jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2025-01-23 20:39:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bitwarden

Browse Source
This commit is contained in:
jaydee 2024-06-12 22:28:53 +02:00
parent 0acc5967de
commit 4d19b05594
3 changed files with 179 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
playbooks/00_install_zabbix_server.yml Normal file
View File

@ -0,0 +1,115 @@
- hosts: datacenter
name: Install zabbix agent
become: true
vars:
ZABBIX_SERVER_IP: "192.168.77.216"
ZABBIX_DB_PASSWORD: "zabbix"
tasks:
- name: Print all available facts
ansible.builtin.debug:
var: ansible_facts.architecture
# - name: Upload zabbix package
# ansible.builtin.copy:
# src: packages/zabbix-release_6.4-1+ubuntu22.04_all.deb
# dest: /tmp/
- name: Install a .deb package from the internet
ansible.builtin.apt:
#deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian12_all.deb
deb: https://repo.zabbix.com/zabbix/7.0/debian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian12_all.deb
when:
- ansible_facts.architecture != "armv7l" and ansible_distribution == "Debian" and ansible_distribution_major_version == "12"
# - name: Install a .deb package localy
# ansible.builtin.apt:
# deb: /tmp/zabbix-release_6.4-1+ubuntu22.04_all.deb
- name: Install zabbix packages
ansible.builtin.apt:
name:
- zabbix-agent2
- zabbix-agent2-plugin-*
- zabbix-server-pgsql
- zabbix-frontend-php
- php8.2-pgsql
- zabbix-nginx-conf
- zabbix-sql-scripts
- postgresql
- postgresql-client
update_cache: yes
- name: Apt exclude linux-dtb-current-meson64
ansible.builtin.shell: echo "CREATE USER zabbix password 'zabbix';" | su -c /usr/bin/psql postgres
- name: Apt exclude linux-dtb-current-meson64
ansible.builtin.shell: sudo -u postgres createdb -O zabbix zabbix
- name: Apt exclude linux-dtb-current-meson64
ansible.builtin.shell: zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psql zabbix
- name: Reconfigure zabbix agent Server
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_server.conf
regexp: "^DBPassword=.*"
insertafter: '^# DBPassword='
line: "DBPassword={{ ZABBIX_DB_PASSWORD }}"
- name: Reconfigure zabbix agent Server
ansible.builtin.lineinfile:
path: /etc/nginx/conf.d/zabbix.conf
regexp: "^# listen.*"
line: " listen 8080;"
- name: Reconfigure zabbix agent Server
ansible.builtin.lineinfile:
path: /etc/nginx/conf.d/zabbix.conf
regexp: "^# server_name.*"
line: " server_name zabbix.sectorq.eu;"
- name: Reconfigure zabbix agent Server
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^Server=.*"
insertafter: '^# Server='
line: "Server=192.168.77.0/24"
- name: Reconfigure zabbix agent ServerActive
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^ServerActive=.*"
line: "ServerActive={{ ZABBIX_SERVER_IP }}"
- name: Reconfigure zabbix agent ListenPort
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^ListenPort=.*"
line: "ListenPort=10050"
# - name: Reconfigure zabbix agent ListenIP
# ansible.builtin.lineinfile:
# path: /etc/zabbix/zabbix_agent2.conf
# regexp: "^ListenIP=.*"
# line: "ListenIP=0.0.0.0"
- name: Reconfigure zabbix-agent2 hostname
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^Hostname=.*"
line: "Hostname={{ansible_hostname}}"
- name: Reconfigure zabbix-agent2 hostname
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^UserParameter=.*"
insertafter: '^# UserParameter='
line: "UserParameter=system.temperature,vcgencmd measure_temp"
- name: Reconfigure zabbix-agent2 hostname
ansible.builtin.lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^HostMetadata=.*"
insertafter: '^# HostMetadata='
line: "HostMetadata=linux;jaydee"
- name: Restart zabbix-server service
ansible.builtin.service:
name: "{{ item }}"
state: restarted
enabled: true
loop:
- zabbix-server.service
- zabbix-agent2.service
- nginx.service

16
playbooks/00_install_zabbix_server_cert.yml Normal file
View File

@ -0,0 +1,16 @@
- hosts: datacenter
name: Install zabbix agent
become: true
tasks:
- name: Creating a file with content
copy:
dest: "/usr/share/zabbix/conf/certs/idp.crt"
content: "{{ ZABBIX_IDP_CERT }}"
- name: Creating a file with content
copy:
dest: "/usr/share/zabbix/conf/certs/sp.key"
content: "{{ ZABBIX_AUTH_KEY }}"
- name: Creating a file with content
copy:
dest: "/usr/share/zabbix/conf/certs/sp.crt"
content: "{{ ZABBIX_AUTH_CERT }}"

48
playbooks/setup_fog_nfs.yml Normal file
View File

@ -0,0 +1,48 @@
- hosts: datacenter
name: Setup nfs
gather_facts: false
tasks:
- name: Install nfs
ansible.builtin.apt:
name: nfs-kernel-server
state: present
when: inventory_hostname in groups['fog']
- name: Reconfigure common-session
ansible.builtin.lineinfile:
path: /etc/exports
regexp: "/images .*"
line: "/images *(rw,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0)"
become: true
when: inventory_hostname in groups['fog']
- name: Restart autofs service
ansible.builtin.service:
name: nfs-kernel-server.service
state: restarted
become: true
when: inventory_hostname in groups['fog']
- name: Creating a file with content wol service
ansible.builtin.copy:
dest: "/etc/auto.fog"
content: |
fog-images -fstype=nfs 192.168.77.108:/images
become: true
when: inventory_hostname in groups['morefine']
- name: Restart autofs service
ansible.builtin.service:
name: autofs.service
state: restarted
become: true
when: inventory_hostname in groups['morefine']
# - name: Creating script to fetch ldap info
# ansible.builtin.copy:
# dest: "/usr/local/bin/fetchSSHKeysFromLDAP"
# content: |
# #!/bin/bash
# ldapsearch -b "dc=sectorq,dc=eu" -H ldap://192.168.77.106:389 -x '(&(objectClass=ldapPublicKey)(cn='"$1"'))' 'sshPublicKey' | sed -n '/^ /{H;d};/sshPublicKey:/x;$g;s/\n *//g;s/sshPublicKey: //gp'
# owner: admin
# mode: '0744'
# when: inventory_hostname in groups['nas']