Purpose

Monit is embedded within Hipchat Data Center and serves as a supervision tool to all the services needed by Hipchat to function properly.

Monit comes with its own web server to serve HTML pages displaying service status information and allowing admins to manipulate services from a GUI.

Solution

1. Gain root access:

   sudo dont-blame-hipchat

2. Update the Monit config Chef template /hipchat-scm/chef-repo/cookbooks/monit/templates/default/monitrc.erb used by replacing:

   set httpd unixsocket <%= node[:monit][:httpd][:socket] %>

   with

   set httpd port 2812 and
     use address <%= node['ipaddress'] %>
     allow 0.0.0.0/0.0.0.0

3. Update the admin and read-only UI credentials in the Monit attributes Chef file /hipchat-scm/chef-repo/cookbooks/monit/attributes/default.rb:

   # web interface
   default[:monit][:httpd] = {
     allow: 'admin:monitor',
     allow_ro: 'read:monitread',
     enabled: true,
     socket: '/var/run/monit.sock'
   }

4. Follow steps in How to change files maintained by Chef in HipChat Server to permanently open a firewall hole on port 2812 to access the Monit GUI from the outside. Note this will allow direct access to the node so be sure to only allow trusted IPs/IP ranges. 
   A sample command to run is:

   iptables -A INPUT -p tcp --dport 2812 -m state --state NEW -s 172.16.116.0/24 -j ACCEPT

5. Run Chef solo:

   /opt/atlassian/hipchat/sbin/cs

6. Review the actual monit config /etc/monit/monitrc which should include the following:

   set httpd port 2812 and
     use address <your_node's_ip>
     allow 0.0.0.0/0.0.0.0
     allow admin:monitor
     allow read:monitread read-only

7. Restart Monit:

   service monit restart

8. Access the Monit UI via http://<your_nodes_fqdn_or_ip>:2812, your username and password combination should be one of the combinations you set in the config: