mirror of
https://gitlab.sectorq.eu/jaydee/ansible.git
synced 2026-03-12 21:32:48 +01:00
build
This commit is contained in:
233
roles/zabbix_proxy/tasks/AlmaLinux.yml
Normal file
233
roles/zabbix_proxy/tasks/AlmaLinux.yml
Normal file
@@ -0,0 +1,233 @@
|
||||
- name: Install Zabbix Proxy on Debian 13
|
||||
vars:
|
||||
zabbix_version: "7.4"
|
||||
zabbix_server_ip: "192.168.77.101"
|
||||
zabbix_db_file: "/var/lib/zabbix/zabbix_proxy.db"
|
||||
zabbix_db_type: "sqlite" # sqlite | mysql | postgres
|
||||
zabbix_api_url: "https://zabbix.sectorq.eu/api_jsonrpc.php"
|
||||
zabbix_var_lib_path: "/var/lib/zabbix"
|
||||
zabbix_config_path: "/etc/zabbix"
|
||||
zabbix_log_path: "/var/log/zabbix"
|
||||
become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
|
||||
block:
|
||||
# ==========================================================
|
||||
# Install repository
|
||||
# ==========================================================
|
||||
- name: Gather facts
|
||||
ansible.builtin.setup:
|
||||
|
||||
- name: Set proxy group name
|
||||
set_fact:
|
||||
clustename: "rocky9"
|
||||
|
||||
- name: Set proxy name
|
||||
set_fact:
|
||||
clustename: "rocky9"
|
||||
|
||||
- name: Show default IP
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ ansible_default_ipv4.address }}"
|
||||
- name: Install base packages
|
||||
ansible.builtin.dnf:
|
||||
name:
|
||||
- wget
|
||||
- gnupg
|
||||
state: present
|
||||
|
||||
# - name: Create apt proxy file
|
||||
# ansible.builtin.copy:
|
||||
# dest: /etc/apt/apt.conf.d/02proxy
|
||||
# content: |
|
||||
# Acquire::http::Proxy "http://192.168.77.101:3142";
|
||||
# Acquire::https::Proxy "false";
|
||||
|
||||
# ==========================================================
|
||||
# Import Zabbix GPG key
|
||||
# ==========================================================
|
||||
|
||||
# - name: Import Zabbix 7.4 GPG key
|
||||
# ansible.builtin.rpm_key:
|
||||
# state: present
|
||||
# key: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD
|
||||
|
||||
|
||||
|
||||
# ==========================================================
|
||||
# Install Zabbix repository
|
||||
# ==========================================================
|
||||
|
||||
- name: Install Zabbix repository
|
||||
ansible.builtin.dnf:
|
||||
name: "https://repo.zabbix.com/zabbix/{{ zabbix_version }}/release/alma/91.noarch/zabbix-release-latest-{{ zabbix_version }}.el10.noarch.rpm"
|
||||
state: present
|
||||
disable_gpg_check: true
|
||||
# ==========================================================
|
||||
# Install proxy based on DB type
|
||||
# ==========================================================
|
||||
|
||||
- name: Install SQLite proxy
|
||||
ansible.builtin.dnf:
|
||||
name:
|
||||
- zabbix-proxy-sqlite3
|
||||
- sqlite
|
||||
- sqlite-devel
|
||||
- zabbix-selinux-policy
|
||||
state: present
|
||||
when: zabbix_db_type == "sqlite"
|
||||
|
||||
- name: Install MySQL proxy
|
||||
ansible.builtin.dnf:
|
||||
name:
|
||||
- zabbix-proxy-mysql
|
||||
- zabbix-selinux-policy
|
||||
- default-mysql-client
|
||||
state: present
|
||||
when: zabbix_db_type == "mysql"
|
||||
|
||||
- name: Install PostgreSQL proxy
|
||||
ansible.builtin.dnf:
|
||||
name:
|
||||
- zabbix-proxy-pgsql
|
||||
- postgresql-client
|
||||
- zabbix-selinux-policy
|
||||
state: present
|
||||
when: zabbix_db_type == "postgres"
|
||||
|
||||
- name: Install Zabbix agent
|
||||
ansible.builtin.dnf:
|
||||
name: zabbix-agent2
|
||||
state: present
|
||||
|
||||
# ==========================================================
|
||||
# SQLite setup
|
||||
# ==========================================================
|
||||
|
||||
- name: Ensure Zabbix directory ownership (SQLite)
|
||||
file:
|
||||
path: /var/lib/zabbix
|
||||
owner: zabbix
|
||||
group: zabbix
|
||||
recurse: yes
|
||||
when: zabbix_db_type == "sqlite"
|
||||
|
||||
|
||||
# ==========================================================
|
||||
# MySQL setup
|
||||
# ==========================================================
|
||||
|
||||
- name: Import MySQL schema
|
||||
shell: |
|
||||
zcat /usr/share/zabbix/mysql/proxy.sql.gz | \
|
||||
mysql -h {{ zabbix_db_host }} \
|
||||
-u {{ zabbix_db_user }} \
|
||||
-p{{ zabbix_db_password }} \
|
||||
{{ zabbix_db_name }}
|
||||
when: zabbix_db_type == "mysql"
|
||||
|
||||
# ==========================================================
|
||||
# PostgreSQL setup
|
||||
# ==========================================================
|
||||
|
||||
- name: Import PostgreSQL schema
|
||||
shell: |
|
||||
zcat /usr/share/zabbix/postgresql/proxy.sql.gz | \
|
||||
PGPASSWORD={{ zabbix_db_password }} psql \
|
||||
-h {{ zabbix_db_host }} \
|
||||
-U {{ zabbix_db_user }} \
|
||||
{{ zabbix_db_name }}
|
||||
become_user: postgres
|
||||
when: zabbix_db_type == "postgres"
|
||||
|
||||
- name: Configure Zabbix agent
|
||||
lineinfile:
|
||||
path: /etc/zabbix/zabbix_agent2.conf
|
||||
regexp: "^{{ item.key }}="
|
||||
line: "{{ item.key }}={{ item.value }}"
|
||||
loop:
|
||||
- { key: "Server", value: "127.0.0.1" }
|
||||
- { key: "ServerActive", value: "{{ clustename }}-vm01.home.lan;{{ clustename }}-vm02.home.lan;{{ clustename }}-vm03.home.lan;{{ clustename }}-vm04.home.lan;{{ clustename }}-vm05.home.lan" }
|
||||
- { key: "Hostname", value: "{{ inventory_hostname }}" }
|
||||
- { key: "HostMetadata", value: "linux,jaydee,auto_proxy" }
|
||||
- { key: "SourceIP", value: "{{ ansible_default_ipv4.address }}" }
|
||||
|
||||
|
||||
# ==========================================================
|
||||
# Configure proxy
|
||||
# ==========================================================
|
||||
|
||||
- name: Configure Zabbix proxy
|
||||
lineinfile:
|
||||
path: /etc/zabbix/zabbix_proxy.conf
|
||||
regexp: "^{{ item.key }}="
|
||||
line: "{{ item.key }}={{ item.value }}"
|
||||
loop: >-
|
||||
{{
|
||||
[
|
||||
{'key': 'Server', 'value': zabbix_server_ip},
|
||||
{'key': 'Hostname', 'value': inventory_hostname },
|
||||
{'key': 'ProxyMode', 'value': '0'}
|
||||
]
|
||||
+
|
||||
(
|
||||
(zabbix_db_type == "sqlite")
|
||||
| ternary(
|
||||
[
|
||||
{'key': 'DBName', 'value': zabbix_db_file}
|
||||
],
|
||||
[
|
||||
{'key': 'DBName', 'value': zabbix_db_name},
|
||||
{'key': 'DBUser', 'value': zabbix_db_user},
|
||||
{'key': 'DBPassword', 'value': zabbix_db_password},
|
||||
{'key': 'DBHost', 'value': zabbix_db_host}
|
||||
]
|
||||
)
|
||||
)
|
||||
}}
|
||||
|
||||
|
||||
# ==========================================================
|
||||
# Start service
|
||||
# ==========================================================
|
||||
- name: Check SELinux status
|
||||
command: getenforce
|
||||
register: selinux_status
|
||||
changed_when: false
|
||||
|
||||
- name: Display SELinux status
|
||||
debug:
|
||||
msg: "SELinux is {{ selinux_status.stdout }}"
|
||||
|
||||
- name: Add SELinux file context for Zabbix var_lib
|
||||
sefcontext:
|
||||
target: "{{ zabbix_var_lib_path }}(/.*)?"
|
||||
setype: zabbix_var_lib_t
|
||||
state: present
|
||||
when: ansible_selinux.status == "enabled"
|
||||
|
||||
- name: Add SELinux file context for Zabbix logs
|
||||
sefcontext:
|
||||
target: "{{ zabbix_log_path }}(/.*)?"
|
||||
setype: zabbix_log_t
|
||||
state: present
|
||||
when: ansible_selinux.status == "enabled"
|
||||
|
||||
- name: Restore SELinux contexts for Zabbix directories
|
||||
command: restorecon -R {{ item }}
|
||||
loop:
|
||||
- "{{ zabbix_var_lib_path }}"
|
||||
when: ansible_selinux.status == "enabled"
|
||||
|
||||
- name: Restart Zabbix proxy
|
||||
systemd:
|
||||
name: zabbix-proxy
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
||||
- name: Restart Zabbix agent
|
||||
systemd:
|
||||
name: zabbix-agent2
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
||||
- name: Create hosts / proxies in zabbix
|
||||
ansible.builtin.include_tasks: "configure.yml"
|
||||
Reference in New Issue
Block a user