool.d/www.conf</code></li>
<li>On Ubuntu, it's <code>/etc/php/7.0/fpm/pool.d/www.conf</code> (note: php version number may be different on your server)</li>
<li>On FreeBSD, it's <code>/usr/local/etc/php-fpm.d/www.conf</code></li>
<li>On OpenBSD, it's <code>/etc/php-fpm.conf</code></li>
</ul>
</li>
</ul>
@ -183,22 +184,15 @@ location = /status {
<h3 id="monitor-dovecot">Monitor Dovecot</h3>
<p>We need to enable statistics module in Dovecot.</p>
<ul>
<li>
<p>Please open Dovecot config file:</p>
<ul>
<li>on Linux and OpenBSD, its <code>/etc/dovecot/dovecot.conf</code>.</li>
<li>on FreeBSD, it's <code>/usr/local/etc/dovecot/dovecot.conf</code>.</li>
</ul>
</li>
<li>
<p>Append plugin <code>stats</code> in global parameter <code>mail_plugins</code>, and <code>imap_stats</code>
for imap protocol:</p>
</li>
<li>Please open Dovecot config file <code>/etc/dovecot/dovecot.conf</code>, append plugin
<code>stats</code> in global parameter <code>mail_plugins</code>, and <code>imap_stats</code> for imap protocol:</li>
</ul>
<pre><code>mail_plugins = ... stats
protocol imap {
mail_plugins = ... imap_stats
...
}
</code></pre>
<ul>
@ -292,7 +286,6 @@ sql&gt; CREATE USER netdata WITH ENCRYPTED PASSWORD '&lt;password&gt;' NOSUPERUS
database : 'postgres'
</code></pre>
<h2 id="configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</h2>
<h2 id="system-tuning">System tuning</h2>
<p>To get better performance, netdata requires few sysctl settings. Please add
lines below in <code>/etc/sysctl.conf</code>:</p>
@ -312,7 +305,68 @@ LimitNOFILE=30000
<p>Reload systemd daemon:</p>
<pre><code>systemctl daemon-reload
</code></pre><div class="footer">
</code></pre>
<h2 id="configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</h2>
<ul>
<li>Create Nginx config snippet <code>/etc/nginx/templates/netdata.tmpl</code> with
content below:</li>
</ul>
<pre><code># Running netdata as a subfolder to an existing virtual host
# FYI: https://github.com/firehol/netdata/wiki/Running-behind-nginx
location = /netdata {
return 301 /netdata/;
}
location ~ /netdata/(?&lt;ndpath&gt;.*) {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection &quot;keep-alive&quot;;
proxy_store off;
proxy_pass http://netdata/$ndpath$is_args$args;
gzip on;
gzip_proxied any;
gzip_types *;
auth_basic &quot;Authentication Required&quot;;
auth_basic_user_file /etc/nginx/netdata.users;
}
</code></pre>
<ul>
<li>Update default virtual host (https site) config file
<code>/etc/nginx/sites-enabled/00-default-ssl.conf</code>,
include new snippet config file <code>netdata.tmpl</code> before the
<code>misc.tmpl</code> line like below:</li>
</ul>
<pre><code>server {
...
include /etc/nginx/templates/netdata.tmpl; # &lt;- add this line
include /etc/nginx/templates/misc.tmpl;
...
}
</code></pre>
<ul>
<li>Create new file <code>/etc/nginx/netdata.users</code> and an account used to access
netdata. NOTE: Please replace <code>&lt;password&gt;</code> below by a real, strong password.</li>
</ul>
<pre><code>touch /etc/nginx/netdata.users
doveadm pw -s SSHA -p '&lt;password&gt;'
</code></pre>
<ul>
<li>Now restart nginx service and access url <code>https://your-server/netdata/</code>
(please replace <code>your-server</code> by the real domain name).</li>
</ul><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<!-- Global site tag (gtag.js) - Google Analytics -->