Setting up a Munin instance (monitoring tool) on your Mail-in-a-Box

This topic explain how to setup Munin on your Mail-in-a-Box.
Please feel free to contribute if you think you can improve this guide.

Beware: This document is not yet reviewed by a member of the community, it should not be done in a production environment if you don’t feel confident with a command line prompt. Please wait a little while

First of, log into your box through ssh, it should be something like:

ssh -i ~/.ssh/my_private_key me@

Installing Munin

sudo apt-get install munin

Munin configuration

Edit the file /etc/munin/munin.conf (with a text editor like vi or nano).

sudo nano /etc/munin/munin.conf

And uncomment the lines beginning with dbdir, htmldir, logdir, rundir, and tmpldir
You should end up with something that look like this:

# The next three variables specifies where the location of the RRD
# databases, the HTML output, logs and the lock/pid files.  They all
# must be writable by the user running munin-cron.  They are all
# defaulted to the values you see here.
dbdir   /var/lib/munin
htmldir /var/cache/munin/www
logdir /var/log/munin
rundir  /var/run/munin

# Where to look for the HTML templates
tmpldir /etc/munin/templates

Save your file

Configuring Munin Dynamic Graph Rendering (optional)

By default, html pages and graphs are generated statically by a CRON task every 5 minutes.
When you click on a graph, Munin give you the opportunity to interact with it.
To use this feature, install those packages:

sudo apt-get install spawn-fcgi libcgi-fast-perl

Create a Munin-CGI-Graph Spawn-FCGI Startscript (courtesy of Julien Schimdt)

sudo nano /etc/init.d/spawn-fcgi-munin-graph

Copy/paste the following:

#! /bin/sh

# Provides:          spawn-fcgi-munin-graph
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Description:       starts FastCGI for Munin-Graph
# --------------------------------------------------------------
# Munin-CGI-Graph Spawn-FCGI Startscript by Julien Schmidt
# eMail: munin-trac at
# www:
# --------------------------------------------------------------
# Install: 
#   1. Copy this file to /etc/init.d
#   2. Edit the variables below
#   3. run "update-rc.d spawn-fcgi-munin-graph defaults"
# --------------------------------------------------------------
# Special thanks for their help to:
#   Frantisek Princ
#   Jérôme Warnier
# --------------------------------------------------------------
# Last Update: 14. February 2013
# Please change the following variables:

DAEMON_OPTS="-s $SOCK_FILE -F $FCGI_WORKERS -U $SOCK_USER -u $FCGI_USER -g $FCGI_GROUP -P $PID_FILE -- /usr/lib/munin/cgi/munin-cgi-graph"

# --------------------------------------------------------------
# No edits necessary beyond this line
# --------------------------------------------------------------

if [ ! -x $DAEMON ]; then
    echo "File not found or is not executable: $DAEMON!"
    exit 0

status() {
    if [ ! -r $PID_FILE ]; then
        return 1
    for FCGI_PID in `cat $PID_FILE`; do 
        if [ -z "${FCGI_PID}" ]; then
            return 1
        FCGI_RUNNING=`ps -p ${FCGI_PID} | grep ${FCGI_PID}`
        if [ -z "${FCGI_RUNNING}" ]; then
            return 1
    return 0
start() {
    if status; then
        echo "FCGI is already running!"
        exit 1

stop () {   
    if ! status; then
        echo "No PID-file at $PID_FILE found or PID not valid. Maybe not running"
        exit 1
    # Kill processes
    for PID_RUNNING in `cat $PID_FILE`; do
        kill -9 $PID_RUNNING
    # Remove PID-file
    rm -f $PID_FILE
    # Remove Sock-File
    rm -f $SOCK_FILE

case "$1" in
        echo "Starting $NAME: "
        echo "... DONE"

        echo "Stopping $NAME: "
        echo "... DONE"

        echo "Stopping $NAME: "
        echo "Starting $NAME: "
        echo "... DONE"
        if status; then
            echo "FCGI is RUNNING"
            echo "FCGI is NOT RUNNING"
        echo "Usage: $0 {start|stop|force-reload|restart|status}"
        exit 1

exit 0

Save your file

Add execute permission to your startscript

sudo chmod +x /etc/init.d/spawn-fcgi-munin-graph

Start FastCGI for Munin Graph

sudo service spawn-fcgi-munin-graph start

Send warnings and/or critical alerts to an email (optional)

Install the mailutils package which is a set of tools to handle emails in the command line.

apt-get install mailutils

Edit /etc/munin/munin.conf, and at the very end, add the following:

# send alerts to the following address
contacts admin
contact.admin.command mail -s "Munin notification ${var:host}" you@domain.tld
contact.admin.always_send warning critical

Be sure to replace you@domain.tld with the email you wish to receive Munin notifications

Save your file.

Create a subdomain for Munin

By default, Mail-in-a-box maintain your DNS records.
We will create a subdomain from which you will be able to access Munin.

In order to create your subdomain, you have to send a POST request using cURL,
it should look like something like this:

curl -d "" -k --user {email}:{password} https://{hostname}/admin/dns/set/{munin.mydomain.tld}

You will have to replace to following parameters to make it work.


With the email address of any administrative user.


With that user’s password.


By your hostname


By the subdomain from wich you want to access Munin

For example (fictional datas):

It give me:

curl -d "" -k --user

Make Munin available through your web server (Nginx)

Create an host:

sudo nano /etc/nginx/conf.d/munin.conf

Copy/paste the following (BEWARE: replace {subdomain.domain.tld} by the subdomain created in the previous section):

# Redirect all HTTP to HTTPS.
server {
        listen 80;
        listen [::]:80;

        server_name {subdomain.domain.tld};
        root /tmp/invalid-path-nothing-here;
        rewrite ^/(.*)$ https://{subdomain.domain.tld}/$1 permanent;

server {
    listen 443 ssl;

    server_name {subdomain.domain.tld};

    ssl_certificate /home/user-data/ssl/ssl_certificate.pem;
    ssl_certificate_key /home/user-data/ssl/ssl_private_key.pem;
    include /etc/nginx/nginx-ssl.conf;

    auth_basic "protected";
        auth_basic_user_file /etc/nginx/htpasswd;
    location = /robots.txt {
        log_not_found off;
        access_log off;

    location /static/ {
            alias /etc/munin/static/;
            expires modified +1w;

        location / {
            alias /var/cache/munin/www/;
            expires modified +310s;

        location ^~ /munin-cgi/munin-cgi-graph/ {
            access_log off;
            fastcgi_split_path_info ^(/munin-cgi/munin-cgi-graph)(.*);
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_pass unix:/var/run/munin/spawn-fcgi-munin-graph.sock;
            include fastcgi_params;

Save your file

Now we need to secure the access to your subdomain using http basic.
The command below will give you an encrypted password that we’ll use later.

Just replace {password} with the password of your choice and {salt} with a random string (it can be anything).

python -c 'import crypt; print crypt.crypt("{password}","{salt}")'

And then, create an htpasswd file to secure your subdomain (replace {encrypted_password} with the result of the previous command and {username} with your desired username)

echo '{username}:{encrypted_password}' | sudo tee --append /etc/nginx/htpasswd > /dev/null

Restart Nginx

sudo service nginx restart

Check if you can access your Munin instance through your web browser.
If so, congratulation /o/