mdn/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Init: mediaserver

Browse Source
This commit is contained in:
Martin Eichner
2023-02-08 12:13:28 +01:00
parent 848bc9739c
commit f7c23d4ba9
31914 changed files with 6175775 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

556
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/README.md Normal file
View File

@@ -0,0 +1,556 @@
# community.zabbix.zabbix_agent role
![Zabbix Agent](https://github.com/ansible-collections/community.zabbix/workflows/community.zabbix.zabbix_agent/badge.svg)
**Table of Contents**
- [Requirements](#requirements)
* [Operating systems](#operating-systems)
+ [Windows](#windows)
* [Local system access](#local-system-access)
* [Zabbix Versions](#zabbix-versions)
- [Getting started](#getting-started)
* [Minimal Configuration](#minimal-configuration)
* [Issues](#issues)
- [Role Variables](#role-variables)
* [Main variables](#main-variables)
+ [Overall Zabbix](#overall-zabbix)
+ [SElinux](#selinux)
+ [Zabbix Agent](#zabbix-agent)
+ [Zabbix Agent vs Zabbix Agent 2 configuration](#zabbix-agent-vs-zabbix-agent-2-configuration)
* [TLS Specific configuration](#tls-specific-configuration)
* [Zabbix API variables](#zabbix-api-variables)
* [Windows Variables](#windows-variables)
* [macOS Variables](#macos-variables)
* [Docker Variables](#docker-variables)
* [FirewallD/Iptables](#firewalld-iptables)
* [IPMI variables](#ipmi-variables)
* [proxy](#proxy)
- [Dependencies](#dependencies)
- [Example Playbook](#example-playbook)
* [zabbix_agent2_plugins](#zabbix-agent2-plugins)
* [agent_interfaces](#agent-interfaces)
* [Other interfaces](#other-interfaces)
* [Vars in role configuration](#vars-in-role-configuration)
* [Combination of group_vars and playbook](#combination-of-group-vars-and-playbook)
* [Example for TLS PSK encrypted agent communication](#example-for-tls-psk-encrypted-agent-communication)
- [Molecule](#molecule)
- [Deploying Userparameters](#deploying-userparameters)
- [License](#license)
- [Author Information](#author-information)
# Requirements
## Operating systems
This role will work on the following operating systems:
* Red Hat
* Fedora
* Debian
* Ubuntu
* opensuse
* Windows (Best effort)
* macOS
So, you'll need one of those operating systems.. :-)
Please send Pull Requests or suggestions when you want to use this role for other Operating systems.
## Ansible 2.10 and higher
With the release of Ansible 2.10, modules have been moved into collections. With the exception of ansible.builtin modules, this means additonal collections must be installed in order to use modules such as seboolean (now ansible.posix.seboolean). The following collections are now required: `ansible.posix`and `community.general`. Installing the collections:
```sh
ansible-galaxy collection install ansible.posix
ansible-galaxy collection install community.general
```
If you are willing to create host_groups and hosts in Zabbix via API as a part of this role execution then you need to install `ansible.netcommon` collection too:
```
ansible-galaxy collection install ansible.netcommon
```
### Docker
When you are a Docker user and using Ansible 2.10 or newer, then there is a dependency on the collection named `community.docker`. This collection is needed as the `docker_` modules are now part of collections and not standard in Ansible anymmore. Installing the collection:
```sh
ansible-galaxy collection install community.docker
```
### Windows
When you are a Windows user and using Ansible 2.10 or newer, then there are dependencies on collections named `ansible.windows` and `community.windows`. These collections are needed as the `win_` modules are now part of collections and not standard in Ansible anymmore. Installing the collections:
```sh
ansible-galaxy collection install ansible.windows
ansible-galaxy collection install community.windows
```
For more information, see: https://github.com/ansible-collections/community.zabbix/issues/236
## Local system access
To successfully complete the install the role requires `python-netaddr` on the controller to be able to manage IP addresses. This requires that the library is available on your local machine (or that `pip` is installed to be able to run). This will likely mean that running the role will require `sudo` access to your local machine and therefore you may need the `-K` flag to be able to enter your local machine password if you are not running under root.
## Zabbix Versions
See the following list of supported Operating systems with the Zabbix releases:
| Zabbix | 6.2 | 6.0 | 5.4 | 5.2 | 5.0 (LTS)| 4.4 | 4.0 (LTS) | 3.0 (LTS) |
|---------------------|-----|-----|-----|-----|----------|-----|-----------|-----------|
| Red Hat Fam 9 | V | V | | | | | | |
| Red Hat Fam 8 | V | V | V | V | V | V | | |
| Red Hat Fam 7 | V | V | V | V | V | V | V | V |
| Red Hat Fam 6 | V | V | V | V | V | | | V |
| Red Hat Fam 5 | | V | V | V | V | | | V |
| Fedora | | | | | | V | V | |
| Ubuntu 20.04 focal | V | V | V | V | V | | V | |
| Ubuntu 18.04 bionic | V | V | V | V | V | V | V | |
| Ubuntu 16.04 xenial | V | V | V | V | V | V | V | |
| Ubuntu 14.04 trusty | V | V | V | V | V | V | V | V |
| Debian 10 buster | V | V | V | V | V | V | | |
| Debian 9 stretch | V | | V | V | V | V | V | |
| Debian 8 jessie | | | | V | V | V | V | V |
| Debian 7 wheezy | | | | | | | V | V |
| macOS 10.15 | | | | | | V | V | |
| macOS 10.14 | | | | | | V | V | |
# Getting started
## Minimal Configuration
In order to get the Zabbix Agent running, you'll have to define the following properties before executing the role:
* `zabbix_agent_version`
* `zabbix_agent(2)_server`
* `zabbix_agent(2)_serveractive` (When using active checks)
The `zabbix_agent_version` is optional. The latest available major.minor version of Zabbix will be installed on the host(s). If you want to use an older version, please specify this in the major.minor format. Example: `zabbix_agent_version: 4.0`, `zabbix_agent_version: 3.4` or `zabbix_agent_version: 2.2`.
The `zabbix_agent(2)_server` (and `zabbix_agent(2)_serveractive`) should contain the ip or fqdn of the host running the Zabbix Server.
## Issues
Due to issue discussed on [#291](https://github.com/dj-wasabi/ansible-zabbix-agent/issues/291), the Ansible Version 2.9.{0,1,2} isn't working correctly on Windows related targets.
# Role Variables
## Main variables
The following is an overview of all available configuration default for this role.
### Overall Zabbix
* `zabbix_agent_version`: This is the version of zabbix. Default: The highest supported version for the operating system. Can be overridden to 6.2, 6.0, 5.4, 5.2 5.0, 4.4, 4.0, 3.4, 3.2, 3.0, 2.4, or 2.2. Previously the variable `zabbix_version` was used directly but it could cause [some inconvenience](https://github.com/dj-wasabi/ansible-zabbix-agent/pull/303). That variable is maintained by retrocompativility.
* `zabbix_agent_version_minor`: When you want to specify a minor version to be installed. Is also used for `zabbix_sender` and `zabbix_get`. RedHat only. Default set to: `*` (latest available)
* `zabbix_repo`: Default: `zabbix`
* `epel`: install agent from EPEL repo
* `zabbix`: (default) install agent from Zabbix repo
* `other`: install agent from pre-existing or other repo
* `zabbix_repo_yum`: A list with Yum repository configuration.
* `zabbix_repo_yum_schema`: Default: `https`. Option to change the web schema for the yum repository(http/https)
* `zabbix_repo_yum_disabled`: A string with repository names that should be disabled when installing Zabbix component specific packages. Is only used when `zabbix_repo_yum_enabled` contains 1 or more repositories. Default `*`.
* `zabbix_repo_yum_enabled`: A list with repository names that should be enabled when installing Zabbix component specific packages.
### SElinux
* `zabbix_selinux`: Default: `False`. Enables an SELinux policy so that the server will run.
### Zabbix Agent
* `zabbix_agent_ip`: The IP address of the host. When not provided, it will be determined via the `ansible_default_ipv4` fact.
* `zabbix_agent2`: Default: `False`. When you want to install the `Zabbix Agent2` instead of the "old" `Zabbix Agent`.
* `zabbix_agent_listeninterface`: Interface zabbix-agent listens on. Leave blank for all.
* `zabbix_agent_package_remove`: If `zabbix_agent2: True` and you want to remove the old installation. Default: `False`.
* `zabbix_agent_package`: The name of the zabbix-agent package. Default: `zabbix-agent`. In case for EPEL, it is automatically renamed.
* `zabbix_sender_package`: The name of the zabbix-sender package. Default: `zabbix-sender`. In case for EPEL, it is automatically renamed.
* `zabbix_get_package`: The name of the zabbix-get package. Default: `zabbix-get`. In case for EPEL, it is automatically renamed.
* `zabbix_agent_package_state`: If Zabbix-agent needs to be `present` or `latest`.
* `zabbix_agent_interfaces`: A list that configured the interfaces you can use when configuring via API.
* `zabbix_agent_install_agent_only`: Only install the Zabbix Agent and not the `zabbix-sender` and `zabbix-get` packages. Default: `False`
* `zabbix_agent_userparameters`: Default: `[]]`. List of userparameter names and scripts (if any). Detailed description is given in the [Deploying Userparameters](#deploying-userparameters) section.
* `name`: Userparameter name (should be the same with userparameter template file name)
* `scripts_dir`: Directory name of the custom scripts needed for userparameters
* `zabbix_agent_userparameters_templates_src`: indicates the relative path (from `templates/`) where userparameter templates are searched
* `zabbix_agent_userparameters_scripts_src`: indicates the relative path (from `files/`) where userparameter scripts are searched
* `zabbix_agent_runas_user`: Drop privileges to a specific, existing user on the system. Only has effect if run as 'root' and AllowRoot is disabled.
* `zabbix_agent_become_on_localhost`: Default: `True`. Set to `False` if you don't need to elevate privileges on localhost to install packages locally with pip.
* `zabbix_install_pip_packages`: Default: `True`. Set to `False` if you don't want to install the required pip packages. Useful when you control your environment completely.
* `zabbix_agent_apt_priority`: Add a weight (`Pin-Priority`) for the APT repository.
* `zabbix_agent_conf_mode`: Default: `0644`. The "mode" for the Zabbix configuration file.
* `zabbix_agent_dont_detect_ip`: Default `false`. When set to `true`, it won't detect available ip addresses on the host and no need for the Python module `netaddr` to be installed.
* `zabbix_agent_chassis`: Default: `false`. When set to `true`, it will give Zabbix Agent access to the Linux DMI table allowing system.hw.chassis info to populate.
### Zabbix Agent vs Zabbix Agent 2 configuration
The following provides an overview of all the properties that can be set in the Zabbix Agent configuration file. When `(2)` is used in the name of the property, like `zabbix_agent(2)_pidfile`, it will show that you can configure `zabbix_agent_pidfile` for the Zabbix Agent configuration file and `zabbix_agent2_pidfile` for the Zabbix Agent 2 configuration file.
Otherwise it just for the Zabbix Agent or for the Zabbix Agent 2.
* `zabbix_agent(2)_server`: The ip address for the zabbix-server or zabbix-proxy.
* `zabbix_agent(2)_serveractive`: The ip address for the zabbix-server or zabbix-proxy for active checks.
* `zabbix_agent(2)_allow_key`: list of AllowKey configurations.
* `zabbix_agent(2)_deny_key`: list of DenyKey configurations.
* `zabbix_agent(2)_pidfile`: name of pid file.
* `zabbix_agent(2)_logfile`: name of log file.
* `zabbix_agent(2)_logfilesize`: maximum size of log file in mb.
* `zabbix_agent(2)_logtype`: Specifies where log messages are written to
* `zabbix_agent(2)_debuglevel`: specifies debug level
* `zabbix_agent(2)_sourceip`: source ip address for outgoing connections.
* `zabbix_agent_enableremotecommands`: whether remote commands from zabbix server are allowed.
* `zabbix_agent_logremotecommands`: enable logging of executed shell commands as warnings.
* `zabbix_agent(2)_listenport`: agent will listen on this port for connections from the server.
* `zabbix_agent2_statusport`: Agent will listen on this port for HTTP status requests.
* `zabbix_agent(2)_listenip`: list of comma delimited ip addresses that the agent should listen on.
* `zabbix_agent_startagents`: number of pre-forked instances of zabbix_agentd that process passive checks.
* `zabbix_agent(2)_hostname`: unique, case sensitive hostname.
* `zabbix_agent(2)_hostnameitem`: item used for generating hostname if it is undefined.
* `zabbix_agent(2)_hostmetadata`: optional parameter that defines host metadata.
* `zabbix_agent(2)_hostmetadataitem`: optional parameter that defines an item used for getting the metadata.
* `zabbix_agent(2)_refreshactivechecks`: how often list of active checks is refreshed, in seconds.
* `zabbix_agent(2)_buffersend`: do not keep data longer than n seconds in buffer.
* `zabbix_agent(2)_buffersize`: maximum number of values in a memory buffer. the agent will send all collected data to zabbix server or proxy if the buffer is full.
* `zabbix_agent2_enablepersistentbuffer`: 0 - disabled, in-memory buffer is used (default); 1 - use persistent buffer
* `zabbix_agent2_persistentbufferperiod`: Zabbix Agent2 will keep data for this time period in case of no connectivity with Zabbix server or proxy. Older data will be lost. Log data will be preserved.
* `zabbix_agent2_persistentbufferfile`: Zabbix Agent2 will keep SQLite database in this file * n is valid if `EnablePersistentBuffer=1`
* `zabbix_agent_maxlinespersecond`: maximum number of new lines the agent will send per second to zabbix server or proxy processing 'log' and 'logrt' active checks.
* `zabbix_agent_allowroot`: allow the agent to run as 'root'. if disabled and the agent is started by 'root', the agent will try to switch to user 'zabbix' instead. has no effect if started under a regular user.
* `zabbix_agent(2)_zabbix_alias`: sets an alias for parameter. it can be useful to substitute long and complex parameter name with a smaller and simpler one. Can be both a string as an list.
* `zabbix_agent(2)_timeout`: spend no more than timeout seconds on processing
* `zabbix_agent(2)_include`: you may include individual files or all files in a directory in the configuration file.
* `zabbix_agent(2)_include_pattern`: Optional file pattern used for included files.
* `zabbix_agent(2)_include_mode`: The mode for the directory mentioned above.
* `zabbix_agent(2)_unsafeuserparameters`: allow all characters to be passed in arguments to user-defined parameters.
* `zabbix_agent_loadmodulepath`: Full path to location of agent modules.
* `zabbix_agent_loadmodule`: Module to load at agent startup. Modules are used to extend functionality of the agent.
* `zabbix_agent2_controlsocket`: The control socket, used to send runtime commands with '-R' option.
* `zabbix_agent_allowroot`: Allow the agent to run as 'root'. 0 - do not allow, 1 - allow
* `zabbix_agent2_plugins`: A list containing plugin configuration.
* `zabbix_agent(2)_listenbacklog`: The maximum number of pending connections in the queue.
## TLS Specific configuration
These variables are specific for Zabbix 3.0 and higher. When `(2)` is used in the name of the property, like `zabbix_agent(2)_tlsconnect`, it will show that you can configure `zabbix_agent_tlsconnect` for the Zabbix Agent configuration file and `zabbix_agent2_tlsconnect` for the Zabbix Agent 2 configuration file.
* `zabbix_agent(2)_tlsconnect`: How the agent should connect to server or proxy. Used for active checks.
Possible values:
* unencrypted
* psk
* cert
* `zabbix_agent(2)_tlsaccept`: What incoming connections to accept.
Possible values:
* unencrypted
* psk
* cert
* `zabbix_agent(2)_tlscafile`: Full pathname of a file containing the top-level CA(s) certificates for peer certificate verification.
* `zabbix_agent(2)_tlscrlfile`: Full pathname of a file containing revoked certificates.
* `zabbix_agent(2)_tlsservercertissuer`: Allowed server certificate issuer.
* `zabbix_agent(2)_tlsservercertsubject`: Allowed server certificate subject.
* `zabbix_agent(2)_tlscertfile`: Full pathname of a file containing the agent certificate or certificate chain.
* `zabbix_agent(2)_tlskeyfile`: Full pathname of a file containing the agent private key.
* `zabbix_agent(2)_tlspskidentity`: Unique, case sensitive string used to identify the pre-shared key.
* `zabbix_agent(2)_tlspskidentity_file`: Full pathname of a file containing the pre-shared key identity.
* `zabbix_agent(2)_tlspskfile`: Full pathname of a file containing the pre-shared key.
* `zabbix_agent(2)_tlspsk_secret`: The pre-shared secret key that should be placed in the file configured with `agent_tlspskfile`.
* `zabbix_agent(2)_tlspsk_auto`: Enables auto generation and storing of individual pre-shared keys and identities on clients. Is false by default. If set to true and if `zabbix_agent_tlspskfile` and `zabbix_agent_tlspsk_secret` are undefined, it generates the files `/etc/zabbix/tls_psk_auto.identity` and `/etc/zabbix/tls_psk_auto.secret`, which are populated by values automatically (identity is set to hostname, underscore and 4 random alphanumeric digits; secret is 64 random alphanumeric digits) in such a way that the values are generated once and are never overwritten.
The results are stored in the Ansible variables `zabbix_agent_tlspskidentity` and `zabbix_agent_tlspsk_secret`, so that they may be used later in the code, for example with [zabbix_host](https://docs.ansible.com/ansible/latest/collections/community/zabbix/zabbix_host_module.html) to configure the Zabbix server or with `debug: msg:` to display them to the user.
## Zabbix API variables
These variables need to be overridden when you want to make use of the Zabbix API for automatically creating and or updating hosts.
Host encryption configuration will be set to match agent configuration.
* `zabbix_api_http_user`: The http user to access zabbix url with Basic Auth.
* `zabbix_api_http_password`: The http password to access zabbix url with Basic Auth.
* `zabbix_api_create_hosts`: Default: `False`. When you want to enable the Zabbix API to create/delete the host. This has to be set to `True` if you want to make use of `zabbix_agent_host_state`.
* `zabbix_api_create_hostgroup`: When you want to enable the Zabbix API to create/delete the hostgroups. This has to be set to `True` if you want to make use of `zabbix_agent_hostgroups_state`.Default: `False`
* `zabbix_api_server_host`: The IP or hostname/FQDN of Zabbix server. Example: zabbix.example.com
* `zabbix_api_server_port`: TCP port to use to connect to Zabbix server. Example: 8080
* `zabbix_api_use_ssl`: yes (Default) if we need to connect to Zabbix server over HTTPS
* `zabbix_api_validate_certs` : yes (Default) if we need to validate tls certificates of the API. Use `no` in case self-signed certificates are used
* `zabbix_api_login_user`: Username of user which has API access.
* `zabbix_api_login_pass`: Password for the user which has API access.
* `ansible_zabbix_url_path`: URL path if Zabbix WebUI running on non-default (zabbix) path, e.g. if http://<FQDN>/zabbixeu then set to `zabbixeu`
* `zabbix_agent_hostgroups_state`: present (Default) if the hostgroup needs to be created or absent if you want to delete it. This only works when `zabbix_api_create_hostgroup` is set to `True`.
* `zabbix_host_status`: enabled (Default) when host in monitored, disabled when host is disabled for monitoring.
* `zabbix_agent_host_state`: present (Default) if the host needs to be created or absent is you want to delete it. This only works when `zabbix_api_create_hosts` is set to `True`.
* `zabbix_agent_host_update`: yes (Default) if the host should be updated if already present. This only works when `zabbix_api_create_hosts` is set to `True`.
* `zabbix_useuip`: 1 if connection to zabbix-agent is made via ip, 0 for fqdn.
* `zabbix_host_groups`: A list of hostgroups which this host belongs to.
* `zabbix_agent_link_templates`: A list of templates which needs to be link to this host. The templates should exist.
* `zabbix_agent_macros`: A list with macro_key and macro_value for creating hostmacro's.
* `zabbix_agent_tags`: A list with tag and (optionally) value for creating host tags.
* `zabbix_agent_inventory_mode`: Configure Zabbix inventory mode. Needed for building inventory data, manually when configuring a host or automatically by using some automatic population options. This has to be set to `automatic` if you want to make automatically building inventory data.
* `zabbix_agent_visible_hostname` : Configure Zabbix visible name inside Zabbix web UI for the node.
* `zabbix_agent_description`: Description of the host in Zabbix.
* `zabbix_agent_inventory_zabbix`: Adds Facts for a zabbix inventory
## Windows Variables
**NOTE**
_Supporting Windows is a best effort (I don't have the possibility to either test/verify changes on the various amount of available Windows instances). PRs specific to Windows will almost immediately be merged, unless someone is able to provide a Windows test mechanism via Travis for Pull Requests._
When `(2)` is used in the name of the property, like `zabbix_agent(2)_win_logfile`, it will show that you can configure `zabbix_agent_win_logfile` for the Zabbix Agent configuration file and `zabbix_agent2_win_logfile` for the Zabbix Agent 2 configuration file.
Otherwise it just for the Zabbix Agent or for the Zabbix Agent 2.
* `zabbix(2)_win_package`: file name pattern (zip only). This will be used to generate the `zabbix(2)_win_download_link` variable.
* `zabbix_version_long`: The long (major.minor.patch) version of the Zabbix Agent. This will be used to generate the `zabbix(2)_win_package` and `zabbix(2)_win_download_link` variables. This takes precedence over `zabbix_agent_version`.
* `zabbix(2)_win_download_link`: The download url to the `win.zip` file.
* `zabbix_win_install_dir`: The directory where Zabbix needs to be installed.
* `zabbix_win_install_dir_conf`: The directory where Zabbix configuration file needs to be installed.
* `zabbix_win_install_dir_bin`: The directory where Zabbix binary file needs to be installed.
* `zabbix_agent(2)_win_logfile`: The full path to the logfile for the Zabbix Agent.
* `zabbix_agent_win_include`: The directory in which the Zabbix Agent specific configuration files are stored.
* `zabbix_agent_win_svc_recovery`: Enable Zabbix Agent service auto-recovery settings.
* `zabbix_win_firewall_management`: Enable Windows firewall management (add service and port to allow rules). Default: `True`
## macOS Variables
* `zabbix_version_long`: The long (major.minor.patch) version of the Zabbix Agent. This will be used to generate the `zabbix_mac_download_link` link.
* `zabbix_mac_download_link`: The download url to the `pkg` file.
## Docker Variables
When you don't want to install the Zabbix Agent on the host, but would like to run it in a container then these properties are useful. When `zabbix_agent_docker` is set to `True`, then a
Docker image will be downloaded and a Container will be started. No other installations will be done on the host, with the exception of the PSK file and the "Zabbix Include Directory".
The following directories are mounted in the Container:
```
- /etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d
- /:/hostfs:ro
- /etc:/hostfs/etc:ro
- /proc:/hostfs/proc:ro
- /sys:/hostfs/sys:ro
- /var/run:/var/run
```
Keep in mind that using the Zabbix Agent in a Container requires changes to the Zabbix Template for Linux as `/proc`, `/sys` and `/etc` are mounted in a directory `/hostfs`.
* `zabbix_agent_docker`: Default: `False`. When set to `True`, it will install a Docker container on the target host instead of installation on the target.
* `zabbix_agent_docker_state`: Default: `started`
* `zabbix_agent_docker_name`: The name of the Container. Default: `zabbix-agent`
* `zabbix_agent_docker_image`: The name of the Docker image. Default: `zabbix/zabbix-agent`
* `zabbix_agent_docker_image_tag`: The tag of the Docker image.
* `zabbix_agent_docker_user_gid`: The group id of the zabbix user in the Container.
* `zabbix_agent_docker_user_uid`: The user id of the zabbix user in the Container.
* `zabbix_agent_docker_network_mode`: The name of the (Docker) network that should be used for the Container. Default `host`.
* `zabbix_agent_docker_restart_policy`: Default: `unless-stopped`. The restart policy of the Container.
* `zabbix_agent_docker_privileged`: When set to `True`, the container is running in privileged mode.
* `zabbix_agent_docker_ports`: A list with `<PORT>:<PORT>` values to open ports to the container.
* `zabbix_agent_docker_security_opts`: A list with available security options.
* `zabbix_agent_docker_volumes`: A list with all directories that needs to be available in the Container.
* `zabbix_agent_docker_env`: A dict with all environment variables that needs to be set for the Container.
## FirewallD/Iptables
* `zabbix_agent_firewall_enable`: If IPtables needs to be updated by opening an TCP port for port configured in `zabbix_agent_listenport`.
* `zabbix_agent_firewall_source`: When provided, IPtables will be configuring to only allow traffic from this IP address/range.
* `zabbix_agent_firewalld_enable`: If firewalld needs to be updated by opening an TCP port for port configured in `zabbix_agent_listenport` and `zabbix_agent_jmx_listenport` if defined.
* `zabbix_agent_firewalld_source`: When provided, firewalld will be configuring to only allow traffic for IP configured in `zabbix_agent_server`.
* `zabbix_agent_firewalld_zone`: When provided, the firewalld rule will be attached to this zone (only if zabbix_agent_firewalld_enable is set to true). The default behavior is to use the default zone define by the remote host firewalld configuration.
* `zabbix_agent_firewall_action`: Default: `insert`. When to `insert` the rule or to `append` to IPTables.
* `zabbix_agent_firewall_chain`: Default `INPUT`. Which `chain` to add the rule to IPTables.
## IPMI variables
* `zabbix_agent_ipmi_authtype`: IPMI authentication algorithm. Possible values are 1 (callback), 2 (user), 3 (operator), 4 (admin), 5 (OEM), with 2 being the API default.
* `zabbix_agent_ipmi_password`: IPMI password.
* `zabbix_agent_ipmi_privilege`: IPMI privilege level. Possible values are 1 (callback), 2 (user), 3 (operator), 4 (admin), 5 (OEM), with 2 being the API default.
* `zabbix_agent_ipmi_username`: IPMI username.
## proxy
When the target host does not have access to the internet, but you do have a proxy available then the following properties needs to be set to download the packages via the proxy:
* `zabbix_http_proxy`
* `zabbix_https_proxy`
# Dependencies
There are no dependencies on other roles.
# Example Playbook
## zabbix_agent2_plugins
Specifically for the Zabbix Agent 2, a list of extra plugins can be configured. The following provides an overview of configuring the `SystemRun` plugin by setting the `LogRemoteCommands` to `0`:
```yaml
zabbix_agent2_plugins:
- name: SystemRun
options:
- parameter: LogRemoteCommands
value: 0
```
In the `zabbix_agent2.conf` an entry will be created with the following content:
```
Plugins.SystemRun.LogRemoteCommands=0
```
## agent_interfaces
This will configure the Zabbix Agent interface on the host.
```yaml
zabbix_agent_interfaces:
- type: 1
main: 1
useip: "{{ zabbix_useuip }}"
ip: "{{ zabbix_agent_ip }}"
dns: "{{ ansible_fqdn }}"
port: "{{ zabbix_agent_listenport }}"
```
## Other interfaces
You can also configure the `zabbix_agent_interfaces` to add/configure snmp, jmx and ipmi interfaces.
You'll have to use one of the following type numbers when configuring it:
| Type Interface | Nr |
|-----------------|-------|
| Zabbix Agent | 1 |
| snmp | 2 |
| ipmi | 3 |
| jmx | 4 |
Configuring a snmp interface will look like this:
```
zabbix_agent_interfaces:
- type: 2
main: 1
useip: "{{ zabbix_useuip }}"
ip: "{{ agent_ip }}"
dns: "{{ ansible_fqdn }}"
port: "{{ agent_listenport }}"
```
## Vars in role configuration
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```yaml
- hosts: all
roles:
- role: community.zabbix.zabbix_agent
zabbix_agent_server: 192.168.33.30
zabbix_agent_serveractive: 192.168.33.30
zabbix_api_server_url: http://zabbix.example.com
zabbix_api_use: true # use zabbix_api_create_hosts and/or zabbix_api_create_hostgroup from 0.8.0
zabbix_api_login_user: Admin
zabbix_api_login_pass: zabbix
zabbix_agent_host_state: present
zabbix_host_groups:
- Linux Servers
zabbix_agent_link_templates:
- Template OS Linux
- Apache APP Template
zabbix_agent_macros:
- macro_key: apache_type
macro_value: reverse_proxy
macro_type: text
zabbix_agent_tags:
- tag: environment
value: production
```
## Combination of group_vars and playbook
You can also use the group_vars or the host_vars files for setting the variables needed for this role. File you should change: `group_vars/all` or `host_vars/<zabbix_server>` (Where <zabbix_server> is the hostname of the machine running Zabbix Server)
```yaml
zabbix_agent_server: 192.168.33.30
zabbix_agent_serveractive: 192.168.33.30
zabbix_api_server_url: http://zabbix.example.com
zabbix_api_use: true # use zabbix_api_create_hosts and/or zabbix_api_create_hostgroup from 0.8.0
zabbix_api_login_user: Admin
zabbix_api_login_pass: zabbix
zabbix_agent_host_state: present
zabbix_host_groups:
- Linux Servers
zabbix_agent_link_templates:
- Template OS Linux
- Apache APP Template
zabbix_agent_macros:
- macro_key: apache_type
macro_value: reverse_proxy
zabbix_agent_tags:
- tag: environment
value: production
```
and in the playbook only specifying:
```yaml
- hosts: all
roles:
- role: community.zabbix.zabbix_agent
```
## Example for TLS PSK encrypted agent communication
Variables e.g. in the playbook or in `host_vars/myhost`:
```yaml
zabbix_agent_tlsaccept: psk
zabbix_agent_tlsconnect: psk
zabbix_agent_tlspskidentity: "myhost PSK"
zabbix_agent_tlspsk_secret: b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d
zabbix_agent_tlspskfile: /etc/zabbix/zabbix_agent_pskfile.psk
```
# Molecule
This role is configured to be tested with Molecule. You can find on this page some more information regarding Molecule:
* http://werner-dijkerman.nl/2016/07/10/testing-ansible-roles-with-molecule-testinfra-and-docker/
* http://werner-dijkerman.nl/2016/07/27/extending-ansible-role-testing-with-molecule-by-adding-group_vars-dependencies-and-using-travis-ci/
* http://werner-dijkerman.nl/2016/07/31/testing-ansible-roles-in-a-cluster-setup-with-docker-and-molecule/
With each Pull Request, Molecule will be executed via travis.ci. Pull Requests will only be merged once these tests run successfully.
# Deploying Userparameters
The following steps are required to install custom userparameters and/or scripts:
* Put the desired userparameter file in the `templates/userparameters` directory and name it as `<userparameter_name>.j2`. For example: `templates/userparameters/mysql.j2`. You can change the default directory to a custom one modifying `zabbix_agent_userparameters_templates_src` variable.
* Put the scripts directory (if any) in the `files/scripts` directory. For example: `files/scripts/mysql`. You can change the default directory to a custom one modifying `zabbix_agent_userparameters_scripts_src` variable.
* Add `zabbix_agent_userparameters` variable to the playbook as a list of dictionaries and define userparameter name and scripts directory name (if there are no scripts just no not specify the `scripts_dir` variable).
Example:
```yaml
- hosts: mysql_servers
tasks:
- include_role:
name: community.zabbix.zabbix_agent
vars:
zabbix_agent_server: zabbix.mydomain.com
zabbix_agent_userparameters:
- name: mysql
scripts_dir: mysql
- name: galera
```
Example of the "templates/userparameters/mysql.j2" file:
```
UserParameter=mysql.ping_to,mysqladmin -uroot ping | grep -c alive
```
# License
GNU General Public License v3.0 or later
See LICENCE to see the full text.
# Author Information
Please send suggestion or pull requests to make this role better. Also let us know if you encounter any issues installing or using this role.
Github: https://github.com/ansible-collections/community.zabbix

323
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/defaults/main.yml Normal file
View File

@@ -0,0 +1,323 @@
---
# defaults file for zabbix_agent
zabbix_agent2: false
# zabbix_agent_version: 6.0
zabbix_agent_version_minor: "*"
zabbix_version: "{{ zabbix_agent_version }}"
zabbix_version_patch: 0
zabbix_repo: zabbix
zabbix_agent_package_remove: false
zabbix_agent_package: zabbix-agent
zabbix_sender_package: zabbix-sender
zabbix_get_package: zabbix-get
zabbix_agent_package_state: present
zabbix_agent_server:
zabbix_agent_serveractive:
zabbix_agent2_server: "{{ zabbix_agent_server }}"
zabbix_agent2_serveractive: "{{ zabbix_agent_serveractive }}"
zabbix_selinux: false
zabbix_agent_src_reinstall: false
zabbix_agent_apt_priority:
zabbix_agent_conf_mode: "0644"
zabbix_agent_dont_detect_ip: false
zabbix_agent_allow_key: []
zabbix_agent_deny_key: []
zabbix_agent2_allow_key: "{{ zabbix_agent_allow_key }}"
zabbix_agent2_deny_key: "{{ zabbix_agent_deny_key }}"
# Selinux related vars
selinux_allow_zabbix_run_sudo: false
zabbix_agent_install_agent_only: false
zabbix_agent_packages:
- "{{ zabbix_agent_package }}"
- "{{ zabbix_sender_package }}"
- "{{ zabbix_get_package }}"
# Zabbix role related vars
zabbix_install_pip_packages: true
zabbix_apt_force_apt_get: true
zabbix_apt_install_recommends: false
# Override Ansible specific facts
zabbix_agent_distribution_major_version: "{{ ansible_distribution_major_version }}"
zabbix_agent_distribution_release: "{{ ansible_distribution_release }}"
zabbix_agent_os_family: "{{ ansible_os_family }}"
zabbix_repo_yum_gpgcheck: 0
zabbix_repo_yum_schema: https
zabbix_repo_yum_disabled: "*"
zabbix_repo_yum_enabled: []
zabbix_repo_yum:
- name: zabbix
description: Zabbix Official Repository - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/zabbix/{{ zabbix_version }}/rhel/{{ zabbix_agent_distribution_major_version }}/$basearch/"
mode: "0644"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
- name: zabbix-non-supported
description: Zabbix Official Repository non-supported - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/non-supported/rhel/{{ zabbix_agent_distribution_major_version }}/$basearch/"
mode: "0644"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
- name: zabbix-agent2-plugins
description: Zabbix Official Repository (Agent2 Plugins) - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/zabbix-agent2-plugins/1/rhel/{{ zabbix_agent_distribution_major_version }}/$basearch/"
mode: "0644"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
# Zabbix API stuff
zabbix_validate_certs: true # Will be deprecated in 2.0.0
zabbix_api_validate_certs: "{{ zabbix_validate_certs }}"
zabbix_agent_server_url: http://localhost # Will be deprecated in 2.0.0
zabbix_url: "{{ zabbix_agent_server_url }}" # Will be deprecated in 2.0.0
zabbix_api_server_url: "{{ zabbix_agent_server_url }}"
zabbix_api_server_host: "{{ zabbix_api_server_url | urlsplit('hostname') }}"
zabbix_api_port_from_url: "{{ zabbix_api_server_port | default(zabbix_api_server_url | urlsplit('port')) }}"
zabbix_api_scheme_from_url: "{{ zabbix_api_server_url | urlsplit('scheme') }}"
zabbix_api_port_from_shema: "{{ (zabbix_api_scheme_from_url == 'https') | ternary(443, 80) }}"
# zabbix_http_user: admin # Will be deprecated in 2.0.0
# zabbix_http_password: admin # Will be deprecated in 2.0.0
# zabbix_api_http_user: admin
# zabbix_api_http_password: admin
zabbix_api_user: Admin # Will be deprecated in 2.0.0
zabbix_api_pass: !unsafe zabbix # Will be deprecated in 2.0.0
zabbix_api_login_user: "{{ zabbix_api_user }}"
zabbix_api_login_pass: "{{ zabbix_api_pass }}"
ansible_httpapi_pass: "{{ zabbix_api_login_pass }}"
ansible_network_os: community.zabbix.zabbix
ansible_httpapi_port: "{{ (zabbix_api_port_from_url == '') | ternary(zabbix_api_port_from_shema, zabbix_api_port_from_url) }}"
ansible_httpapi_use_ssl: "{{ zabbix_api_use_ssl | default((zabbix_api_scheme_from_url == 'https') | ternary(true, false)) }}"
ansible_httpapi_validate_certs: "{{ zabbix_api_validate_certs }}"
zabbix_api_create_hostgroup: false
zabbix_api_create_hosts: false
zabbix_api_timeout: 30
zabbix_create_hostgroup: present # or absent # Will be deprecated in 2.0.0
zabbix_agent_hostgroups_state: "{{ zabbix_create_hostgroup }}"
zabbix_create_host: present # or absent # Will be deprecated in 2.0.0
zabbix_agent_host_state: "{{ zabbix_create_host }}"
zabbix_update_host: true # Will be deprecated in 2.0.0
zabbix_agent_host_update: "{{ zabbix_update_host }}"
zabbix_host_status: enabled # or disabled
zabbix_proxy: null # Will be deprecated in 2.0.0
zabbix_agent_proxy: "{{ zabbix_proxy }}"
zabbix_inventory_mode: disabled # Will be deprecated in 2.0.0
zabbix_agent_inventory_mode: "{{ zabbix_inventory_mode }}"
zabbix_useuip: 1
zabbix_host_groups:
- Linux servers
zabbix_link_templates: # Will be deprecated in 2.0.0
- Template Linux by Zabbix agent
zabbix_agent_link_templates: "{{ zabbix_link_templates }}"
zabbix_agent_interfaces:
- type: 1
main: 1
useip: "{{ zabbix_useuip }}"
ip: "{{ zabbix_agent_ip }}"
dns: "{{ ansible_fqdn }}"
port: "{{ (zabbix_agent2 == True) | ternary(zabbix_agent2_listenport, zabbix_agent_listenport) }}"
zabbix_agent_firewall_enable: false
zabbix_agent_firewalld_enable: false
zabbix_agent_firewalld_source: "{{ zabbix_agent_server }}"
zabbix_agent_firewall_action: insert
zabbix_agent_firewall_chain: INPUT
# By default, a null zone will trigger the use of the default zone on the remote host
zabbix_agent_firewalld_zone:
# Zabbix configuration variables
zabbix_agent_pidfile: /var/run/zabbix/zabbix_agentd.pid
zabbix_agent_logtype: file
zabbix_agent_logfile: /var/log/zabbix/zabbix_agentd.log
zabbix_agent_logfilesize: 100
zabbix_agent_debuglevel: 3
zabbix_agent_sourceip:
zabbix_agent_enableremotecommands: 0
zabbix_agent_allowkeys:
zabbix_agent_denykeys:
zabbix_agent_logremotecommands: 0
zabbix_agent_listenport: 10050
zabbix_agent_jmx_listenport:
zabbix_agent_listeninterface:
zabbix_agent_listenip:
zabbix_agent_startagents: 3
zabbix_agent_hostname: "{{ inventory_hostname }}"
zabbix_agent_hostnameitem:
zabbix_agent_hostmetadata:
zabbix_agent_hostmetadataitem:
zabbix_agent_refreshactivechecks: 120
zabbix_agent_buffersend: 5
zabbix_agent_buffersize: 100
zabbix_agent_maxlinespersecond: 100
zabbix_agent_allowroot: 0
zabbix_agent_zabbix_alias:
zabbix_agent_timeout: 3
zabbix_agent_include: /etc/zabbix/zabbix_agentd.d
zabbix_agent_include_pattern:
zabbix_agent_include_mode: "0750"
zabbix_agent_unsafeuserparameters: 0
zabbix_agent_userparameters: []
zabbix_agent_userparameters_templates_src: "userparameters"
zabbix_agent_userparameters_scripts_src: "scripts"
zabbix_agent_custom_scripts: false
zabbix_agent_loadmodulepath: ${libdir}/modules
zabbix_agent_loadmodule:
zabbix_agent_become_on_localhost: true
zabbix_agent_description:
zabbix_agent_inventory_zabbix: {}
zabbix_agent_heartbeatfrequency: 60
zabbix_macros: [] # Will be deprecated in 2.0.0
zabbix_agent_macros: "{{ zabbix_macros }}"
zabbix_agent_tags: []
zabbix_agent_chassis: false
# TLS settings
zabbix_agent_tlsconnect:
zabbix_agent_tlsaccept:
zabbix_agent_tlscafile:
zabbix_agent_tlscrlfile:
zabbix_agent_tlsservercertissuer:
zabbix_agent_tlsservercertsubject:
zabbix_agent_tls_subject: "{{ zabbix_agent_tlsservercertsubject }}" # FIXME this is not correct and should be removed with 2.0.0, here only to prevent regression
zabbix_agent_tlscertfile:
zabbix_agent_tlskeyfile:
zabbix_agent_tlspskidentity:
zabbix_agent_tlspsk_auto: false
zabbix_agent_tls_config:
unencrypted: "1"
psk: "2"
cert: "4"
# IPMI settings
zabbix_agent_ipmi_authtype: 2
zabbix_agent_ipmi_password:
zabbix_agent_ipmi_privilege: 2
zabbix_agent_ipmi_username:
# Zabbix Agent2
zabbix_agent2_pidfile: /var/run/zabbix/zabbix_agent2.pid
zabbix_agent2_logfile: /var/log/zabbix/zabbix_agent2.log
zabbix_agent2_logtype: file
zabbix_agent2_statusport: 9999
zabbix_agent2_include: /etc/zabbix/zabbix_agent2.d
zabbix_agent2_include_pattern:
zabbix_agent2_logfilesize: 100
zabbix_agent2_debuglevel: 3
zabbix_agent2_sourceip:
zabbix_agent2_listenport: 10050
zabbix_agent2_listenip:
zabbix_agent2_hostname: "{{ inventory_hostname }}"
zabbix_agent2_hostnameitem:
zabbix_agent2_hostmetadata:
zabbix_agent2_hostmetadataitem:
zabbix_agent2_hostinterface:
zabbix_agent2_hostinterfaceitem:
zabbix_agent2_enablepersistentbuffer: 0
zabbix_agent2_persistentbufferperiod: 1h
zabbix_agent2_persistentbufferfile:
zabbix_agent2_refreshactivechecks: 120
zabbix_agent2_buffersend: 5
zabbix_agent2_buffersize: 100
zabbix_agent2_zabbix_alias:
zabbix_agent2_timeout: 3
zabbix_agent2_include_mode: "0750"
zabbix_agent2_unsafeuserparameters: 0
zabbix_agent2_controlsocket: /tmp/agent.sock
zabbix_agent2_plugins: []
# Zabbix Agent2 TLS settings
zabbix_agent2_tlsconnect:
zabbix_agent2_tlsaccept:
zabbix_agent2_tlscafile:
zabbix_agent2_tlscrlfile:
zabbix_agent2_tlsservercertissuer:
zabbix_agent2_tlsservercertsubject:
zabbix_agent2_tls_subject: "{{ zabbix_agent2_tlsservercertsubject }}" # FIXME this is not correct and should be removed with 2.0.0, here only to prevent regression
zabbix_agent2_tlscertfile:
zabbix_agent2_tlskeyfile:
zabbix_agent2_tlspskidentity:
zabbix_agent2_tlspsk_auto: false
# Windows/macOS Related
zabbix_version_long: 5.2.4
# Windows Related
zabbix_win_package: zabbix_agent-{{ zabbix_version_long }}-windows-amd64-openssl.zip
zabbix2_win_package: zabbix_agent2-{{ zabbix_version_long }}-windows-amd64-openssl-static.zip
zabbix_win_download_url: https://cdn.zabbix.com/zabbix/binaries/stable
zabbix_win_download_link: "{{ zabbix_win_download_url }}/{{ zabbix_version_long | regex_search('^\\d+\\.\\d+') }}/{{ zabbix_version_long }}/{{ zabbix_win_package }}"
zabbix2_win_download_link: "{{ zabbix_win_download_url }}/{{ zabbix_version_long | regex_search('^\\d+\\.\\d+') }}/{{ zabbix_version_long }}/{{ zabbix2_win_package }}"
zabbix_win_install_dir: 'C:\Zabbix'
zabbix_win_install_dir_conf: '{{ zabbix_win_install_dir }}\\conf'
zabbix_win_install_dir_bin: '{{ zabbix_win_install_dir }}\\bin'
zabbix_agent_win_logfile: "{{ zabbix_win_install_dir }}\\zabbix_agentd.log"
zabbix_agent_win_include: "{{ zabbix_win_install_dir }}\\zabbix_agent.d\\"
zabbix_agent2_win_logfile: "{{ zabbix_win_install_dir }}\\zabbix_agent2.log"
zabbix_agent_win_svc_recovery: true
zabbix_win_firewall_management: true
# macOS Related
zabbix_mac_package: zabbix_agent-{{ zabbix_version_long }}-macos-amd64-openssl.pkg
zabbix_mac_download_url: https://cdn.zabbix.com/zabbix/binaries/stable
zabbix_mac_download_link: "{{ zabbix_mac_download_url }}/{{ zabbix_agent_version }}/{{ zabbix_version_long }}/{{ zabbix_mac_package }}"
# Zabbix Agent Docker facts
zabbix_agent_docker: false
zabbix_agent_docker_state: started
zabbix_agent_docker_name: zabbix-agent
zabbix_agent_docker_image: "zabbix/zabbix-agent"
zabbix_agent_docker_image_tag: "ubuntu-{{ zabbix_version }}.{{ zabbix_version_patch }}"
zabbix_agent_docker_user_gid: 101
zabbix_agent_docker_user_uid: 101
zabbix_agent_docker_network_mode: host
zabbix_agent_docker_restart_policy: unless-stopped
zabbix_agent_docker_privileged: false
zabbix_agent_docker_ports:
- 10050:10050
zabbix_agent_docker_security_opts:
- apparmor:unconfined
zabbix_agent_docker_volumes:
- /etc/zabbix/zabbix_agentd.d:{{ zabbix_agent_include }}
- /:/hostfs:ro
- /etc:/hostfs/etc:ro
- /proc:/hostfs/proc:ro
- /sys:/hostfs/sys:ro
- /var/run:/var/run
zabbix_agent_docker_env:
ZBX_HOSTNAME: "{{ zabbix_agent_hostname }}"
ZBX_SERVER_HOST: "{{ zabbix_agent_server }}"
ZBX_PASSIVE_ALLOW: "{{ zabbix_agent_serverpassive_allow | default(omit) }}"
ZBX_PASSIVESERVERS: "{{ zabbix_agent_serverpassive | default(omit) }}"
ZBX_ACTIVE_ALLOW: "{{ zabbix_agent_serveractive_allow | default(omit) }}"
ZBX_LOADMODULE: "{{ zabbix_agent_loadmodule | default(omit) }}"
ZBX_DEBUGLEVEL: "{{ zabbix_agent_debuglevel }}"
ZBX_TIMEOUT: "{{ zabbix_agent_timeout }}"
ZBX_SOURCEIP: "{{ zabbix_agent_sourceip | default(omit) }}"
ZBX_ENABLEREMOTECOMMANDS: "{{ zabbix_agent_enableremotecommands | default(omit) }}"
ZBX_LOGREMOTECOMMANDS: "{{ zabbix_agent_logremotecommands | default(omit) }}"
ZBX_STARTAGENTS: "{{ zabbix_agent_startagents | default(omit) }}"
ZBX_HOSTNAMEITEM: "{{ zabbix_agent_hostnameitem | default(omit) }}"
ZBX_METADATA: "{{ zabbix_agent_hostmetadata | default(omit) }}"
ZBX_METADATAITEM: "{{ zabbix_agent_hostmetadataitem | default(omit) }}"
ZBX_REFRESHACTIVECHECKS: "{{ zabbix_agent_refreshactivechecks | default(omit) }}"
ZBX_BUFFERSEND: "{{ zabbix_agent_buffersend | default(omit) }}"
ZBX_BUFFERSIZE: "{{ zabbix_agent_buffersize | default(omit) }}"
ZBX_MAXLINESPERSECOND: "{{ zabbix_agent_maxlinespersecond | default(omit) }}"
ZBX_LISTENIP: "{{ zabbix_agent_listenip }}"
ZBX_UNSAFEUSERPARAMETERS: "{{ zabbix_agent_unsafeuserparameters | default(omit) }}"
ZBX_TLSCONNECT: "{{ zabbix_agent_tlsconnect | default(omit) }}"
ZBX_TLSACCEPT: "{{ zabbix_agent_tlsaccept | default(omit) }}"
ZBX_TLSCAFILE: "{{ zabbix_agent_tlscafile | default(omit) }}"
ZBX_TLSCRLFILE: "{{ zabbix_agent_tlscrlfile | default(omit) }}"
ZBX_TLSSERVERCERTISSUER: "{{ zabbix_agent_tlsservercertissuer | default(omit) }}"
ZBX_TLSSERVERCERTSUBJECT: "{{ zabbix_agent_tlsservercertsubject | default(omit) }}"
ZBX_TLSCERTFILE: "{{ zabbix_agent_tlscertfile | default(omit) }}"
ZBX_TLSKEYFILE: "{{ zabbix_agent_tlskeyfile | default(omit) }}"
ZBX_TLSPSKIDENTITY: "{{ zabbix_agent_tlspskidentity | default(omit) }}"

3
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/files/sample.conf Normal file
View File

@@ -0,0 +1,3 @@
# This is an sample userparameters file.
UserParameter=mysql.ping_to,mysqladmin -uroot ping | grep -c alive

0
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/files/win_sample/doSomething.ps1 Normal file
View File

40
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/handlers/main.yml Normal file
View File

@@ -0,0 +1,40 @@
---
# handlers file for zabbix-agent
- name: restart zabbix-agent
service:
name: "{{ zabbix_agent_service }}"
state: restarted
enabled: true
become: true
when:
- not zabbix_agent_docker
- zabbix_agent_os_family != "Windows" and zabbix_agent_os_family != "Darwin"
- name: firewalld-reload
command: "firewall-cmd --reload"
become: true
when:
- ansible_facts.services["firewalld"] is defined
- ansible_facts.services["firewalld"].state == "running"
- name: restart win zabbix agent
win_service:
name: "{{ zabbix_win_svc_name }}"
state: restarted
when:
- zabbix_agent_os_family == "Windows"
- name: restart mac zabbix agent
command: "launchctl kickstart -k system/{{ zabbix_agent_service }}"
become: true
when:
- not zabbix_agent_docker
- zabbix_agent_os_family == "Darwin"
- name: "clean repo files from proxy creds"
shell: ls /etc/yum.repos.d/zabbix* && sed -i 's/^proxy =.*//' /etc/yum.repos.d/zabbix* || true
become: true
when:
- ansible_os_family == 'RedHat'
- zabbix_http_proxy is defined or zabbix_https_proxy is defined

42
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/meta/main.yml Normal file
View File

@@ -0,0 +1,42 @@
---
galaxy_info:
author: Werner Dijkerman
description: Installing and maintaining zabbix-agent for RedHat/Debian/Ubuntu/Windows/Suse.
company: myCompany.Dotcom
license: MIT
min_ansible_version: 2.7
platforms:
- name: EL
versions:
- 5
- 6
- 7
- name: Ubuntu
versions:
- lucid
- precise
- trusty
- xenial
- bionic
- name: Debian
versions:
- squeeze
- wheezy
- jessie
- stretch
- buster
- name: opensuse
versions:
- 12.1
- 12.2
- 12.3
- 13.1
- 13.2
- name: Windows
versions:
- all
galaxy_tags:
- zabbix
- monitoring
dependencies: []

14
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/Dockerfile.j2 Normal file
View File

@@ -0,0 +1,14 @@
# Molecule managed
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi

26
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/INSTALL.rst Normal file
View File

@@ -0,0 +1,26 @@
********************************
Docker driver installation guide
********************************
Requirements
============
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
* Docker Engine
* docker-py
* docker
Install
=======
Ansible < 2.6
.. code-block:: bash
$ sudo pip install docker-py
Ansible >= 2.6
.. code-block:: bash
$ sudo pip install docker

81
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/molecule.yml Normal file
View File

@@ -0,0 +1,81 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
platforms:
- name: zabbix-server-centos
image: milcom/centos7-systemd:latest
groups:
- zabbix_server
- mysql
privileged: true
networks:
- name: zabbix
published_ports:
- "80:80"
- name: zabbix-agent-centos
image: milcom/centos7-systemd:latest
groups:
- zabbix_agent
privileged: true
networks:
- name: zabbix
- name: zabbix-agent-debian
image: minimum2scp/systemd-stretch:latest
command: /sbin/init
groups:
- zabbix_agent
privileged: true
networks:
- name: zabbix
- name: zabbix-agent-ubuntu
image: solita/ubuntu-systemd:bionic
groups:
- zabbix_agent
privileged: true
networks:
- name: zabbix
provisioner:
name: ansible
playbooks:
docker:
create: ../default/create.yml
destroy: ../default/destroy.yml
lint:
name: ansible-lint
inventory:
group_vars:
all:
zabbix_agent_src_reinstall: false
zabbix_api_create_hosts: true
zabbix_api_create_hostgroup: true
zabbix_api_server_url: http://zabbix-server-centos
zabbix_apache_servername: zabbix-server-centos
mysql:
zabbix_server_database: mysql
zabbix_server_database_long: mysql
zabbix_server_dbport: 3306
database_type: mysql
database_type_long: mysql
host_vars:
zabbix-agent-fedora:
ansible_python_interpreter: /usr/bin/python3
zabbix-agent-ubuntu:
zabbix_agent_tlsaccept: psk
zabbix_agent_tlsconnect: psk
zabbix_agent_tlspskidentity: "myhost PSK"
zabbix_agent_tlspsk_secret: b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d
zabbix_agent_tlspskfile: /etc/zabbix/zabbix_agent_pskfile.psk
scenario:
name: with-server
verifier:
name: testinfra
lint:
name: flake8

24
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/playbook.yml Normal file
View File

@@ -0,0 +1,24 @@
---
- name: Converge
hosts: all:!zabbix_server
pre_tasks:
- name: "Get IP Server"
shell: grep $(hostname) /etc/hosts | awk '{ print $1 }' | tail -n 1
register: ip_address
delegate_to: zabbix-server-centos
changed_when: false
tags:
- skip_ansible_lint
- name: "Get IP hosts"
shell: grep $(hostname) /etc/hosts | awk '{ print $1 }' | tail -n 1
register: ip_address_host
changed_when: false
tags:
- skip_ansible_lint
roles:
- role: zabbix_agent
zabbix_agent_ip: "{{ ip_address_host.stdout }}"
zabbix_agent_server: "{{ ip_address.stdout }}"
zabbix_agent_serveractive: "{{ ip_address.stdout }}"

114
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/prepare.yml Normal file
View File

@@ -0,0 +1,114 @@
---
- name: Prepare
hosts: zabbix_server
pre_tasks:
- name: "Installing EPEL"
yum:
name:
- epel-release
state: present
when: ansible_distribution == 'CentOS'
- name: "Installing packages"
yum:
name:
- net-tools
- which
- libselinux-python
- python-pip
state: present
register: installation_dependencies
when: ansible_distribution == 'CentOS'
- name: "Installing which on NON-CentOS"
apt:
name:
- net-tools
- python-pip
- curl
state: present
when: ansible_distribution != 'CentOS'
- name: "Configure SUDO."
lineinfile:
dest: /etc/sudoers
line: "Defaults !requiretty"
state: present
- name: "Make sure the docs are installed."
lineinfile:
dest: /etc/yum.conf
line: "tsflags=nodocs"
state: absent
- name: "Installing some python dependencies"
pip:
name: py-zabbix
state: present
roles:
- role: geerlingguy.mysql
- role: zabbix_server
- role: zabbix_web
- name: Prepare
hosts: all:!zabbix_server:!docker
tasks:
- name: "Installing packages on CentOS family"
yum:
name:
- net-tools
- which
state: present
when:
- ansible_os_family == 'RedHat'
- name: "Installing packages on Debian family"
apt:
name:
- net-tools
state: present
when:
- ansible_os_family == 'Debian'
- name: Converge
hosts: docker
tasks:
- name: "Download Docker CE repo file"
get_url:
url: https://download.docker.com/linux/centos/docker-ce.repo
dest: /etc/yum.repos.d/docker-ce.repo
mode: 0644
register: zabbix_agent_prepare_docker_repo
until: zabbix_agent_prepare_docker_repo is succeeded
- name: "Installing Epel"
package:
pkg:
- epel-release
state: present
register: zabbix_agent_prepare_docker_install
until: zabbix_agent_prepare_docker_install is succeeded
- name: "Installing Docker"
package:
pkg:
- docker-ce
- python-pip
- python-setuptools
state: present
register: zabbix_agent_prepare_docker_install
until: zabbix_agent_prepare_docker_install is succeeded
- name: "Installing Docker Python"
pip:
name:
- docker
state: present
register: zabbix_agent_prepare_docker_install
until: zabbix_agent_prepare_docker_install is succeeded
- name: "Starting Docker service"
service:
name: docker
state: started

5
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/requirements.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- src: geerlingguy.apache
- src: geerlingguy.mysql
- src: dj-wasabi.zabbix-server
- src: dj-wasabi.zabbix-web

BIN
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/tests/__pycache__/test_agent.cpython-310.pyc Normal file
View File

Binary file not shown.

BIN
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/tests/__pycache__/test_default.cpython-310.pyc Normal file
View File

Binary file not shown.

44
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/tests/test_agent.py Normal file
View File

@@ -0,0 +1,44 @@
import os
from zabbix_api import ZabbixAPI
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('zabbix_agent')
def authenticate():
zapi = ZabbixAPI(server='http://zabbix-server-centos/api_jsonrpc.php')
zapi.login("Admin", "zabbix")
return zapi
def test_psk_host(host):
zapi = authenticate()
hostname = host.check_output('hostname -s')
host_name = "zabbix-agent-ubuntu"
server_data = zapi.host.get({'output': 'extend', 'selectInventory': 'extend', 'filter': {'host': [hostname]}})
if hostname == host_name:
assert server_data[0]['tls_psk'] == "b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d"
assert server_data[0]['tls_psk_identity'] == "myhost PSK"
assert server_data[0]['tls_accept'] == "2"
else:
assert server_data[0]['tls_psk'] == ""
assert server_data[0]['tls_psk_identity'] == ""
assert server_data[0]['tls_accept'] == "1"
def test_zabbix_agent_psk(host):
hostname = host.check_output('hostname -s')
host_name = "zabbix-agent-ubuntu"
psk_file = host.file("/etc/zabbix/zabbix_agent_pskfile.psk")
if hostname == host_name:
assert psk_file.user == "zabbix"
assert psk_file.group == "zabbix"
assert psk_file.mode == 0o400
assert psk_file.contains("b7e3d380b9d400676d47198ecf3592ccd4795a59668aa2ade29f0003abbbd40d")
else:
assert not psk_file.exists

41
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/molecule/with-server/tests/test_default.py Normal file
View File

@@ -0,0 +1,41 @@
import os
from zabbix_api import ZabbixAPI
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('zabbix_server')
def authenticate():
zapi = ZabbixAPI(server='http://zabbix-server-centos/api_jsonrpc.php')
zapi.login("Admin", "zabbix")
return zapi
def get_hosts():
return [
"zabbix-agent-debian",
"zabbix-agent-ubuntu",
"zabbix-agent-centos",
"zabbix-agent-docker-centos"
]
def test_hosts():
zapi = authenticate()
hosts = get_hosts()
servers = zapi.host.get({'output': ["hostid", "name"]})
for server in servers:
if server['name'] != 'Zabbix server':
assert server['name'] in hosts
def test_hosts_status():
zapi = authenticate()
servers = zapi.host.get({'output': ["status", "name"]})
for server in servers:
if server['name'] != 'Zabbix server':
assert int(server['status']) == 0

177
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Darwin.yml Normal file
View File

@@ -0,0 +1,177 @@
---
- name: "Set default ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4'].address }}"
when:
- zabbix_agent_ip is not defined
- "'ansible_default_ipv4' in hostvars[inventory_hostname]"
- name: "Get Total Private IP Addresses"
set_fact:
total_private_ip_addresses: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('private') | length }}"
when:
- ansible_all_ipv4_addresses is defined
- name: "Set first public ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('public') | first }}"
zabbix_agent_server: "{{ zabbix_agent_server_public_ip | default(zabbix_agent_server) }}"
zabbix_agent_serveractive: "{{ zabbix_agent_serveractive_public_ip | default(zabbix_agent_serveractive) }}"
zabbix_agent2_server: "{{ zabbix_agent_server_public_ip | default(zabbix_agent2_server) }}"
zabbix_agent2_serveractive: "{{ zabbix_agent_serveractive_public_ip | default(zabbix_agent2_serveractive) }}"
when:
- zabbix_agent_ip is not defined
- total_private_ip_addresses is defined
- total_private_ip_addresses == '0'
- name: "Set first private ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('private') | first }}"
when:
- zabbix_agent_ip is not defined
- total_private_ip_addresses is defined
- total_private_ip_addresses != '0'
- name: "Fail invalid specified agent_listeninterface"
fail:
msg: "The specified network interface does not exist"
when:
- zabbix_agent_listeninterface
- (zabbix_agent_listeninterface not in ansible_all_ipv4_addresses)
tags:
- zabbix-agent
- config
- name: "Set network interface"
set_fact:
network_interface: ansible_{{ zabbix_agent_listeninterface }}
when:
- zabbix_agent_listeninterface
- not zabbix_agent_listenip
- name: "Get IP of agent_listeninterface when no agent_listenip specified"
set_fact:
zabbix_agent_listenip: "{{ hostvars[inventory_hostname][network_interface]['ipv4'].address | default('0.0.0.0') }}"
zabbix_agent_ip: "{{ hostvars[inventory_hostname][network_interface]['ipv4'].address | default('0.0.0.0') }}"
when:
- zabbix_agent_listeninterface
- not zabbix_agent_listenip
tags:
- zabbix-agent
- config
- api
- name: "Default agent_listenip to all when not specified"
set_fact:
zabbix_agent_listenip: '0.0.0.0'
when:
- not zabbix_agent_listenip
tags:
- zabbix-agent
- config
- name: "Fail invalid specified agent_listenip"
fail:
msg: "The agent_listenip does not exist"
when:
- zabbix_agent_listenip != '0.0.0.0'
- zabbix_agent_listenip != '127.0.0.1'
- (zabbix_agent_listenip not in ansible_all_ipv4_addresses)
tags:
- zabbix-agent
- config
- name: "Installing Agent"
include_tasks: macOS.yml
tags:
- always
- name: "Configure zabbix-agent"
template:
src: zabbix_agentd.conf.j2
dest: "/usr/local/etc/zabbix/{{ zabbix_agent_conf }}"
owner: root
group: wheel
mode: 0644
notify:
- restart mac zabbix agent
become: true
when:
- not (zabbix_agent_docker | bool)
tags:
- zabbix-agent
- config
- init
- name: "Create directory for PSK file if not exist."
file:
path: "{{ zabbix_agent_tlspskfile | dirname }}"
mode: 0755
state: directory
become: true
when:
- zabbix_agent_tlspskfile is defined
- name: "Place TLS PSK File"
copy:
dest: "{{ zabbix_agent_tlspskfile }}"
content: "{{ zabbix_agent_tlspsk_secret }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspsk_secret is defined
notify:
- restart mac zabbix agent
- name: "Create include dir zabbix-agent"
file:
path: "{{ zabbix_agent_include }}"
owner: root
group: zabbix
mode: 0750
state: directory
become: true
tags:
- config
- include
- name: "Create pid file directory for zabbix-agent"
file:
path: /var/run/zabbix
state: directory
owner: zabbix
group: zabbix
mode: 0755
become: true
- name: "Install the Docker container"
include_tasks: Docker.yml
when:
- zabbix_agent_docker | bool
- name: "Check if zabbix-agent service is running"
shell: |
set -o pipefail
launchctl list | grep com.zabbix.zabbix_agentd | awk '{print $1}'
register: launchctl_pid
check_mode: false
changed_when: false
failed_when: launchctl_pid.rc == 2
become: true
tags:
- init
- service
- name: "Make sure the zabbix-agent service is running"
command: launchctl start com.zabbix.zabbix_agentd
become: true
when:
- not (zabbix_agent_docker | bool)
- launchctl_pid.stdout == "-"
tags:
- init
- service

259
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,259 @@
---
# Tasks specific for Debian/Ubuntu Systems
- name: "Include Zabbix gpg ids"
include_vars: zabbix.yml
- name: "Set short version name"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
zabbix_underscore_version: "{{ zabbix_version | regex_replace('\\.', '_') }}"
- name: "Debian | Installing gnupg"
apt:
pkg: gnupg
update_cache: true
cache_valid_time: 3600
force: true
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: gnupg_installed
until: gnupg_installed is succeeded
become: true
- name: "Debian | Install gpg key"
apt_key:
id: "{{ sign_keys[zabbix_short_version][zabbix_agent_distribution_release]['sign_key'] }}"
url: http://repo.zabbix.com/zabbix-official-repo.key
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Check for zabbix repositories"
find:
paths: /etc/apt/sources.list.d
patterns: repo_zabbix_com_zabbix*.list
excludes: "repo_zabbix_com_zabbix_{{ zabbix_underscore_version }}_ubuntu.list"
register: repositories
become: true
when:
- ansible_distribution in ['Ubuntu', 'Debian']
- zabbix_repo == "zabbix"
tags:
- zabbix-agent
- init
- name: "Debian | Remove unecessary zabbix repositories"
file:
path: "{{ item.path }}"
state: absent
loop: "{{ repositories.files }}"
when:
- ansible_distribution in ['Ubuntu', 'Debian']
- zabbix_repo == "zabbix"
- zabbix_agent_src_reinstall
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing deb-src repository Debian"
apt_repository:
repo: "deb-src http://repo.zabbix.com/zabbix/{{ zabbix_version }}/debian/ {{ zabbix_agent_distribution_release }} main"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution == "Debian"
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing deb repository Debian"
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_version }}/debian/ {{ zabbix_agent_distribution_release }} main"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution == "Debian"
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing deb-src repository Ubuntu Arm64"
apt_repository:
repo: "deb-src http://repo.zabbix.com/zabbix/{{ zabbix_version }}/ubuntu-arm64/ {{ zabbix_agent_distribution_release }} main"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution == "Ubuntu"
- ansible_machine == "aarch64"
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing deb repository Ubuntu Arm64"
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_version }}/ubuntu-arm64/ {{ zabbix_agent_distribution_release }} main"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution == "Ubuntu"
- ansible_machine == "aarch64"
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing deb-src repository Ubuntu"
apt_repository:
repo: "deb-src http://repo.zabbix.com/zabbix/{{ zabbix_version }}/ubuntu/ {{ zabbix_agent_distribution_release }} main"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution == "Ubuntu"
- ansible_machine != "aarch64"
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing deb repository Ubuntu"
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_version }}/ubuntu/ {{ zabbix_agent_distribution_release }} main"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution == "Ubuntu"
- ansible_machine != "aarch64"
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Create /etc/apt/preferences.d/"
file:
path: /etc/apt/preferences.d/
state: directory
mode: '0755'
when:
- zabbix_agent_apt_priority | int
become: true
- name: "Debian | Configuring the weight for APT"
copy:
dest: "/etc/apt/preferences.d/zabbix-agent-{{ zabbix_underscore_version }}"
content: |
Package: {{ zabbix_agent_package }}
Pin: origin repo.zabbix.com
Pin-Priority: {{ zabbix_agent_apt_priority | int }}
owner: root
mode: '0644'
when:
- zabbix_agent_apt_priority | int
become: true
# Note: set cache_valid_time=0 to ensure that an apt-get update after the added repo-key
# else you often get 'WARNING: The following packages cannot be authenticated!
# See also:
# http://askubuntu.com/questions/75565/why-am-i-getting-authentication-errors-for-packages-from-an-ubuntu-repository
- name: "Debian | Installing zabbix-agent"
apt:
pkg: "{{ zabbix_agent_package }}"
state: "{{ zabbix_agent_package_state }}"
update_cache: true
cache_valid_time: 0
force_apt_get: "{{ zabbix_apt_force_apt_get }}"
install_recommends: "{{ zabbix_apt_install_recommends }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when: ansible_distribution in ['Ubuntu', 'Debian']
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Installing zabbix-{sender,get}"
apt:
pkg:
- "{{ zabbix_sender_package }}"
- "{{ zabbix_get_package }}"
state: "{{ zabbix_agent_package_state }}"
update_cache: true
cache_valid_time: 0
force_apt_get: "{{ zabbix_apt_force_apt_get }}"
install_recommends: "{{ zabbix_apt_install_recommends }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- ansible_distribution in ['Ubuntu', 'Debian']
- not zabbix_agent_install_agent_only
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
become: true
check_mode: false
tags:
- zabbix-agent
- init
- name: "Mint | Installing zabbix-agent"
apt:
pkg: "zabbix-agent"
state: "{{ zabbix_agent_package_state }}"
update_cache: true
cache_valid_time: 0
force_apt_get: "{{ zabbix_apt_force_apt_get }}"
install_recommends: "{{ zabbix_apt_install_recommends }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when: ansible_distribution not in ['Ubuntu', 'Debian']
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
become: true
tags:
- zabbix-agent
- init
- name: "Debian | Enable the service"
service:
name: "{{ zabbix_agent_service }}"
enabled: true
use: service
become: true
tags:
- zabbix-agent
- init
- service

33
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Docker.yml Normal file
View File

@@ -0,0 +1,33 @@
---
- name: "Create volume mount string"
set_fact:
volume_mount: "{{ zabbix_agent_tlspskfile }}:/var/lib/zabbix/enc/tlspskfile"
tls_key:
ZBX_TLSPSKFILE: tlspskfile
when:
- zabbix_agent_tlspskfile is defined
- name: "Add zabbix_agent_tlspskfile to volume mount"
set_fact:
zabbix_agent_docker_volumes: "{{ zabbix_agent_docker_volumes + [ volume_mount ] }}"
zabbix_agent_docker_env: "{{ zabbix_agent_docker_env | combine(tls_key) }}"
when:
- zabbix_agent_tlspskfile is defined
- name: "Ensure Zabbix Docker container is running"
community.docker.docker_container:
name: "{{ zabbix_agent_docker_name }}"
image: "{{ zabbix_agent_docker_image }}:{{ zabbix_agent_docker_image_tag }}"
state: "{{ zabbix_agent_docker_state }}"
restart_policy: "{{ zabbix_agent_docker_restart_policy }}"
network_mode: "{{ zabbix_agent_docker_network_mode }}"
published_ports: "{{ zabbix_agent_docker_ports }}"
privileged: "{{ zabbix_agent_docker_privileged }}"
security_opts: "{{ zabbix_agent_docker_security_opts }}"
volumes: "{{ zabbix_agent_docker_volumes }}"
env: "{{ zabbix_agent_docker_env }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true

228
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Linux.yml Normal file
View File

@@ -0,0 +1,228 @@
---
- name: "Set default ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4'].address }}"
when:
- zabbix_agent_ip is not defined
- "'ansible_default_ipv4' in hostvars[inventory_hostname]"
- name: "Get Total Private IP Addresses"
set_fact:
total_private_ip_addresses: "{{ ansible_all_ipv4_addresses | ansible.utils.ipaddr('private') | length }}"
when:
- ansible_all_ipv4_addresses is defined
- not (zabbix_agent_dont_detect_ip)
- name: "Set first public ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('public') | first }}"
zabbix_agent_server: "{{ zabbix_agent_server_public_ip | default(zabbix_agent_server) }}"
zabbix_agent_serveractive: "{{ zabbix_agent_serveractive_public_ip | default(zabbix_agent_serveractive) }}"
zabbix_agent2_server: "{{ zabbix_agent_server_public_ip | default(zabbix_agent2_server) }}"
zabbix_agent2_serveractive: "{{ zabbix_agent_serveractive_public_ip | default(zabbix_agent2_serveractive) }}"
when:
- zabbix_agent_ip is not defined
- total_private_ip_addresses is defined
- total_private_ip_addresses == '0'
- name: "Set first private ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('private') | first }}"
when:
- zabbix_agent_ip is not defined
- total_private_ip_addresses is defined
- total_private_ip_addresses != '0'
- name: "Fail invalid specified agent_listeninterface"
fail:
msg: "The specified network interface does not exist"
when:
- (zabbix_agent_listeninterface)
- (zabbix_agent_listeninterface not in ansible_interfaces)
tags:
- zabbix-agent
- config
- name: "Set network interface"
set_fact:
network_interface: ansible_{{ zabbix_agent_listeninterface }}
when:
- (zabbix_agent_listeninterface)
- not zabbix_agent_listenip
- name: "Get IP of agent_listeninterface when no agent_listenip specified"
set_fact:
zabbix_agent_listenip: "{{ hostvars[inventory_hostname][network_interface]['ipv4'].address | default('0.0.0.0') }}"
when:
- (zabbix_agent_listeninterface)
- not zabbix_agent_listenip
tags:
- zabbix-agent
- config
- api
- name: "Default agent_listenip to all when not specified"
set_fact:
zabbix_agent_listenip: '0.0.0.0'
when:
- not (zabbix_agent_listenip)
tags:
- zabbix-agent
- config
- name: "Fail invalid specified agent_listenip"
fail:
msg: "The agent_listenip does not exist"
when:
- zabbix_agent_listenip != '0.0.0.0'
- zabbix_agent_listenip != '127.0.0.1'
- (zabbix_agent_listenip not in ansible_all_ipv4_addresses)
tags:
- zabbix-agent
- config
- name: "Configure SELinux when enabled"
include_tasks: selinux.yml
when:
- zabbix_selinux | bool
- name: "Adding zabbix group"
group:
name: zabbix
state: present
gid: "{{ zabbix_agent_docker_user_gid | default(omit) }}"
become: true
when:
- zabbix_agent_docker | bool
- name: "Adding zabbix user"
user:
name: zabbix
group: zabbix
state: present
create_home: false
home: /etc/zabbix
uid: "{{ zabbix_agent_docker_user_uid | default(omit) }}"
system: true
become: true
when:
- zabbix_agent_docker | bool
- name: "Configure zabbix-agent"
template:
src: "{{ 'zabbix_agentd.conf.j2' if not zabbix_agent2 else 'zabbix_agent2.conf.j2' }}"
dest: "/etc/zabbix/{{ zabbix_agent_conf if not zabbix_agent2 else zabbix_agent2_conf }}"
owner: root
group: root
mode: "{{ zabbix_agent_conf_mode }}"
notify:
- restart zabbix-agent
become: true
when:
- not (zabbix_agent_docker | bool)
tags:
- zabbix-agent
- config
- init
- name: "Create directory for PSK file if not exist."
file:
path: "{{ zabbix_agent_tlspskfile | dirname }}"
mode: 0755
state: directory
become: true
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
- not (zabbix_agent2 | bool)
- name: "Create directory for PSK file if not exist (zabbix-agent2)"
file:
path: "{{ zabbix_agent2_tlspskfile | dirname }}"
mode: 0755
state: directory
become: true
when:
- zabbix_agent2_tlspskfile is defined
- zabbix_agent2_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
- zabbix_agent2 | bool
- name: "Place TLS PSK File"
copy:
dest: "{{ zabbix_agent_tlspskfile }}"
content: "{{ zabbix_agent_tlspsk_secret }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
- zabbix_agent_tlspsk_secret is defined
- not (zabbix_agent2 | bool)
notify:
- restart zabbix-agent
- name: "Place TLS PSK File (zabbix-agent2)"
copy:
dest: "{{ zabbix_agent2_tlspskfile }}"
content: "{{ zabbix_agent2_tlspsk_secret }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent2_tlspskfile is defined
- zabbix_agent2_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
- zabbix_agent2_tlspsk_secret is defined
- zabbix_agent2 | bool
notify:
- restart zabbix-agent
- name: "Create include dir zabbix-agent"
file:
path: "{{ zabbix_agent_include if not zabbix_agent2 else zabbix_agent2_include }}"
owner: root
group: zabbix
mode: "{{ zabbix_agent_include_mode if not zabbix_agent2 else zabbix_agent2_include_mode }}"
state: directory
become: true
tags:
- config
- include
- name: "Install the Docker container"
include_tasks: Docker.yml
when:
- zabbix_agent_docker | bool
- name: "Configure the firewall(d|iptables)"
include_tasks: firewall.yml
when:
- (zabbix_agent_firewall_enable | bool) or (zabbix_agent_firewalld_enable | bool)
- name: "Remove zabbix-agent installation when zabbix-agent2 is used."
include_tasks: remove.yml
when:
- zabbix_agent2 | bool
- zabbix_agent_package_remove
- name: "Make sure the zabbix-agent service is running"
service:
name: "{{ zabbix_agent_service }}"
state: started
enabled: true
become: true
when:
- not (zabbix_agent_docker | bool)
tags:
- init
- service
- name: "Give zabbix-agent access to system.hw.chassis info"
file:
path: /sys/firmware/dmi/tables/DMI
owner: root
group: zabbix
when: zabbix_agent_chassis | bool

165
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,165 @@
---
# Tasks specific for RedHat systems
- name: "RedHat | Use EPEL package name"
set_fact:
zabbix_agent_package: "zabbix{{ zabbix_version | regex_replace('\\.', '') }}-agent"
zabbix_sender_package: "zabbix{{ zabbix_version | regex_replace('\\.', '') }}-sender"
zabbix_get_package: "zabbix{{ zabbix_version | regex_replace('\\.', '') }}-get"
when:
- zabbix_repo == "epel"
tags:
- zabbix-agent
- init
- name: "RedHat | Set zabbix_agent_distribution_major_version to 6 when Amazon"
set_fact:
zabbix_agent_distribution_major_version: 6
when:
- ansible_distribution == "Amazon"
- ansible_distribution_major_version == "NA"
- name: "RedHat | Set zabbix_agent_distribution_major_version to 6 when Major Version is 2018.03"
set_fact:
zabbix_agent_distribution_major_version: 6
when:
- ansible_distribution == "Amazon"
- ansible_distribution_major_version == "2018"
- name: "RedHat | Set zabbix_agent_distribution_major_version to 7 when Amazon 2"
set_fact:
zabbix_agent_distribution_major_version: 7
when:
- ansible_distribution == "Amazon"
- ansible_distribution_major_version == "2"
- name: "Fedora | Override zabbix_agent_distribution_major_version for Fedora <= 27"
set_fact:
zabbix_agent_distribution_major_version: 7
when:
- ansible_distribution == "Fedora"
- ansible_distribution_major_version <= "27"
- name: "Fedora | Override zabbix_agent_distribution_major_version for Fedora >= 27"
set_fact:
zabbix_agent_distribution_major_version: 8
when:
- ansible_distribution == "Fedora"
- ansible_distribution_major_version >= "27"
- name: "XCP-ng | Override zabbix_agent_distribution_major_version for XCP-ng"
set_fact:
zabbix_agent_distribution_major_version: 7
when:
- ansible_distribution == "XCP-ng"
- name: "RedHat | Install basic repo file"
yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
gpgcheck: "{{ item.gpgcheck }}"
gpgkey: "{{ item.gpgkey }}"
mode: "{{ item.mode | default('0644') }}"
priority: "{{ item.priority | default('98') }}"
state: "{{ item.state | default('present') }}"
proxy: "{{ zabbix_http_proxy | default(omit) }}"
with_items: "{{ zabbix_repo_yum }}"
register: yum_repo_installed
become: true
when:
zabbix_repo == "zabbix"
notify:
- "clean repo files from proxy creds"
tags:
- zabbix-agent
- name: "Do a yum clean"
shell: yum clean all
args:
warn: false
when: yum_repo_installed.changed
become: true
tags:
- skip_ansible_lint
- name: "RedHat | Installing zabbix-agent"
package:
pkg:
- "{{ zabbix_agent_package }}-{{ zabbix_agent_version }}.{{ zabbix_agent_version_minor }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
state: "{{ zabbix_agent_package_state }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
when:
zabbix_repo != "other"
become: true
tags:
- init
- zabbix-agent
- name: "RedHat | Installing zabbix-agent (When zabbix_repo == other)"
package:
pkg:
- "{{ zabbix_agent_package }}-{{ zabbix_agent_version }}.{{ zabbix_agent_version_minor }}"
state: "{{ zabbix_agent_package_state }}"
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
when:
zabbix_repo == "other"
become: true
tags:
- init
- zabbix-agent
- name: "RedHat | Installing zabbix-{sender,get}"
package:
pkg:
- "{{ zabbix_sender_package }}-{{ zabbix_agent_version }}.{{ zabbix_agent_version_minor }}"
- "{{ zabbix_get_package }}-{{ zabbix_agent_version }}.{{ zabbix_agent_version_minor }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
state: "{{ zabbix_agent_package_state }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
when:
- zabbix_repo not in ['epel', 'other']
- not zabbix_agent_install_agent_only
become: true
tags:
- init
- zabbix-agent
- name: "RedHat | Installing zabbix-{sender,get} (When zabbix_repo == other)"
package:
pkg:
- "{{ zabbix_sender_package }}-{{ zabbix_agent_version }}.{{ zabbix_agent_version_minor }}"
- "{{ zabbix_get_package }}-{{ zabbix_agent_version }}.{{ zabbix_agent_version_minor }}"
state: "{{ zabbix_agent_package_state }}"
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
when:
- zabbix_repo == "other"
- not zabbix_agent_install_agent_only
become: true
tags:
- init
- zabbix-agent
- name: "RedHat | Enable the service"
service:
name: "{{ zabbix_agent_service }}"
enabled: true
use: service
become: true
tags:
- zabbix-agent
- init
- service

55
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Suse.yml Normal file
View File

@@ -0,0 +1,55 @@
---
# Tasks specific for OpenSuse Systems
- name: "Include Zabbix gpg ids"
include_vars: zabbix.yml
- name: "Install zypper repo dependency"
community.general.zypper:
name:
- python-xml
- "{{ suse[ansible_distribution][zabbix_agent_distribution_major_version]['python_libxml2_package'] }}"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true
register: zabbix_agent_package_dependency
until: zabbix_agent_package_dependency is succeeded
- name: "Suse | Install basic repo file"
community.general.zypper_repository:
repo: "{{ suse[ansible_distribution][zabbix_agent_distribution_major_version]['url'] }}"
name: "{{ suse[ansible_distribution][zabbix_agent_distribution_major_version]['name'] }}"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
when:
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-agent
- init
- name: "Only install the Zabbix Agent"
set_fact:
zabbix_agent_packages:
- "{{ zabbix_agent_package }}"
when:
- zabbix_agent_install_agent_only
- name: "Suse | Install zabbix-agent"
community.general.zypper:
name: "{{ zabbix_agent_packages }}"
state: "{{ zabbix_agent_package_state }}"
disable_gpg_check: true
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_agent_package_installed
until: zabbix_agent_package_installed is succeeded
become: true
tags:
- zabbix-agent
- init

306
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Windows.yml Normal file
View File

@@ -0,0 +1,306 @@
---
- name: "Windows | Set default architecture"
set_fact:
windows_arch: 32
- name: "Windows | Override architecture if 64-bit"
set_fact:
windows_arch: 64
when:
- ansible_architecture == "64-bit"
- name: "Windows | Set path to zabbix.exe"
set_fact:
zabbix_win_exe_path: '{{ zabbix_win_install_dir }}\bin\win{{ windows_arch }}\zabbix_agentd.exe'
- name: "Windows | Set variables specific to Zabbix >= 4"
set_fact:
zabbix_win_svc_name: Zabbix Agent
zabbix_win_exe_path: '{{ zabbix_win_install_dir }}\bin\zabbix_agentd.exe'
zabbix_win_config_name: 'zabbix_agentd.conf'
zabbix2_win_svc_name: Zabbix Agent 2
zabbix2_win_exe_path: '{{ zabbix_win_install_dir }}\bin\zabbix_agent2.exe'
zabbix2_win_config_name: 'zabbix_agent2.conf'
when:
- zabbix_version_long is version('4.0.0', '>=')
- name: "Windows | Check if Zabbix agent is present"
ansible.windows.win_stat:
path: '{{ item }}'
with_items:
- "{{ zabbix_win_exe_path }}"
- "{{ zabbix2_win_exe_path }}"
register: agent_file_info
- name: "Windows | Get Installed Zabbix Agent Version"
community.windows.win_file_version:
path: "{{ item.item }}"
register: zabbix_win_exe_info
when:
- item.stat.exists | bool
with_items: "{{ agent_file_info.results }}"
- name: "Windows | Set facts current zabbix agent installation"
set_fact:
zabbix_agent_1_binary_exist: true
zabbix_agent_1_version: zabbix_win_exe_info.results[0].win_file_version.product_version
when:
- zabbix_win_exe_info.results[0] is defined
- zabbix_win_exe_info.results[0].item.stat.exists
- zabbix_win_exe_info.results[0].item.stat.path == zabbix_win_exe_path
- zabbix_win_exe_info.results[0].win_file_version.product_version
- name: "Windows | Set facts current zabbix agent installation (agent 2)"
set_fact:
zabbix_agent_2_binary_exist: true
zabbix_agent_2_version: zabbix_win_exe_info.results[1].win_file_version.product_version
when:
- zabbix_win_exe_info.results[1] is defined
- zabbix_win_exe_info.results[1].item.stat.exists
- zabbix_win_exe_info.results[1].item.stat.path == zabbix2_win_exe_path
- zabbix_win_exe_info.results[1].win_file_version.product_version
- name: "Windows | Check Zabbix service"
ansible.windows.win_service:
name: "{{ (item.item.stat.path == zabbix_win_exe_path ) | ternary(zabbix_win_svc_name,zabbix2_win_svc_name) }}"
register: zabbix_service_info
when: item.item.stat.exists
with_items: "{{ zabbix_win_exe_info.results }}"
- name: "Windows | Set facts about current zabbix agent service state"
set_fact:
zabbix_agent_1_service_exist: true
when:
- zabbix_service_info.results[0].exists is defined
- zabbix_service_info.results[0].exists
- zabbix_service_info.results[0].display_name == zabbix_win_svc_name
- name: "Windows | Set facts about current zabbix agent service state (agent 2)"
set_fact:
zabbix_agent_2_service_exist: true
when:
- zabbix_service_info.results[1].exists is defined
- zabbix_service_info.results[1].exists
- zabbix_service_info.results[1].display_name == zabbix2_win_svc_name
- name: "Windows | Set fact about version change requirement"
set_fact:
zabbix_agent_version_change: true
when: >
(zabbix_agent_1_binary_exist | default(false) and
zabbix_win_exe_info.results[0].win_file_version.product_version is version(zabbix_version_long, '<>'))
or
(zabbix_agent_2_binary_exist | default(false) and
zabbix_win_exe_info.results[1].win_file_version.product_version is version(zabbix_version_long, '<>'))
or (zabbix_agent_1_binary_exist | default(false) and zabbix_agent2)
or (zabbix_agent_2_binary_exist | default(false) and not zabbix_agent2)
##################
# delete section #
##################
- name: "Windows | Stop Zabbix agent v1"
ansible.windows.win_service:
name: "{{ zabbix_win_svc_name }}"
start_mode: auto
state: stopped
when:
- zabbix_agent_version_change | default(false) or zabbix_agent2
- zabbix_agent_1_service_exist | default(false)
- name: "Windows | Stop Zabbix agent v2"
ansible.windows.win_service:
name: "{{ zabbix2_win_svc_name }}"
start_mode: auto
state: stopped
when:
- zabbix_agent_version_change | default(false) or not zabbix_agent2
- zabbix_agent_2_service_exist | default(false)
- name: "Windows | Uninstall Zabbix v1"
ansible.windows.win_command: '"{{ zabbix_win_exe_path }}" --config "{{ zabbix_win_install_dir_conf }}\{{ zabbix_win_config_name }}" --uninstall'
when:
- zabbix_agent_version_change | default(false) or zabbix_agent2
- zabbix_agent_1_service_exist | default(false)
- name: "Windows | Uninstall Zabbix v2"
ansible.windows.win_command: '"{{ zabbix2_win_exe_path }}" --config "{{ zabbix_win_install_dir_conf }}\{{ zabbix2_win_config_name }}" --uninstall'
when:
- zabbix_agent_version_change | default(false) or not zabbix_agent2
- zabbix_agent_2_service_exist | default(false)
- name: "Windows | Removing Zabbix Directory"
ansible.windows.win_file:
path: '{{ zabbix_win_install_dir }}'
state: absent
when: ((zabbix_agent_version_change | default(false) or zabbix_agent2) and zabbix_agent_1_binary_exist | default(false)) or
((zabbix_agent_version_change | default(false) or not zabbix_agent2) and zabbix_agent_2_binary_exist | default(false))
###################
# install section #
###################
- name: "Windows | Create directory structure"
ansible.windows.win_file:
path: "{{ item }}"
state: directory
with_items:
- "{{ zabbix_win_install_dir }}"
- name: "Windows | Create directory structure, includes"
ansible.windows.win_file:
path: "{{ item }}"
state: directory
with_items:
- "{{ zabbix_agent_win_include }}"
when:
- ('.conf' not in zabbix_agent_win_include)
- name: "Windows | Set installation settings (agent 2)"
set_fact:
zabbix_win_package: "{{ zabbix2_win_package }}"
zabbix_win_download_link: "{{ zabbix2_win_download_link }}"
zabbix_win_exe_path: "{{ zabbix2_win_exe_path }}"
zabbix_win_config_name: "{{ zabbix2_win_config_name }}"
zabbix_win_svc_name: "{{ zabbix2_win_svc_name }}"
when: zabbix_agent2 | bool
- name: "Windows | Check if agent file is already downloaded"
ansible.windows.win_stat:
path: '{{ zabbix_win_install_dir }}\{{ zabbix_win_package }}'
register: file_info
- name: "Windows | Check if agent binaries in place"
ansible.windows.win_stat:
path: "{{ zabbix_win_exe_path }}"
register: zabbix_windows_binaries
- name: "Windows | Download Zabbix Agent Zip file"
ansible.windows.win_get_url:
url: "{{ zabbix_win_download_link }}"
dest: '{{ zabbix_win_install_dir }}\{{ zabbix_win_package }}'
url_username: "{{ zabbix_download_user | default(omit) }}"
url_password: "{{ zabbix_download_pass | default(omit) }}"
force: false
follow_redirects: all
proxy_url: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
validate_certs: "{{ zabbix_download_validate_certs | default(False) | bool }}"
timeout: "{{ zabbix_download_timeout | default(120) | int }}"
when:
- not file_info.stat.exists
- not zabbix_windows_binaries.stat.exists
register: zabbix_agent_win_download_zip
until: zabbix_agent_win_download_zip is succeeded
throttle: "{{ zabbix_download_throttle | default(5) | int }}"
- name: "Windows | Unzip file"
community.windows.win_unzip:
src: '{{ zabbix_win_install_dir }}\{{ zabbix_win_package }}'
dest: "{{ zabbix_win_install_dir }}"
creates: "{{ zabbix_win_exe_path }}"
- name: "Windows | Cleanup downloaded Zabbix Agent Zip file"
ansible.windows.win_file:
path: '{{ zabbix_win_install_dir }}\{{ zabbix_win_package }}'
state: absent
when:
- zabbix_agent_win_download_zip.changed
- name: "Windows | Copy binary files to expected location"
ansible.windows.win_copy:
src: "{{ zabbix_win_install_dir }}\\bin\\{{ item }}"
dest: "{{ zabbix_win_install_dir_bin }}\\{{ item }}"
remote_src: yes
loop:
- zabbix_agentd.exe
- zabbix_sender.exe
when:
- zabbix_win_install_dir_bin is defined
- not (zabbix_agent2 | bool)
- name: "Windows | Copy binary files to expected location (zabbix-agent2)"
ansible.windows.win_copy:
src: "{{ zabbix_win_install_dir }}\\bin\\{{ item }}"
dest: "{{ zabbix_win_install_dir_bin }}\\{{ item }}"
remote_src: yes
loop:
- zabbix_agent2.exe
when:
- zabbix_win_install_dir_bin is defined
- zabbix_agent2 | bool
- set_fact:
zabbix_win_exe_path: "{{ zabbix_win_install_dir_bin }}\\zabbix_agentd.exe"
when:
- zabbix_win_install_dir_bin is defined
- not (zabbix_agent2 | bool)
- set_fact:
zabbix_win_exe_path: "{{ zabbix_win_install_dir_bin }}\\zabbix_agent2.exe"
when:
- zabbix_win_install_dir_bin is defined
- zabbix_agent2 | bool
- name: "Create directory for PSK file if not exist."
win_file:
path: "{{ zabbix_agent_tlspskfile | win_dirname }}"
state: directory
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspskfile
- not (zabbix_agent2 | bool)
- name: "Create directory for PSK file if not exist (zabbix-agent2)"
win_file:
path: "{{ zabbix_agent2_tlspskfile | win_dirname }}"
state: directory
when:
- zabbix_agent2_tlspskfile is defined
- zabbix_agent2_tlspskfile
- zabbix_agent2 | bool
- name: "Place TLS PSK File"
win_copy:
dest: "{{ zabbix_agent_tlspskfile }}"
content: "{{ zabbix_agent_tlspsk_secret }}"
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspskfile
- zabbix_agent_tlspsk_secret is defined
- not (zabbix_agent2 | bool)
notify:
- restart win zabbix agent
- name: "Place TLS PSK File (zabbix-agent2)"
win_copy:
dest: "{{ zabbix_agent2_tlspskfile }}"
content: "{{ zabbix_agent2_tlspsk_secret }}"
when:
- zabbix_agent2_tlspskfile is defined
- zabbix_agent2_tlspskfile
- zabbix_agent2_tlspsk_secret is defined
- zabbix_agent2 | bool
notify:
- restart win zabbix agent
- name: "Windows | Check if windows service exist"
ansible.windows.win_service:
name: "{{ zabbix_win_svc_name }}"
register: zabbix_windows_service
- name: "Windows | Register Service"
ansible.windows.win_command: '"{{ zabbix_win_exe_path }}" --config "{{ zabbix_win_install_dir_conf }}\{{ zabbix_win_config_name }}" --install'
when: not zabbix_windows_service.exists
- name: "Windows | Set service startup mode to auto, ensure it is started and set auto-recovery"
ansible.windows.win_service:
name: "{{ zabbix_win_svc_name }}"
start_mode: auto
failure_actions:
- type: restart
delay_ms: 5000
- type: restart
delay_ms: 10000
- type: restart
delay_ms: 20000
failure_reset_period_sec: 86400

47
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/Windows_conf.yml Normal file
View File

@@ -0,0 +1,47 @@
---
- name: "Set default ip address for zabbix_agent_ip"
set_fact:
zabbix_agent_ip: "{{ hostvars[inventory_hostname]['ansible_ip_addresses'] | ansible.utils.ipv4 | first }}"
when:
- zabbix_agent_ip is not defined
- "'ansible_ip_addresses' in hostvars[inventory_hostname]"
- name: "Windows | Configure zabbix-agent"
ansible.windows.win_template:
src: "{{ zabbix_win_config_name }}.j2"
dest: "{{ zabbix_win_install_dir_conf }}\\{{ zabbix_win_config_name }}"
notify: restart win zabbix agent
- name: "Windows | Set service startup mode to auto, ensure it is started and set auto-recovery"
ansible.windows.win_service:
name: "{{ zabbix_win_svc_name }}"
start_mode: auto
state: started
failure_actions:
- type: restart
delay_ms: 5000
- type: restart
delay_ms: 10000
- type: restart
delay_ms: 20000
failure_reset_period_sec: 86400
- name: "Windows | Check firewall service"
ansible.windows.win_service_info:
name: MpsSvc
register: firewall_info
when: zabbix_win_firewall_management
- name: "Windows | Firewall rule"
community.windows.win_firewall_rule:
name: "{{ zabbix_win_svc_name }}"
localport: "{{ zabbix_agent_listenport }}"
action: allow
direction: in
protocol: tcp
state: present
enabled: true
when:
- zabbix_win_firewall_management
- firewall_info.services[0].state == 'started' or firewall_info.services[0].start_mode == 'auto'

108
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/api.yml Normal file
View File

@@ -0,0 +1,108 @@
---
- name: "API | Create host groups"
community.zabbix.zabbix_group:
host_group: "{{ zabbix_host_groups }}"
state: "{{ zabbix_agent_hostgroups_state }}"
validate_certs: "{{ zabbix_api_validate_certs|default(omit) }}"
timeout: "{{ zabbix_api_timeout }}"
when:
- zabbix_api_create_hostgroup | bool
register: zabbix_api_hostgroup_created
until: zabbix_api_hostgroup_created is succeeded
delegate_to: "{{ zabbix_api_server_host }}"
become: false
tags:
- api
- name: "API | Create a new host or update an existing host's info"
community.zabbix.zabbix_host:
host_name: "{{ zabbix_agent_hostname }}"
host_groups: "{{ zabbix_host_groups }}"
link_templates: "{{ zabbix_agent_link_templates }}"
status: "{{ zabbix_host_status }}"
state: "{{ zabbix_agent_host_state }}"
force: "{{ zabbix_agent_host_update }}"
proxy: "{{ zabbix_agent_proxy }}"
inventory_mode: "{{ zabbix_agent_inventory_mode }}"
interfaces: "{{ zabbix_agent_interfaces }}"
visible_name: "{{ zabbix_agent_visible_hostname | default(zabbix_agent_hostname) }}"
tls_psk: "{{ zabbix_agent_tlspsk_secret | default(omit) }}"
tls_psk_identity: "{{ zabbix_agent_tlspskidentity | default(omit) }}"
tls_issuer: "{{ zabbix_agent_tlsservercertissuer | default(omit) }}"
tls_subject: "{{ zabbix_agent_tls_subject | default(omit) }}"
tls_accept: "{{ zabbix_agent_tls_config[zabbix_agent_tlsaccept if zabbix_agent_tlsaccept else 'unencrypted'] }}"
tls_connect: "{{ zabbix_agent_tls_config[zabbix_agent_tlsconnect if zabbix_agent_tlsconnect else 'unencrypted'] }}"
validate_certs: "{{ zabbix_api_validate_certs | default(omit) }}"
timeout: "{{ zabbix_api_timeout }}"
description: "{{ zabbix_agent_description | default(omit) }}"
inventory_zabbix: "{{ zabbix_agent_inventory_zabbix | default({}) }}"
ipmi_authtype: "{{ zabbix_agent_ipmi_authtype | default(omit) }}"
ipmi_password: "{{ zabbix_agent_ipmi_password| default(omit) }}"
ipmi_privilege: "{{ zabbix_agent_ipmi_privilege | default(omit) }}"
ipmi_username: "{{ zabbix_agent_ipmi_username | default(omit) }}"
tags: "{{ zabbix_agent_tags }}"
when:
- not zabbix_agent2
register: zabbix_api_host_created
until: zabbix_api_host_created is succeeded
delegate_to: "{{ zabbix_api_server_host }}"
become: false
changed_when: false
tags:
- api
- name: "API | Create a new host using agent2 or update an existing host's info"
community.zabbix.zabbix_host:
host_name: "{{ zabbix_agent2_hostname }}"
host_groups: "{{ zabbix_host_groups }}"
link_templates: "{{ zabbix_agent_link_templates }}"
status: "{{ zabbix_host_status }}"
state: "{{ zabbix_agent_host_state }}"
force: "{{ zabbix_agent_host_update }}"
proxy: "{{ zabbix_agent_proxy }}"
inventory_mode: "{{ zabbix_agent_inventory_mode }}"
interfaces: "{{ zabbix_agent_interfaces }}"
visible_name: "{{ zabbix_agent_visible_hostname | default(zabbix_agent2_hostname) }}"
tls_psk: "{{ zabbix_agent2_tlspsk_secret | default(omit) }}"
tls_psk_identity: "{{ zabbix_agent2_tlspskidentity | default(omit) }}"
tls_issuer: "{{ zabbix_agent2_tlsservercertissuer | default(omit) }}"
tls_subject: "{{ zabbix_agent2_tls_subject | default(omit) }}"
tls_accept: "{{ zabbix_agent_tls_config[zabbix_agent2_tlsaccept if zabbix_agent2_tlsaccept else 'unencrypted'] }}"
tls_connect: "{{ zabbix_agent_tls_config[zabbix_agent2_tlsconnect if zabbix_agent2_tlsconnect else 'unencrypted'] }}"
validate_certs: "{{ zabbix_api_validate_certs | default(omit) }}"
timeout: "{{ zabbix_api_timeout }}"
description: "{{ zabbix_agent_description | default(omit) }}"
inventory_zabbix: "{{ zabbix_agent_inventory_zabbix | default({}) }}"
ipmi_authtype: "{{ zabbix_agent_ipmi_authtype | default(omit) }}"
ipmi_password: "{{ zabbix_agent_ipmi_password| default(omit) }}"
ipmi_privilege: "{{ zabbix_agent_ipmi_privilege | default(omit) }}"
ipmi_username: "{{ zabbix_agent_ipmi_username | default(omit) }}"
tags: "{{ zabbix_agent_tags }}"
when:
- zabbix_agent2 | bool
register: zabbix_api_host_created
until: zabbix_api_host_created is succeeded
delegate_to: "{{ zabbix_api_server_host }}"
become: false
changed_when: false
tags:
- api
- name: "API | Updating host configuration with macros"
community.zabbix.zabbix_hostmacro:
host_name: "{{ (zabbix_agent2 | bool) | ternary(zabbix_agent2_hostname, zabbix_agent_hostname) }}"
macro_name: "{{ item.macro_key }}"
macro_value: "{{ item.macro_value }}"
macro_type: "{{ item.macro_type|default('text') }}"
validate_certs: "{{ zabbix_api_validate_certs | default(omit) }}"
timeout: "{{ zabbix_api_timeout }}"
with_items: "{{ zabbix_agent_macros | default([]) }}"
when:
- zabbix_agent_macros is defined
- item.macro_key is defined
register: zabbix_api_hostmarcro_created
until: zabbix_api_hostmarcro_created is succeeded
delegate_to: "{{ zabbix_api_server_host }}"
become: false
tags:
- api

55
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/firewall.yml Normal file
View File

@@ -0,0 +1,55 @@
---
- name: "Firewall | Configure IPTables (zabbix_agent_listenport)"
iptables:
action: "{{ zabbix_agent_firewall_action }}"
destination_port: "{{ zabbix_agent_listenport | string }}"
source: "{{ zabbix_agent_firewall_source | default(omit) }}"
protocol: tcp
chain: "{{ zabbix_agent_firewall_chain }}"
jump: ACCEPT
become: true
when:
- zabbix_agent_firewall_enable | bool
- name: "Firewall | Configure IPTables (zabbix_agent_jmx_listenport)"
iptables:
action: "{{ zabbix_agent_firewall_action }}"
destination_port: "{{ zabbix_agent_listenport | string }}"
source: "{{ zabbix_agent_firewall_source | default(omit) }}"
protocol: tcp
chain: "{{ zabbix_agent_firewall_chain }}"
jump: ACCEPT
become: true
when:
- zabbix_agent_firewall_enable | bool
- zabbix_agent_jmx_listenport | bool
- name: "Firewall | Configure firewalld (zabbix_agent_listenport)"
ansible.posix.firewalld:
rich_rule: 'rule family="ipv4" source address="{{ zabbix_agent_firewalld_source }}" port protocol="tcp" port="{{ zabbix_agent_listenport }}" accept'
zone: "{{ zabbix_agent_firewalld_zone }}"
permanent: true
immediate: true
state: enabled
become: true
when:
- zabbix_agent_firewalld_enable | bool
notify:
- firewalld-reload
tags: zabbix_agent_firewalld_enable
- name: "Firewall | Configure firewalld (zabbix_agent_jmx_listenport)"
ansible.posix.firewalld:
rich_rule: 'rule family="ipv4" source address="{{ zabbix_agent_firewalld_source }}" port protocol="tcp" port="{{ zabbix_agent_jmx_listenport }}" accept'
zone: "{{ zabbix_agent_firewalld_zone }}"
permanent: true
immediate: true
state: enabled
become: true
when:
- zabbix_agent_firewalld_enable | bool
- zabbix_agent_jmx_listenport | bool
notify:
- firewalld-reload
tags: zabbix_agent_firewalld_enable

24
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/macOS.yml Normal file
View File

@@ -0,0 +1,24 @@
---
# Tasks specific for macOS
- name: "macOS | Check installed package version"
shell: |
set -o pipefail
pkgutil --pkg-info 'com.zabbix.pkg.ZabbixAgent' | grep 'version:' | cut -d ' ' -f 2
register: pkgutil_version
check_mode: false
changed_when: false
failed_when: pkgutil_version.rc == 2
- name: "macOS | Download the Zabbix package"
get_url:
url: "{{ zabbix_mac_download_link }}"
dest: "/tmp/{{ zabbix_mac_package }}"
mode: 0644
when: pkgutil_version.stdout != zabbix_version_long
- name: "macOS | Install the Zabbix package"
command: installer -pkg "/tmp/{{ zabbix_mac_package }}" -target /
become: true
when: pkgutil_version.stdout != zabbix_version_long
tags:
- zabbix-agent

135
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/main.yml Normal file
View File

@@ -0,0 +1,135 @@
---
# tasks file for zabbix_agent
- name: "Set variables specific for Zabbix Agent 2"
set_fact:
zabbix_agent_service: zabbix-agent2
zabbix_agent_package: zabbix-agent2
when:
- zabbix_agent2 is defined
- zabbix_agent2
tags:
- always
- name: "Fix facts for linuxmint - distribution release"
set_fact:
zabbix_agent_distribution_release: xenial
when:
- ansible_os_family == "Linuxmint"
- ansible_distribution_release == "sonya" or ansible_distribution_release == "serena"
tags:
- always
- name: "Fix facts for linuxmint - family"
set_fact:
zabbix_agent_os_family: Debian
when:
- ansible_os_family == "Linuxmint"
tags:
- always
- name: "Fix facts for XCP-ng - family"
set_fact:
zabbix_agent_os_family: RedHat
when:
- ansible_os_family == "XCP-ng"
- name: "Include OS-specific variables"
include_vars: "{{ zabbix_agent_os_family }}.yml"
tags:
- always
- name: Determine Latest Supported Zabbix Version
set_fact:
zabbix_agent_version: "{{ zabbix_valid_agent_versions[ansible_distribution_major_version][0] | default(6.0) }}"
when: zabbix_agent_version is not defined
- name: "Reset zabbix_agent_version for Ubuntu 22.04 to 6.0"
# README https://support.zabbix.com/browse/ZBXNEXT-7624
set_fact:
zabbix_version: 6.0
zabbix_agent_version: 6.0
when:
- ansible_distribution_release is defined
- ansible_distribution_release == "jammy"
- ( zabbix_agent_version is version ('6.0','lt') or
zabbix_version is version ('6.0','lt') )
- name: "Install the correct repository"
include_tasks: "{{ zabbix_agent_os_family if (zabbix_agent_os_family not in ['Sangoma']) else 'RedHat' }}.yml"
when:
- not (zabbix_agent_docker | bool)
tags:
- always
- name: "Set the 'ansible_python_interpreter' to the one we use for running this playbook."
set_fact:
ansible_python_interpreter: "{{ ansible_playbook_python }}"
delegate_to: localhost
delegate_facts: true
when:
- (zabbix_install_pip_packages | bool) or (zabbix_api_create_hostgroup | bool) or (zabbix_api_create_hosts | bool)
- name: "Install local python-netaddr package"
pip:
name: netaddr
state: present
register: zabbix_python_netaddr_package_installed
until: zabbix_python_netaddr_package_installed is succeeded
delegate_to: localhost
run_once: true
become: "{{ zabbix_agent_become_on_localhost }}"
when:
- zabbix_install_pip_packages | bool
- ansible_all_ipv4_addresses is defined or (zabbix_agent_ip is not defined and total_private_ip_addresses is defined)
- name: "Encrypt with TLS PSK auto management"
include_tasks: tlspsk_auto.yml
when:
- not zabbix_agent2
- zabbix_agent_tlspsk_auto | bool
- (zabbix_agent_tlspskfile is undefined) or (zabbix_agent_tlspskfile | length == '0')
- (zabbix_agent_tlspsk_secret is undefined) or (zabbix_agent_tlspsk_secret | length == '0')
- name: "Encrypt with TLS PSK auto management"
include_tasks: tlspsk_auto_agent2.yml
when:
- zabbix_agent2 | bool
- zabbix_agent2_tlspsk_auto | bool
- (zabbix_agent2_tlspskfile is undefined) or (zabbix_agent2_tlspskfile | length == '0')
- (zabbix_agent2_tlspsk_secret is undefined) or (zabbix_agent2_tlspsk_secret | length == '0')
- name: "Configure Agent"
include_tasks: Windows_conf.yml
when:
- zabbix_agent_os_family == "Windows"
tags:
- always
- name: "Configure Agent"
include_tasks: Linux.yml
when:
- (zabbix_agent_os_family != "Windows" and zabbix_agent_os_family != "Darwin") or (zabbix_agent_docker | bool)
tags:
- always
- name: "Run the API calls to Zabbix Server"
vars:
gather_facts: false
ansible_user: "{{ zabbix_api_login_user }}"
ansible_connection: httpapi
# Can't think of a way to make http_login_* vars be undefined -(
http_login_user: "{{ zabbix_api_http_user | default(zabbix_http_user | default(-42)) }}"
http_login_password: "{{ zabbix_api_http_password | default(zabbix_http_password | default(-42)) }}"
include_tasks: api.yml
when:
- (zabbix_api_create_hostgroup | bool) or (zabbix_api_create_hosts | bool)
tags:
- api
- name: "Including userparameters"
include_tasks: "userparameter.yml"
when: zabbix_agent_userparameters|length > 0
tags:
- zabbix-agent
- userparameter

25
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/remove.yml Normal file
View File

@@ -0,0 +1,25 @@
---
- name: Pull service facts
service_facts:
- name: "Remove | Make sure the \"old\" zabbix-agent service stopped"
service:
name: "zabbix-agent"
state: stopped
enabled: false
become: true
when: |
ansible_facts.services["zabbix-agent.service"] is defined or
ansible_facts.services["zabbix-agent"] is defined
- name: "Remove | Package removal"
package:
name: "zabbix-agent"
state: absent
become: true
- name: "Remove | Remove the agent-include-dir"
file:
path: "{{ zabbix_agent_include }}"
state: absent
become: true

102
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/selinux.yml Normal file
View File

@@ -0,0 +1,102 @@
---
- name: "SELinux | Debian | Install policycoreutils-python"
apt:
pkg: policycoreutils-python-utils
state: present
update_cache: true
cache_valid_time: 0
force_apt_get: "{{ zabbix_apt_force_apt_get }}"
install_recommends: "{{ zabbix_apt_install_recommends }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_agent_policycoreutils_installed
until: zabbix_agent_package_installed is succeeded
become: true
when:
- zabbix_agent_os_family == "Debian"
- name: "SELinux | RedHat | Install policycoreutils-python"
package:
name: policycoreutils-python
state: installed
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_agent_policycoreutils_installed
until: zabbix_agent_policycoreutils_installed is succeeded
when:
- zabbix_agent_os_family == "RedHat"
- (zabbix_agent_distribution_major_version == "6" or zabbix_agent_distribution_major_version == "7")
become: true
tags:
- init
- zabbix-agent
- name: "SELinux | RedHat | Install python3-policycoreutils on RHEL8"
package:
name: python3-policycoreutils
state: installed
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_agent_policycoreutils_installed
until: zabbix_agent_policycoreutils_installed is succeeded
when:
- zabbix_agent_os_family == "RedHat"
- ansible_distribution_major_version == "8"
become: true
tags:
- init
- zabbix-agent
- name: "SELinux | RedHat | Install selinux-policy-targeted"
package:
name: selinux-policy-targeted
state: installed
register: zabbix_agent_selinuxpolicytargeted_installed
until: zabbix_agent_selinuxpolicytargeted_installed is succeeded
when:
- zabbix_agent_os_family == "RedHat"
become: true
tags:
- init
- zabbix-agent
# straight to getenforce binary , workaround for missing python_selinux library
- name: "SELinux | Get getenforce binary"
stat:
path: /usr/sbin/getenforce
register: getenforce_bin
become: true
- name: "SELinux | Collect getenforce output"
command: /usr/sbin/getenforce
register: sestatus
when: 'getenforce_bin.stat.exists'
changed_when: false
become: true
check_mode: false
- name: "SELinux | Set zabbix_selinux to true if getenforce returns Enforcing or Permissive"
set_fact:
zabbix_selinux: "{{ true }}"
when:
- 'getenforce_bin.stat.exists and ("Enforcing" in sestatus.stdout or "Permissive" in sestatus.stdout)'
- name: "SELinux | Allow zabbix_agent to start (SELinux)"
community.general.selinux_permissive:
name: zabbix_agent_t
permissive: true
become: true
- name: "SELinux | Allow zabbix to run sudo commands (SELinux)"
ansible.posix.seboolean:
name: zabbix_run_sudo
persistent: true
state: true
when:
- ansible_selinux.status == "enabled"
- selinux_allow_zabbix_run_sudo|bool
tags: selinux

12
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto.yml Normal file
View File

@@ -0,0 +1,12 @@
---
- include_tasks: tlspsk_auto_linux.yml
when: (zabbix_agent_os_family != "Windows") or (zabbix_agent_docker | bool)
- include_tasks: tlspsk_auto_windows.yml
when: zabbix_agent_os_family == "Windows"
- name: AutoPSK | Default tlsaccept and tlsconnect to enforce PSK
set_fact:
zabbix_agent_tlsaccept: psk
zabbix_agent_tlsconnect: psk
when: zabbix_api_create_hosts

12
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_agent2.yml Normal file
View File

@@ -0,0 +1,12 @@
---
- include_tasks: tlspsk_auto_agent2_linux.yml
when: (zabbix_agent_os_family != "Windows") or (zabbix_agent_docker | bool)
- include_tasks: tlspsk_auto_agent2_windows.yml
when: zabbix_agent_os_family == "Windows"
- name: AutoPSK | Default tlsaccept and tlsconnect to enforce PSK
set_fact:
zabbix_agent2_tlsaccept: psk
zabbix_agent2_tlsconnect: psk
when: zabbix_api_create_hosts

44
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_agent2_common.yml Normal file
View File

@@ -0,0 +1,44 @@
---
# Process PSK Secret
- name: AutoPSK | Save existing TLS PSK secret
set_fact:
zabbix_agent2_tlspsk_read: "{{ zabbix_agent2_tlspsk_base64['content'] | b64decode | trim }}"
when: zabbix_agent2_tlspskcheck.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Use existing TLS PSK secret
set_fact:
zabbix_agent2_tlspsk_secret: "{{ zabbix_agent2_tlspsk_read }}"
when:
- zabbix_agent2_tlspskcheck.stat.exists
- zabbix_agent2_tlspsk_read|length >= 32
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Generate new TLS PSK secret
set_fact:
zabbix_agent2_tlspsk_secret: "{{ lookup('password', '/dev/null chars=hexdigits length=64') }}"
when:
- not zabbix_agent2_tlspskcheck.stat.exists
- (zabbix_agent2_tlspsk_read is not defined) or (zabbix_agent2_tlspsk_read|length < 32)
no_log: "{{ ansible_verbosity < 3 }}"
# Process PSK Identity
- name: AutoPSK | Use existing TLS PSK identity
set_fact:
zabbix_agent2_tlspskidentity: "{{ zabbix_agent2_tlspskidentity_base64['content'] | b64decode | trim }}"
when:
- zabbix_agent2_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Generate new TLS PSK identity
set_fact:
zabbix_agent2_tlspskidentity: >-
{{
zabbix_agent_visible_hostname
| default(((zabbix_agent2 == True) | ternary(zabbix_agent2_hostname, zabbix_agent_hostname)))
+ '_'
+ lookup('password', '/dev/null chars=hexdigits length=4')
}}
when: not zabbix_agent2_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"

66
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_agent2_linux.yml Normal file
View File

@@ -0,0 +1,66 @@
---
- name: AutoPSK | Set default path variables (Linux)
set_fact:
zabbix_agent2_tlspskfile: "/etc/zabbix/tls_psk_auto.secret"
zabbix_agent2_tlspskidentity_file: "/etc/zabbix/tls_psk_auto.identity"
- name: AutoPSK | Check for existing TLS PSK file (Linux)
stat:
path: "{{ zabbix_agent2_tlspskfile }}"
register: zabbix_agent2_tlspskcheck
become: true
- name: AutoPSK | Check for existing TLS PSK identity (Linux)
stat:
path: "{{ zabbix_agent2_tlspskidentity_file }}"
register: zabbix_agent2_tlspskidentity_check
become: true
- name: AutoPSK | read existing TLS PSK file (Linux)
slurp:
src: "{{ zabbix_agent2_tlspskfile }}"
register: zabbix_agent2_tlspsk_base64
become: true
when:
- zabbix_agent2_tlspskcheck.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Read existing TLS PSK identity file (Linux)
slurp:
src: "{{ zabbix_agent2_tlspskidentity_file }}"
register: zabbix_agent2_tlspskidentity_base64
become: true
when: zabbix_agent2_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- include_tasks: tlspsk_auto_agent2_common.yml
- name: AutoPSK | Template TLS PSK identity in file (Linux)
copy:
dest: "{{ zabbix_agent2_tlspskidentity_file }}"
content: "{{ zabbix_agent2_tlspskidentity }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent2_tlspskidentity_file is defined
- zabbix_agent2_tlspskidentity is defined
notify:
- restart zabbix-agent
- restart mac zabbix agent
- name: AutoPSK | Template TLS PSK secret in file (Linux)
copy:
dest: "{{ zabbix_agent2_tlspskfile }}"
content: "{{ zabbix_agent2_tlspsk_secret }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent2_tlspskfile is defined
- zabbix_agent2_tlspsk_secret is defined
notify:
- restart zabbix-agent
- restart mac zabbix agent

52
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_agent2_windows.yml Normal file
View File

@@ -0,0 +1,52 @@
---
- name: AutoPSK | Set default path variables for Windows
set_fact:
zabbix_agent2_tlspskfile: "{{ zabbix_win_install_dir }}\\tls_psk_auto.secret.txt"
zabbix_agent2_tlspskidentity_file: "{{ zabbix_win_install_dir }}\\tls_psk_auto.identity.txt"
- name: AutoPSK | Check for existing TLS PSK file (Windows)
ansible.windows.win_stat:
path: "{{ zabbix_agent2_tlspskfile }}"
register: zabbix_agent2_tlspskcheck
- name: AutoPSK | Check for existing TLS PSK identity (Windows)
ansible.windows.win_stat:
path: "{{ zabbix_agent2_tlspskidentity_file }}"
register: zabbix_agent2_tlspskidentity_check
- name: AutoPSK | read existing TLS PSK file (Windows)
slurp:
src: "{{ zabbix_agent2_tlspskfile }}"
register: zabbix_agent2_tlspsk_base64
when:
- zabbix_agent2_tlspskcheck.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Read existing TLS PSK identity file (Windows)
slurp:
src: "{{ zabbix_agent2_tlspskidentity_file }}"
register: zabbix_agent2_tlspskidentity_base64
when: zabbix_agent2_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- include_tasks: tlspsk_auto_agent2_common.yml
- name: Windows | AutoPSK | Template TLS PSK identity in file (Windows)
win_copy:
dest: "{{ zabbix_agent2_tlspskidentity_file }}"
content: "{{ zabbix_agent2_tlspskidentity }}"
when:
- zabbix_agent2_tlspskidentity_file is defined
- zabbix_agent2_tlspskidentity is defined
notify:
- restart win zabbix agent
- name: AutoPSK | Template TLS PSK secret in file (Windows)
win_copy:
dest: "{{ zabbix_agent2_tlspskfile }}"
content: "{{ zabbix_agent2_tlspsk_secret }}"
when:
- zabbix_agent2_tlspskfile is defined
- zabbix_agent2_tlspsk_secret is defined
notify:
- restart win zabbix agent

43
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_common.yml Normal file
View File

@@ -0,0 +1,43 @@
---
# Process PSK Secret
- name: AutoPSK | Save existing TLS PSK secret
set_fact:
zabbix_agent_tlspsk_read: "{{ zabbix_agent_tlspsk_base64['content'] | b64decode | trim }}"
when: zabbix_agent_tlspskcheck.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Use existing TLS PSK secret
set_fact:
zabbix_agent_tlspsk_secret: "{{ zabbix_agent_tlspsk_read }}"
when:
- zabbix_agent_tlspskcheck.stat.exists
- zabbix_agent_tlspsk_read|length >= 32
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Generate new TLS PSK secret
set_fact:
zabbix_agent_tlspsk_secret: "{{ lookup('password', '/dev/null chars=hexdigits length=64') }}"
when:
- (not zabbix_agent_tlspskcheck.stat.exists) or (zabbix_agent_tlspsk_read|length < 32)
no_log: "{{ ansible_verbosity < 3 }}"
# Process PSK Identity
- name: AutoPSK | Use existing TLS PSK identity
set_fact:
zabbix_agent_tlspskidentity: "{{ zabbix_agent_tlspskidentity_base64['content'] | b64decode | trim }}"
when:
- zabbix_agent_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Generate new TLS PSK identity
set_fact:
zabbix_agent_tlspskidentity: >-
{{
zabbix_agent_visible_hostname
| default(((zabbix_agent2 != True) | ternary(zabbix_agent_hostname, zabbix_agent_hostname)))
+ '_'
+ lookup('password', '/dev/null chars=hexdigits length=4')
}}
when: not zabbix_agent_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"

66
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_linux.yml Normal file
View File

@@ -0,0 +1,66 @@
---
- name: AutoPSK | Set default path variables (Linux)
set_fact:
zabbix_agent_tlspskfile: "/etc/zabbix/tls_psk_auto.secret"
zabbix_agent_tlspskidentity_file: "/etc/zabbix/tls_psk_auto.identity"
- name: AutoPSK | Check for existing TLS PSK file (Linux)
stat:
path: "{{ zabbix_agent_tlspskfile }}"
register: zabbix_agent_tlspskcheck
become: true
- name: AutoPSK | Check for existing TLS PSK identity (Linux)
stat:
path: "{{ zabbix_agent_tlspskidentity_file }}"
register: zabbix_agent_tlspskidentity_check
become: true
- name: AutoPSK | read existing TLS PSK file (Linux)
slurp:
src: "{{ zabbix_agent_tlspskfile }}"
register: zabbix_agent_tlspsk_base64
become: true
when:
- zabbix_agent_tlspskcheck.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Read existing TLS PSK identity file (Linux)
slurp:
src: "{{ zabbix_agent_tlspskidentity_file }}"
register: zabbix_agent_tlspskidentity_base64
become: true
when: zabbix_agent_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- include_tasks: tlspsk_auto_common.yml
- name: AutoPSK | Template TLS PSK identity in file (Linux)
copy:
dest: "{{ zabbix_agent_tlspskidentity_file }}"
content: "{{ zabbix_agent_tlspskidentity }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent_tlspskidentity_file is defined
- zabbix_agent_tlspskidentity is defined
notify:
- restart zabbix-agent
- restart mac zabbix agent
- name: AutoPSK | Template TLS PSK secret in file (Linux)
copy:
dest: "{{ zabbix_agent_tlspskfile }}"
content: "{{ zabbix_agent_tlspsk_secret }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspsk_secret is defined
notify:
- restart zabbix-agent
- restart mac zabbix agent

53
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/tlspsk_auto_windows.yml Normal file
View File

@@ -0,0 +1,53 @@
---
- name: AutoPSK | Set default path variables for Windows
set_fact:
zabbix_agent_tlspskfile: "{{ zabbix_win_install_dir }}\\tls_psk_auto.secret.txt"
zabbix_agent_tlspskidentity_file: "{{ zabbix_win_install_dir }}\\tls_psk_auto.identity.txt"
- name: AutoPSK | Check for existing TLS PSK file (Windows)
ansible.windows.win_stat:
path: "{{ zabbix_agent_tlspskfile }}"
register: zabbix_agent_tlspskcheck
- name: AutoPSK | Check for existing TLS PSK identity (Windows)
ansible.windows.win_stat:
path: "{{ zabbix_agent_tlspskidentity_file }}"
register: zabbix_agent_tlspskidentity_check
- name: AutoPSK | read existing TLS PSK file (Windows)
slurp:
src: "{{ zabbix_agent_tlspskfile }}"
register: zabbix_agent_tlspsk_base64
when:
- zabbix_agent_tlspskcheck.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- name: AutoPSK | Read existing TLS PSK identity file (Windows)
slurp:
src: "{{ zabbix_agent_tlspskidentity_file }}"
register: zabbix_agent_tlspskidentity_base64
when: zabbix_agent_tlspskidentity_check.stat.exists
no_log: "{{ ansible_verbosity < 3 }}"
- include_tasks: tlspsk_auto_common.yml
- name: AutoPSK | Template TLS PSK identity in file (Windows)
win_copy:
dest: "{{ zabbix_agent_tlspskidentity_file }}"
content: "{{ zabbix_agent_tlspskidentity }}"
when:
- zabbix_agent_tlspskidentity_file is defined
- zabbix_agent_tlspskidentity is defined
notify:
- restart win zabbix agent
- name: AutoPSK | Template TLS PSK secret in file (Windows)
win_copy:
dest: "{{ zabbix_agent_tlspskfile }}"
content: "{{ zabbix_agent_tlspsk_secret }}"
when:
- zabbix_agent_tlspskfile is defined
- zabbix_agent_tlspsk_secret is defined
- zabbix_agent_os_family == "Windows"
notify:
- restart win zabbix agent

85
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/tasks/userparameter.yml Normal file
View File

@@ -0,0 +1,85 @@
---
- block:
- name: "Windows | Installing user-defined userparameters"
ansible.windows.win_template:
src: "{{ zabbix_agent_userparameters_templates_src }}/{{ item.name }}.j2"
dest: '{{ zabbix_agent_win_include }}\{{ item.name }}.conf'
notify:
- restart win zabbix agent
with_items: "{{ zabbix_agent_userparameters }}"
- name: "Windows | Installing user-defined scripts"
ansible.windows.win_copy:
src: "{{ zabbix_agent_userparameters_scripts_src }}/{{ item.scripts_dir }}"
dest: '{{ zabbix_win_install_dir }}\scripts\'
notify:
- restart win zabbix agent
with_items: "{{ zabbix_agent_userparameters }}"
when: item.scripts_dir is defined
when: zabbix_agent_os_family == "Windows"
- block:
- name: "Installing user-defined userparameters"
template:
src: "{{ zabbix_agent_userparameters_templates_src }}/{{ item.name }}.j2"
dest: "{{ zabbix_agent_include }}/userparameter_{{ item.name }}.conf"
owner: zabbix
group: zabbix
mode: 0644
notify:
- restart zabbix-agent
- restart mac zabbix agent
become: true
with_items: "{{ zabbix_agent_userparameters }}"
- name: "Installing user-defined scripts"
copy:
src: "{{ zabbix_agent_userparameters_scripts_src }}/{{ item.scripts_dir }}"
dest: "/etc/zabbix/scripts/"
owner: zabbix
group: zabbix
mode: 0755
notify:
- restart zabbix-agent
- restart mac zabbix agent
become: true
with_items: "{{ zabbix_agent_userparameters }}"
when: item.scripts_dir is defined
when:
- zabbix_agent_os_family != "Windows"
- not zabbix_agent2
- block:
- name: "Installing user-defined userparameters"
template:
src: "{{ zabbix_agent_userparameters_templates_src }}/{{ item.name }}.j2"
dest: "{{ zabbix_agent2_include }}/userparameter_{{ item.name }}.conf"
owner: zabbix
group: zabbix
mode: 0644
notify:
- restart zabbix-agent
- restart mac zabbix agent
become: true
with_items: "{{ zabbix_agent_userparameters }}"
- name: "Installing user-defined scripts"
copy:
src: "{{ zabbix_agent_userparameters_scripts_src }}/{{ item.scripts_dir }}"
dest: "/etc/zabbix/scripts/"
owner: zabbix
group: zabbix
mode: 0755
notify:
- restart zabbix-agent
- restart mac zabbix agent
become: true
with_items: "{{ zabbix_agent_userparameters }}"
when: item.scripts_dir is defined
when:
- zabbix_agent_os_family != "Windows"
- zabbix_agent2

3
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/templates/userparameters/mysql.j2 Normal file
View File

@@ -0,0 +1,3 @@
# This is an sample userparameters file.
UserParameter=mysql.ping_to,mysqladmin -uroot ping | grep -c alive

1
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/templates/userparameters/win_sample.j2 Normal file
View File

@@ -0,0 +1 @@
UserParameter=do.something, powershell -NoProfile -ExecutionPolicy Bypass -File {{ zabbix_win_install_dir }}\scripts\{{ item.name }}\doSomething.ps1

135
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/templates/zabbix_agent2.conf.j2 Normal file
View File

@@ -0,0 +1,135 @@
{{ ansible_managed | comment }}
# This is a configuration file for Zabbix Agent 2
# To get more information about Zabbix, visit http://www.zabbix.com
# This configuration file is "minimalized", which means all the original comments
# are removed. The full documentation for your Zabbix Agent 2 can be found here:
# https://www.zabbix.com/documentation/{{ zabbix_version }}/en/manual/appendix/config/zabbix_agent2{{ "_win" if zabbix_agent_os_family == "Windows" else "" }}
{% if zabbix_agent_os_family != "Windows" %}
PidFile={{ zabbix_agent2_pidfile }}
{% endif %}
LogType={{ zabbix_agent2_logtype }}
{% if zabbix_agent_os_family == "Windows" %}
LogFile={{ zabbix_agent2_win_logfile }}
{% else %}
LogFile={{ zabbix_agent2_logfile }}
{% endif %}
LogFileSize={{ zabbix_agent2_logfilesize }}
DebugLevel={{ zabbix_agent2_debuglevel }}
{% if zabbix_agent2_sourceip is defined and zabbix_agent2_sourceip %}
SourceIP={{ zabbix_agent2_sourceip }}
{% endif %}
Server={{ zabbix_agent2_server }}
ListenPort={{ zabbix_agent2_listenport }}
{% if zabbix_agent2_listenip is defined and zabbix_agent2_listenip !='0.0.0.0' and zabbix_agent2_listenip %}
ListenIP={{ zabbix_agent2_listenip }}
{% endif %}
{% if zabbix_agent2_statusport is defined and zabbix_agent2_statusport %}
StatusPort={{ zabbix_agent2_statusport }}
{% endif %}
ServerActive={{ zabbix_agent2_serveractive }}
{% if zabbix_agent2_hostname is defined and zabbix_agent2_hostname %}
Hostname={{ zabbix_agent2_hostname }}
{% endif %}
{% if zabbix_agent2_hostnameitem is defined and zabbix_agent2_hostnameitem %}
HostnameItem={{ zabbix_agent2_hostnameitem }}
{% endif %}
{% if zabbix_agent2_hostmetadata is defined and zabbix_agent2_hostmetadata %}
HostMetadata={{ zabbix_agent2_hostmetadata }}
{% endif %}
{% if zabbix_agent2_hostmetadataitem is defined and zabbix_agent2_hostmetadataitem %}
HostMetadataItem={{ zabbix_agent2_hostmetadataitem }}
{% endif %}
{% if zabbix_agent2_hostinterface is defined and zabbix_agent2_hostinterface %}
HostInterface={{ zabbix_agent2_hostinterface }}
{% endif %}
{% if zabbix_agent2_hostinterfaceitem is defined and zabbix_agent2_hostinterfaceitem %}
HostInterfaceItem={{ zabbix_agent2_hostinterfaceitem }}
{% endif %}
{% if zabbix_agent2_allow_key is defined and zabbix_agent2_allow_key %}
{% for item in zabbix_agent2_allow_key %}
AllowKey={{ item }}
{% endfor %}
{% endif %}
{% if zabbix_agent2_deny_key is defined and zabbix_agent2_deny_key %}
{% for item in zabbix_agent2_deny_key %}
DenyKey={{ item }}
{% endfor %}
{% endif %}
RefreshActiveChecks={{ zabbix_agent2_refreshactivechecks }}
BufferSend={{ zabbix_agent2_buffersend }}
BufferSize={{ zabbix_agent2_buffersize }}
{% if zabbix_agent2_enablepersistentbuffer is defined and zabbix_agent2_enablepersistentbuffer %}
EnablePersistentBuffer={{ zabbix_agent2_enablepersistentbuffer }}
{% endif %}
{% if zabbix_agent2_persistentbufferperiod is defined and zabbix_agent2_persistentbufferperiod %}
PersistentBufferPeriod={{ zabbix_agent2_persistentbufferperiod }}
{% endif %}
{% if zabbix_agent2_persistentbufferfile is defined and zabbix_agent2_persistentbufferfile %}
PersistentBufferFile={{ zabbix_agent2_persistentbufferfile }}
{% endif %}
{% if zabbix_agent2_zabbix_alias is defined and zabbix_agent2_zabbix_alias %}
{% if zabbix_agent2_zabbix_alias is string %}
Alias={{ zabbix_agent2_zabbix_alias }}
{% else %}
{% for item in zabbix_agent2_zabbix_alias %}
Alias={{ item }}
{% endfor %}
{% endif %}
{% endif %}
Timeout={{ zabbix_agent2_timeout }}
{% if zabbix_agent_os_family == "Windows" %}
Include={{ zabbix_agent_win_include }}
{% else %}
Include={{ zabbix_agent2_include }}/{{ zabbix_agent2_include_pattern }}
{% endif %}
UnsafeUserParameters={{ zabbix_agent2_unsafeuserparameters }}
{% if zabbix_agent_os_family != "Windows" %}
ControlSocket={{ zabbix_agent2_controlsocket }}
{% endif %}
{% if zabbix_agent2_tlsconnect is defined and zabbix_agent2_tlsconnect %}
TLSConnect={{ zabbix_agent2_tlsconnect }}
{% endif %}
{% if zabbix_agent2_tlsaccept is defined and zabbix_agent2_tlsaccept %}
TLSAccept={{ zabbix_agent2_tlsaccept }}
{% endif %}
{% if zabbix_agent2_tlscafile is defined and zabbix_agent2_tlscafile %}
TLSCAFile={{ zabbix_agent2_tlscafile }}
{% endif %}
{% if zabbix_agent2_tlscrlfile is defined and zabbix_agent2_tlscrlfile %}
TLSCRLFile={{ zabbix_agent2_tlscrlfile }}
{% endif %}
{% if zabbix_agent2_tlsservercertissuer is defined and zabbix_agent2_tlsservercertissuer %}
TLSServerCertIssuer={{ zabbix_agent2_tlsservercertissuer }}
{% endif %}
{% if zabbix_agent2_tlsservercertsubject is defined and zabbix_agent2_tlsservercertsubject %}
TLSServerCertSubject={{ zabbix_agent2_tlsservercertsubject }}
{% endif %}
{% if zabbix_agent2_tlscertfile is defined and zabbix_agent2_tlscertfile %}
TLSCertFile={{ zabbix_agent2_tlscertfile }}
{% endif %}
{% if zabbix_agent2_tlskeyfile is defined and zabbix_agent2_tlskeyfile %}
TLSKeyFile={{ zabbix_agent2_tlskeyfile }}
{% endif %}
{% if zabbix_agent2_tlspskidentity is defined and zabbix_agent2_tlspskidentity %}
TLSPSKIdentity={{ zabbix_agent2_tlspskidentity }}
{% endif %}
{% if zabbix_agent2_tlspskfile is defined and zabbix_agent2_tlspskfile %}
TLSPSKFile={{ zabbix_agent2_tlspskfile }}
{% endif %}
{% if zabbix_agent2_plugins is defined and zabbix_agent2_plugins is iterable %}
{% for entry in zabbix_agent2_plugins %}
{% set my_name = entry['name'] %}
{% for property in entry['options'] %}
{% set param = property['parameter'] %}
{% set value = property['value'] %}
Plugins.{{ my_name }}.{{ param }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
{% if zabbix_version is version('6.0', '>=') %}
{% if zabbix_agent2_listenbacklog is defined and zabbix_agent2_listenbacklog %}
ListenBacklog={{ zabbix_agent2_listenbacklog }}
{% endif %}
{% endif %}

144
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/templates/zabbix_agentd.conf.j2 Normal file
View File

@@ -0,0 +1,144 @@
{{ ansible_managed | comment }}
# This is a configuration file for Zabbix Agent
# To get more information about Zabbix, visit http://www.zabbix.com
# This configuration file is "minimalized", which means all the original comments
# are removed. The full documentation for your Zabbix Agent can be found here:
# https://www.zabbix.com/documentation/{{ zabbix_version }}/en/manual/appendix/config/zabbix_agentd{{ "_win" if zabbix_agent_os_family == "Windows" else "" }}
{% if zabbix_agent_os_family != "Windows" %}
PidFile={{ zabbix_agent_pidfile }}
{% endif %}
{% if zabbix_agent_version is version('3.0', '>=') %}
LogType={{ zabbix_agent_logtype }}
{% endif %}
{% if zabbix_agent_os_family == "Windows" %}
LogFile={{ zabbix_agent_win_logfile }}
{% else %}
LogFile={{ zabbix_agent_logfile }}
{% endif %}
LogFileSize={{ zabbix_agent_logfilesize }}
DebugLevel={{ zabbix_agent_debuglevel }}
{% if zabbix_agent_sourceip is defined and zabbix_agent_sourceip %}
SourceIP={{ zabbix_agent_sourceip }}
{% endif %}
{% if zabbix_agent_version is version('6.0', '<=') %}
EnableRemoteCommands={{ zabbix_agent_enableremotecommands }}
{% else %}
{% if zabbix_agent_allowkeys is defined and zabbix_agent_allowkeys %}
AllowKey={{ zabbix_agent_allowkeys }}
{% endif %}
{% if zabbix_agent_denykeys is defined and zabbix_agent_denykeys %}
DenyKey={{ zabbix_agent_denykeys }}
{% endif %}
{% endif %}
LogRemoteCommands={{ zabbix_agent_logremotecommands }}
Server={{ zabbix_agent_server }}
ListenPort={{ zabbix_agent_listenport }}
{% if zabbix_agent_listenip is defined and zabbix_agent_listenip !='0.0.0.0' and zabbix_agent_listenip %}
ListenIP={{ zabbix_agent_listenip }}
{% endif %}
StartAgents={{ zabbix_agent_startagents }}
ServerActive={{ zabbix_agent_serveractive }}
{% if zabbix_agent_hostname is defined and zabbix_agent_hostname %}
Hostname={{ zabbix_agent_hostname }}
{% endif %}
{% if zabbix_agent_hostnameitem is defined and zabbix_agent_hostnameitem %}
HostnameItem={{ zabbix_agent_hostnameitem }}
{% endif %}
{% if zabbix_agent_hostmetadata is defined and zabbix_agent_hostmetadata %}
HostMetadata={{ zabbix_agent_hostmetadata }}
{% endif %}
{% if zabbix_agent_hostmetadataitem is defined and zabbix_agent_hostmetadataitem %}
HostMetadataItem={{ zabbix_agent_hostmetadataitem }}
{% endif %}
{% if zabbix_agent_allow_key is defined and zabbix_agent_allow_key %}
{% for item in zabbix_agent_allow_key %}
AllowKey={{ item }}
{% endfor %}
{% endif %}
{% if zabbix_agent_deny_key is defined and zabbix_agent_deny_key %}
{% for item in zabbix_agent_deny_key %}
DenyKey={{ item }}
{% endfor %}
{% endif %}
RefreshActiveChecks={{ zabbix_agent_refreshactivechecks }}
BufferSend={{ zabbix_agent_buffersend }}
BufferSize={{ zabbix_agent_buffersize }}
MaxLinesPerSecond={{ zabbix_agent_maxlinespersecond }}
{% if zabbix_version is version_compare('6.2', '>=') %}
HeartbeatFrequency={{ zabbix_agent_heartbeatfrequency }}
{% endif %}
{% if zabbix_agent_zabbix_alias is defined and zabbix_agent_zabbix_alias %}
{% if zabbix_agent_zabbix_alias is string %}
Alias={{ zabbix_agent_zabbix_alias }}
{% else %}
{% for item in zabbix_agent_zabbix_alias %}
Alias={{ item }}
{% endfor %}
{% endif %}
{% endif %}
Timeout={{ zabbix_agent_timeout }}
{% if zabbix_agent_os_family != "Windows" %}
AllowRoot={{ zabbix_agent_allowroot }}
{% endif %}
{% if zabbix_agent_runas_user is defined and zabbix_agent_runas_user %}
User={{ zabbix_agent_runas_user }}
{% endif %}
{% if zabbix_agent_os_family == "Windows" %}
Include={{ zabbix_agent_win_include }}
{% else %}
Include={{ zabbix_agent_include }}/{{ zabbix_agent_include_pattern }}
{% endif %}
UnsafeUserParameters={{ zabbix_agent_unsafeuserparameters }}
{% if zabbix_version is version_compare('2.2', '>=') %}
{% if zabbix_agent_os_family != "Windows" %}
LoadModulePath={{ zabbix_agent_loadmodulepath }}
{% endif %}
{% endif %}
{% if zabbix_agent_loadmodule is defined and zabbix_agent_loadmodule %}
{% if zabbix_agent_loadmodule is string %}
LoadModule={{ zabbix_agent_loadmodule }}
{% else %}
{% for module in zabbix_agent_loadmodule %}
LoadModule={{ module }}
{% endfor %}
{% endif %}
{% endif %}
{% if zabbix_version is version_compare('3.0', '>=') %}
{% if zabbix_agent_tlsconnect is defined and zabbix_agent_tlsconnect %}
TLSConnect={{ zabbix_agent_tlsconnect }}
{% endif %}
{% if zabbix_agent_tlsaccept is defined and zabbix_agent_tlsaccept %}
TLSAccept={{ zabbix_agent_tlsaccept }}
{% endif %}
{% if zabbix_agent_tlscafile is defined and zabbix_agent_tlscafile %}
TLSCAFile={{ zabbix_agent_tlscafile }}
{% endif %}
{% if zabbix_agent_tlscrlfile is defined and zabbix_agent_tlscrlfile %}
TLSCRLFile={{ zabbix_agent_tlscrlfile }}
{% endif %}
{% if zabbix_agent_tlsservercertissuer is defined and zabbix_agent_tlsservercertissuer %}
TLSServerCertIssuer={{ zabbix_agent_tlsservercertissuer }}
{% endif %}
{% if zabbix_agent_tlsservercertsubject is defined and zabbix_agent_tlsservercertsubject %}
TLSServerCertSubject={{ zabbix_agent_tlsservercertsubject }}
{% endif %}
{% if zabbix_agent_tlscertfile is defined and zabbix_agent_tlscertfile %}
TLSCertFile={{ zabbix_agent_tlscertfile }}
{% endif %}
{% if zabbix_agent_tlskeyfile is defined and zabbix_agent_tlskeyfile %}
TLSKeyFile={{ zabbix_agent_tlskeyfile }}
{% endif %}
{% if zabbix_agent_tlspskidentity is defined and zabbix_agent_tlspskidentity %}
TLSPSKIdentity={{ zabbix_agent_tlspskidentity }}
{% endif %}
{% if zabbix_agent_tlspskfile is defined and zabbix_agent_tlspskfile %}
TLSPSKFile={{ zabbix_agent_tlspskfile }}
{% endif %}
{% endif %}
{% if zabbix_version is version('6.0', '>=') %}
{% if zabbix_agent_listenbacklog is defined and zabbix_agent_listenbacklog %}
ListenBacklog={{ zabbix_agent_listenbacklog }}
{% endif %}
{% endif %}

6
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/Darwin.yml Normal file
View File

@@ -0,0 +1,6 @@
---
# vars file for zabbix_agent (Debian)
zabbix_agent: zabbix-agent
zabbix_agent_service: com.zabbix.zabbix_agentd
zabbix_agent_conf: zabbix_agentd.conf

38
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/Debian.yml Normal file
View File

@@ -0,0 +1,38 @@
---
# vars file for zabbix_agent (Debian)
zabbix_agent: zabbix-agent
zabbix_agent_service: zabbix-agent
zabbix_agent_conf: zabbix_agentd.conf
zabbix_agent2_conf: zabbix_agent2.conf
zabbix_valid_agent_versions:
# Debian
"11":
- 6.2
- 6.0
- 5.0
- 4.0
"10":
- 6.0
- 5.0
- 4.0
"9":
- 6.0
- 5.0
- 4.0
# Ubuntu
"22":
- 6.2
- 6.0
- 5.0
- 4.0
"20":
- 6.2
- 6.0
- 5.0
- 4.0
"18":
- 6.0
- 5.0
- 4.0

24
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/RedHat.yml Normal file
View File

@@ -0,0 +1,24 @@
---
# vars file for zabbix_agent (RedHat)
zabbix_agent: zabbix-agent
zabbix_agent_service: zabbix-agent
zabbix_agent_conf: zabbix_agentd.conf
zabbix_agent2_conf: zabbix_agent2.conf
zabbix_valid_agent_versions:
"9":
- 6.2
- 6.0
- 5.0
- 4.0
"8":
- 6.2
- 6.0
- 5.0
- 4.0
"7":
- 6.2
- 6.0
- 5.0
- 4.0

7
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/Sangoma.yml Normal file
View File

@@ -0,0 +1,7 @@
---
# vars file for zabbix_agent (Sangola)
zabbix_agent: zabbix-agent
zabbix_agent_service: zabbix-agent
zabbix_agent_conf: zabbix_agentd.conf
zabbix_agent2_conf: zabbix_agent2.conf

7
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/Suse.yml Normal file
View File

@@ -0,0 +1,7 @@
---
# vars file for zabbix_agent (Suse)
zabbix_agent: zabbix-agentd
zabbix_agent_service: zabbix_agentd
zabbix_agent_conf: zabbix_agentd.conf
zabbix_agent2_conf: zabbix-agent2.conf

2
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/Windows.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for zabbix_agent (Windows)

0
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/main.yml Normal file
View File

255
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_agent/vars/zabbix.yml Normal file
View File

@@ -0,0 +1,255 @@
---
sign_keys:
"62":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
jammy:
sign_key: E709712C
"60":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
stretch:
sign_key: E709712C
jammy:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
"54":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
jammy:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"52":
# bullseye: not available upstream
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
jammy:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"50":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
jammy:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"44":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
focal:
sign_key: A14FE591
eoan:
sign_key: A14FE591
cosmic:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"42":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
eoan:
sign_key: A14FE591
cosmic:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"40":
bullseye:
sign_key: A14FE591
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
focal:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"34":
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
wheezy:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"32":
stretch:
sign_key: A14FE591
wheezy:
sign_key: 79EA5ED4
bionic:
sign_key: A14FE591
sonya:
sign_key: 79EA5ED4
serena:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"30":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
wheezy:
sign_key: 79EA5ED4
bionic:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"24":
jessie:
sign_key: 79EA5ED4
wheezy:
sign_key: 79EA5ED4
precise:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
"22":
squeeze:
sign_key: 79EA5ED4
wheezy:
sign_key: 79EA5ED4
precise:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
lucid:
sign_key: 79EA5ED4
suse:
"openSUSE Leap":
"42":
name: server:monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_Leap_{{ ansible_distribution_version }}/
python_libxml2_package: python-libxml2
"openSUSE":
"12":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_{{ ansible_distribution_version }}
python_libxml2_package: python-libxml2
"SLES":
"11":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/SLE_11_SP3/
python_libxml2_package: python-libxml2
"12":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/SLE_12_SP5/
python_libxml2_package: python-libxml2
"15":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/SLE_15_SP3/
python_libxml2_package: python3-libxml2-python

143
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/README.md Normal file
View File

@@ -0,0 +1,143 @@
# community.zabbix.zabbix_javagateway role
![Zabbix Javagateway](https://github.com/ansible-collections/community.zabbix/workflows/community.zabbix.zabbix_javagateway/badge.svg)
**Table of Contents**
- [Overview](#overview)
* [Operating systems](#operating-systems)
* [Zabbix Versions](#zabbix-versions)
- [Role Variables](#role-variables)
* [Main variables](#main-variables)
+ [Overall Zabbix](#overall-zabbix)
+ [Java Gatewaty](#java-gatewaty)
+ [proxy](#proxy)
- [Dependencies](#dependencies)
- [Example Playbook](#example-playbook)
- [Molecule](#molecule)
- [License](#license)
- [Author Information](#author-information)
# Overview
## Operating systems
This role will work on the following operating systems:
* Red Hat
* Debian
* Ubuntu
So, you'll need one of those operating systems.. :-)
Please send Pull Requests or suggestions when you want to use this role for other Operating systems.
## Zabbix Versions
See the following list of supported Operating systems with the Zabbix releases.
| Zabbix | 5.2 | 5.0 | 4.4 | 4.0 (LTS) | 3.0 (LTS) |
|---------------------|-----|-----|-----|-----------|-----------|
| Red Hat Fam 8 | V | V | V | | |
| Red Hat Fam 7 | V | V | V | V | V |
| Red Hat Fam 6 | V | V | | | V |
| Red Hat Fam 5 | V | V | | | V |
| Fedora | | | V | V | |
| Ubuntu 20.04 focal | V | V | | V | |
| Ubuntu 19.10 eoan | | | | | |
| Ubuntu 18.04 bionic | V | V | V | V | |
| Ubuntu 16.04 xenial | V | V | V | V | |
| Ubuntu 14.04 trusty | V | V | V | V | V |
| Debian 10 buster | V | V | V | | |
| Debian 9 stretch | V | V | V | V | |
| Debian 8 jessie | V | V | V | V | V |
| Debian 7 wheezy | | | | V | V |
| macOS 10.15 | | | V | V | |
| macOS 10.14 | | | V | V | |
# Role Variables
## Main variables
The following is an overview of all available configuration default for this role.
### Overall Zabbix
* `zabbix_javagateway_version`: This is the version of zabbix. Default: 5.2. Can be overridden to 5.0, 4.4, 4.0, 3.4, 3.2, 3.0, 2.4, or 2.2. Previously the variable `zabbix_version` was used directly but it could cause [some inconvenience](https://github.com/dj-wasabi/ansible-zabbix-agent/pull/303). That variable is maintained by retrocompativility.
* `zabbix_repo`: Default: `zabbix`
* `epel`: install agent from EPEL repo
* `zabbix`: (default) install agent from Zabbix repo
* `other`: install agent from pre-existing or other repo
* `zabbix_repo_yum`: A list with Yum repository configuration.
* `zabbix_repo_yum_schema`: Default: `https`. Option to change the web schema for the yum repository(http/https)
* `zabbix_repo_yum_disabled`: A string with repository names that should be disabled when installing Zabbix component specific packages. Is only used when `zabbix_repo_yum_enabled` contains 1 or more repositories. Default `*`.
* `zabbix_repo_yum_enabled`: A list with repository names that should be enabled when installing Zabbix component specific packages.
* `zabbix_javagateway_package_state`: Default: `present`. Can be overridden to `latest` to update packages when needed.
* `zabbix_javagateway_conf_mode`: Default: `0644`. The "mode" for the Zabbix configuration file.
### Java Gatewaty
* `zabbix_javagateway_pidfile`: Default: `/run/zabbix/zabbix_java_gateway.pid`. The location for the pid file.
* `zabbix_javagateway_listenip`: Default: `0.0.0.0`. The IP address to listen on.
* `zabbix_javagateway_listenport`: Default: `10052`. The port on which Java Gateway is listening on.
* `zabbix_javagateway_startpollers`: Default: `5`. The amount of pollers to start.
### proxy
When the target host does not have access to the internet, but you do have a proxy available then the following properties needs to be set to download the packages via the proxy:
* `zabbix_http_proxy`
* `zabbix_https_proxy`
# Dependencies
The java gateway can be installed on either the zabbix-server or the zabbix-proxy machine. So one of these should be installed. You'll need to provide an parameter in your playbook for using the javagateway.
When using the zabbix-server:
```yaml
roles:
- role: community.zabbix.zabbix_server
zabbix_server_javagateway: 192.168.1.2
```
or when using the zabbix-proxy:
```yaml
roles:
- role: community.zabbix.zabbix_proxy
zabbix_proxy_server: 192.168.1.1
zabbix_proxy_javagateway: 192.168.1.2
```
# Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```yaml
- hosts: zabbix-server
sudo: yes
roles:
- role: community.zabbix.zabbix_server
zabbix_server_javagateway: 192.168.1.2
- role: community.zabbix.zabbix_javagateway
```
# Molecule
This role is configured to be tested with Molecule. You can find on this page some more information regarding Molecule:
* http://werner-dijkerman.nl/2016/07/10/testing-ansible-roles-with-molecule-testinfra-and-docker/
* http://werner-dijkerman.nl/2016/07/27/extending-ansible-role-testing-with-molecule-by-adding-group_vars-dependencies-and-using-travis-ci/
* http://werner-dijkerman.nl/2016/07/31/testing-ansible-roles-in-a-cluster-setup-with-docker-and-molecule/
With each Pull Request, Molecule will be executed via travis.ci. Pull Requests will only be merged once these tests run successfully.
# License
GNU General Public License v3.0 or later
See LICENCE to see the full text.
# Author Information
Please send suggestion or pull requests to make this role better. Also let us know if you encounter any issues installing or using this role.
Github: https://github.com/ansible-collections/community.zabbix

34
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/defaults/main.yml Normal file
View File

@@ -0,0 +1,34 @@
---
# defaults file for zabbix_javagateway
zabbix_javagateway_version: 6.2
zabbix_version: "{{ zabbix_javagateway_version }}"
zabbix_javagateway_package_state: present
zabbix_selinux: false
zabbix_repo: zabbix
zabbix_repo_yum_schema: https
zabbix_java_gateway_conf_mode: "0644"
zabbix_repo_yum_gpgcheck: 0
zabbix_repo_yum_disabled: "*"
zabbix_repo_yum_enabled: []
zabbix_repo_yum:
- name: zabbix
description: Zabbix Official Repository - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version | regex_search('^[0-9]+.[0-9]+') }}/rhel/{{ ansible_distribution_major_version }}/$basearch/"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
mode: "0644"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
- name: zabbix-non-supported
description: Zabbix Official Repository non-supported - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/non-supported/rhel/{{ ansible_distribution_major_version }}/$basearch/"
mode: "0644"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
zabbix_javagateway_pidfile: /run/zabbix/zabbix_java_gateway.pid
zabbix_javagateway_listenip: 0.0.0.0
zabbix_javagateway_listenport: 10052
zabbix_javagateway_startpollers: 5

15
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/files/systemd.service Normal file
View File

@@ -0,0 +1,15 @@
[Unit]
Description=Zabbix Java Gateway
After=syslog.target
After=network.target
[Service]
Type=forking
KillMode=process
ExecStart=/usr/sbin/zabbix_java_gateway
SuccessExitStatus=143
User=zabbix
Group=zabbix
[Install]
WantedBy=multi-user.target

16
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/handlers/main.yml Normal file
View File

@@ -0,0 +1,16 @@
---
# handlers file for zabbix-javagateway
- name: zabbix-java-gateway restarted
service:
name: zabbix-java-gateway
state: restarted
enabled: true
become: true
- name: "clean repo files from proxy creds"
shell: ls /etc/yum.repos.d/zabbix* && sed -i 's/^proxy =.*//' /etc/yum.repos.d/zabbix* || true
become: true
when:
- ansible_os_family == 'RedHat'
- zabbix_http_proxy is defined or zabbix_https_proxy is defined

23
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/meta/main.yml Normal file
View File

@@ -0,0 +1,23 @@
---
galaxy_info:
author: Werner Dijkerman
description: Installing and maintaining zabbix-javagateway for RedHat/Debian/Ubuntu.
company: myCompany.Dotcom
license: license (GPLv3)
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Ubuntu
versions:
- lucid
- precise
- trusty
- name: Debian
versions:
- squeeze
- wheezy
galaxy_tags:
- monitoring

97
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,97 @@
---
- name: "Include Zabbix gpg ids"
include_vars: zabbix.yml
- name: "Set some variables"
set_fact:
zabbix_short_version: "{{ zabbix_javagateway_version | regex_replace('\\.', '') }}"
- name: "Debian | Install gpg key"
apt_key:
id: "{{ sign_keys[zabbix_short_version][ansible_distribution_release]['sign_key'] }}"
url: http://repo.zabbix.com/zabbix-official-repo.key
become: true
- name: "Debian | Installing repository Debian"
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version }}/debian/ {{ ansible_distribution_release }} main"
state: present
become: true
when:
- ansible_distribution == "Debian"
- zabbix_repo == "zabbix"
- name: "Debian | Installing repository Debian"
apt_repository:
repo: "deb-src http://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version }}/debian/ {{ ansible_distribution_release }} main"
state: present
become: true
when:
- ansible_distribution == "Debian"
- ansible_machine == "aarch64"
- zabbix_repo == "zabbix"
- name: "Debian | Installing repository Ubuntu"
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version }}/ubuntu-arm64/ {{ ansible_distribution_release }} main"
state: present
become: true
when:
- ansible_distribution == "Ubuntu"
- ansible_machine == "aarch64"
- zabbix_repo == "zabbix"
- name: "Debian | Installing repository Ubuntu"
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version }}/ubuntu/ {{ ansible_distribution_release }} main"
state: present
become: true
when:
- ansible_distribution == "Ubuntu"
- ansible_machine != "aarch64"
- zabbix_repo == "zabbix"
- name: "Debian | Installing repository Ubuntu"
apt_repository:
repo: "deb-src http://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version }}/ubuntu-arm64/ {{ ansible_distribution_release }} main"
state: present
become: true
when:
- ansible_distribution == "Ubuntu"
- ansible_machine == "aarch64"
- zabbix_repo == "zabbix"
- name: "Debian | Installing repository Ubuntu"
apt_repository:
repo: "deb-src http://repo.zabbix.com/zabbix/{{ zabbix_javagateway_version }}/ubuntu/ {{ ansible_distribution_release }} main"
state: present
become: true
when:
- ansible_distribution == "Ubuntu"
- zabbix_repo == "zabbix"
- name: "Debian | Installing zabbix-java-gateway"
apt:
pkg: zabbix-java-gateway
state: "{{ zabbix_javagateway_package_state }}"
update_cache: true
force: true
cache_valid_time: 3600
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_java_gateway_install
until: zabbix_java_gateway_install is succeeded
become: true
- name: "Make sure Zabbix Java Gateway is not yet running"
systemd:
name: zabbix-java-gateway
state: stopped
enabled: true
daemon_reload: true
when:
- zabbix_java_gateway_install.changed

34
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,34 @@
---
# Tasks specific for RedHat systems
- name: "RedHat | Install basic repo file"
yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
gpgcheck: "{{ item.gpgcheck }}"
gpgkey: "{{ item.gpgkey }}"
mode: "{{ item.mode | default('0644') }}"
priority: "{{ item.priority | default('98') }}"
state: "{{ item.state | default('present') }}"
proxy: "{{ zabbix_http_proxy | default(omit) }}"
with_items: "{{ zabbix_repo_yum }}"
register: yum_repo_installed
become: true
when:
zabbix_repo == "zabbix"
notify:
- "clean repo files from proxy creds"
- name: "RedHat | Installing zabbix-java-gateway"
package:
pkg: zabbix-java-gateway
state: "{{ zabbix_javagateway_package_state }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_java_gateway_install
until: zabbix_java_gateway_install is succeeded
become: true

46
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/tasks/main.yml Normal file
View File

@@ -0,0 +1,46 @@
---
# tasks file for zabbix_proxy
- name: "Install the correct repository"
include_tasks: "RedHat.yml"
when:
- ansible_os_family == "RedHat"
- name: "Install the correct repository"
include_tasks: "Debian.yml"
when:
- ansible_os_family == "Debian"
- name: "Place systemd unit file"
copy:
src: systemd.service
dest: /etc/systemd/system/zabbix-java-gateway.service
mode: '0644'
register: systemd_state
when:
- zabbix_version is version('5.4', '<')
- name: "Reload systemd"
shell: systemctl daemon-reload
when:
- zabbix_version is version('5.4', '<')
- systemd_state.changed
tags:
- skip_ansible_lint
- name: "Configure zabbix-proxy"
template:
src: zabbix_java_gateway.conf.j2
dest: /etc/zabbix/zabbix_java_gateway.conf
owner: zabbix
group: zabbix
mode: "{{ zabbix_java_gateway_conf_mode }}"
notify:
- zabbix-java-gateway restarted
- name: "Make sure Zabbix Java Gateway is running"
systemd:
name: zabbix-java-gateway
state: started
enabled: true
daemon_reload: true

12
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/templates/zabbix_java_gateway.conf.j2 Normal file
View File

@@ -0,0 +1,12 @@
{{ ansible_managed | comment }}
# This is a configuration file for Zabbix Java Gateway
# To get more information about Zabbix, visit http://www.zabbix.com
# This configuration file is "minimalized", which means all the original comments
# are removed. The full documentation for your Zabbix Java Gateway can be found here:
# https://www.zabbix.com/documentation/{{ zabbix_version }}/en/manual/concepts/java
LISTEN_IP={{ zabbix_javagateway_listenip }}
LISTEN_PORT={{ zabbix_javagateway_listenport }}
PID_FILE={{ zabbix_javagateway_pidfile }}
START_POLLERS={{ zabbix_javagateway_startpollers }}

6
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/vars/Debian.yml Normal file
View File

@@ -0,0 +1,6 @@
---
apache_user: www-data
apache_group: www-data
apache_log: apache2
mysql_create_dir: ''

6
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/vars/RedHat.yml Normal file
View File

@@ -0,0 +1,6 @@
---
apache_user: apache
apache_group: apache
apache_log: httpd
mysql_create_dir: create/

2
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for zabbix_javagateway

241
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_javagateway/vars/zabbix.yml Normal file
View File

@@ -0,0 +1,241 @@
---
sign_keys:
"62":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
jammy:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
"60":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
jammy:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
"54":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"52":
# bullseye: not available upstream
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"50":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"44":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
focal:
sign_key: A14FE591
eoan:
sign_key: A14FE591
cosmic:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"42":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
eoan:
sign_key: A14FE591
cosmic:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"40":
bullseye:
sign_key: A14FE591
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
focal:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"34":
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
wheezy:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"32":
stretch:
sign_key: A14FE591
wheezy:
sign_key: 79EA5ED4
bionic:
sign_key: A14FE591
sonya:
sign_key: 79EA5ED4
serena:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"30":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
wheezy:
sign_key: 79EA5ED4
bionic:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"24":
jessie:
sign_key: 79EA5ED4
wheezy:
sign_key: 79EA5ED4
precise:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
"22":
squeeze:
sign_key: 79EA5ED4
wheezy:
sign_key: 79EA5ED4
precise:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
lucid:
sign_key: 79EA5ED4
suse:
"openSUSE Leap":
"42":
name: server:monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_Leap_{{ ansible_distribution_version }}/
"openSUSE":
"12":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_{{ ansible_distribution_version }}
"SLES":
"11":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/SLE_11_SP3/
"12":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/SLE_12_SP3/

386
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/README.md Normal file
View File

@@ -0,0 +1,386 @@
# community.zabbix.zabbix_proxy role
![Zabbix Proxy](https://github.com/ansible-collections/community.zabbix/workflows/community.zabbix.zabbix_proxy/badge.svg)
**Table of Contents**
- [Overview](#overview)
* [Operating systems](#operating-systems)
* [Zabbix Versions](#zabbix-versions)
- [Role Variables](#role-variables)
* [Main variables](#main-variables)
+ [Overall Zabbix](#overall-zabbix)
+ [SElinux](#selinux)
+ [Zabbix Proxy](#zabbix-proxy)
+ [Database specific](#database-specific)
+ [TLS Specific configuration](#tls-specific-configuration)
* [proxy](#proxy)
* [Database](#database)
+ [MySQL](#mysql)
- [Local Setup](#local-setup)
- [Separate Setup](#separate-setup)
+ [PostgreSQL](#postgresql)
- [Local Setup](#local-setup-1)
- [Separate Setup](#separate-setup-1)
+ [SQLite3](#sqlite3)
* [Zabbix API variables](#zabbix-api-variables)
- [Example Playbook](#example-playbook)
- [Molecule](#molecule)
- [License](#license)
- [Author Information](#author-information)
# Overview
## Operating systems
This role will work on the following operating systems:
* Red Hat
* Debian
* Ubuntu
So, you'll need one of those operating systems.. :-)
Please send Pull Requests or suggestions when you want to use this role for other Operating systems.
# Requirements
## Ansible 2.10 and higher
With the release of Ansible 2.10, modules have been moved into collections. With the exception of ansible.builtin modules, this means additonal collections must be installed in order to use modules such as seboolean (now ansible.posix.seboolean). The following collection is now required: `ansible.posix`. Installing the collection:
```sh
ansible-galaxy collection install ansible.posix
```
If you are willing to create proxy in Zabbix via API as a part of this role execution then you need to install `ansible.netcommon` collection too:
```
ansible-galaxy collection install ansible.netcommon
```
### MySQL
When you are a MySQL user and using Ansible 2.10 or newer, then there is a dependency on the collection named `community.mysql`. This collections are needed as the `mysql_` modules are now part of collections and not standard in Ansible anymmore. Installing the collection:
```sh
ansible-galaxy collection install community.mysql
```
### PostgreSQL
When you are a PostgreSQL user and using Ansible 2.10 or newer, then there is a dependency on the collection named `community.postgresql`. This collections are needed as the `postgresql_` modules are now part of collections and not standard in Ansible anymmore. Installing the collection:
```sh
ansible-galaxy collection install community.postgresql
```
## Zabbix Versions
See the following list of supported Operating systems with the Zabbix releases.
| Zabbix | 6.2 | 6.0 | 5.4 | 5.2 | 5.0 (LTS)| 4.4 | 4.0 (LTS) | 3.0 (LTS) |
|---------------------|-----|-----|-----|-----|-----------|-----|-----------|-----------|
| Red Hat Fam 9 | V | V | | | | | | |
| Red Hat Fam 8 | V | V | V | V | V | V | | |
| Red Hat Fam 7 | V | V | V | V | V | V | V | V |
| Red Hat Fam 6 | | | | V | V | | | V |
| Red Hat Fam 5 | | | | V | V | | | V |
| Fedora | | | | | | V | V | |
| Ubuntu 20.04 focal | V | V | V | V | V | | V | |
| Ubuntu 18.04 bionic | | V | V | V | V | V | V | |
| Ubuntu 16.04 xenial | | | | V | V | V | V | |
| Ubuntu 14.04 trusty | | | | V | V | V | V | V |
| Debian 10 buster | | V | V | V | V | V | | |
| Debian 9 stretch | | V | V | V | V | V | V | |
| Debian 8 jessie | | | | V | V | V | V | V |
| Debian 7 wheezy | | | | | | | V | V |
| macOS 10.15 | | | | | | V | V | |
| macOS 10.14 | | | | | | V | V | |
# Role Variables
## Main variables
The following is an overview of all available configuration default for this role.
### Overall Zabbix
* `zabbix_proxy_version`: This is the version of zabbix. Default: The highest supported version for the operating system. Can be overridden to 6.2, 6.0, 5.4, 5.2, 5.0, 4.4, 4.0, 3.4, 3.2, 3.0, 2.4, or 2.2. Previously the variable `zabbix_version` was used directly but it could cause [some inconvenience](https://github.com/dj-wasabi/ansible-zabbix-agent/pull/303). That variable is maintained by retrocompativility.
* `zabbix_proxy_version_minor`: When you want to specify a minor version to be installed. RedHat only. Default set to: `*` (latest available)
* `zabbix_repo`: Default: `zabbix`
* `epel`: install agent from EPEL repo
* `zabbix`: (default) install agent from Zabbix repo
* `other`: install agent from pre-existing or other repo
* `zabbix_repo_yum`: A list with Yum repository configuration.
* `zabbix_repo_yum_schema`: Default: `https`. Option to change the web schema for the yum repository(http/https)
* `zabbix_repo_yum_disabled`: A string with repository names that should be disabled when installing Zabbix component specific packages. Is only used when `zabbix_repo_yum_enabled` contains 1 or more repositories. Default `*`.
* `zabbix_repo_yum_enabled`: A list with repository names that should be enabled when installing Zabbix component specific packages.
### SElinux
* `zabbix_selinux`: Default: `False`. Enables an SELinux policy so that the Proxy will run.
### Zabbix Proxy
* `zabbix_proxy_ip`: The IP address of the host. When not provided, it will be determined via the `ansible_default_ipv4` fact.
* `zabbix_proxy_server`: The ip or dns name for the zabbix-server machine.
* `zabbix_proxy_serverport`: The port on which the zabbix-server is running. Default: 10051
* `*zabbix_proxy_package_state`: Default: `present`. Can be overridden to `latest` to update packages
* `zabbix_proxy_install_database_client`: Default: `True`. False does not install database client.
* `zabbix_proxy_become_on_localhost`: Default: `True`. Set to `False` if you don't need to elevate privileges on localhost to install packages locally with pip.
* `zabbix_proxy_manage_service`: Default: `True`. When you run multiple Zabbix proxies in a High Available cluster setup (e.g. pacemaker), you don't want Ansible to manage the zabbix-proxy service, because Pacemaker is in control of zabbix-proxy service.
* `zabbix_install_pip_packages`: Default: `True`. Set to `False` if you don't want to install the required pip packages. Useful when you control your environment completely.
* `zabbix_proxy_startpreprocessors`: Number of pre-forked instances of preprocessing workers. The preprocessing manager process is automatically started when a preprocessor worker is started.This parameter is supported since Zabbix 4.2.0.
* `zabbix_proxy_username`: Default: `zabbix`. The name of the account on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_proxy_logtype`: Specifies where log messages are written to: system, file, console.
* `zabbix_proxy_logfile`: Name of log file.
* `zabbix_proxy_userid`: The UID of the account on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_proxy_groupname`: Default: `zabbix`. The name of the group of the user on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_proxy_groupid`: The GID of the group on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_proxy_include_mode`: Default: `0755`. The "mode" for the directory configured with `zabbix_proxy_include`.
* `zabbix_proxy_conf_mode`: Default: `0644`. The "mode" for the Zabbix configuration file.
* `zabbix_proxy_statsallowedip`: Default: `127.0.0.1`. Allowed IP foe remote gathering of the ZabbixPorixy internal metrics.
* `zabbix_proxy_vaulttoken`: Vault authentication token that should have been generated exclusively for Zabbix server with read only permission
* `zabbix_proxy_vaulturl`: Vault server HTTP[S] URL. System-wide CA certificates directory will be used if SSLCALocation is not specified.
* `zabbix_proxy_vaultdbpath`: Vault path from where credentials for database will be retrieved by keys 'password' and 'username'.
* `zabbix_proxy_listenbacklog`: The maximum number of pending connections in the queue.
### Database specific
* `zabbix_proxy_dbhost_run_install`: Default: `True`. When set to `True`, sql files will be executed on the host running the database.
* `zabbix_proxy_database`: Default: `mysql`. The type of database used. Can be: `mysql`, `pgsql` or `sqlite3`
* `zabbix_proxy_database_long`: Default: `mysql`. The type of database used, but long name. Can be: `mysql`, `postgresql` or `sqlite3`
* `zabbix_proxy_dbhost`: The hostname on which the database is running. Will be ignored when `sqlite3` is used as database.
* `zabbix_proxy_real_dbhost`: The hostname of the dbhost that is running behind a loadbalancer/VIP (loadbalancers doesn't accept ssh connections) Will be ignored when `sqlite3` is used as database.
* `zabbix_proxy_dbname`: The database name which is used by the Zabbix Proxy.
* `zabbix_proxy_dbuser`: The database username which is used by the Zabbix Proxy. Will be ignored when `sqlite3` is used as database.
* `zabbix_proxy_dbpassword`: The database user password which is used by the Zabbix Proxy. Will be ignored when `sqlite3` is used as database.
* `zabbix_proxy_dbport`: The database port which is used by the Zabbix Proxy. Will be ignored when `sqlite3` is used as database.
* `zabbix_database_creation`: Default: `True`. When you don't want to create the database including user, you can set it to False.
* `zabbix_proxy_install_database_client`: Default: `True`. False does not install database client. Default true
* `zabbix_database_sqlload`:True / False. When you don't want to load the sql files into the database, you can set it to False.
* `zabbix_proxy_dbencoding`: Default: `utf8`. The encoding for the MySQL database.
* `zabbix_proxy_dbcollation`: Default: `utf8_bin`. The collation for the MySQL database.zabbix_proxy_
* `zabbix_server_allowunsupporteddbversions`: Allow proxy to work with unsupported database versions.
### TLS Specific configuration
These variables are specific for Zabbix 3.0 and higher:
* `zabbix_proxy_tlsconnect`: How the agent should connect to server or proxy. Used for active checks.
Possible values:
* unencrypted
* psk
* cert
* `zabbix_proxy_tlsaccept`: What incoming connections to accept.
Possible values:
* unencrypted
* psk
* cert
* `zabbix_proxy_tlscafile`: Full pathname of a file containing the top-level CA(s) certificates for peer certificate verification.
* `zabbix_proxy_tlscrlfile`: Full pathname of a file containing revoked certificates.
* `zabbix_proxy_tlsservercertissuer`: Allowed server certificate issuer.
* `zabbix_proxy_tlsservercertsubject`: Allowed server certificate subject.
* `zabbix_proxy_tlscertfile`: Full pathname of a file containing the agent certificate or certificate chain.
* `zabbix_proxy_tlskeyfile`: Full pathname of a file containing the agent private key.
* `zabbix_proxy_dbtlsconnect`: Setting this option enforces to use TLS connection to database:
`required` - connect using TLS
`verify_ca` - connect using TLS and verify certificate
`verify_full` - connect using TLS, verify certificate and verify that database identity specified by DBHost matches its certificate
On `MySQL` starting from 5.7.11 and `PostgreSQL` the following values are supported: `required`, `verify`, `verify_full`. On MariaDB starting from version 10.2.6 `required` and `verify_full` values are supported.
By default not set to any option and the behaviour depends on database configuration.
This parameter is supported since Zabbix 5.0.0.
* `zabbix_proxy_dbtlscafile`: Full pathname of a file containing the top-level CA(s) certificates for database certificate verification. This parameter is supported since Zabbix 5.0.0.
* `zabbix_proxy_dbtlscertfile`: Full pathname of file containing Zabbix Proxy certificate for authenticating to database. This parameter is supported since Zabbix 5.0.0.
* `zabbix_proxy_dbtlskeyfile`: Full pathname of file containing the private key for authenticating to database. This parameter is supported since Zabbix 5.0.0.
* `zabbix_proxy_dbtlscipher`: The list of encryption ciphers that Zabbix Proxy permits for TLS protocols up through TLSv1.2. Supported only for MySQL.This parameter is supported since Zabbix 5.0.0.
* `zabbix_proxy_dbtlscipher13`: The list of encryption ciphersuites that Zabbix Proxy permits for TLSv1.3 protocol. Supported only for MySQL, starting from version 8.0.16. This parameter is supported since Zabbix 5.0.0.
## proxy
When the target host does not have access to the internet, but you do have a proxy available then the following properties needs to be set to download the packages via the proxy:
* `zabbix_http_proxy`
* `zabbix_https_proxy`
## Database
With Zabbix Proxy you can make use of 2 different databases:
* `mysql`
* `postgresql`
* `SQLite3`
In the following paragraphs we dive into both setups.
### MySQL
To make the Zabbix Proxy work with a `MySQL` database, there are 2 types on setup:
1. Local setup, `MySQL` running on same host as the Zabbix Proxy;
2. Separate setup, `MySQL` running on a different host than the Zabbix Proxy.
#### Local Setup
We need to have the following dependencies met:
1. Find an (Ansible) role that will install a `MySQL` instance on the host. Example: `geerlingguy.mysql` can be used, but also others can be used. Please make sure that before installing the Zabbix Proxy, you have a fully functional `MySQL` instance running.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_proxy_database: mysql
zabbix_proxy_database_long: mysql
zabbix_proxy_dbport: 3306
zabbix_proxy_dbpassword: <SOME_SECRET_STRING>
```
Please generate a value for the `zabbix_proxy_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-proxy role will create an database and username (With the provided value for the password) in `MySQL`.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Proxy with `MySQL` will be running.
#### Separate Setup
We need to have the following dependencies met:
1. We need to either have a `MySQL` instance running somewhere in the environment. If this is the case, we need to have a username/password combination that is allowed to create a database and an user account. If there isn't one, please make sure there is one.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_proxy_database: mysql
zabbix_proxy_database_long: mysql
zabbix_proxy_dbport: 3306
zabbix_proxy_dbhost: mysql-host
zabbix_proxy_dbhost_run_install: false
zabbix_proxy_dbpassword: <SOME_SECRET_STRING>
zabbix_proxy_privileged_host: '%'
zabbix_proxy_mysql_login_host: mysql-host
zabbix_proxy_mysql_login_user: root
zabbix_proxy_mysql_login_password: changeme
zabbix_proxy_mysql_login_port: 3306
```
Please generate a value for the `zabbix_proxy_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-proxy role will create an database and username (With the provided value for the password) in `MySQL`.
The `zabbix_proxy_privileged_host` can be set to the hostname/ip of the host running Zabbix Proxy for security related purposes. Also make sure that `zabbix_proxy_mysql_login_password` is set to the correct password for the user provided with `zabbix_proxy_mysql_login_host` to create a database and user in the `MySQL` instance.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Proxy with `MySQL` on a different host will be running.
### PostgreSQL
To make the Zabbix Proxy work with a `PgSQL` database, there are 2 types on setup:
1. Local setup, `PgSQL` running on same host as the Zabbix Proxy;
2. Separate setup, `PgSQL` running on a different host than the Zabbix Proxy.
#### Local Setup
We need to have the following dependencies met:
1. Find an (Ansible) role that will install a `PgSQL` instance on the host. Example: `geerlingguy.postgresql` can be used, but also others can be used. Please make sure that before installing the Zabbix Proxy, you have a fully functional `PgSQL` instance running.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_proxy_database: pgsql
zabbix_proxy_database_long: postgresql
zabbix_proxy_dbport: 5432
zabbix_proxy_dbpassword: <SOME_SECRET_STRING>
```
Please generate a value for the `zabbix_proxy_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-proxy role will create an database and username (With the provided value for the password) in `PgSQL`.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Proxy with `PgSQL` will be running.
#### Separate Setup
We need to have the following dependencies met:
1. We need to either have a `PgSQL` instance running somewhere in the environment. If this is the case, we need to have a username/password combination that is allowed to create a database and an user account. If there isn't one, please make sure there is one.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_proxy_database: pgsql
zabbix_proxy_database_long: postgresql
zabbix_proxy_dbport: 5432
zabbix_proxy_dbhost: pgsql-host
zabbix_proxy_dbhost_run_install: false
zabbix_proxy_dbpassword: <SOME_SECRET_STRING>
zabbix_proxy_privileged_host: '%'
zabbix_proxy_pgsql_login_host: pgsql-host
zabbix_proxy_pgsql_login_user: postgres
zabbix_proxy_pgsql_login_password: changeme
zabbix_proxy_pgsql_login_port: 5432
```
Please generate a value for the `zabbix_proxy_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-proxy role will create an database and username (With the provided value for the password) in `PgSQL`.
The `zabbix_proxy_privileged_host` can be set to the hostname/ip of the host running Zabbix Proxy for security related purposes. Also make sure that `zabbix_proxy_mysql_login_password` is set to the correct password for the user provided with `zabbix_proxy_mysql_login_host` to create a database and user in the `PgSQL` instance.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Proxy with `PgSQL` on a different host will be running.zabbix_proxy_
### SQLite3
The SQLite3 can only be used on the same host as on which the Zabbix Proxy is running. If you want to use a seperate host for running the database for the proxy, please consider going for MySQL or PostGreSQL.
The following properties needs to be set when using `SQLite3` as the database:
```yaml
zabbix_proxy_database: sqlite3
zabbix_proxy_database_long: sqlite3
zabbix_proxy_dbname: /path/to/sqlite3.db
```
NOTE: When using `zabbix_proxy_dbname: zabbix_proxy` (Which is default with this role), it will automatically be stored on `/var/lib/zabbix/zabbix_proxy.db`
## Zabbix API variables
These variables need to be overridden when you want to make use of the Zabbix API for automatically creating and or updating proxies, i.e. when `zabbix_api_create_proxy` is set to `True`.
* `zabbix_api_http_user`: The http user to access zabbix url with Basic Auth.
* `zabbix_api_http_password`: The http password to access zabbix url with Basic Auth.
* `zabbix_api_server_host`: The IP or hostname/FQDN of Zabbix server. Example: zabbix.example.com
* `zabbix_api_server_port`: TCP port to use to connect to Zabbix server. Example: 8080
* `zabbix_api_use_ssl`: yes (Default) if we need to connect to Zabbix server over HTTPS
* `zabbix_api_validate_certs` : yes (Default) if we need to validate tls certificates of the API. Use `no` in case self-signed certificates are used
* `zabbix_api_login_user`: Username of user which has API access.
* `zabbix_api_login_pass`: Password for the user which has API access.
* `ansible_zabbix_url_path`: URL path if Zabbix WebUI running on non-default (zabbix) path, e.g. if http://<FQDN>/zabbixeu then set to `zabbixeu`
* `zabbix_api_create_proxy`: When you want to enable the Zabbix API to create/delete the proxy. This has to be set to `True` if you want to make use of `zabbix_proxy_state`. Default: `False`
* `zabbix_proxy_name`: name of the Zabbix proxy as it is seen by Zabbix server
* `zabbix_proxy_state`: present (Default) if the proxy needs to be created or absent if you want to delete it. This only works when `zabbix_api_create_proxy` is set to `True`.
* `zabbix_proxy_status`: active (Default) if the proxy needs to be active or passive.
* `zabbix_api_timeout`: timeout for API calls (default to 30 seconds)
# Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```yaml
- hosts: zabbix-proxy
roles:
- role: community.zabbix.zabbix_proxy
zabbix_proxy_server: 192.168.1.1
zabbix_proxy_database: mysql
zabbix_proxy_database_long: mysql
```
# Molecule
This role is configured to be tested with Molecule. You can find on this page some more information regarding Molecule:
* http://werner-dijkerman.nl/2016/07/10/testing-ansible-roles-with-molecule-testinfra-and-docker/
* http://werner-dijkerman.nl/2016/07/27/extending-ansible-role-testing-with-molecule-by-adding-group_vars-dependencies-and-using-travis-ci/
* http://werner-dijkerman.nl/2016/07/31/testing-ansible-roles-in-a-cluster-setup-with-docker-and-molecule/
With each Pull Request, Molecule will be executed via travis.ci. Pull Requests will only be merged once these tests run successfully.
# License
GNU General Public License v3.0 or later
See LICENCE to see the full text.
# Author Information
Please send suggestion or pull requests to make this role better. Also let us know if you encounter any issues installing or using this role.
Github: https://github.com/ansible-collections/community.zabbix

196
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/defaults/main.yml Normal file
View File

@@ -0,0 +1,196 @@
---
# defaults file for zabbix_proxy
# zabbix_proxy_version: 6.0
zabbix_proxy_version_minor: "*"
zabbix_version: "{{ zabbix_proxy_version }}"
zabbix_selinux: false
# These variables are optional. They specify the version of Zabbix proxy package.
# zabbix_proxy_rhel_version: 4.4.4
# zabbix_proxy_debian_version: 1:4.4.4-1+stretch
# zabbix_proxy_ubuntu_version: 1:4.4.4-1+xenial
zabbix_repo: zabbix
zabbix_proxy_apt_priority:
zabbix_proxy_package_state: present
zabbix_proxy_install_recommends: true
zabbix_proxy_install_database_client: true
zabbix_install_pip_packages: true
zabbix_repo_yum_schema: https
zabbix_proxy_conf_mode: "0644"
zabbix_repo_yum_gpgcheck: 0
zabbix_repo_yum_disabled: "*"
zabbix_repo_yum_enabled: []
zabbix_repo_yum:
- name: zabbix
description: Zabbix Official Repository - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/zabbix/{{ zabbix_version | regex_search('^[0-9]+.[0-9]+') }}/rhel/{{ ansible_distribution_major_version }}/$basearch/"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
mode: "0644"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
- name: zabbix-non-supported
description: Zabbix Official Repository non-supported - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/non-supported/rhel/{{ ansible_distribution_major_version }}/$basearch/"
mode: "0644"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
# User (EPEL specific)
zabbix_proxy_username: zabbix
zabbix_proxy_groupname: zabbix
zabbix_server_host: 192.168.1.1 # Will be deprecated in 2.0.0
zabbix_proxy_server: "{{ zabbix_server_host }}"
zabbix_server_port: 10051 # Will be deprecated in 2.0.0
zabbix_proxy_serverport: "{{ zabbix_server_port }}"
zabbix_database_creation: true
zabbix_database_sqlload: true
zabbix_proxy_dbtlsconnect:
zabbix_proxy_dbtlscafile:
zabbix_proxy_dbtlscertfile:
zabbix_proxy_dbtlskeyfile:
zabbix_proxy_dbtlscipher:
zabbix_proxy_dbtlscipher13:
zabbix_proxy_allowunsupporteddbversions: 0
# Some role specific vars
zabbix_proxy_database: mysql
zabbix_proxy_database_long: mysql
# zabbix_proxy_database: pgsql
# zabbix_proxy_database_long: postgresql
# zabbix_proxy_database: sqlite3
# zabbix_proxy_database_long: sqlite3
# zabbix-proxy specific vars
zabbix_proxy_mode: 0
zabbix_proxy_hostname: "{{ inventory_hostname }}"
zabbix_proxy_listenport: 10051
zabbix_proxy_sourceip:
zabbix_proxy_logtype: file
zabbix_proxy_logfile: /var/log/zabbix/zabbix_proxy.log
zabbix_proxy_logfilesize: 10
zabbix_proxy_enableremotecommands: 0
zabbix_proxy_debuglevel: 3
zabbix_proxy_pidfile: /var/run/zabbix/zabbix_proxy.pid
zabbix_proxy_socketdir: /var/run/zabbix
zabbix_proxy_dbencoding: utf8
zabbix_proxy_dbcollation: utf8_bin
zabbix_proxy_dbhost: localhost
zabbix_proxy_dbname: zabbix_proxy
zabbix_proxy_dbschema:
zabbix_proxy_dbuser: zabbix_proxy
zabbix_proxy_dbpassword: zabbix_proxy
zabbix_proxy_dbsocket:
zabbix_proxy_dbport: 5432
zabbix_proxy_startodbcpollers: 1
zabbix_proxy_dbhost_run_install: true
zabbix_proxy_privileged_host: localhost
zabbix_proxy_localbuffer: 0 # Will be deprecated in 2.0.0
zabbix_proxy_proxylocalbuffer: "{{ zabbix_proxy_localbuffer }}"
zabbix_proxy_offlinebuffer: 1 # Will be deprecated in 2.0.0
zabbix_proxy_proxyofflinebuffer: "{{ zabbix_proxy_offlinebuffer }}"
zabbix_proxy_heartbeatfrequency: 60
zabbix_proxy_configfrequency: 3600
zabbix_proxy_datasenderfrequency: 1
zabbix_proxy_startpollers: 5
zabbix_proxy_startipmipollers: 0
zabbix_proxy_startpollersunreachable: 1
zabbix_proxy_starttrappers: 5
zabbix_proxy_startpingers: 1
zabbix_proxy_startdiscoverers: 1
zabbix_proxy_starthttppollers: 1
zabbix_proxy_startpreprocessors: 3
zabbix_proxy_javagateway:
zabbix_proxy_javagatewayport: 10052
zabbix_proxy_startjavapollers: 5
zabbix_proxy_startvmwarecollector: 0
zabbix_proxy_vmwarefrequency: 60
zabbix_proxy_vmwarecachesize: 8
zabbix_proxy_snmptrapperfile: /tmp/zabbix_traps.tmp
zabbix_proxy_snmptrapper: 0
zabbix_proxy_listenip:
zabbix_proxy_housekeepingfrequency: 1
zabbix_proxy_cachesize: 8
zabbix_proxy_startdbsyncers: 4
zabbix_proxy_historycachesize: 8
zabbix_proxy_historyindexcachesize: 4
zabbix_proxy_historytextcachesize: 16
zabbix_proxy_timeout: 3
zabbix_proxy_trappertimeout: 300
zabbix_proxy_unreachableperiod: 45
zabbix_proxy_unavaliabledelay: 60
zabbix_proxy_unreachabedelay: 15
zabbix_proxy_externalscripts: /usr/lib/zabbix/externalscripts
zabbix_proxy_fpinglocation: /usr/sbin/fping
zabbix_proxy_fping6location: /usr/sbin/fping6
zabbix_proxy_sshkeylocation:
zabbix_proxy_loglowqueries: 0
zabbix_proxy_tmpdir: /tmp
zabbix_proxy_allowroot: 0
zabbix_proxy_include: /etc/zabbix/zabbix_proxy.conf.d
zabbix_proxy_include_mode: "0755"
zabbix_proxy_libdir: /usr/lib/zabbix
zabbix_proxy_loadmodulepath: "{{ zabbix_proxy_libdir }}/modules"
zabbix_proxy_manage_service: true
zabbix_proxy_statsallowedip: "127.0.0.1"
zabbix_proxy_vaulttoken:
zabbix_proxy_vaulturl: https://127.0.0.1:8200
zabbix_proxy_vaultdbpath:
zabbix_proxy_listenbacklog:
# TLS settings
zabbix_proxy_tlsconnect:
zabbix_proxy_tlsaccept:
zabbix_proxy_tlscafile:
zabbix_proxy_tlscrlfile:
zabbix_proxy_tlsservercertissuer:
zabbix_proxy_tlsservercertsubject:
zabbix_proxy_tls_subject: "{{ zabbix_proxy_tlsservercertsubject }}" # FIXME this is not correct and should be removed with 2.0.0, here only to prevent regression
zabbix_proxy_tlscertfile:
zabbix_proxy_tlskeyfile:
zabbix_proxy_tlspskidentity:
zabbix_proxy_tls_config:
no_encryption: "no_encryption"
psk: "PSK"
cert: "certificate"
# Zabbix API stuff
zabbix_validate_certs: true # Will be deprecated in 2.0.0
zabbix_api_validate_certs: "{{ zabbix_validate_certs }}"
zabbix_url: http://localhost # Will be deprecated in 2.0.0
zabbix_api_server_url: "{{ zabbix_url }}"
zabbix_api_server_host: "{{ zabbix_api_server_url | urlsplit('hostname') }}"
zabbix_api_port_from_url: "{{ zabbix_api_server_port | default(zabbix_api_server_url | urlsplit('port')) }}"
zabbix_api_scheme_from_url: "{{ zabbix_api_server_url | urlsplit('scheme') }}"
zabbix_api_port_from_shema: "{{ (zabbix_api_scheme_from_url == 'https') | ternary(443, 80) }}"
# zabbix_http_user: admin # Will be deprecated in 2.0.0
# zabbix_http_password: admin # Will be deprecated in 2.0.0
# zabbix_api_http_user: admin
# zabbix_api_http_password: admin
zabbix_api_user: Admin # Will be deprecated in 2.0.0
zabbix_api_pass: !unsafe zabbix # Will be deprecated in 2.0.0
zabbix_api_login_user: "{{ zabbix_api_user }}"
zabbix_api_login_pass: "{{ zabbix_api_pass }}"
ansible_httpapi_pass: "{{ zabbix_api_login_pass }}"
ansible_network_os: community.zabbix.zabbix
ansible_httpapi_port: "{{ (zabbix_api_port_from_url == '') | ternary(zabbix_api_port_from_shema, zabbix_api_port_from_url) }}"
ansible_httpapi_use_ssl: "{{ zabbix_api_use_ssl | default((zabbix_api_scheme_from_url == 'https') | ternary(true, false)) }}"
ansible_httpapi_validate_certs: "{{ zabbix_api_validate_certs }}"
zabbix_api_create_proxy: false
zabbix_api_timeout: 30
zabbix_create_proxy: present # or absent # Will be deprecated in 2.0.0
zabbix_proxy_state: "{{ zabbix_create_proxy }}"
zabbix_proxy_status: active # or passive
zabbix_useuip: 1
zabbix_proxy_become_on_localhost: true
zabbix_proxy_interface:
useip: "{{ zabbix_useuip }}"
ip: "{{ zabbix_proxy_ip }}"
dns: "{{ ansible_fqdn }}"
port: "{{ zabbix_proxy_listenport }}"

BIN
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/files/install_semodule.bsx Executable file
View File

Binary file not shown.

29
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/handlers/main.yml Normal file
View File

@@ -0,0 +1,29 @@
---
# handlers file for zabbix-proxy
- name: restart zabbix-proxy
service:
name: zabbix-proxy
state: restarted
enabled: true
become: true
when:
- zabbix_proxy_manage_service | bool
- zabbix_repo != 'epel'
- name: restart zabbix-proxy
service:
name: zabbix-proxy-mysql{{ zabbix_proxy_database_long }}
state: restarted
enabled: true
become: true
when:
- zabbix_proxy_manage_service | bool
- zabbix_repo == 'epel'
- name: "clean repo files from proxy creds"
shell: ls /etc/yum.repos.d/zabbix* && sed -i 's/^proxy =.*//' /etc/yum.repos.d/zabbix* || true
become: true
when:
- ansible_os_family == 'RedHat'
- zabbix_http_proxy is defined or zabbix_https_proxy is defined

27
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/meta/main.yml Normal file
View File

@@ -0,0 +1,27 @@
---
galaxy_info:
author: Werner Dijkerman
description: Installing and maintaining zabbix-proxy for RedHat/Debian/Ubuntu.
company: myCompany.Dotcom
license: MIT
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Ubuntu
versions:
- lucid
- precise
- trusty
- name: Debian
versions:
- squeeze
- wheezy
- stretch
galaxy_tags:
- zabbix
- monitoring
dependencies: []

3
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/requirements.yml Normal file
View File

@@ -0,0 +1,3 @@
---
- src: geerlingguy.mysql
- src: geerlingguy.postgresql

289
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,289 @@
---
- name: "Include Zabbix gpg ids"
include_vars: zabbix.yml
- name: "Set some variables"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
zabbix_proxy_apt_repository:
- "http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution.lower() }}/"
- "{{ ansible_distribution_release }}"
- "main"
zabbix_underscore_version: "{{ zabbix_version | regex_replace('\\.', '_') }}"
zabbix_python_prefix: "python{% if ansible_python_version is version('3', '>=') %}3{% endif %}"
when:
- ansible_machine != "aarch64"
- name: "Set some variables"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
zabbix_proxy_apt_repository:
- "http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution.lower() }}-arm64/"
- "{{ ansible_distribution_release }}"
- "main"
zabbix_underscore_version: "{{ zabbix_version | regex_replace('\\.', '_') }}"
zabbix_python_prefix: "python{% if ansible_python_version is version('3', '>=') %}3{% endif %}"
when:
- ansible_machine == "aarch64"
- name: "Debian | Set some facts"
set_fact:
apache_log: apache2
datafiles_path: "/usr/share/zabbix-proxy-{{ zabbix_proxy_database }}"
when:
- zabbix_version is version_compare('3.0', '<')
tags:
- zabbix-proxy
- init
- config
- name: "Debian | Set some facts for Zabbix >= 3.0 && < 5.4"
set_fact:
apache_log: apache2
datafiles_path: /usr/share/doc/zabbix-proxy-{{ zabbix_proxy_database }}
when:
- zabbix_version is version('3.0', '>=')
- zabbix_version is version('5.4', '<')
tags:
- zabbix-proxy
- init
- config
- name: "Debian | Set some facts for Zabbix == 5.4"
set_fact:
datafiles_path: /usr/share/doc/zabbix-sql-scripts/{{ zabbix_proxy_database_long }}
when:
- zabbix_version is version('5.4', '==')
tags:
- zabbix-proxy
- init
- config
- name: "Debian | Set some facts for Zabbix >= 6.0"
set_fact:
datafiles_path: /usr/share/zabbix-sql-scripts/{{ zabbix_proxy_database_long }}
when:
- zabbix_version is version('6.0', '>=')
tags:
- zabbix-proxy
- init
- config
- name: "Debian | Installing gnupg"
apt:
pkg: gnupg
update_cache: true
cache_valid_time: 3600
force: true
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: gnupg_installed
until: gnupg_installed is succeeded
become: true
- name: "Debian | Install gpg key"
apt_key:
id: "{{ sign_keys[zabbix_short_version][ansible_distribution_release]['sign_key'] }}"
url: http://repo.zabbix.com/zabbix-official-repo.key
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
when:
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-proxy
- init
- name: "Debian | Installing repository {{ ansible_distribution }}"
apt_repository:
repo: "{{ item }} {{ zabbix_proxy_apt_repository | join(' ') }}"
state: present
when: zabbix_repo == "zabbix"
become: true
with_items:
- deb-src
- deb
tags:
- zabbix-proxy
- init
- name: "Debian | Create /etc/apt/preferences.d/"
file:
path: /etc/apt/preferences.d/
state: directory
mode: '0755'
when:
- zabbix_proxy_apt_priority | int
become: true
- name: "Debian | Configuring the weight for APT"
copy:
dest: "/etc/apt/preferences.d/zabbix-proxy-{{ zabbix_proxy_database }}"
content: |
Package: zabbix-proxy-{{ zabbix_proxy_database }}
Pin: origin repo.zabbix.com
Pin-Priority: {{ zabbix_proxy_apt_priority }}
owner: root
mode: '0644'
when:
- zabbix_proxy_apt_priority | int
become: true
- name: apt-get clean
shell: apt-get clean; apt-get update
args:
warn: false
changed_when: false
become: true
tags:
- skip_ansible_lint
# On certain 18.04 images, such as docker or lxc, dpkg is configured not to
# install files into paths /usr/share/doc/*
# Since this is where Zabbix installs its database schemas, we need to allow
# files to be installed to /usr/share/doc/zabbix*
- name: Check for the dpkg exclude line
command: grep -F 'path-exclude=/usr/share/doc/*' /etc/dpkg/dpkg.cfg.d/excludes
register: dpkg_exclude_line
failed_when: false
changed_when: false
check_mode: false
- name: Allow Zabbix dpkg installs to /usr/share/doc/zabbix*
lineinfile:
path: /etc/dpkg/dpkg.cfg.d/excludes
line: 'path-include=/usr/share/doc/zabbix*'
become: true
when:
- dpkg_exclude_line.rc == 0
- name: "Debian | Installing zabbix-proxy-{{ zabbix_proxy_database }}"
apt:
pkg: zabbix-proxy-{{ zabbix_proxy_database }}
state: "{{ zabbix_proxy_package_state }}"
update_cache: true
cache_valid_time: 0
install_recommends: "{{ zabbix_proxy_install_recommends }}"
default_release: "{{ ansible_distribution_release }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_package_installed
until: zabbix_proxy_package_installed is succeeded
become: true
tags:
- zabbix-proxy
- init
- name: "Debian | Installing zabbix-sql-scripts"
apt:
pkg: zabbix-sql-scripts
state: "{{ zabbix_proxy_package_state }}"
update_cache: true
cache_valid_time: 0
default_release: "{{ ansible_distribution_release }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_package_sql_installed
until: zabbix_proxy_package_sql_installed is succeeded
when:
- zabbix_version is version('5.4', '>=')
become: true
tags:
- zabbix-proxy
- init
- name: "Debian | Install Ansible module dependencies"
apt:
name: "{{ zabbix_python_prefix }}-psycopg2"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- zabbix_database_creation
tags:
- zabbix-proxy
- init
- name: "Debian | Install Mysql Client package"
apt:
name:
- default-mysql-client
- "{{ zabbix_python_prefix }}-mysqldb"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- zabbix_proxy_database == 'mysql'
- zabbix_proxy_install_database_client
- ansible_distribution_release != "buster"
tags:
- zabbix-proxy
- init
- database
- name: "Debian 10 | Install Mysql Client package"
apt:
name:
- mariadb-client
- "{{ zabbix_python_prefix }}-mysqldb"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- zabbix_proxy_database == 'mysql'
- zabbix_proxy_install_database_client
- ansible_distribution_release == "buster"
tags:
- zabbix-proxy
- init
- database
- name: "Debian | Install PostgreSQL Client package"
apt:
name: postgresql-client
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
become: true
when:
- zabbix_database_creation or zabbix_database_sqlload
- zabbix_proxy_database == 'pgsql'
- zabbix_proxy_install_database_client
tags:
- zabbix-proxy
- init
- database
- name: "Debian | Install sqlite3"
apt:
name: sqlite3
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
become: true
when:
- zabbix_proxy_database == 'sqlite3'
tags:
- zabbix-proxy

323
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,323 @@
---
# Tasks specific for RedHat systems
- name: "Set short version name"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
- name: "RedHat | Use EPEL package name"
set_fact:
zabbix_proxy_package: "zabbix{{ zabbix_version | regex_replace('\\.', '') }}-proxy"
when:
- zabbix_repo == "epel"
tags:
- zabbix-proxy
- init
- name: "RedHat | Define package with version"
set_fact:
zabbix_proxy_package: "zabbix{{ zabbix_short_version }}-proxy-{{ zabbix_proxy_database }}"
cacheable: true
when:
- zabbix_proxy_rhel_version is defined
- zabbix_repo != "epel"
- name: "RedHat | Define package without version"
set_fact:
zabbix_proxy_package: "zabbix-proxy-{{ zabbix_proxy_database }}"
cacheable: true
when:
- zabbix_proxy_rhel_version is not defined
- zabbix_repo != "epel"
- name: "RedHat | Set some facts Zabbix < 3.0"
set_fact:
apache_log: httpd
datafiles_path: "/usr/share/doc/zabbix-proxy-{{ zabbix_proxy_database }}-{{ zabbix_version }}*/create"
when:
- zabbix_version is version('3.0', '<')
tags:
- zabbix-proxy
- name: "RedHat | Set facts for Zabbix >= 3.0 && < 5.4"
set_fact:
apache_log: httpd
datafiles_path: "/usr/share/doc/zabbix-proxy-{{ zabbix_proxy_database }}-{{ zabbix_version }}*"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_version is version('5.4', '<')
tags:
- zabbix-proxy
- name: "RedHat | Set facts for Zabbix == 5.4"
set_fact:
datafiles_path: "/usr/share/doc/zabbix-sql-scripts/{{ zabbix_proxy_database_long }}"
when:
- zabbix_version is version('5.4', '==')
tags:
- zabbix-server
- name: "RedHat | Set facts for Zabbix >= 6.0"
set_fact:
datafiles_path: "/usr/share/zabbix-sql-scripts/{{ zabbix_proxy_database_long }}"
when:
- zabbix_version is version('6.0', '>=')
tags:
- zabbix-server
- name: "RedHat | Set facts for Zabbix >= 3.0 and RedHat 8"
set_fact:
apache_log: httpd
datafiles_path: "/usr/share/doc/zabbix-proxy-{{ zabbix_proxy_database }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_version is version('5.4', '<')
- ansible_distribution_major_version == '8'
tags:
- zabbix-proxy
- name: "RedHat | Set some facts EPEL"
set_fact:
datafiles_path: "/usr/share/zabbix-{{ zabbix_proxy_database_long }}"
when:
- zabbix_repo == "epel"
tags:
- zabbix-server
- name: "RedHat | Create 'zabbix' group (EPEL)"
group:
name: "{{ zabbix_proxy_groupname | default('zabbix') }}"
gid: "{{ zabbix_proxy_groupid | default(omit) }}"
state: present
become: true
when:
- zabbix_repo == "epel"
- name: "RedHat | Create 'zabbix' user (EPEL)"
user:
name: "{{ zabbix_proxy_username | default('zabbix') }}"
comment: Zabbix Monitoring System
uid: "{{ zabbix_proxy_userid | default(omit) }}"
group: zabbix
become: true
when:
- zabbix_repo == "epel"
- name: "Make sure old file is absent"
file:
path: /etc/yum.repos.d/zabbix-supported.repo
state: absent
become: true
- name: "RedHat | Install basic repo file"
yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
gpgcheck: "{{ item.gpgcheck }}"
gpgkey: "{{ item.gpgkey }}"
mode: "{{ item.mode | default('0644') }}"
priority: "{{ item.priority | default('98') }}"
state: "{{ item.state | default('present') }}"
proxy: "{{ zabbix_http_proxy | default(omit) }}"
with_items: "{{ zabbix_repo_yum }}"
register: yum_repo_installed
become: true
when:
- zabbix_repo == "zabbix"
notify:
- "clean repo files from proxy creds"
tags:
- zabbix-agent
- name: "RedHat | Installing zabbix-proxy-{{ zabbix_proxy_database }}"
package:
pkg: "{{ zabbix_proxy_package }}-{{ zabbix_proxy_version }}.{{ zabbix_proxy_version_minor }}"
state: "{{ zabbix_proxy_package_state }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true
when:
zabbix_repo != "other"
register: is_zabbix_proxy_package_installed
until: is_zabbix_proxy_package_installed is succeeded
- name: "RedHat | Installing zabbix-proxy-{{ zabbix_proxy_database }} (When zabbix_repo == other)"
package:
pkg: "{{ zabbix_proxy_package }}-{{ zabbix_proxy_version }}.{{ zabbix_proxy_version_minor }}"
state: "{{ zabbix_proxy_package_state }}"
become: true
when:
zabbix_repo == "other"
register: is_zabbix_proxy_package_installed
until: is_zabbix_proxy_package_installed is succeeded
- name: "RedHat | Installing zabbix-sql-scripts"
package:
pkg: "zabbix-sql-scripts-{{ zabbix_proxy_version }}.{{ zabbix_proxy_version_minor }}"
state: "{{ zabbix_proxy_package_state }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_sql_package_installed
until: zabbix_proxy_sql_package_installed is succeeded
when:
- zabbix_version is version('5.4', '>=')
- zabbix_repo != "other"
become: true
tags:
- zabbix-server
- name: "RedHat | Installing zabbix-sql-scripts (When zabbix_repo == other)"
package:
pkg: "zabbix-sql-scripts-{{ zabbix_proxy_version }}.{{ zabbix_proxy_version_minor }}"
state: "{{ zabbix_proxy_package_state }}"
register: zabbix_proxy_sql_package_installed
until: zabbix_proxy_sql_package_installed is succeeded
when:
- zabbix_version is version('5.4', '>=')
- zabbix_repo == "other"
become: true
tags:
- zabbix-server
- name: "RedHat | Install Ansible PostgreSQL module dependencies"
yum:
name: python-psycopg2
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
when:
- zabbix_database_creation or zabbix_database_sqlload
- zabbix_proxy_database == 'pgsql'
- ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6"
tags:
- zabbix-proxy
- init
- name: "RedHat | Install Ansible module dependencies on RHEL9 or RHEL8"
yum:
name: python3-psycopg2
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- zabbix_database_creation
- zabbix_proxy_database == 'pgsql'
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-server
- name: "RedHat | Install Mysql Client package RHEL7"
yum:
name:
- mariadb
- MySQL-python
state: installed
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
when:
- zabbix_database_creation or zabbix_database_sqlload
- zabbix_proxy_database == 'mysql'
- ansible_distribution_major_version == '7'
tags:
- zabbix-proxy
- init
- name: "RedHat | Install Mysql Client packages RHEL9 or RHEL8"
yum:
name:
- mysql
- python3-PyMySQL
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- zabbix_proxy_database == 'mysql'
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-proxy
- init
- name: "RedHat | Install Mysql Client package RHEL5 - 6"
yum:
name:
- mysql
- MySQL-python
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
when:
- zabbix_database_creation or zabbix_database_sqlload
- zabbix_proxy_database == 'mysql'
- ansible_distribution_major_version == "6" or ansible_distribution_major_version == "5"
- zabbix_proxy_install_database_client
tags:
- zabbix-proxy
- init
- database
- name: "RedHat | Install PostgreSQL client package"
yum:
name: postgresql
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
become: true
register: are_zabbix_proxy_dependency_packages_installed
until: are_zabbix_proxy_dependency_packages_installed is succeeded
when:
- zabbix_database_creation or zabbix_database_sqlload
- zabbix_proxy_database == 'pgsql'
- zabbix_proxy_install_database_client
tags:
- zabbix-proxy
- init
- database
- name: "RedHat | Install sqlite3"
yum:
name:
- sqlite
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- zabbix_proxy_database == 'sqlite3'
tags:
- zabbix-proxy
- name: "Configure SELinux when enabled"
include_tasks: selinux.yml
when:
- zabbix_selinux | bool

137
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/main.yml Normal file
View File

@@ -0,0 +1,137 @@
---
# tasks file for zabbix_proxy
- name: "Include OS-specific variables"
include_vars: "{{ ansible_os_family }}.yml"
- name: Determine Latest Supported Zabbix Version
set_fact:
zabbix_proxy_version: "{{ zabbix_valid_proxy_versions[ansible_distribution_major_version][0] | default(6.0) }}"
when: zabbix_proxy_version is not defined
- name: "Replace Sangoma with RedHat task"
set_fact:
ansible_os_family: "RedHat"
when:
- ansible_os_family == 'Sangoma'
- name: "Set default ip address for zabbix_proxy_ip"
set_fact:
zabbix_proxy_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4'].address }}"
when:
- zabbix_proxy_ip is not defined
- "'ansible_default_ipv4' in hostvars[inventory_hostname]"
- name: "Set OS dependent variables"
include_vars: "{{ item }}"
with_first_found:
- "../vars/{{ ansible_distribution }}.yml"
- "../vars/main.yml"
- name: "Install the correct repository"
include_tasks: "{{ ansible_os_family }}.yml"
- name: "Installing the {{ zabbix_proxy_database_long }} database"
include_tasks: "{{ zabbix_proxy_database_long }}.yml"
- name: "Create include dir zabbix-proxy"
file:
path: "{{ zabbix_proxy_include }}"
owner: zabbix
group: zabbix
mode: "{{ zabbix_proxy_include_mode }}"
state: directory
become: true
- name: "Create module dir zabbix-proxy"
file:
path: "{{ zabbix_proxy_loadmodulepath }}"
owner: zabbix
group: zabbix
state: directory
mode: "0755"
become: true
- name: "Create directory for PSK file if not exist."
file:
path: "{{ zabbix_proxy_tlspskfile | dirname }}"
mode: 0755
state: directory
become: true
when:
- zabbix_proxy_tlspskfile is defined
- name: "Place TLS PSK File"
copy:
dest: "{{ zabbix_proxy_tlspskfile }}"
content: "{{ zabbix_proxy_tlspsk_secret }}"
owner: zabbix
group: zabbix
mode: 0400
become: true
when:
- zabbix_proxy_tlspskfile is defined
- zabbix_proxy_tlspsk_secret is defined
notify:
- restart zabbix-proxy
- name: "Allow zabbix-proxy to open connections (SELinux)"
ansible.posix.seboolean:
name: zabbix_can_network
persistent: true
state: true
become: true
when: ansible_selinux.status == "enabled"
tags: selinux
- name: "Allow zabbix-proxy to connect to zabbix_proxy_preprocessing.sock (SELinux)"
ansible.posix.seboolean:
name: daemons_enable_cluster_mode
persistent: true
state: true
become: true
when: ansible_selinux.status == "enabled"
tags: selinux
- name: "Configure zabbix-proxy"
template:
src: zabbix_proxy.conf.j2
dest: /etc/zabbix/zabbix_proxy.conf
owner: zabbix
group: zabbix
mode: "{{ zabbix_proxy_conf_mode }}"
notify: restart zabbix-proxy
become: true
- name: Ensure proxy definition is up-to-date (added/updated/removed)
vars:
gather_facts: false
ansible_user: "{{ zabbix_api_login_user }}"
ansible_connection: httpapi
# Can't think of a way to make http_login_* vars be undefined -(
http_login_user: "{{ zabbix_api_http_user | default(zabbix_http_user | default(-42)) }}"
http_login_password: "{{ zabbix_api_http_password | default(zabbix_http_password | default(-42)) }}"
community.zabbix.zabbix_proxy:
state: "{{ zabbix_proxy_state }}"
status: "{{ zabbix_proxy_status }}"
proxy_name: "{{ zabbix_proxy_name }}"
description: "{{ zabbix_proxy_description | default(omit) }}"
interface: "{{ zabbix_proxy_interface }}"
tls_psk: "{{ zabbix_proxy_tlspsk_secret | default(omit) }}"
tls_psk_identity: "{{ zabbix_proxy_tlspskidentity | default(omit) }}"
tls_subject: "{{ zabbix_proxy_tls_subject | default(omit) }}"
tls_connect: "{{ zabbix_proxy_tls_config[zabbix_proxy_tlsaccept if zabbix_proxy_tlsaccept else 'no_encryption'] }}"
tls_accept: "{{ zabbix_proxy_tls_config[zabbix_proxy_tlsconnect if zabbix_proxy_tlsconnect else 'no_encryption'] }}"
when:
- zabbix_api_create_proxy | bool
delegate_to: "{{ zabbix_api_server_host }}"
become: false
tags:
- api
- name: "zabbix-proxy started"
service:
name: zabbix-proxy
state: started
enabled: true
become: true
when: zabbix_proxy_manage_service | bool

176
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/mysql.yml Normal file
View File

@@ -0,0 +1,176 @@
---
# task file for mysql
- name: "Set the correct delegated_dbhost (to support MySQL db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ zabbix_proxy_dbhost if (zabbix_proxy_dbhost != 'localhost') else inventory_hostname }}"
when:
- zabbix_proxy_dbhost_run_install
- name: "Set the correct delegated_dbhost (to support MySQL db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ inventory_hostname }}"
when:
- not zabbix_proxy_dbhost_run_install
- name: "Override delegated_dbhost with real dbhost when dbhost is behind loadbalancer"
set_fact:
delegated_dbhost: "{{ zabbix_proxy_real_dbhost }}"
when: zabbix_proxy_real_dbhost | default(false)
- name: "MySQL | Create database"
community.mysql.mysql_db:
name: "{{ zabbix_proxy_dbname }}"
encoding: "{{ zabbix_proxy_dbencoding }}"
collation: "{{ zabbix_proxy_dbcollation }}"
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
state: present
when: zabbix_database_creation
register: zabbix_database_created
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-proxy
- database
- skip_ansible_lint
- name: "MySQL | Create database user"
community.mysql.mysql_user:
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_proxy_dbuser }}"
password: "{{ zabbix_proxy_dbpassword }}"
priv: "{{ zabbix_proxy_dbname }}.*:ALL"
host: "{{ zabbix_proxy_privileged_host }}"
state: present
when: zabbix_database_creation
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-proxy
- database
- name: "Get the file for schema.sql"
shell: ls -1 {{ datafiles_path }}/{{ 'schema' if zabbix_version is version('6.0', '<') else 'proxy' }}.sq*
changed_when: false
when:
- zabbix_database_sqlload
- zabbix_repo != "epel"
register: ls_output_create
tags:
- zabbix-proxy
- database
- name: "Check if we have done files"
stat:
path: /etc/zabbix/schema.done
register: done_file
when:
- zabbix_database_sqlload
- zabbix_repo != "epel"
- name: "MySQL | Get version_comment"
community.mysql.mysql_variables:
variable: version
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
delegate_to: "{{ delegated_dbhost }}"
register: install_mysql_version
tags:
- zabbix-proxy
- database
- name: "MySQL | Get current value for innodb_default_row_format"
community.mysql.mysql_variables:
variable: innodb_default_row_format
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
delegate_to: "{{ delegated_dbhost }}"
register: mysql_innodb_default_row_format
when:
- install_mysql_version.msg is version('5.6', '>=')
tags:
- zabbix-proxy
- database
- name: "MySQL | Set innodb_default_row_format to dynamic"
community.mysql.mysql_variables:
variable: innodb_default_row_format
value: dynamic
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- not done_file.stat.exists
- install_mysql_version.msg is version('5.6', '>=')
- mysql_innodb_default_row_format.msg != 'dynamic'
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-proxy
- database
- name: "MySQL | Create database and import file"
community.mysql.mysql_db:
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_proxy_dbname }}"
encoding: "{{ zabbix_proxy_dbencoding }}"
collation: "{{ zabbix_proxy_dbcollation }}"
state: import
target: "{{ ls_output_create.stdout }}"
when:
- zabbix_database_sqlload
- zabbix_repo != "epel"
- not done_file.stat.exists
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-proxy
- database
- name: "MySQL | Revert innodb_default_row_format to previous value"
community.mysql.mysql_variables:
variable: innodb_default_row_format
value: '{{ mysql_innodb_default_row_format.msg }}'
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- not done_file.stat.exists
- mysql_innodb_default_row_format.msg != 'dynamic'
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-proxy
- database
- name: "Create done file"
file:
path: /etc/zabbix/schema.done
state: touch
mode: '0644'
when:
- zabbix_database_sqlload
- zabbix_repo != "epel"
- not done_file.stat.exists

92
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/postgresql.yml Normal file
View File

@@ -0,0 +1,92 @@
---
# task file for postgresql
- name: "Set the correct delegated_dbhost (to support postgres db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ zabbix_proxy_dbhost if (zabbix_proxy_dbhost != 'localhost') else inventory_hostname }}"
when:
- zabbix_proxy_dbhost_run_install
- name: "Set the correct delegated_dbhost (to support postgres db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ inventory_hostname }}"
when:
- not zabbix_proxy_dbhost_run_install
- name: "PostgreSQL | Delegated"
block:
- name: "PostgreSQL | Delegated | Create database"
community.postgresql.postgresql_db:
name: "{{ zabbix_proxy_dbname }}"
port: "{{ zabbix_proxy_dbport }}"
state: present
- name: "PostgreSQL | Delegated | Create database user"
postgresql_user:
db: "{{ zabbix_proxy_dbname }}"
name: "{{ zabbix_proxy_dbuser }}"
password: "md5{{ (zabbix_proxy_dbpassword + zabbix_proxy_dbuser)|hash('md5') }}"
port: "{{ zabbix_proxy_dbport }}"
priv: ALL
state: present
encrypted: true
become: true
become_user: postgres
delegate_to: "{{ delegated_dbhost }}"
when:
- zabbix_database_creation
- zabbix_proxy_pgsql_login_host is not defined
tags:
- zabbix-server
- database
- name: "PostgreSQL | Remote"
block:
- name: "PostgreSQL | Remote | Create database"
community.postgresql.postgresql_db:
login_host: "{{ zabbix_proxy_pgsql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_pgsql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_pgsql_login_password | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_pgsql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_proxy_dbname }}"
port: "{{ zabbix_proxy_dbport }}"
state: present
- name: "PostgreSQL | Remote | Create database user"
postgresql_user:
login_host: "{{ zabbix_proxy_pgsql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_pgsql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_pgsql_login_password | default(omit) }}"
db: "{{ zabbix_proxy_dbname }}"
name: "{{ zabbix_proxy_dbuser }}"
password: "md5{{ (zabbix_proxy_dbpassword + zabbix_proxy_dbuser)|hash('md5') }}"
port: "{{ zabbix_proxy_dbport }}"
priv: ALL
state: present
encrypted: true
when:
- zabbix_database_creation
- zabbix_proxy_pgsql_login_host is defined
tags:
- zabbix-server
- database
- name: "PostgreSQL | Importing schema file"
shell: |
set -euxo pipefail
FILE={{ 'schema.sql' if zabbix_version is version('6.0', '<') else 'proxy.sql' }}
cd {{ datafiles_path }}
if [ -f ${FILE}.gz ]
then zcat ${FILE}.gz > /tmp/schema.sql
else
cp ${FILE} /tmp/schema.sql
fi
cat /tmp/schema.sql | psql -h '{{ zabbix_proxy_dbhost }}' -U '{{ zabbix_proxy_dbuser }}' \
-d '{{ zabbix_proxy_dbname }}'
touch /etc/zabbix/schema.done
rm -f /tmp/schema.sql
args:
creates: /etc/zabbix/schema.done
executable: /bin/bash
environment:
PGPASSWORD: '{{ zabbix_proxy_dbpassword }}'
when:
- zabbix_database_creation

50
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/selinux.yml Normal file
View File

@@ -0,0 +1,50 @@
---
- name: "SELinux | RedHat | Install related SELinux package to fix issues"
yum:
name:
- policycoreutils-python
- libsemanage-python
- checkpolicy
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6"
tags:
- zabbix-proxy
- name: "SELinux | RedHat | Install related SELinux package to fix issues on RHEL8"
yum:
name:
- policycoreutils
- checkpolicy
- python3-libsemanage
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_proxy_dependencies_installed
until: zabbix_proxy_dependencies_installed is succeeded
become: true
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-proxy
- name: "SELinux | RedHat | Add SEmodule to fix SELinux issue: zabbix_proxy_alerter.sock"
script:
cmd: files/install_semodule.bsx
args:
creates: /etc/selinux/targeted/active/modules/400/zabbix_proxy_add/cil
become: true
when:
- ansible_os_family == "RedHat"
tags:
- zabbix-proxy

57
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/tasks/sqlite3.yml Normal file
View File

@@ -0,0 +1,57 @@
---
# task file for sqlite3
- name: "Sqlite3 | Default Database Path"
set_fact:
zabbix_proxy_dbname: /var/lib/zabbix/zabbix_proxy.db
when:
- zabbix_proxy_dbname == "zabbix_proxy"
- name: "Sqlite3 | Create database"
file:
name: "{{ zabbix_proxy_dbname | dirname }}"
mode: 0744
owner: zabbix
group: zabbix
seuser: system_u
serole: object_r
setype: zabbix_var_lib_t
state: directory
become: true
when:
- zabbix_database_creation
- name: "Sqlite3 | Importing schema file"
become: true
become_user: zabbix
shell: |
set -o pipefail
FILE={{ 'schema.sql' if zabbix_version is version('6.0', '<') else 'proxy.sql' }}
cd {{ datafiles_path }}
if [ -f ${FILE}.gz ]
then zcat ${FILE}.gz > /tmp/schema.sql
else
cp ${FILE} /tmp/schema.sql
fi
cat /tmp/schema.sql | sqlite3 {{ zabbix_proxy_dbname }}
rm -f /tmp/schema.sql
args:
creates: "{{ zabbix_proxy_dbname }}"
executable: /bin/bash
environment:
PGPASSWORD: '{{ zabbix_proxy_dbpassword }}'
when:
- zabbix_database_creation
- name: "Fix zabbix db file permission (SELinux)"
file:
path: "{{ zabbix_proxy_dbname }}"
state: file
seuser: system_u
serole: object_r
setype: zabbix_var_lib_t
become: true
when:
- ansible_selinux.status == "enabled"
- zabbix_database_creation
tags: selinux

192
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/templates/zabbix_proxy.conf.j2 Normal file
View File

@@ -0,0 +1,192 @@
{{ ansible_managed | comment }}
# This is a configuration file for Zabbix Proxy process
# To get more information about Zabbix, visit http://www.zabbix.com
# This configuration file is "minimalized", which means all the original comments
# are removed. The full documentation for your Zabbix Proxy can be found here:
# https://www.zabbix.com/documentation/{{ zabbix_version }}/en/manual/appendix/config/zabbix_proxy
ProxyMode={{ zabbix_proxy_mode }}
Server={{ zabbix_proxy_server }}
{% if zabbix_version is version('6.0', '<') %}
ServerPort={{ zabbix_proxy_serverport }}
{% endif %}
{% if zabbix_proxy_hostname is defined and zabbix_proxy_hostname %}
Hostname={{ zabbix_proxy_hostname }}
{% endif %}
{% if zabbix_proxy_hostnameitem is defined and zabbix_proxy_hostnameitem %}
HostnameItem={{ zabbix_proxy_hostnameitem }}
{% endif %}
ListenPort={{ zabbix_proxy_listenport }}
{% if zabbix_proxy_sourceip is defined and zabbix_proxy_sourceip %}
SourceIP={{ zabbix_proxy_sourceip }}
{% endif %}
{% if zabbix_version is version('6.0', '>=') %}
LogType={{ zabbix_proxy_logtype }}
{% endif %}
LogFile={{ zabbix_proxy_logfile }}
LogFileSize={{ zabbix_proxy_logfilesize }}
EnableRemoteCommands={{ zabbix_proxy_enableremotecommands }}
DebugLevel={{ zabbix_proxy_debuglevel }}
PidFile={{ zabbix_proxy_pidfile }}
{% if zabbix_version is version('3.2', '>') %}
SocketDir={{ zabbix_proxy_socketdir }}
{% endif %}
DBHost={{ zabbix_proxy_dbhost }}
DBName={{ zabbix_proxy_dbname }}
{% if zabbix_proxy_dbschema is defined and zabbix_proxy_dbschema %}
DBSchema={{ zabbix_proxy_dbschema }}
{% endif %}
DBUser={{ zabbix_proxy_dbuser }}
DBPassword={{ zabbix_proxy_dbpassword }}
DBPort={{ zabbix_proxy_dbport }}
{% if zabbix_version is version('6.0', '>=') %}
AllowUnsupportedDBVersions={{ zabbix_proxy_allowunsupporteddbversions }}
{% endif %}
ProxyLocalBuffer={{ zabbix_proxy_proxylocalbuffer }}
ProxyOfflineBuffer={{ zabbix_proxy_proxyofflinebuffer }}
HeartbeatFrequency={{ zabbix_proxy_heartbeatfrequency }}
{% if zabbix_proxy_configfrequency is defined and zabbix_proxy_configfrequency is not none %}
ConfigFrequency={{ zabbix_proxy_configfrequency }}
{% else %}
{% if zabbix_version is version('6.2', '<') %}
ConfigFrequency=3600
{% else %}
ConfigFrequency=300
{% endif %}
{% endif %}
DataSenderFrequency={{ zabbix_proxy_datasenderfrequency }}
StartPollers={{ zabbix_proxy_startpollers }}
StartIPMIPollers={{ zabbix_proxy_startipmipollers }}
{% if zabbix_version is version('4.2', '>=') %}
StartPreprocessors={{ zabbix_proxy_startpreprocessors }}
{% endif %}
StartPollersUnreachable={{ zabbix_proxy_startpollersunreachable }}
StartTrappers={{ zabbix_proxy_starttrappers }}
StartPingers={{ zabbix_proxy_startpingers }}
StartDiscoverers={{ zabbix_proxy_startdiscoverers }}
StartHTTPPollers={{ zabbix_proxy_starthttppollers }}
{% if zabbix_proxy_javagateway is defined and zabbix_proxy_javagateway %}
JavaGateway={{ zabbix_proxy_javagateway }}
JavaGatewayPort={{ zabbix_proxy_javagatewayport }}
StartJavaPollers={{ zabbix_proxy_startjavapollers }}
{% endif %}
{% if zabbix_version is version_compare('2.4', '>=') %}
StartVMwareCollectors={{ zabbix_proxy_startvmwarecollector }}
VMwareFrequency={{ zabbix_proxy_vmwarefrequency }}
VMwareCacheSize={{ zabbix_proxy_vmwarecachesize -}}M
{% endif %}
SNMPTrapperFile={{ zabbix_proxy_snmptrapperfile }}
StartSNMPTrapper={{ zabbix_proxy_snmptrapper }}
{% if zabbix_proxy_listenip is defined and zabbix_proxy_listenip %}
ListenIP={{ zabbix_proxy_listenip }}
{% endif %}
HousekeepingFrequency={{ zabbix_proxy_housekeepingfrequency }}
CacheSize={{ zabbix_proxy_cachesize -}}M
StartDBSyncers={{ zabbix_proxy_startdbsyncers }}
HistoryCacheSize={{ zabbix_proxy_historycachesize -}}M
{% if zabbix_version is version_compare('3.2', '>=') %}
HistoryIndexCacheSize={{ zabbix_proxy_historyindexcachesize -}}M
{% endif %}
{% if zabbix_version is version_compare('2.4', '<') %}
HistoryTextCacheSize={{ zabbix_proxy_historytextcachesize -}}M
{% endif %}
Timeout={{ zabbix_proxy_timeout }}
TrapperTimeout={{ zabbix_proxy_trappertimeout }}
UnreachablePeriod={{ zabbix_proxy_unreachableperiod }}
UnavailableDelay={{ zabbix_proxy_unavaliabledelay }}
UnreachableDelay={{ zabbix_proxy_unreachabedelay }}
{% if zabbix_version is version_compare('6.2', '>=') %}
StartODBCPollers={{ zabbix_proxy_startodbcpollers }}
{% endif %}
ExternalScripts={{ zabbix_proxy_externalscripts }}
FpingLocation={{ zabbix_proxy_fpinglocation }}
Fping6Location={{ zabbix_proxy_fping6location }}
{% if zabbix_proxy_sshkeylocation is defined and zabbix_proxy_sshkeylocation %}
SSHKeyLocation={{ zabbix_proxy_sshkeylocation }}
{% endif %}
LogSlowQueries={{ zabbix_proxy_loglowqueries }}
TmpDir={{ zabbix_proxy_tmpdir }}
{% if zabbix_version is version_compare('2.4', '<') %}
AllowRoot={{ zabbix_proxy_allowroot }}
{% endif %}
Include={{ zabbix_proxy_include }}
{% if zabbix_version is version_compare('3.0', '<') %}
LoadModulePath={{ zabbix_proxy_loadmodulepath }}
{% endif %}
{% if zabbix_proxy_loadmodule is defined and zabbix_proxy_loadmodule %}
LoadModule={{ zabbix_proxy_loadmodule }}
{% endif %}
{% if zabbix_version is version_compare('4.0', '>=') %}
StatsAllowedIP={{ zabbix_proxy_statsallowedip }}
{% endif %}
{% if zabbix_version is version_compare('3.0', '>=') %}
{% if zabbix_proxy_tlsconnect is defined and zabbix_proxy_tlsconnect %}
TLSConnect={{ zabbix_proxy_tlsconnect }}
{% endif %}
{% if zabbix_proxy_tlsaccept is defined and zabbix_proxy_tlsaccept %}
TLSAccept={{ zabbix_proxy_tlsaccept }}
{% endif %}
{% if zabbix_proxy_tlscafile is defined and zabbix_proxy_tlscafile %}
TLSCAFile={{ zabbix_proxy_tlscafile }}
{% endif %}
{% if zabbix_proxy_tlscrlfile is defined and zabbix_proxy_tlscrlfile %}
TLSCRLFile={{ zabbix_proxy_tlscrlfile }}
{% endif %}
{% if zabbix_proxy_tlsservercertissuer is defined and zabbix_proxy_tlsservercertissuer %}
TLSServerCertIssuer={{ zabbix_proxy_tlsservercertissuer }}
{% endif %}
{% if zabbix_proxy_tlsservercertsubject is defined and zabbix_proxy_tlsservercertsubject %}
TLSServerCertSubject={{ zabbix_proxy_tlsservercertsubject }}
{% endif %}
{% if zabbix_proxy_tlscertfile is defined and zabbix_proxy_tlscertfile %}
TLSCertFile={{ zabbix_proxy_tlscertfile }}
{% endif %}
{% if zabbix_proxy_tlskeyfile is defined and zabbix_proxy_tlskeyfile %}
TLSKeyFile={{ zabbix_proxy_tlskeyfile }}
{% endif %}
{% if zabbix_proxy_tlspskidentity is defined and zabbix_proxy_tlspskidentity %}
TLSPSKIdentity={{ zabbix_proxy_tlspskidentity }}
{% endif %}
{% if zabbix_proxy_tlspskfile is defined and zabbix_proxy_tlspskfile %}
TLSPSKFile={{ zabbix_proxy_tlspskfile }}
{% endif %}
{% endif %}
{% if zabbix_proxy_dbtlsconnect is defined and zabbix_proxy_dbtlsconnect is not none %}
DBTLSConnect={{ zabbix_proxy_dbtlsconnect }}
{% endif %}
{% if zabbix_proxy_dbtlscafile is defined and zabbix_proxy_dbtlscafile is not none %}
DBTLSCAFile={{ zabbix_proxy_dbtlscafile }}
{% endif %}
{% if zabbix_proxy_dbtlscertfile is defined and zabbix_proxy_dbtlscertfile is not none %}
DBTLSCertFile={{ zabbix_proxy_dbtlscertfile }}
{% endif %}
{% if zabbix_proxy_dbtlskeyfile is defined and zabbix_proxy_dbtlskeyfile is not none %}
DBTLSKeyFile={{ zabbix_proxy_dbtlskeyfile }}
{% endif %}
{% if zabbix_proxy_dbtlscipher is defined and zabbix_proxy_dbtlscipher is not none %}
DBTLSCipher={{ zabbix_proxy_dbtlscipher }}
{% endif %}
{% if zabbix_proxy_dbtlscipher13 is defined and zabbix_proxy_dbtlscipher13 is not none %}
DBTLSCipher13={{ zabbix_proxy_dbtlscipher13 }}
{% endif %}
{% if zabbix_version is version('6.0', '>=') %}
{% if zabbix_proxy_vaulttoken is defined and zabbix_proxy_vaulttoken is not none %}
VaultToken={{ zabbix_proxy_vaulttoken }}
{% endif %}
{% if zabbix_proxy_vaulturl is defined and zabbix_proxy_vaulturl is not none %}
VaultURL={{ zabbix_proxy_vaulturl }}
{% endif %}
{% if zabbix_proxy_vaultdbpath is defined and zabbix_proxy_vaultdbpath is not none %}
VaultDBPath={{ zabbix_proxy_vaultdbpath }}
{% endif %}
{% if zabbix_proxy_vaulttlscertfile is defined and zabbix_proxy_vaulttlscertfile is not none %}
VaultTLSKeyFile={{ zabbix_proxy_vaulttlscertfile }}
{% endif %}
{% if zabbix_proxy_vaulttlskeyfile is defined and zabbix_proxy_vaulttlskeyfile is not none %}
VaultTLSCertFile={{ zabbix_proxy_vaulttlskeyfile }}
{% endif %}
{% if zabbix_proxy_listenbacklog is defined and zabbix_proxy_listenbacklog is not none %}
ListenBacklog={{ zabbix_proxy_listenbacklog }}
{% endif %}
{% endif %}

2
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/vars/Amazon.yml Normal file
View File

@@ -0,0 +1,2 @@
---
ansible_distribution_major_version: "6"

26
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/vars/Debian.yml Normal file
View File

@@ -0,0 +1,26 @@
zabbix_valid_proxy_versions:
# Debian
"11":
- 6.2
- 6.0
- 5.0
- 4.0
"10":
- 6.0
- 5.0
- 4.0
"9":
- 4.0
# Ubuntu
"22":
- 6.2
- 6.0
"20":
- 6.2
- 6.0
- 5.0
- 4.0
"18":
- 6.0
- 5.0
- 4.0

12
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/vars/RedHat.yml Normal file
View File

@@ -0,0 +1,12 @@
zabbix_valid_proxy_versions:
"9":
- 6.2
- 6.0
"8":
- 6.2
- 6.0
- 5.0
- 4.0
"7":
- 5.0
- 4.0

2
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for zabbix_proxy

238
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_proxy/vars/zabbix.yml Normal file
View File

@@ -0,0 +1,238 @@
---
sign_keys:
"62":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
jammy:
sign_key: E709712C
"60":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
jammy:
sign_key: E709712C
"54":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"52":
# bullseye: not available upstream
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"50":
bullseye:
sign_key: E709712C
buster:
sign_key: E709712C
jessie:
sign_key: E709712C
stretch:
sign_key: E709712C
focal:
sign_key: E709712C
bionic:
sign_key: E709712C
xenial:
sign_key: E709712C
trusty:
sign_key: E709712C
tricia:
sign_key: E709712C
"44":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
focal:
sign_key: A14FE591
eoan:
sign_key: A14FE591
cosmic:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"42":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
eoan:
sign_key: A14FE591
cosmic:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"40":
bullseye:
sign_key: A14FE591
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
focal:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"34":
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
wheezy:
sign_key: A14FE591
bionic:
sign_key: A14FE591
sonya:
sign_key: A14FE591
serena:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"32":
stretch:
sign_key: A14FE591
wheezy:
sign_key: 79EA5ED4
bionic:
sign_key: A14FE591
sonya:
sign_key: 79EA5ED4
serena:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"30":
buster:
sign_key: A14FE591
jessie:
sign_key: 79EA5ED4
stretch:
sign_key: A14FE591
wheezy:
sign_key: 79EA5ED4
bionic:
sign_key: A14FE591
trusty:
sign_key: 79EA5ED4
xenial:
sign_key: E709712C
"24":
jessie:
sign_key: 79EA5ED4
wheezy:
sign_key: 79EA5ED4
precise:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
"22":
squeeze:
sign_key: 79EA5ED4
wheezy:
sign_key: 79EA5ED4
precise:
sign_key: 79EA5ED4
trusty:
sign_key: 79EA5ED4
lucid:
sign_key: 79EA5ED4
suse:
"openSUSE Leap":
"42":
name: server:monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_Leap_{{ ansible_distribution_version }}/
"openSUSE":
"12":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_{{ ansible_distribution_version }}
"SLES":
"11":
name: server_monitoring
url: http://download.opensuse.org/repositories/server:/monitoring/SLE_11_SP3/

383
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/README.md Normal file
View File

@@ -0,0 +1,383 @@
# community.zabbix.zabbix_server role
![Zabbix Server](https://github.com/ansible-collections/community.zabbix/workflows/community.zabbix.zabbix_server/badge.svg)
**Table of Contents**
- [Overview](#overview)
- [Requirements](#requirements)
* [Operating systems](#operating-systems)
* [Zabbix Versions](#zabbix-versions)
- [Installation](#installation)
- [Role Variables](#role-variables)
* [Main variables](#main-variables)
+ [Overall Zabbix](#overall-zabbix)
+ [SElinux](#selinux)
+ [Zabbix Server](#zabbix-server)
+ [Database specific](#database-specific)
+ [TLS Specific configuration](#tls-specific-configuration)
+ [Custom Zabbix Scripts](#custom-zabbix-scripts)
* [proxy](#proxy)
* [Database](#database)
+ [MySQL](#mysql)
- [Local Setup](#local-setup)
- [Separate Setup](#separate-setup)
+ [PostgreSQL](#postgresql)
- [Local Setup](#local-setup-1)
- [Separate Setup](#separate-setup-1)
- [Example Playbook](#example-playbook)
- [Molecule](#molecule)
- [License](#license)
- [Author Information](#author-information)
# Overview
This is a Ansible role for installing and maintaining the zabbix-server. This will only install the Zabbix Server component and not the Zabbix Web.
# Requirements
## Operating systems
This role will work on the following operating systems:
* Red Hat
* Debian
* Ubuntu
So, you'll need one of those operating systems.. :-)
Please send Pull Requests or suggestions when you want to use this role for other Operating systems.
## Ansible 2.10 and higher
With the release of Ansible 2.10, modules have been moved into collections. With the exception of ansible.builtin modules, this means additonal collections must be installed in order to use modules such as seboolean (now ansible.posix.seboolean). The following collection is now required: `ansible.posix`. Installing the collection:
```sh
ansible-galaxy collection install ansible.posix
```
### MySQL
When you are a MySQL user and using Ansible 2.10 or newer, then there is a dependency on the collection named `community.mysql`. This collections are needed as the `mysql_` modules are now part of collections and not standard in Ansible anymmore. Installing the collection:
```sh
ansible-galaxy collection install community.mysql
```
### PostgreSQL
When you are a PostgreSQL user and using Ansible 2.10 or newer, then there is a dependency on the collection named `community.postgresql`. This collections are needed as the `postgresql_` modules are now part of collections and not standard in Ansible anymmore. Installing the collection:
```sh
ansible-galaxy collection install community.postgresql
```
## Zabbix Versions
See the following list of supported Operating systems with the Zabbix releases:
| Zabbix | 6.2 | 6.0 | 5.4 | 5.2 | 5.0 (LTS) | 4.4 | 4.0 (LTS) | 3.0 (LTS) |
|---------------------|-----|-----|-----|-----|-----------|-----|-----------|-----------|
| Red Hat Fam 9 | V | V | | | | | | |
| Red Hat Fam 8 | V | V | V | V | V | V | | |
| Red Hat Fam 7 | | | | | V | V | V | V |
| Red Hat Fam 6 | | | | V | V | | | V |
| Red Hat Fam 5 | | | | V | V | | | V |
| Fedora | | | | | | V | V | |
| Ubuntu 20.04 focal | V | V | V | V | V | | V | |
| Ubuntu 18.04 bionic | | V | V | V | V | V | V | |
| Ubuntu 16.04 xenial | | | | V | V | V | V | |
| Ubuntu 14.04 trusty | | | | V | V | V | V | V |
| Debian 10 buster | | V | V | V | V | V | | |
| Debian 9 stretch | | V | V | V | V | V | V | |
| Debian 8 jessie | | | | V | V | V | V | V |
| Debian 7 wheezy | | | | | | | V | V |
| macOS 10.15 | | | | | | V | V | |
| macOS 10.14 | | | | | | V | V | |
See https://support.zabbix.com/browse/ZBX-18790 why RHEL7 is not supported anymore.
# Installation
Installing this role is very simple: `ansible-galaxy install community.zabbix.zabbix_server`
Please be aware that this role only installs the Zabbix Server and not the Zabbix Web. If you do want to have a Zabbix Web, please execute the following command: `ansible-galaxy install community.zabbix.zabbix_web`
# Role Variables
## Main variables
The following is an overview of all available configuration default for this role.
### Overall Zabbix
* `zabbix_server_version`: This is the version of zabbix. Default: The highest supported version for the operating system. Can be overridden to 6.2, 6.0, 5.4, 5.2, 5.0, 4.4, 4.0, 3.4, 3.2, 3.0, 2.4, or 2.2. Previously the variable `zabbix_version` was used directly but it could cause [some inconvenience](https://github.com/dj-wasabi/ansible-zabbix-agent/pull/303). That variable is maintained by retrocompativility.
* `zabbix_server_version_minor`: When you want to specify a minor version to be installed. RedHat only. Default set to: `*` (latest available)
* `zabbix_repo`: Default: `zabbix`
* `epel`: install agent from EPEL repo
* `zabbix`: (default) install agent from Zabbix repo
* `other`: install agent from pre-existing or other repo
* `zabbix_repo_yum`: A list with Yum repository configuration.
* `zabbix_repo_yum_schema`: Default: `https`. Option to change the web schema for the yum repository(http/https)
* `zabbix_repo_yum_disabled`: A string with repository names that should be disabled when installing Zabbix component specific packages. Is only used when `zabbix_repo_yum_enabled` contains 1 or more repositories. Default `*`.
* `zabbix_repo_yum_enabled`: A list with repository names that should be enabled when installing Zabbix component specific packages.
* `zabbix_service_state`: Default: `started`. Can be overridden to stopped if needed
* `zabbix_service_enabled`: Default: `True` Can be overridden to `False` if needed
### SElinux
* `zabbix_selinux`: Default: `False`. Enables an SELinux policy so that the server will run.
* `selinux_allow_zabbix_can_network`: Default: `False`.
* `selinux_allow_zabbix_can_http`: Default: `False`.
### Zabbix Server
* `zabbix_server_package_state`: Default: `present`. Can be overridden to `latest` to update packages when needed.
* `zabbix_server_listenport`: Default: `10051`. On which port the Zabbix Server is available.
* `zabbix_server_install_recommends`: Default: `True`. `False` does not install the recommended packages that come with the zabbix-server install.
* `zabbix_server_manage_service`: Default: `True`. When you run multiple Zabbix servers in a High Available cluster setup (e.g. pacemaker), you don't want Ansible to manage the zabbix-server service, because Pacemaker is in control of zabbix-server service and in this case, it needs to be set to `False`.
* `zabbix_proxy_startpreprocessors`: Number of pre-forked instances of preprocessing workers. The preprocessing manager process is automatically started when a preprocessor worker is started. This parameter is supported since Zabbix 4.2.0.
* `zabbix_server_username`: Default: `zabbix`. The name of the account on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_server_userid`: The UID of the account on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_server_groupname`: Default: `zabbix`. The name of the group of the user on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_server_groupid`: The GID of the group on the host. Will only be used when `zabbix_repo: epel` is used.
* `zabbix_server_include_mode`: Default: `0755`. The "mode" for the directory configured with `zabbix_server_include`.
* `zabbix_server_conf_mode`: Default: `0640`. The "mode" for the Zabbix configuration file.
* `zabbix_server_listenbacklog`: The maximum number of pending connections in the queue.
* `zabbix_server_trendcachesize`: Size of trend cache, in bytes.
* `zabbix_server_trendfunctioncachesize`: Size of trend function cache, in bytes.
* `zabbix_server_vaulttoken`: Vault authentication token that should have been generated exclusively for Zabbix server with read only permission
* `zabbix_server_vaulturl`: Vault server HTTP[S] URL. System-wide CA certificates directory will be used if SSLCALocation is not specified.
* `zabbix_server_vaultdbpath`: Vault path from where credentials for database will be retrieved by keys 'password' and 'username'.
* `zabbix_server_startreportwriters`: Number of pre-forked report writer instances.
* `zabbix_server_webserviceurl`: URL to Zabbix web service, used to perform web related tasks.
* `zabbix_server_servicemanagersyncfrequency`: How often Zabbix will synchronize configuration of a service manager (in seconds).
* `zabbix_server_problemhousekeepingfrequency`: How often Zabbix will delete problems for deleted triggers (in seconds).
### High Availability
These variables are specific for Zabbix 6.0 and higher:
* `zabbix_server_hanodename`: The high availability cluster node name. When empty, server is working in standalone mode; a node with empty name is registered with address for the frontend to connect to. (Default: empty)
* `zabbix_server_nodeaddress`: IP or hostname with optional port to specify how frontend should connect to the server.
### Database specific
* `zabbix_server_dbhost_run_install`: Default: `True`. When set to `True`, sql files will be executed on the host running the database.
* `zabbix_server_database`: Default: `pgsql`. The type of database used. Can be: `mysql` or `pgsql`
* `zabbix_server_database_long`: Default: `postgresql`. The type of database used, but long name. Can be: `mysql` or `postgresql`
* `zabbix_server_dbhost`: The hostname on which the database is running.
* `zabbix_server_real_dbhost`: The hostname of the dbhost that is running behind a loadbalancer/VIP (loadbalancers doesn't accept ssh connections)
* `zabbix_server_dbname`: The database name which is used by the Zabbix Server.
* `zabbix_server_dbuser`: The database username which is used by the Zabbix Server.
* `zabbix_server_dbpassword`: The database user password which is used by the Zabbix Server.
* `zabbix_server_dbport`: The database port which is used by the Zabbix Server.
* `zabbix_database_creation`: Default: `True`. When you don't want to create the database including user, you can set it to False.
* `zabbix_server_install_database_client`: Default: `True`. False does not install database client. Default true
* `zabbix_database_sqlload`:True / False. When you don't want to load the sql files into the database, you can set it to False.
* `zabbix_database_timescaledb`:False / True. When you want to use timescaledb extension into the database, you can set it to True (this option only works for postgreSQL database).
* `zabbix_server_dbencoding`: Default: `utf8`. The encoding for the MySQL database.
* `zabbix_server_dbcollation`: Default: `utf8_bin`. The collation for the MySQL database.
* `zabbix_server_allowunsupporteddbversions`: Allow server to work with unsupported database versions.
### TLS Specific configuration
These variables are specific for Zabbix 3.0 and higher:
* `zabbix_server_tlsconnect`: How the agent should connect to server or proxy. Used for active checks.
Possible values:
* unencrypted
* psk
* cert
* `zabbix_server_tlsaccept`: What incoming connections to accept.
Possible values:
* unencrypted
* psk
* cert
* `zabbix_server_tlscafile`: Full pathname of a file containing the top-level CA(s) certificates for peer certificate verification.
* `zabbix_server_tlscrlfile`: Full pathname of a file containing revoked certificates.
* `zabbix_server_tlsservercertissuer`: Allowed server certificate issuer.
* `zabbix_server_tlsservercertsubject`: Allowed server certificate subject.
* `zabbix_server_tlscertfile`: Full pathname of a file containing the agent certificate or certificate chain.
* `zabbix_server_tlskeyfile`: Full pathname of a file containing the agent private key.
* `zabbix_server_dbtlsconnect`: Setting this option enforces to use TLS connection to database:
`required` - connect using TLS
`verify_ca` - connect using TLS and verify certificate
`verify_full` - connect using TLS, verify certificate and verify that database identity specified by DBHost matches its certificate
On `MySQL` starting from 5.7.11 and `PostgreSQL` the following values are supported: `required`, `verify`, `verify_full`. On MariaDB starting from version 10.2.6 `required` and `verify_full` values are supported.
By default not set to any option and the behaviour depends on database configuration.
This parameter is supported since Zabbix 5.0.0.
* `zabbix_server_dbtlscafile`: Full pathname of a file containing the top-level CA(s) certificates for database certificate verification. This parameter is supported since Zabbix 5.0.0.
* `zabbix_server_dbtlscertfile`: Full pathname of file containing Zabbix server certificate for authenticating to database. This parameter is supported since Zabbix 5.0.0.
* `zabbix_server_dbtlskeyfile`: Full pathname of file containing the private key for authenticating to database. This parameter is supported since Zabbix 5.0.0.
* `zabbix_server_dbtlscipher`: The list of encryption ciphers that Zabbix server permits for TLS protocols up through TLSv1.2. Supported only for MySQL.This parameter is supported since Zabbix 5.0.0.
* `zabbix_server_dbtlscipher13`: The list of encryption ciphersuites that Zabbix server permits for TLSv1.3 protocol. Supported only for MySQL, starting from version 8.0.16. This parameter is supported since Zabbix 5.0.0.
### Custom Zabbix Scripts
Define these variables to copy scripts to your respective scripts path.
* `zabbix_server_alertscripts`: List of alertscripts to be added to `zabbix_server_alertscriptspath`
* `zabbix_server_externalscripts`: List of alertscripts to be added to `zabbix_server_externalscriptspath`
Example:
```yaml
zabbix_server_alertscripts:
- path: "{{ lookup('first_found', 'zabbix-scripts/somescript.php') }}"
name: "somescript.php"
```
## proxy
When the target host does not have access to the internet, but you do have a proxy available then the following properties needs to be set to download the packages via the proxy:
* `zabbix_http_proxy`
* `zabbix_https_proxy`
## Database
With Zabbix Server you can make use of 2 different databases:
* `mysql`
* `postgresql`
In the following paragraphs we dive into both setups.
### MySQL
To make the Zabbix Server work with a `MySQL` database, there are 2 types on setup:
1. Local setup, `MySQL` running on same host as the Zabbix Server;
2. Separate setup, `MySQL` running on a different host than the Zabbix Server.
#### Local Setup
We need to have the following dependencies met:
1. Find an (Ansible) role that will install a `MySQL` instance on the host. Example: `geerlingguy.mysql` can be used, but also others can be used. Please make sure that before installing the Zabbix Server, you have a fully functional `MySQL` instance running.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_server_database: mysql
zabbix_server_database_long: mysql
zabbix_server_dbport: 3306
zabbix_server_dbpassword: <SOME_SECRET_STRING>
```
Please generate a value for the `zabbix_server_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-server role will create an database and username (With the provided value for the password) in `MySQL`.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Server with `MySQL` will be running.
#### Separate Setup
We need to have the following dependencies met:
1. We need to either have a `MySQL` instance running somewhere in the environment. If this is the case, we need to have a username/password combination that is allowed to create a database and an user account. If there isn't one, please make sure there is one.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_server_database: mysql
zabbix_server_database_long: mysql
zabbix_server_dbport: 3306
zabbix_server_dbhost: mysql-host
zabbix_server_dbhost_run_install: false
zabbix_server_dbpassword: <SOME_SECRET_STRING>
zabbix_server_privileged_host: '%'
zabbix_server_mysql_login_host: mysql-host
zabbix_server_mysql_login_user: root
zabbix_server_mysql_login_password: changeme
zabbix_server_mysql_login_port: 3306
```
Please generate a value for the `zabbix_server_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-server role will create an database and username (With the provided value for the password) in `MySQL`.
The `zabbix_server_privileged_host` can be set to the hostname/ip of the host running Zabbix Server for security related purposes. Also make sure that `zabbix_server_mysql_login_password` is set to the correct password for the user provided with `zabbix_server_mysql_login_host` to create a database and user in the `MySQL` instance.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Server with `MySQL` on a different host will be running.
### PostgreSQL
To make the Zabbix Server work with a `PgSQL` database, there are 2 types on setup:
1. Local setup, `PgSQL` running on same host as the Zabbix Server;
2. Separate setup, `PgSQL` running on a different host than the Zabbix Server.
#### Local Setup
We need to have the following dependencies met:
1. Find an (Ansible) role that will install a `PgSQL` instance on the host. Example: `geerlingguy.postgresql` can be used, but also others can be used. Please make sure that before installing the Zabbix Server, you have a fully functional `PgSQL` instance running.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_server_database: pgsql
zabbix_server_database_long: postgresql
zabbix_server_dbport: 5432
zabbix_server_dbpassword: <SOME_SECRET_STRING>
```
Please generate a value for the `zabbix_server_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-server role will create an database and username (With the provided value for the password) in `PgSQL`.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Server with `PgSQL` will be running.
#### Separate Setup
We need to have the following dependencies met:
1. We need to either have a `PgSQL` instance running somewhere in the environment. If this is the case, we need to have a username/password combination that is allowed to create a database and an user account. If there isn't one, please make sure there is one.
2. We need to set some variables, either as input for the playbook or set them into the `group_vars` or `host_vars` (Your preference choice). We need to set the following properties:
```yaml
zabbix_server_database: pgsql;
zabbix_server_database_long: postgresql
zabbix_server_dbport: 5432
zabbix_server_dbhost: pgsql-host
zabbix_server_dbhost_run_install: false
zabbix_server_dbpassword: <SOME_SECRET_STRING>
zabbix_server_privileged_host: '%'
zabbix_server_pgsql_login_host: pgsql-host
zabbix_server_pgsql_login_user: postgres
zabbix_server_pgsql_login_password: changeme
zabbix_server_pgsql_login_port: 5432
```
Please generate a value for the `zabbix_server_dbpassword` property (Maybe use `ansible-vault` for this). The zabbix-server role will create an database and username (With the provided value for the password) in `PgSQL`.
The `zabbix_server_privileged_host` can be set to the hostname/ip of the host running Zabbix Server for security related purposes. Also make sure that `zabbix_server_mysql_login_password` is set to the correct password for the user provided with `zabbix_server_mysql_login_host` to create a database and user in the `PgSQL` instance.
3. Execute the role by running the Ansible playbook that calls this role. At the end of this run, the Zabbix Server with `PgSQL` on a different host will be running.
# Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
```yaml
- hosts: zabbix-server
roles:
- role: community.zabbix.zabbix_server
zabbix_server_database: mysql
zabbix_server_database_long: mysql
```
# Molecule
This role is configured to be tested with Molecule. You can find on this page some more information regarding Molecule:
* http://werner-dijkerman.nl/2016/07/10/testing-ansible-roles-with-molecule-testinfra-and-docker/
* http://werner-dijkerman.nl/2016/07/27/extending-ansible-role-testing-with-molecule-by-adding-group_vars-dependencies-and-using-travis-ci/
* http://werner-dijkerman.nl/2016/07/31/testing-ansible-roles-in-a-cluster-setup-with-docker-and-molecule/
With each Pull Request, Molecule will be executed via Github Actions to validate the change on a new installation. Each PR should result into a correct working Zabbix Server installation and PR's will not be merged once this process fails.
# License
GNU General Public License v3.0 or later
See LICENCE to see the full text.
# Author Information
Please send suggestion or pull requests to make this role better. Also let us know if you encounter any issues installing or using this role.
Github: https://github.com/ansible-collections/community.zabbix

161
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/defaults/main.yml Normal file
View File

@@ -0,0 +1,161 @@
---
# defaults file for zabbix_server
# zabbix_server_version: 6.0
zabbix_server_version_minor: "*"
zabbix_version: "{{ zabbix_server_version }}"
zabbix_repo: zabbix
zabbix_server_apt_priority:
zabbix_server_package_state: present
zabbix_server_install_recommends: true
zabbix_server_install_database_client: true
zabbix_server_conf_mode: 0640
zabbix_service_state: started
zabbix_service_enabled: true
zabbix_repo_yum_gpgcheck: 0
zabbix_repo_yum_schema: https
zabbix_repo_yum_disabled: "*"
zabbix_repo_yum_enabled: []
zabbix_repo_yum:
- name: zabbix
description: Zabbix Official Repository - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/zabbix/{{ zabbix_version | regex_search('^[0-9]+.[0-9]+') }}/rhel/{{ ansible_distribution_major_version }}/$basearch/"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
mode: "0644"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
- name: zabbix-non-supported
description: Zabbix Official Repository non-supported - $basearch
baseurl: "{{ zabbix_repo_yum_schema }}://repo.zabbix.com/non-supported/rhel/{{ ansible_distribution_major_version }}/$basearch/"
mode: "0644"
gpgcheck: "{{ zabbix_repo_yum_gpgcheck }}"
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
state: present
# User (EPEL specific)
zabbix_server_username: zabbix
zabbix_server_groupname: zabbix
# Database
zabbix_server_database: pgsql
zabbix_server_database_long: postgresql
zabbix_database_creation: true
zabbix_database_sqlload: true
zabbix_database_timescaledb: false
zabbix_server_dbtlsconnect:
zabbix_server_dbtlscafile:
zabbix_server_dbtlscertfile:
zabbix_server_dbtlskeyfile:
zabbix_server_dbtlscipher:
zabbix_server_dbtlscipher13:
# zabbix-server specific vars
zabbix_server_listenport: 10051
zabbix_server_sourceip:
zabbix_server_logtype: file
zabbix_server_logfile: /var/log/zabbix/zabbix_server.log
zabbix_server_logfilesize: 10
zabbix_server_debuglevel: 3
zabbix_server_pidfile: /var/run/zabbix/zabbix_server.pid
zabbix_server_socketdir: /var/run/zabbix
zabbix_server_real_dbhost:
zabbix_server_dbhost: localhost
zabbix_server_dbname: zabbix-server
zabbix_server_dbencoding: utf8
zabbix_server_dbcollation: utf8_bin
zabbix_server_dbschema:
zabbix_server_dbuser: zabbix-server
zabbix_server_dbpassword: zabbix-server
zabbix_server_dbsocket:
zabbix_server_dbport: 5432
zabbix_server_dbhost_run_install: true
zabbix_server_allowunsupporteddbversions: 0
zabbix_server_privileged_host: localhost
zabbix_server_historystorageurl:
zabbix_server_historystoragetypes: uint,dbl,str,log,text
zabbix_server_historystoragedateindex: 0
zabbix_server_exportdir:
zabbix_server_exportfilesize: 1G
zabbix_server_startpollers: 5
zabbix_server_startlldprocessors: 2
zabbix_server_startipmipollers: 0
zabbix_server_startpollersunreachable: 1
zabbix_server_starttrappers: 5
zabbix_server_startpingers: 1
zabbix_server_startdiscoverers: 1
zabbix_server_starthttppollers: 1
zabbix_server_startpreprocessors: 3
zabbix_server_startodbcpollers: 1
zabbix_server_starttimers: 1
zabbix_server_starthistorypollers: 5
zabbix_server_javagateway:
zabbix_server_javagatewayport: 10052
zabbix_server_startjavapollers: 5
zabbix_server_startvmwarecollectors: 0
zabbix_server_vmwarefrequency: 60
zabbix_server_vmwarecachesize: 8M
zabbix_server_snmptrapperfile: /tmp/zabbix_traps.tmp
zabbix_server_startsnmptrapper: 0
zabbix_server_listenip:
zabbix_server_housekeepingfrequency: 1
zabbix_server_maxhousekeeperdelete: 500
zabbix_server_senderfrequency: 30
zabbix_server_cachesize: 32M
zabbix_server_cacheupdatefrequency: 60
zabbix_server_startdbsyncers: 4
zabbix_server_historycachesize: 16M
zabbix_server_historyindexcachesize: 4M
zabbix_server_trendcachesize: 4M
zabbix_server_trendfunctioncachesize: 4M
zabbix_server_historytextcachesize: 16M
zabbix_server_valuecachesize: 8M
zabbix_server_nodenoevents: 0
zabbix_server_nodenohistory: 0
zabbix_server_timeout: 3
zabbix_server_trappertimeout: 300
zabbix_server_unreachableperiod: 45
zabbix_server_unavailabledelay: 60
zabbix_server_unreachabledelay: 15
zabbix_server_alertscriptspath: /usr/lib/zabbix/alertscripts
zabbix_server_externalscriptspath: /usr/lib/zabbix/externalscripts
zabbix_server_sshkeylocation:
zabbix_server_logslowqueries: 0
zabbix_server_tmpdir: /tmp
zabbix_server_startproxypollers: 1
zabbix_server_proxyconfigfrequency: 3600
zabbix_server_proxydatafrequency: 1
zabbix_server_allowroot: 0
zabbix_server_user: zabbix
zabbix_server_include: /etc/zabbix/zabbix_server.conf.d
zabbix_server_include_mode: "0755"
zabbix_server_sslcertlocation: ${datadir}/zabbix/ssl/certs
zabbix_server_sslkeylocation: ${datadir}/zabbix/ssl/keys
zabbix_server_sslcalocation:
zabbix_server_loadmodulepath: ${libdir}/modules
zabbix_server_loadmodule:
zabbix_server_tlscafile:
zabbix_server_tlscrlfile:
zabbix_server_tlscertfile:
zabbix_server_tlskeyfile:
zabbix_server_startescalators: 1
zabbix_server_vmwareperffrequency: 60
zabbix_server_vmwaretimeout: 10
zabbix_server_manage_service: true
zabbix_server_vaulttoken:
zabbix_server_vaulturl: https://127.0.0.1:8200
zabbix_server_vaultdbpath:
zabbix_server_startreportwriters: 0
zabbix_server_webserviceurl:
zabbix_server_servicemanagersyncfrequency: 60
zabbix_server_problemhousekeepingfrequency: 60
zabbix_server_listenbacklog:
zabbix_server_hanodename:
zabbix_server_nodeaddress:
# SELinux specific
zabbix_selinux: false
selinux_allow_zabbix_can_network: false
selinux_allow_zabbix_can_http: false

BIN
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/files/install_semodule.bsx Executable file
View File

Binary file not shown.

30
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/handlers/main.yml Normal file
View File

@@ -0,0 +1,30 @@
---
# handlers file for wdijkerman.zabbix
- name: zabbix-server restarted
service:
name: zabbix-server
state: restarted
enabled: true
tags: zabbix-server
become: true
when:
- zabbix_server_manage_service | bool
- zabbix_repo != 'epel'
- name: zabbix-server restarted
service:
name: zabbix-proxy-mysql{{ zabbix_proxy_database_long }}
state: restarted
enabled: true
become: true
when:
- zabbix_proxy_manage_service | bool
- zabbix_repo == 'epel'
- name: "clean repo files from proxy creds"
shell: ls /etc/yum.repos.d/zabbix* && sed -i 's/^proxy =.*//' /etc/yum.repos.d/zabbix* || true
become: true
when:
- ansible_os_family == 'RedHat'
- zabbix_http_proxy is defined or zabbix_https_proxy is defined

26
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/meta/main.yml Normal file
View File

@@ -0,0 +1,26 @@
---
galaxy_info:
author: Werner Dijkerman
description: Installing and maintaining zabbix-server for RedHat/Debian/Ubuntu.
company: myCompany.Dotcom
license: MIT
min_ansible_version: 2.4
platforms:
- name: EL
versions:
- 6
- 7
- name: Ubuntu
versions:
- lucid
- precise
- trusty
- name: Debian
versions:
- squeeze
- wheezy
galaxy_tags:
- zabbix
- monitoring
dependencies: []

5
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/requirements.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- src: geerlingguy.apache
- src: geerlingguy.mysql
- src: geerlingguy.postgresql
- src: community.postgresql

272
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,272 @@
---
- name: "Include Zabbix gpg ids"
include_vars: zabbix.yml
- name: "Set some variables"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
zabbix_server_apt_repository:
- "http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution.lower() }}/"
- "{{ ansible_distribution_release }}"
- "main"
zabbix_underscore_version: "{{ zabbix_version | regex_replace('\\.', '_') }}"
zabbix_python_prefix: "python{% if ansible_python_version is version('3', '>=') %}3{% endif %}"
when:
- ansible_machine != "aarch64"
- name: "Set some variables"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
zabbix_server_apt_repository:
- "http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution.lower() }}-arm64/"
- "{{ ansible_distribution_release }}"
- "main"
zabbix_underscore_version: "{{ zabbix_version | regex_replace('\\.', '_') }}"
zabbix_python_prefix: "python{% if ansible_python_version is version('3', '>=') %}3{% endif %}"
when:
- ansible_machine == "aarch64"
- name: "Debian | Set some facts"
set_fact:
datafiles_path: /usr/share/zabbix-server-{{ zabbix_server_database }}
when:
- zabbix_version is version('3.0', '<')
tags:
- zabbix-server
- init
- config
- name: "Debian | Set some facts for Zabbix >= 3.0 && < 5.4"
set_fact:
datafiles_path: /usr/share/doc/zabbix-server-{{ zabbix_server_database }}
when:
- zabbix_version is version('3.0', '>=')
- zabbix_version is version('5.4', '<')
tags:
- zabbix-server
- init
- config
- name: "Debian | Set some facts for Zabbix == 5.4"
set_fact:
datafiles_path: /usr/share/doc/zabbix-sql-scripts/{{ zabbix_server_database_long }}
when:
- zabbix_version is version('5.4', '==')
tags:
- zabbix-server
- init
- config
- name: "Debian | Set some facts for Zabbix >= 6.0"
set_fact:
datafiles_path: /usr/share/zabbix-sql-scripts/{{ zabbix_server_database_long }}
when:
- zabbix_version is version('6.0', '>=')
tags:
- zabbix-server
- init
- config
- name: "Debian | Installing gnupg"
apt:
pkg: gnupg
update_cache: true
cache_valid_time: 3600
force: true
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: gnupg_installed
until: gnupg_installed is succeeded
become: true
- name: "Debian | Install gpg key"
apt_key:
id: "{{ sign_keys[zabbix_short_version][ansible_distribution_release]['sign_key'] }}"
url: http://repo.zabbix.com/zabbix-official-repo.key
register: zabbix_server_repo_files_installed
until: zabbix_server_repo_files_installed is succeeded
when:
- zabbix_repo == "zabbix"
become: true
tags:
- zabbix-server
- init
- name: "Debian | Installing repository {{ ansible_distribution }}"
apt_repository:
repo: "{{ item }} {{ zabbix_server_apt_repository | join(' ') }}"
state: present
when: zabbix_repo == "zabbix"
become: true
with_items:
- deb-src
- deb
tags:
- zabbix-server
- init
- name: "Debian | Create /etc/apt/preferences.d/"
file:
path: /etc/apt/preferences.d/
state: directory
mode: '0755'
when:
- zabbix_server_apt_priority | int
become: true
- name: "Debian | Configuring the weight for APT"
copy:
dest: "/etc/apt/preferences.d/zabbix_server-{{ zabbix_proxy_database }}"
content: |
Package: zabbix_server-{{ zabbix_proxy_database }}
Pin: origin repo.zabbix.com
Pin-Priority: {{ zabbix_server_apt_priority }}
owner: root
mode: '0644'
when:
- zabbix_server_apt_priority | int
become: true
- name: apt-get clean
shell: apt-get clean; apt-get update
changed_when: false
become: true
tags:
- skip_ansible_lint
# On certain 18.04 images, such as docker or lxc, dpkg is configured not to
# install files into paths /usr/share/doc/*
# Since this is where Zabbix installs its database schemas, we need to allow
# files to be installed to /usr/share/doc/zabbix*
- name: Check for the dpkg exclude line
command: grep -F 'path-exclude=/usr/share/doc/*' /etc/dpkg/dpkg.cfg.d/excludes
register: dpkg_exclude_line
failed_when: false
changed_when: false
check_mode: false
- name: Allow Zabbix dpkg installs to /usr/share/doc/zabbix*
lineinfile:
path: /etc/dpkg/dpkg.cfg.d/excludes
line: 'path-include=/usr/share/doc/zabbix*'
become: true
when:
- dpkg_exclude_line.rc == 0
- name: "Debian | Installing zabbix-server-{{ zabbix_server_database }}"
apt:
pkg: zabbix-server-{{ zabbix_server_database }}
state: "{{ zabbix_server_package_state }}"
update_cache: true
cache_valid_time: 0
install_recommends: "{{ zabbix_server_install_recommends }}"
default_release: "{{ ansible_distribution_release }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_package_installed
until: zabbix_server_package_installed is succeeded
become: true
tags:
- zabbix-server
- init
- name: "Debian | Installing zabbix-sql-scripts"
apt:
pkg: zabbix-sql-scripts
state: "{{ zabbix_server_package_state }}"
update_cache: true
cache_valid_time: 0
install_recommends: "{{ zabbix_server_install_recommends }}"
default_release: "{{ ansible_distribution_release }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_package_sql_installed
until: zabbix_server_package_sql_installed is succeeded
when:
- zabbix_version is version('5.4', '>=')
become: true
tags:
- zabbix-server
- init
- name: "Debian | Install Ansible module dependencies"
apt:
name: "{{ zabbix_python_prefix }}-psycopg2"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_database_creation
tags:
- zabbix-server
- init
- name: "Debian | Install Mysql Client package"
apt:
name:
- default-mysql-client
- "{{ zabbix_python_prefix }}-mysqldb"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'mysql'
- zabbix_server_install_database_client
- ansible_distribution_release != "buster"
tags:
- zabbix-server
- init
- database
- name: "Debian 10 | Install Mysql Client package"
apt:
name:
- mariadb-client
- "{{ zabbix_python_prefix }}-mysqldb"
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'mysql'
- zabbix_server_install_database_client
- ansible_distribution_release == "buster"
tags:
- zabbix-server
- init
- database
- name: "Debian | Install PostgreSQL Client package"
apt:
name: postgresql-client
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'pgsql'
- zabbix_server_install_database_client
tags:
- zabbix-server
- init
- database

296
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/RedHat.yml Normal file
View File

@@ -0,0 +1,296 @@
---
# Tasks specific for RedHat systems
- name: "Set short version name"
set_fact:
zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}"
- name: "RedHat | Use Zabbix package name"
set_fact:
zabbix_server_package: "zabbix-server-{{ zabbix_server_database }}"
when:
- zabbix_repo == "zabbix" or zabbix_repo == "other"
tags:
- zabbix-server
- name: "RedHat | Use EPEL package name"
set_fact:
zabbix_server_package: "zabbix{{ zabbix_short_version }}-server-{{ zabbix_server_database }}"
when:
- zabbix_repo == "epel"
tags:
- zabbix-server
- name: "RedHat | Set some facts Zabbix <= 3.2"
set_fact:
datafiles_path: "/usr/share/doc/zabbix-server-{{ zabbix_server_database }}-{{ zabbix_version }}*"
when:
- zabbix_version is version('3.2', '<=')
tags:
- zabbix-server
- name: "RedHat | Set facts for Zabbix > 3.2 && < 5.4"
set_fact:
datafiles_path: "/usr/share/doc/zabbix-server-{{ zabbix_server_database }}*"
when:
- zabbix_version is version('3.2', '>')
- zabbix_version is version('5.4', '<')
tags:
- zabbix-server
- name: "RedHat | Set facts for Zabbix == 5.4"
set_fact:
datafiles_path: "/usr/share/doc/zabbix-sql-scripts/{{ zabbix_server_database_long }}"
when:
- zabbix_version is version('5.4', '==')
tags:
- zabbix-server
- name: "RedHat | Set facts for Zabbix >= 6.0"
set_fact:
datafiles_path: "/usr/share/zabbix-sql-scripts/{{ zabbix_server_database_long }}"
when:
- zabbix_version is version('6.0', '>=')
tags:
- zabbix-server
- name: "RedHat | Set facts for RHEL8"
set_fact:
datafiles_path: "/usr/share/doc/zabbix-server-{{ zabbix_server_database }}"
when:
- ansible_distribution_major_version == "8"
- zabbix_version is version('5.4', '<')
tags:
- zabbix-server
- name: "RedHat | Set some facts EPEL"
set_fact:
datafiles_path: "/usr/share/zabbix-{{ zabbix_server_database_long }}"
when:
- zabbix_repo == "epel"
tags:
- zabbix-server
- name: "RedHat | Create 'zabbix' group (EPEL)"
group:
name: "{{ zabbix_server_groupname | default('zabbix') }}"
gid: "{{ zabbix_server_groupid | default(omit) }}"
state: present
become: true
when:
- zabbix_repo == "epel"
- name: "RedHat | Create 'zabbix' user (EPEL)"
user:
name: "{{ zabbix_server_username | default('zabbix') }}"
comment: Zabbix Monitoring System
uid: "{{ zabbix_server_userid | default(omit) }}"
group: zabbix
become: true
when:
- zabbix_repo == "epel"
- name: "Make sure old file is absent"
file:
path: /etc/yum.repos.d/zabbix-supported.repo
state: absent
become: true
- name: "RedHat | Install basic repo file"
yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
gpgcheck: "{{ item.gpgcheck }}"
gpgkey: "{{ item.gpgkey }}"
mode: "{{ item.mode | default('0644') }}"
priority: "{{ item.priority | default('98') }}"
state: "{{ item.state | default('present') }}"
proxy: "{{ zabbix_http_proxy | default(omit) }}"
with_items: "{{ zabbix_repo_yum }}"
register: yum_repo_installed
become: true
when:
zabbix_repo == "zabbix"
notify:
- "clean repo files from proxy creds"
tags:
- zabbix-server
- name: "RedHat | Installing zabbix-server-{{ zabbix_server_database }}"
package:
pkg: "{{ zabbix_server_package }}-{{ zabbix_server_version }}.{{ zabbix_server_version_minor }}"
state: "{{ zabbix_server_package_state }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_package_installed
until: zabbix_server_package_installed is succeeded
when:
zabbix_repo != "other"
become: true
tags:
- zabbix-server
- name: "RedHat | Installing zabbix-server-{{ zabbix_server_database }} (When zabbix_repo == other)"
package:
pkg: "{{ zabbix_server_package }}-{{ zabbix_server_version }}.{{ zabbix_server_version_minor }}"
state: "{{ zabbix_server_package_state }}"
register: zabbix_server_package_installed
until: zabbix_server_package_installed is succeeded
when:
zabbix_repo == "other"
become: true
tags:
- zabbix-server
- name: "RedHat | Installing zabbix-sql-scripts"
package:
pkg: "zabbix-sql-scripts-{{ zabbix_server_version }}.{{ zabbix_server_version_minor }}"
state: "{{ zabbix_server_package_state }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_sql_package_installed
until: zabbix_server_sql_package_installed is succeeded
when:
- zabbix_version is version('5.4', '>=')
- zabbix_repo != "other"
become: true
tags:
- zabbix-server
- name: "RedHat | Installing zabbix-sql-scripts (When zabbix_repo == other)"
package:
pkg: "zabbix-sql-scripts-{{ zabbix_server_version }}.{{ zabbix_server_version_minor }}"
state: "{{ zabbix_server_package_state }}"
disablerepo: "{{ '*' if (zabbix_repo_yum_enabled | length>0) else omit }}"
enablerepo: "{{ zabbix_repo_yum_enabled if zabbix_repo_yum_enabled is iterable and (zabbix_repo_yum_enabled | length>0) else omit }}"
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_sql_package_installed
until: zabbix_server_sql_package_installed is succeeded
when:
- zabbix_version is version('5.4', '>=')
- zabbix_repo == "other"
become: true
tags:
- zabbix-server
- name: "RedHat | Install Ansible module dependencies"
yum:
name: python-psycopg2
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_database_creation
- zabbix_server_database == 'pgsql'
- ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6"
tags:
- zabbix-server
- name: "RedHat | Install Ansible module dependencies on RHEL9 or RHEL8"
yum:
name: python3-psycopg2
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_database_creation
- zabbix_server_database == 'pgsql'
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-server
- name: "RedHat | Install Mysql Client packages RHEL9 or RHEL8"
yum:
name:
- mysql
- python3-PyMySQL
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'mysql'
- zabbix_server_install_database_client
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-server
- name: "RedHat | Install Mysql Client package RHEL7"
yum:
name:
- mariadb
- MySQL-python
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'mysql'
- zabbix_server_install_database_client
- ansible_distribution_major_version == "7"
tags:
- zabbix-server
- name: "RedHat | Install Mysql Client package RHEL5 - 6"
yum:
name:
- mysql
- MySQL-python
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'mysql'
- zabbix_server_install_database_client
- ansible_distribution_major_version == "6" or ansible_distribution_major_version == "5"
tags:
- zabbix-server
- name: "RedHat | Install PostgreSQL client package"
yum:
name: postgresql
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- zabbix_server_database == 'pgsql'
- zabbix_server_install_database_client
tags:
- zabbix-server
- name: "Configure SELinux when enabled"
include_tasks: selinux.yml
when:
- zabbix_selinux | bool

56
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/main.yml Normal file
View File

@@ -0,0 +1,56 @@
---
# tasks file for wdijkerman.zabbix
- name: "Include OS-specific variables"
include_vars: "{{ ansible_os_family }}.yml"
- name: Determine Latest Supported Zabbix Version
set_fact:
zabbix_server_version: "{{ zabbix_valid_server_versions[ansible_distribution_major_version][0] | default(6.0) }}"
when: zabbix_server_version is not defined
- name: "Install the correct repository"
include_tasks: "{{ ansible_os_family }}.yml"
- name: "Installing the {{ zabbix_server_database_long }} database"
include_tasks: "{{ zabbix_server_database_long }}.yml"
- name: "Configure zabbix-server"
template:
src: zabbix_server.conf.j2
dest: /etc/zabbix/zabbix_server.conf
owner: zabbix
group: zabbix
mode: "{{ zabbix_server_conf_mode }}"
notify:
- zabbix-server restarted
tags:
- zabbix-server
- init
- config
- name: "Create include dir zabbix-server"
file:
path: "{{ zabbix_server_include }}"
owner: zabbix
group: zabbix
state: directory
mode: "{{ zabbix_server_include_mode }}"
tags:
- zabbix-server
- init
- config
- name: "Add zabbix-server scripts"
include_tasks: "scripts.yml"
when: ( zabbix_server_alertscripts is defined ) or
( zabbix_server_externalscripts is defined )
- name: "Zabbix-server started"
service:
name: zabbix-server
state: "{{ zabbix_service_state }}"
enabled: "{{ zabbix_service_enabled }}"
tags:
- zabbix-server
when: zabbix_server_manage_service | bool

307
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/mysql.yml Normal file
View File

@@ -0,0 +1,307 @@
---
# task file for mysql
- name: "Set the correct delegated_dbhost (to support MySQL db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ zabbix_server_dbhost if (zabbix_server_dbhost != 'localhost') else inventory_hostname }}"
when:
- zabbix_server_dbhost_run_install
- name: "Set the correct delegated_dbhost (to support MySQL db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ inventory_hostname }}"
when:
- not zabbix_server_dbhost_run_install
- name: "Override delegated_dbhost with real dbhost when dbhost is behind loadbalancer"
set_fact:
delegated_dbhost: "{{ zabbix_server_real_dbhost }}"
when: zabbix_server_real_dbhost | default(false)
- name: "MySQL | Create database"
community.mysql.mysql_db:
name: "{{ zabbix_server_dbname }}"
encoding: "{{ zabbix_server_dbencoding }}"
collation: "{{ zabbix_server_dbcollation }}"
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
state: present
when: zabbix_database_creation
register: zabbix_database_created
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- skip_ansible_lint
- name: "MySQL | Create database user"
community.mysql.mysql_user:
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_server_dbuser }}"
password: "{{ zabbix_server_dbpassword }}"
priv: "{{ zabbix_server_dbname }}.*:ALL"
host: "{{ zabbix_server_privileged_host }}"
state: present
when: zabbix_database_creation
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- name: "Get the file for create.sql >= 3.0"
shell: ls -1 {{ datafiles_path }}/{{ 'create' if zabbix_version is version('6.0', '<') else 'server' }}.sq*
changed_when: false
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
register: ls_output_create
tags:
- zabbix-server
- database
- name: MySQL | Get current database version
shell: |
mysql -h {{ zabbix_server_dbhost }} -u{{ zabbix_server_dbuser }} \
-p'{{ zabbix_server_dbpassword }}' -D '{{ zabbix_server_dbname }}' \
-e 'SELECT mandatory FROM dbversion;'
register: mysql_db_version
changed_when: false
ignore_errors: true
# If the above check failed, then there was no dbversion table in the database.
# We'll create it, below. Otherwise, we can access the database version in
# `mysql_db_version["stdout_lines"][1]`, for example 5000000 for Zabbix 5.0.
- name: MySQL | Check if database needs to be populated
set_fact:
mysql_schema_empty: "{{ mysql_db_version is failed }}"
- name: "MySQL | Get version_comment"
community.mysql.mysql_variables:
variable: version
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
delegate_to: "{{ delegated_dbhost }}"
register: install_mysql_version
tags:
- zabbix-server
- database
- name: "MySQL | Get current value for innodb_default_row_format"
community.mysql.mysql_variables:
variable: innodb_default_row_format
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
delegate_to: "{{ delegated_dbhost }}"
register: mysql_innodb_default_row_format
when:
- not ansible_check_mode
- install_mysql_version.msg is version('5.6', '>=')
tags:
- zabbix-server
- database
- name: "MySQL | Set innodb_default_row_format to dynamic"
community.mysql.mysql_variables:
variable: innodb_default_row_format
value: dynamic
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
- install_mysql_version.msg is version('5.6', '>=')
- mysql_innodb_default_row_format.msg != 'dynamic'
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- name: "MySQL | Disable InnoDB Strict Mode"
community.mysql.mysql_variables:
variable: innodb_strict_mode
value: 0
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
- install_mysql_version.msg is version('5.6', '>=')
- ansible_distribution_release == "buster"
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- name: "Fetch sql create file"
fetch:
src: "{{ ls_output_create.stdout }}"
dest: /tmp/{{ role_name }}/
flat: true
when:
- delegated_dbhost != inventory_hostname
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
- name: "Copy sql create file"
copy:
src: /tmp/{{ role_name }}/
dest: "{{ ls_output_create.stdout | dirname }}"
mode: '0640'
delegate_to: "{{ delegated_dbhost }}"
when:
- delegated_dbhost != inventory_hostname
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
- name: "MySQL | Create database and import file >= 3.0"
community.mysql.mysql_db:
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_server_dbname }}"
encoding: "{{ zabbix_server_dbencoding }}"
collation: "{{ zabbix_server_dbcollation }}"
state: import
target: "{{ ls_output_create.stdout }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- name: "MySQL | Revert innodb_default_row_format to previous value"
community.mysql.mysql_variables:
variable: innodb_default_row_format
value: '{{ mysql_innodb_default_row_format.msg }}'
login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}"
login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
- mysql_innodb_default_row_format.msg != 'dynamic'
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- name: "Check if we have sql_done files >= 3.0"
file:
path: /etc/zabbix/create.done
state: touch
mode: '0644'
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload | bool
- zabbix_repo != "epel"
- mysql_schema_empty
- name: "Get the correct path for the SQL files < 3.0"
shell: ls -1 {{ datafiles_path }}/{{ mysql_create_dir }}{{ item }}.sql*
changed_when: false
register: ls_output_schema
with_items:
- schema
- images
- data
when:
- zabbix_version is version('3.0', '<')
- zabbix_database_sqlload | bool
tags:
- zabbix-server
- database
- name: "Check if we have done files < 3.0"
stat:
path: /etc/zabbix/{{ item }}.done
register: done_files
with_items:
- schema
- images
- data
when:
- zabbix_version is version('3.0', '<')
- zabbix_database_sqlload | bool
tags:
- zabbix-server
- database
- name: "Create fact if sql_done files exists"
set_fact:
sql_files_executed: "{{ sql_files_executed | default({}) | combine({item.item: item.stat}) }}"
with_items: "{{ done_files.results }}"
when:
- zabbix_version is version('3.0', '<')
- zabbix_database_sqlload | bool
tags:
- zabbix-server
- database
- name: "MySQL | Create database and import files < 3.0"
community.mysql.mysql_db:
name: "{{ zabbix_server_dbname }}"
encoding: "{{ zabbix_server_dbencoding }}"
collation: "{{ zabbix_server_dbcollation }}"
state: import
target: "{{ item.stdout }}"
with_items: "{{ ls_output_schema.results }}"
when:
- zabbix_version is version('3.0', '<')
- zabbix_database_sqlload | bool
- not sql_files_executed[item.item].exists
delegate_to: "{{ delegated_dbhost }}"
tags:
- zabbix-server
- database
- name: "Check if we have sql_done files < 3.0"
file:
path: /etc/zabbix/{{ item }}.done
state: touch
mode: '0644'
with_items:
- schema
- images
- data
when:
- zabbix_version is version('3.0', '<')
- zabbix_database_sqlload | bool
- not sql_files_executed[item].exists
tags:
- zabbix-server
- database

220
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/postgresql.yml Normal file
View File

@@ -0,0 +1,220 @@
---
# task file for postgresql
- name: "Set the correct delegated_dbhost (to support postgres db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ zabbix_server_dbhost if (zabbix_server_dbhost != 'localhost') else inventory_hostname }}"
when:
- zabbix_server_dbhost_run_install
- name: "Set the correct delegated_dbhost (to support postgres db deployment on a remote dbhost)"
set_fact:
delegated_dbhost: "{{ inventory_hostname }}"
when:
- not zabbix_server_dbhost_run_install
- name: "PostgreSQL | Delegated"
block:
- name: "PostgreSQL | Delegated | Create database"
community.postgresql.postgresql_db:
name: "{{ zabbix_server_dbname }}"
port: "{{ zabbix_server_dbport }}"
state: present
- name: "PostgreSQL | Delegated | Create database user"
community.postgresql.postgresql_user:
db: "{{ zabbix_server_dbname }}"
name: "{{ zabbix_server_dbuser }}"
password: "md5{{ (zabbix_server_dbpassword + zabbix_server_dbuser)|hash('md5') }}"
port: "{{ zabbix_server_dbport }}"
priv: ALL
state: present
encrypted: true
- name: "PostgreSQL | Delegated | Create timescaledb extension"
community.postgresql.postgresql_ext:
db: "{{ zabbix_server_dbname }}"
name: timescaledb
when: zabbix_database_timescaledb
become: true
become_user: postgres
delegate_to: "{{ delegated_dbhost }}"
when:
- zabbix_database_creation
- zabbix_server_pgsql_login_host is not defined
tags:
- zabbix-server
- database
- name: "PostgreSQL | Remote"
block:
- name: "PostgreSQL | Remote | Create database"
community.postgresql.postgresql_db:
login_host: "{{ zabbix_server_pgsql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_pgsql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_pgsql_login_password | default(omit) }}"
login_unix_socket: "{{ zabbix_server_pgsql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_server_dbname }}"
port: "{{ zabbix_server_dbport }}"
state: present
- name: "PostgreSQL | Remote | Create database user"
community.postgresql.postgresql_user:
login_host: "{{ zabbix_server_pgsql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_pgsql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_pgsql_login_password | default(omit) }}"
db: "{{ zabbix_server_dbname }}"
name: "{{ zabbix_server_dbuser }}"
password: "md5{{ (zabbix_server_dbpassword + zabbix_server_dbuser)|hash('md5') }}"
port: "{{ zabbix_server_dbport }}"
priv: ALL
state: present
encrypted: true
- name: "PostgreSQL | Remote | Create timescaledb extension"
community.postgresql.postgresql_ext:
login_host: "{{ zabbix_server_pgsql_login_host | default(omit) }}"
login_user: "{{ zabbix_server_pgsql_login_user | default(omit) }}"
login_password: "{{ zabbix_server_pgsql_login_password | default(omit) }}"
login_unix_socket: "{{ zabbix_server_pgsql_login_unix_socket | default(omit) }}"
db: "{{ zabbix_server_dbname }}"
name: timescaledb
when: zabbix_database_timescaledb
when:
- zabbix_database_creation
- zabbix_server_pgsql_login_host is defined
tags:
- zabbix-server
- database
- name: "PostgreSQL | Create schema"
shell: |
set -euxo pipefail
FILE={{ 'create.sql' if zabbix_version is version('6.0', '<') else 'server.sql' }}
cd {{ datafiles_path }}
if [ -f ${FILE}.gz ]
then zcat ${FILE}.gz > /tmp/create.sql
else
cp ${FILE} /tmp/create.sql
fi
cat /tmp/create.sql | psql -h '{{ zabbix_server_dbhost }}' \
-U '{{ zabbix_server_dbuser }}' \
-d '{{ zabbix_server_dbname }}' \
-p '{{ zabbix_server_dbport }}'
touch /etc/zabbix/schema.done
rm -f /tmp/create.sql
args:
creates: /etc/zabbix/schema.done
executable: /bin/bash
warn: false
environment:
PGPASSWORD: "{{ zabbix_server_dbpassword }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_sqlload
tags:
- zabbix-server
- database
- name: "PostgreSQL | Create TimescaleDB hypertables"
shell: |
set -euxo pipefail
cd {{ datafiles_path }} &&
if [ -f timescaledb.sql.gz ]; then zcat timescaledb.sql.gz > /etc/timescaledb.sql ; else cp -p timescaledb.sql /etc/timescaledb.sql ; fi
cat /etc/timescaledb.sql | psql -h '{{ zabbix_server_dbhost }}' \
-U '{{ zabbix_server_dbuser }}' \
-d '{{ zabbix_server_dbname }}' \
-p '{{ zabbix_server_dbport }}'
touch /etc/zabbix/timescaledb.done
rm -f /tmp/timescaledb.sql
args:
creates: /etc/zabbix/timescaledb.done
executable: /bin/bash
warn: false
environment:
PGPASSWORD: "{{ zabbix_server_dbpassword }}"
when:
- zabbix_version is version('3.0', '>=')
- zabbix_database_timescaledb
tags:
- zabbix-server
- database
- name: "Get complete path"
shell: ls -d {{ datafiles_path }}
register: datafiles_path_full
changed_when: false
when:
- (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload)
tags:
- skip_ansible_lint
- name: "Check if we have a create dir"
stat:
path: "{{ datafiles_path_full.stdout }}/create"
register: create_dir_or_not
when:
- (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload)
- name: "Set fact"
set_fact:
datafiles_path: "{{ datafiles_path }}/create"
when:
- (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload)
- create_dir_or_not.stat.isdir is defined and create_dir_or_not.stat.isdir
- create_dir_or_not.stat.exists
- name: "PostgreSQL | Importing schema file"
shell: |
set -euxo pipefail
cd {{ datafiles_path }}
if [ -f schema.sql.gz ]; then zcat schema.sql.gz > /tmp/schema.sql ; else cp -p schema.sql /tmp/schema.sql ;fi
cat /tmp/schema.sql | psql -h '{{ zabbix_server_dbhost }}' \
-U '{{ zabbix_server_dbuser }}' \
-d '{{ zabbix_server_dbname }}' \
-p '{{ zabbix_server_dbport }}'
touch /etc/zabbix/schema.done
rm -f /etc/schema.sql
args:
creates: /etc/zabbix/schema.done
executable: /bin/bash
warn: false
environment:
PGPASSWORD: "{{ zabbix_server_dbpassword }}"
when:
- (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload)
tags:
- zabbix-server
- database
- name: "PostgreSQL | Importing images file"
shell: >
cd {{ datafiles_path }} &&
psql -h '{{ zabbix_server_dbhost }}'
-U '{{ zabbix_server_dbuser }}'
-d '{{ zabbix_server_dbname }}'
-p '{{ zabbix_server_dbport }}'
-f images.sql && touch /etc/zabbix/images.done
args:
creates: /etc/zabbix/images.done
warn: false
environment:
PGPASSWORD: "{{ zabbix_server_dbpassword }}"
when: (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload)
tags:
- zabbix-server
- database
- name: "PostgreSQL | Importing data file"
shell: >
cd {{ datafiles_path }} &&
psql -h '{{ zabbix_server_dbhost }}'
-U '{{ zabbix_server_dbuser }}'
-d '{{ zabbix_server_dbname }}'
-p '{{ zabbix_server_dbport }}'
-f data.sql && touch /etc/zabbix/data.done
args:
creates: /etc/zabbix/data.done
warn: false
environment:
PGPASSWORD: "{{ zabbix_server_dbpassword }}"
when: (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload)
tags:
- zabbix-server
- database

20
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/scripts.yml Normal file
View File

@@ -0,0 +1,20 @@
---
- name: "Configure zabbix-server alertscripts"
template:
src: "{{ item.path }}"
dest: "{{ zabbix_server_alertscriptspath }}/{{ item.name }}"
owner: zabbix
group: zabbix
mode: 0755
with_items: "{{ zabbix_server_alertscripts }}"
when: zabbix_server_alertscripts is defined
- name: "Configure zabbix-server externalscripts"
template:
src: "{{ item.path }}"
dest: "{{ zabbix_server_externalscriptspath }}/{{ item.name }}"
owner: zabbix
group: zabbix
mode: 0755
with_items: "{{ zabbix_server_externalscripts }}"
when: zabbix_server_externalscripts is defined

124
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/tasks/selinux.yml Normal file
View File

@@ -0,0 +1,124 @@
---
# straight to getenforce binary , workaround for missing python_selinux library
- name: "Get getenforce binary"
stat:
path: /usr/sbin/getenforce
register: getenforce_bin
become: true
- name: "Collect getenforce output"
command: getenforce
register: sestatus
when: 'getenforce_bin.stat.exists'
changed_when: false
become: true
check_mode: false
- name: "Set zabbix_selinux to true if getenforce returns Enforcing or Permissive"
set_fact:
zabbix_selinux: "{{ true }}"
when: 'getenforce_bin.stat.exists and ("Enforcing" in sestatus.stdout or "Permissive" in sestatus.stdout)'
- name: "SELinux | RedHat | Install related SELinux package"
yum:
name:
- libsemanage-python
- policycoreutils
- checkpolicy
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- ansible_os_family == "RedHat"
- selinux_allow_zabbix_can_network
- ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6"
tags:
- zabbix-server
- name: "SELinux | RedHat | Install related SELinux package on RHEL9 and RHEL8"
yum:
name:
- python3-libsemanage
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- ansible_os_family == "RedHat"
- selinux_allow_zabbix_can_network
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-server
- name: "SELinux | RedHat | Enable httpd_can_connect_zabbix SELinux boolean"
ansible.posix.seboolean:
name: httpd_can_connect_zabbix
state: true
persistent: true
become: true
when:
- selinux_allow_zabbix_can_http
tags:
- zabbix-server
- name: "SELinux | RedHat | Enable zabbix_can_network SELinux boolean"
ansible.posix.seboolean:
name: zabbix_can_network
state: true
persistent: true
become: true
when:
- selinux_allow_zabbix_can_network
tags:
- zabbix-server
- name: "SELinux | RedHat | Install related SELinux package to fix issues"
yum:
name:
- policycoreutils-python
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6"
tags:
- zabbix-server
- name: "SELinux | RedHat | Install related SELinux package on RHEL9 and RHEL8"
yum:
name:
- policycoreutils
- checkpolicy
- python3-libsemanage
state: present
environment:
http_proxy: "{{ zabbix_http_proxy | default(None) | default(omit) }}"
https_proxy: "{{ zabbix_https_proxy | default(None) | default(omit) }}"
register: zabbix_server_dependencies_installed
until: zabbix_server_dependencies_installed is succeeded
become: true
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version|int >= 8
tags:
- zabbix-server
- name: "SELinux | RedHat | Add SEmodule to fix SELinux issue: zabbix_server_alerter.sock"
script:
cmd: files/install_semodule.bsx
args:
creates: /etc/selinux/targeted/active/modules/400/zabbix_server_add/cil
become: true

251
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/templates/zabbix_server.conf.j2 Normal file
View File

@@ -0,0 +1,251 @@
{{ ansible_managed | comment }}
# This is a configuration file for Zabbix Server process
# To get more information about Zabbix, visit http://www.zabbix.com
# This configuration file is "minimalized", which means all the original comments
# are removed. The full documentation for your Zabbix Server can be found here:
# https://www.zabbix.com/documentation/{{ zabbix_version }}/en/manual/appendix/config/zabbix_server
ListenPort={{ zabbix_server_listenport }}
{% if zabbix_server_sourceip is defined and zabbix_server_sourceip %}
SourceIP={{ zabbix_server_sourceip }}
{% endif %}
{% if zabbix_version is version('3.0', '>=') %}
LogType={{ zabbix_server_logtype }}
{% endif %}
LogFile={{ zabbix_server_logfile }}
LogFileSize={{ zabbix_server_logfilesize }}
DebugLevel={{ zabbix_server_debuglevel }}
{% if zabbix_version is version('3.4', '>=') %}
SocketDir={{ zabbix_server_socketdir }}
{% endif %}
PidFile={{ zabbix_server_pidfile }}
DBHost={{ zabbix_server_dbhost }}
DBName={{ zabbix_server_dbname }}
{% if zabbix_server_dbschema is defined and zabbix_server_dbschema %}
DBSchema={{ zabbix_server_dbschema }}
{% endif %}
DBUser={{ zabbix_server_dbuser }}
DBPassword={{ zabbix_server_dbpassword }}
{% if zabbix_server_dbsocket is defined and zabbix_server_dbsocket %}
DBSocket={{ zabbix_server_dbsocket }}
{% endif %}
{% if zabbix_server_dbport is defined and zabbix_server_dbport %}
DBPort={{ zabbix_server_dbport }}
{% endif %}
{% if zabbix_version is version('6.0', '>=') %}
AllowUnsupportedDBVersions={{ zabbix_server_allowunsupporteddbversions }}
{% endif %}
{% if zabbix_server_historystorageurl is defined and zabbix_server_historystorageurl %}
HistoryStorageURL={{ zabbix_server_historystorageurl }}
{% endif %}
{% if zabbix_version is version('3.4', '>=') %}
HistoryStorageTypes={{ zabbix_server_historystoragetypes }}
{% endif %}
{% if zabbix_version is version('4.0', '>=') %}
HistoryStorageDateIndex={{ zabbix_server_historystoragedateindex }}
{% endif %}
{% if zabbix_version is version('4.0', '>=') %}
{% if zabbix_server_exportdir is defined and zabbix_server_exportdir %}
ExportDir={{ zabbix_server_exportdir }}
{% endif %}
{% endif %}
{% if zabbix_version is version('4.0', '>=') %}
ExportFileSize={{ zabbix_server_exportfilesize }}
{% endif %}
StartPollers={{ zabbix_server_startpollers }}
StartIPMIPollers={{ zabbix_server_startipmipollers }}
{% if zabbix_version is version('4.2', '>=') %}
StartLLDProcessors={{ zabbix_server_startlldprocessors }}
{% endif %}
{% if zabbix_version is version('4.2', '>=') %}
StartPreprocessors={{ zabbix_server_startpreprocessors }}
{% endif %}
StartPollersUnreachable={{ zabbix_server_startpollersunreachable }}
{% if zabbix_version is version('6.2', '>=') %}
StartHistoryPollers={{ zabbix_server_starthistorypollers }}
{% endif %}
StartTrappers={{ zabbix_server_starttrappers }}
StartPingers={{ zabbix_server_startpingers }}
StartDiscoverers={{ zabbix_server_startdiscoverers }}
StartHTTPPollers={{ zabbix_server_starthttppollers }}
{% if zabbix_version is version('2.0', '>=') %}
StartTimers={{ zabbix_server_starttimers }}
{% endif %}
{% if zabbix_version is version('3.0', '>=') %}
StartEscalators={{ zabbix_server_startescalators }}
{% endif %}
{% if zabbix_server_javagateway is defined and zabbix_server_javagateway %}
JavaGateway={{ zabbix_server_javagateway }}
JavaGatewayPort={{ zabbix_server_javagatewayport }}
StartJavaPollers={{ zabbix_server_startjavapollers }}
{% endif %}
{% if zabbix_version is version('2.2', '>=') %}
StartVMwareCollectors={{ zabbix_server_startvmwarecollectors }}
VMwareFrequency={{ zabbix_server_vmwarefrequency }}
{% if zabbix_version is version('3.0', '>=') %}
VMwarePerfFrequency={{ zabbix_server_vmwareperffrequency }}
{% endif %}
VMwareCacheSize={{ zabbix_server_vmwarecachesize }}
{% endif %}
{% if zabbix_version is version('3.0', '>=') %}
VMwareTimeout={{ zabbix_server_vmwaretimeout }}
{% endif %}
SNMPTrapperFile={{ zabbix_server_snmptrapperfile }}
StartSNMPTrapper={{ zabbix_server_startsnmptrapper }}
{% if zabbix_server_listenip is defined and zabbix_server_listenip %}
ListenIP={{ zabbix_server_listenip }}
{% endif %}
HousekeepingFrequency={{ zabbix_server_housekeepingfrequency }}
MaxHousekeeperDelete={{ zabbix_server_maxhousekeeperdelete }}
{% if zabbix_version is version('3.2', '<=') %}
SenderFrequency={{ zabbix_server_senderfrequency }}
{% endif %}
{% if zabbix_server_cachesize is defined and zabbix_server_cachesize is not none %}
CacheSize={{ zabbix_server_cachesize }}
{% else %}
{% if zabbix_version is version('6.2', '<') %}
CacheSize=8M
{% else %}
CacheSize=32M
{% endif %}
{% endif %}
CacheUpdateFrequency={{ zabbix_server_cacheupdatefrequency }}
StartDBSyncers={{ zabbix_server_startdbsyncers }}
HistoryCacheSize={{ zabbix_server_historycachesize }}
{% if zabbix_version is version('3.0', '>=') %}
HistoryIndexCacheSize={{ zabbix_server_historyindexcachesize }}
{% endif %}
TrendCacheSize={{ zabbix_server_trendcachesize }}
{% if zabbix_version is version('6.0', '>=') %}
TrendFunctionCacheSize={{ zabbix_server_trendfunctioncachesize }}
{% endif %}
{% if zabbix_version is version('3.0', '<') %}
### option: historytextcachesize
HistoryTextCacheSize={{ zabbix_server_historytextcachesize }}
{% endif %}
{% if zabbix_version is version('2.2', '>=') %}
ValueCacheSize={{ zabbix_server_valuecachesize }}
{% endif %}
{% if zabbix_version is version('2.4', '<') %}
NodeNoEvents={{ zabbix_server_nodenoevents }}
NodeNoHistory={{ zabbix_server_nodenohistory }}
{% endif %}
Timeout={{ zabbix_server_timeout }}
TrapperTimeout={{ zabbix_server_trappertimeout }}
UnreachablePeriod={{ zabbix_server_unreachableperiod }}
UnavailableDelay={{ zabbix_server_unavailabledelay }}
UnreachableDelay={{ zabbix_server_unreachabledelay }}
AlertScriptsPath={{ zabbix_server_alertscriptspath }}
ExternalScripts={{ zabbix_server_externalscriptspath }}
FpingLocation={{ zabbix_server_fpinglocation }}
Fping6Location={{ zabbix_server_fping6location }}
{% if zabbix_server_sshkeylocation is defined and zabbix_server_sshkeylocation %}
SSHKeyLocation={{ zabbix_server_sshkeylocation }}
{% endif %}
LogSlowQueries={{ zabbix_server_logslowqueries }}
TmpDir={{ zabbix_server_tmpdir }}
StartProxyPollers={{ zabbix_server_startproxypollers }}
{% if zabbix_server_proxyconfigfrequency and zabbix_server_proxyconfigfrequency is not none %}
ProxyConfigFrequency={{ zabbix_server_proxyconfigfrequency }}
{% else %}
{% if zabbix_version is version('6.2', '<') %}
ProxyConfigFrequency=3600
{% else %}
ProxyConfigFrequency=300
{% endif %}
{% endif %}
ProxyDataFrequency={{ zabbix_server_proxydatafrequency }}
{% if zabbix_version is version('2.2', '>=') %}
AllowRoot={{ zabbix_server_allowroot }}
{% endif %}
{% if zabbix_version is version('3.0', '>=') %}
User={{ zabbix_server_user }}
{% endif %}
Include={{ zabbix_server_include }}
{% if zabbix_version is version('3.0', '>=') %}
SSLCertLocation={{ zabbix_server_sslcertlocation }}
SSLKeyLocation={{ zabbix_server_sslkeylocation }}
{% if zabbix_server_sslcalocation is defined and zabbix_server_sslcalocation is not none %}
SSLCALocation={{ zabbix_server_sslcalocation }}
{% endif %}
{% endif %}
{% if zabbix_version is version('2.2', '>=') %}
LoadModulePath={{ zabbix_server_loadmodulepath }}
{% endif %}
{% if zabbix_server_loadmodule is defined and zabbix_server_loadmodule %}
LoadModule = {{ zabbix_server_loadmodule }}
{% endif %}
{% if zabbix_version is version('3.0', '>=') %}
{% if zabbix_server_tlscafile is defined and zabbix_server_tlscafile is not none %}
TLSCAFile={{ zabbix_server_tlscafile }}
{% endif %}
{% if zabbix_server_tlscrlfile is defined and zabbix_server_tlscrlfile is not none %}
TLSCRLFile={{ zabbix_server_tlscrlfile }}
{% endif %}
{% if zabbix_server_tlscertfile is defined and zabbix_server_tlscertfile is not none %}
TLSCertFile={{ zabbix_server_tlscertfile }}
{% endif %}
{% if zabbix_server_tlskeyfile is defined and zabbix_server_tlskeyfile is not none %}
TLSKeyFile={{ zabbix_server_tlskeyfile }}
{% endif %}
{% endif %}
{% if zabbix_server_dbtlsconnect is defined and zabbix_server_dbtlsconnect is not none %}
DBTLSConnect={{ zabbix_server_dbtlsconnect }}
{% endif %}
{% if zabbix_server_dbtlscafile is defined and zabbix_server_dbtlscafile is not none %}
DBTLSCAFile={{ zabbix_server_dbtlscafile }}
{% endif %}
{% if zabbix_server_dbtlscertfile is defined and zabbix_server_dbtlscertfile is not none %}
DBTLSCertFile={{ zabbix_server_dbtlscertfile }}
{% endif %}
{% if zabbix_server_dbtlskeyfile is defined and zabbix_server_dbtlskeyfile is not none %}
DBTLSKeyFile={{ zabbix_server_dbtlskeyfile }}
{% endif %}
{% if zabbix_server_dbtlscipher is defined and zabbix_server_dbtlscipher is not none %}
DBTLSCipher={{ zabbix_server_dbtlscipher }}
{% endif %}
{% if zabbix_server_dbtlscipher13 is defined and zabbix_server_dbtlscipher13 is not none %}
DBTLSCipher13={{ zabbix_server_dbtlscipher13 }}
{% endif %}
{% if zabbix_version is version('6.0', '>=') %}
{% if zabbix_server_vaulttoken is defined and zabbix_server_vaulttoken is not none %}
VaultToken={{ zabbix_server_vaulttoken }}
{% endif %}
{% if zabbix_server_vaulturl is defined and zabbix_server_vaulturl is not none %}
VaultURL={{ zabbix_server_vaulturl }}
{% endif %}
{% if zabbix_server_vaultdbpath is defined and zabbix_server_vaultdbpath is not none %}
VaultDBPath={{ zabbix_server_vaultdbpath }}
{% endif %}
{% if zabbix_server_vaulttlscertfile is defined and zabbix_server_vaulttlscertfile is not none %}
VaultTLSKeyFile={{ zabbix_server_vaulttlscertfile }}
{% endif %}
{% if zabbix_server_vaulttlskeyfile is defined and zabbix_server_vaulttlskeyfile is not none %}
VaultTLSCertFile={{ zabbix_server_vaulttlskeyfile }}
{% endif %}
{% if zabbix_server_startreportwriters is defined and zabbix_server_startreportwriters is not none %}
StartReportWriters={{ zabbix_server_startreportwriters }}
{% endif %}
{% if zabbix_server_webserviceurl is defined and zabbix_server_webserviceurl is not none %}
WebServiceURL={{ zabbix_server_webserviceurl }}
{% endif %}
{% if zabbix_server_servicemanagersyncfrequency is defined and zabbix_server_servicemanagersyncfrequency is not none %}
ServiceManagerSyncFrequency={{ zabbix_server_servicemanagersyncfrequency }}
{% endif %}
{% if zabbix_server_problemhousekeepingfrequency is defined and zabbix_server_problemhousekeepingfrequency is not none %}
ProblemHousekeepingFrequency={{ zabbix_server_problemhousekeepingfrequency }}
{% endif %}
{% if zabbix_version is version('6.2', '>=') %}
StartODBCPollers={{ zabbix_server_startodbcpollers }}
{% endif %}
{% if zabbix_server_listenbacklog is defined and zabbix_server_listenbacklog is not none %}
ListenBacklog={{ zabbix_server_listenbacklog }}
{% endif %}
{% if zabbix_server_hanodename is defined and zabbix_server_hanodename is not none %}
HANodeName={{ zabbix_server_hanodename }}
{% endif %}
{% if zabbix_server_nodeaddress is defined and zabbix_server_nodeaddress is not none %}
NodeAddress={{ zabbix_server_nodeaddress }}
{% endif %}
{% endif %}

36
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/vars/Debian.yml Normal file
View File

@@ -0,0 +1,36 @@
---
apache_user: www-data
apache_group: www-data
apache_log: apache2
mysql_create_dir: ""
zabbix_valid_server_versions:
# Debian
"11":
- 6.2
- 6.0
- 5.0
- 4.0
"10":
- 6.0
- 5.0
- 4.0
"9":
- 4.0
# Ubuntu
"22":
- 6.2
- 6.0
"20":
- 6.2
- 6.0
- 5.0
- 4.0
"18":
- 6.0
- 5.0
- 4.0
zabbix_server_fpinglocation: /usr/bin/fping
zabbix_server_fping6location: /usr/bin/fping6

22
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/vars/RedHat.yml Normal file
View File

@@ -0,0 +1,22 @@
---
apache_user: apache
apache_group: apache
apache_log: httpd
mysql_create_dir: create/
zabbix_valid_server_versions:
"9":
- 6.2
- 6.0
"8":
- 6.2
- 6.0
- 5.0
- 4.0
"7":
- 5.0
- 4.0
zabbix_server_fpinglocation: /usr/sbin/fping
zabbix_server_fping6location: /usr/sbin/fping6

2
lib/python3.10/site-packages/ansible_collections/community/zabbix/roles/zabbix_server/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for zabbix_server

Some files were not shown because too many files have changed in this diff Show More