jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2026-03-12 21:32:48 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

build

Browse Source
This commit is contained in:
Ladislav Dusa
2026-02-16 00:24:57 +01:00
parent 575e067ece
commit 7f3ea662f9
3 changed files with 597 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
roles/docker/tasks/Rocky.yml Normal file
View File

@@ -0,0 +1,130 @@
- name: Setup docker
become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
block:
- name: Facts
ansible.builtin.setup:
- name: Remove old Docker packages
ansible.builtin.dnf:
name:
- docker
- docker-client
- docker-client-latest
- docker-common
- docker-latest
- docker-latest-logrotate
- docker-logrotate
- docker-engine
state: absent
- name: Install required packages
ansible.builtin.dnf:
name:
- dnf-plugins-core
- ca-certificates
- curl
- gnupg2
state: present
- name: Add Docker repository
ansible.builtin.get_url:
url: https://download.docker.com/linux/centos/docker-ce.repo
dest: /etc/yum.repos.d/docker-ce.repo
mode: '0644'
- name: Install Docker Engine
ansible.builtin.dnf:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
state: latest
- name: Add users to docker group
ansible.builtin.user:
name: "{{ item }}"
groups: docker
append: true
loop: "{{ docker_users }}"
when: docker_users | length > 0
- name: Create a directory docker.service.d
ansible.builtin.file:
path: /etc/systemd/system/docker.service.d/
state: directory
mode: '0755'
- name: Create a directory for certs
ansible.builtin.file:
path: /etc/docker/certs
state: directory
mode: '0700'
owner: root
group: root
- name: Creating a file with content
ansible.builtin.copy:
dest: "/etc/systemd/system/docker.service.d/override.conf"
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify --tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem --tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376
mode: '0600'
owner: root
group: root
notify: restart_docker
when: mode == "cert"
- name: Just force systemd to reread configs
ansible.builtin.systemd:
daemon_reload: true
- name: Check if file exists
ansible.builtin.stat:
path: /etc/docker/certs/ca.pem
register: file_check
- name: Print file check result
ansible.builtin.debug:
var: file_check
- name: Include role only if missing
ansible.builtin.include_role:
name: cert_gen
when: not file_check.stat.exists and mode == "cert"
- name: Create docker config file
ansible.builtin.copy:
dest: /etc/docker/daemon.json
content: |
{
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker",
"dns": ["192.168.77.101", "192.168.77.106", "8.8.8.8"],
"dns-search": ["lan", "home.lan"]
}
mode: '0644'
owner: root
group: root
- name: Restart docker service
ansible.builtin.service:
name: docker
state: restarted
# - name: Get keys for raspotify
# ansible.builtin.shell: docker plugin install grafana/loki-docker-driver:3.3.2-{{ ansible_architecture }} --alias loki --grant-all-permissions
- name: Install a plugin
community.docker.docker_plugin:
plugin_name: grafana/loki-docker-driver
alias: loki
state: enable

234
roles/zabbix_proxy/tasks/Debian.yml Normal file
View File

@@ -0,0 +1,234 @@
- name: Install Zabbix Proxy on Debian 13
vars:
zabbix_version: "7.4"
zabbix_server_ip: "192.168.77.101"
zabbix_proxy_name: "{{ inventory_hostname }}"
zabbix_db_file: "/var/lib/zabbix/zabbix_proxy.db"
zabbix_db_type: "sqlite" # sqlite | mysql | postgres
zabbix_api_url: "https://zabbix.sectorq.eu/api_jsonrpc.php"
become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
block:
# ==========================================================
# Install repository
# ==========================================================
- name: Gather facts
ansible.builtin.setup:
- name: Show default IP
ansible.builtin.debug:
msg: "{{ ansible_default_ipv4.address }}"
- name: Install base packages
apt:
name:
- wget
- gnupg
- apt-transport-https
update_cache: yes
state: present
- name: Create apt proxy file
ansible.builtin.copy:
dest: /etc/apt/apt.conf.d/02proxy
content: |
Acquire::http::Proxy "http://192.168.77.101:3142";
Acquire::https::Proxy "false";
- name: Download Zabbix repo package
get_url:
url: "https://repo.zabbix.com/zabbix/{{ zabbix_version }}/release/debian/pool/main/z/zabbix-release/zabbix-release_{{ zabbix_version }}-1%2Bdebian13_all.deb"
dest: /tmp/zabbix-release.deb
- name: Install Zabbix repository
apt:
deb: /tmp/zabbix-release.deb
- name: Update apt cache
apt:
update_cache: yes
# ==========================================================
# Install proxy based on DB type
# ==========================================================
- name: Install SQLite proxy
apt:
name:
- zabbix-proxy-sqlite3
- sqlite3
state: present
when: zabbix_db_type == "sqlite"
- name: Install MySQL proxy
apt:
name:
- zabbix-proxy-mysql
- default-mysql-client
state: present
when: zabbix_db_type == "mysql"
- name: Install PostgreSQL proxy
apt:
name:
- zabbix-proxy-pgsql
- postgresql-client
state: present
when: zabbix_db_type == "postgres"
- name: Install Zabbix agent
apt:
name: zabbix-agent2
state: present
# ==========================================================
# SQLite setup
# ==========================================================
- name: Ensure Zabbix directory ownership (SQLite)
file:
path: /var/lib/zabbix
owner: zabbix
group: zabbix
recurse: yes
when: zabbix_db_type == "sqlite"
# ==========================================================
# MySQL setup
# ==========================================================
- name: Import MySQL schema
shell: |
zcat /usr/share/zabbix/mysql/proxy.sql.gz | \
mysql -h {{ zabbix_db_host }} \
-u {{ zabbix_db_user }} \
-p{{ zabbix_db_password }} \
{{ zabbix_db_name }}
when: zabbix_db_type == "mysql"
# ==========================================================
# PostgreSQL setup
# ==========================================================
- name: Import PostgreSQL schema
shell: |
zcat /usr/share/zabbix/postgresql/proxy.sql.gz | \
PGPASSWORD={{ zabbix_db_password }} psql \
-h {{ zabbix_db_host }} \
-U {{ zabbix_db_user }} \
{{ zabbix_db_name }}
become_user: postgres
when: zabbix_db_type == "postgres"
- name: Configure Zabbix agent
lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop: >-
{{ [
{'key': 'Server', 'value': '127.0.0.1'},
{'key': 'ServerActive', 'value': 'debian13-vm01.home.lan;debian13-vm02.home.lan;debian13-vm03.home.lan;debian13-vm04.home.lan;debian13-vm05.home.lan'},
{'key': 'Hostname', 'value': zabbix_proxy_name},
{'key': 'HostMetadata', 'value': 'linux,jaydee'},
]
}}
# ==========================================================
# Configure proxy
# ==========================================================
- name: Configure Zabbix proxy
lineinfile:
path: /etc/zabbix/zabbix_proxy.conf
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop: >-
{{
[
{'key': 'Server', 'value': zabbix_server_ip},
{'key': 'Hostname', 'value': zabbix_proxy_name},
{'key': 'ProxyMode', 'value': '0'}
]
+
(
(zabbix_db_type == "sqlite")
| ternary(
[
{'key': 'DBName', 'value': zabbix_db_file}
],
[
{'key': 'DBName', 'value': zabbix_db_name},
{'key': 'DBUser', 'value': zabbix_db_user},
{'key': 'DBPassword', 'value': zabbix_db_password},
{'key': 'DBHost', 'value': zabbix_db_host}
]
)
)
}}
# ==========================================================
# Start service
# ==========================================================
- name: Restart Zabbix proxy
systemd:
name: zabbix-proxy
state: restarted
enabled: yes
- name: Restart Zabbix agent
systemd:
name: zabbix-agent2
state: restarted
enabled: yes
- name: Check if proxy exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxy.get"
params:
filter:
name: "{{ zabbix_proxy_name }}"
id: 2
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
register: proxy_check
- name: Print proxy_check
debug:
msg: "{{ proxy_check }}"
- name: Print ansible_default_ipv4.address
debug:
msg: "{{ ansible_default_ipv4.address }}"
- name: Create proxy if not exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxy.create"
params:
name: "{{ zabbix_proxy_name }}"
proxy_groupid: 1
operating_mode: 0
local_address: "{{ ansible_default_ipv4.address }}"
port: "10051"
id: 3
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
when: proxy_check.json.result | length == 0
register: proxy_check2
- name: Print proxy_check
debug:
msg: "{{ proxy_check2 }}"

233
roles/zabbix_proxy/tasks/Rocky.yml Normal file
View File

@@ -0,0 +1,233 @@
- name: Install Zabbix Proxy on Debian 13
vars:
zabbix_version: "7.4"
zabbix_server_ip: "192.168.77.101"
zabbix_proxy_name: "{{ inventory_hostname }}"
zabbix_db_file: "/var/lib/zabbix/zabbix_proxy.db"
zabbix_db_type: "sqlite" # sqlite | mysql | postgres
zabbix_api_url: "https://zabbix.sectorq.eu/api_jsonrpc.php"
become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
block:
# ==========================================================
# Install repository
# ==========================================================
- name: Gather facts
ansible.builtin.setup:
- name: Show default IP
ansible.builtin.debug:
msg: "{{ ansible_default_ipv4.address }}"
- name: Install base packages
ansible.builtin.dnf:
name:
- wget
- gnupg
- apt-transport-https
state: present
# - name: Create apt proxy file
# ansible.builtin.copy:
# dest: /etc/apt/apt.conf.d/02proxy
# content: |
# Acquire::http::Proxy "http://192.168.77.101:3142";
# Acquire::https::Proxy "false";
- name: Download Zabbix repo package
get_url:
url: "https://repo.zabbix.com/zabbix/{{ zabbix_version }}/release/rocky/9/noarch/zabbix-release-latest-{{ zabbix_version }}.el9.noarch.rpm"
dest: /tmp/zabbix-release.deb
- name: Install Zabbix repository
ansible.builtin.dnf:
name: /tmp/zabbix-release.deb
state: present
- name: Update dnf cache
ansible.builtin.dnf:
update_cache: yes
# ==========================================================
# Install proxy based on DB type
# ==========================================================
- name: Install SQLite proxy
ansible.builtin.dnf:
name:
- zabbix-proxy-sqlite3
- sqlite3
state: present
when: zabbix_db_type == "sqlite"
- name: Install MySQL proxy
ansible.builtin.dnf:
name:
- zabbix-proxy-mysql
- default-mysql-client
state: present
when: zabbix_db_type == "mysql"
- name: Install PostgreSQL proxy
ansible.builtin.dnf:
name:
- zabbix-proxy-pgsql
- postgresql-client
state: present
when: zabbix_db_type == "postgres"
- name: Install Zabbix agent
ansible.builtin.dnf:
name: zabbix-agent2
state: present
# ==========================================================
# SQLite setup
# ==========================================================
- name: Ensure Zabbix directory ownership (SQLite)
file:
path: /var/lib/zabbix
owner: zabbix
group: zabbix
recurse: yes
when: zabbix_db_type == "sqlite"
# ==========================================================
# MySQL setup
# ==========================================================
- name: Import MySQL schema
shell: |
zcat /usr/share/zabbix/mysql/proxy.sql.gz | \
mysql -h {{ zabbix_db_host }} \
-u {{ zabbix_db_user }} \
-p{{ zabbix_db_password }} \
{{ zabbix_db_name }}
when: zabbix_db_type == "mysql"
# ==========================================================
# PostgreSQL setup
# ==========================================================
- name: Import PostgreSQL schema
shell: |
zcat /usr/share/zabbix/postgresql/proxy.sql.gz | \
PGPASSWORD={{ zabbix_db_password }} psql \
-h {{ zabbix_db_host }} \
-U {{ zabbix_db_user }} \
{{ zabbix_db_name }}
become_user: postgres
when: zabbix_db_type == "postgres"
- name: Configure Zabbix agent
lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop: >-
{{ [
{'key': 'Server', 'value': '127.0.0.1'},
{'key': 'ServerActive', 'value': 'debian13-vm01.home.lan;debian13-vm02.home.lan;debian13-vm03.home.lan;debian13-vm04.home.lan;debian13-vm05.home.lan'},
{'key': 'Hostname', 'value': zabbix_proxy_name},
{'key': 'HostMetadata', 'value': 'linux,jaydee'},
]
}}
# ==========================================================
# Configure proxy
# ==========================================================
- name: Configure Zabbix proxy
lineinfile:
path: /etc/zabbix/zabbix_proxy.conf
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop: >-
{{
[
{'key': 'Server', 'value': zabbix_server_ip},
{'key': 'Hostname', 'value': zabbix_proxy_name},
{'key': 'ProxyMode', 'value': '0'}
]
+
(
(zabbix_db_type == "sqlite")
| ternary(
[
{'key': 'DBName', 'value': zabbix_db_file}
],
[
{'key': 'DBName', 'value': zabbix_db_name},
{'key': 'DBUser', 'value': zabbix_db_user},
{'key': 'DBPassword', 'value': zabbix_db_password},
{'key': 'DBHost', 'value': zabbix_db_host}
]
)
)
}}
# ==========================================================
# Start service
# ==========================================================
- name: Restart Zabbix proxy
systemd:
name: zabbix-proxy
state: restarted
enabled: yes
- name: Restart Zabbix agent
systemd:
name: zabbix-agent2
state: restarted
enabled: yes
- name: Check if proxy exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxy.get"
params:
filter:
name: "{{ zabbix_proxy_name }}"
id: 2
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
register: proxy_check
- name: Print proxy_check
debug:
msg: "{{ proxy_check }}"
- name: Print ansible_default_ipv4.address
debug:
msg: "{{ ansible_default_ipv4.address }}"
- name: Create proxy if not exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxy.create"
params:
name: "{{ zabbix_proxy_name }}"
proxy_groupid: 1
operating_mode: 0
local_address: "{{ ansible_default_ipv4.address }}"
port: "10051"
id: 3
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
when: proxy_check.json.result | length == 0
register: proxy_check2
- name: Print proxy_check
debug:
msg: "{{ proxy_check2 }}"