- name: Install Zabbix Proxy on Debian 13 vars: zabbix_version: "7.4" zabbix_server_ip: "192.168.77.101" zabbix_proxy_name: "{{ inventory_hostname }}" zabbix_db_file: "/var/lib/zabbix/zabbix_proxy.db" zabbix_db_type: "sqlite" # sqlite | mysql | postgres zabbix_api_url: "https://zabbix.sectorq.eu/api_jsonrpc.php" zabbix_var_lib_path: "/var/lib/zabbix" zabbix_config_path: "/etc/zabbix" zabbix_log_path: "/var/log/zabbix" clustename: rocky9 become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" block: # ========================================================== # Install repository # ========================================================== - name: Gather facts ansible.builtin.setup: - name: Show default IP ansible.builtin.debug: msg: "{{ ansible_default_ipv4.address }}" - name: Install base packages ansible.builtin.dnf: name: - wget - gnupg state: present # - name: Create apt proxy file # ansible.builtin.copy: # dest: /etc/apt/apt.conf.d/02proxy # content: | # Acquire::http::Proxy "http://192.168.77.101:3142"; # Acquire::https::Proxy "false"; # ========================================================== # Import Zabbix GPG key # ========================================================== - name: Import Zabbix 7.4 GPG key ansible.builtin.rpm_key: state: present key: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD # ========================================================== # Install Zabbix repository # ========================================================== - name: Install Zabbix repository ansible.builtin.dnf: name: "https://repo.zabbix.com/zabbix/{{ zabbix_version }}/release/rocky/9/noarch/zabbix-release-{{ zabbix_version }}-3.el9.noarch.rpm" state: present disable_gpg_check: true # ========================================================== # Install proxy based on DB type # ========================================================== - name: Install SQLite proxy ansible.builtin.dnf: name: - zabbix-proxy-sqlite3 - sqlite - sqlite-devel - zabbix-selinux-policy state: present when: zabbix_db_type == "sqlite" - name: Install MySQL proxy ansible.builtin.dnf: name: - zabbix-proxy-mysql - zabbix-selinux-policy - default-mysql-client state: present when: zabbix_db_type == "mysql" - name: Install PostgreSQL proxy ansible.builtin.dnf: name: - zabbix-proxy-pgsql - postgresql-client - zabbix-selinux-policy state: present when: zabbix_db_type == "postgres" - name: Install Zabbix agent ansible.builtin.dnf: name: zabbix-agent2 state: present # ========================================================== # SQLite setup # ========================================================== - name: Ensure Zabbix directory ownership (SQLite) file: path: /var/lib/zabbix owner: zabbix group: zabbix recurse: yes when: zabbix_db_type == "sqlite" # ========================================================== # MySQL setup # ========================================================== - name: Import MySQL schema shell: | zcat /usr/share/zabbix/mysql/proxy.sql.gz | \ mysql -h {{ zabbix_db_host }} \ -u {{ zabbix_db_user }} \ -p{{ zabbix_db_password }} \ {{ zabbix_db_name }} when: zabbix_db_type == "mysql" # ========================================================== # PostgreSQL setup # ========================================================== - name: Import PostgreSQL schema shell: | zcat /usr/share/zabbix/postgresql/proxy.sql.gz | \ PGPASSWORD={{ zabbix_db_password }} psql \ -h {{ zabbix_db_host }} \ -U {{ zabbix_db_user }} \ {{ zabbix_db_name }} become_user: postgres when: zabbix_db_type == "postgres" - name: Configure Zabbix agent lineinfile: path: /etc/zabbix/zabbix_agent2.conf regexp: "^{{ item.key }}=" line: "{{ item.key }}={{ item.value }}" loop: >- {{ [ {'key': 'Server', 'value': '127.0.0.1'}, {'key': 'ServerActive', 'value': '{{ clustename }}-vm01.home.lan;{{ clustename }}-vm02.home.lan;{{ clustename }}-vm03.home.lan;{{clustename}}-vm04.home.lan;{{clustename}}-vm05.home.lan'}, {'key': 'Hostname', 'value': zabbix_proxy_name}, {'key': 'HostMetadata', 'value': 'linux,jaydee'}, ] }} # ========================================================== # Configure proxy # ========================================================== - name: Configure Zabbix proxy lineinfile: path: /etc/zabbix/zabbix_proxy.conf regexp: "^{{ item.key }}=" line: "{{ item.key }}={{ item.value }}" loop: >- {{ [ {'key': 'Server', 'value': zabbix_server_ip}, {'key': 'Hostname', 'value': zabbix_proxy_name}, {'key': 'ProxyMode', 'value': '0'} ] + ( (zabbix_db_type == "sqlite") | ternary( [ {'key': 'DBName', 'value': zabbix_db_file} ], [ {'key': 'DBName', 'value': zabbix_db_name}, {'key': 'DBUser', 'value': zabbix_db_user}, {'key': 'DBPassword', 'value': zabbix_db_password}, {'key': 'DBHost', 'value': zabbix_db_host} ] ) ) }} # ========================================================== # Start service # ========================================================== - name: Check SELinux status command: getenforce register: selinux_status changed_when: false - name: Display SELinux status debug: msg: "SELinux is {{ selinux_status.stdout }}" - name: Add SELinux file context for Zabbix var_lib sefcontext: target: "{{ zabbix_var_lib_path }}(/.*)?" setype: zabbix_var_lib_t state: present when: ansible_selinux.status == "enabled" - name: Add SELinux file context for Zabbix logs sefcontext: target: "{{ zabbix_log_path }}(/.*)?" setype: zabbix_log_t state: present when: ansible_selinux.status == "enabled" - name: Restore SELinux contexts for Zabbix directories command: restorecon -R {{ item }} loop: - "{{ zabbix_var_lib_path }}" when: ansible_selinux.status == "enabled" - name: Restart Zabbix proxy systemd: name: zabbix-proxy state: restarted enabled: yes - name: Restart Zabbix agent systemd: name: zabbix-agent2 state: restarted enabled: yes - name: Check if proxy group exists uri: url: "{{ zabbix_api_url }}" method: POST body_format: json body: jsonrpc: "2.0" method: "proxygroup.get" params: filter: name: "{{ clustename }}" id: 2 headers: Content-Type: "application/json" Authorization: "Bearer {{ zabbix_auth_token }}" register: proxygroup_check run_once: true # Run this task only once - name: Print proxygroup_check debug: msg: "{{ proxygroup_check }}" - name: Print proxygroup_check debug: msg: "{{ proxygroup_check.json.result[0] }}" - name: Create proxy if not exists uri: url: "{{ zabbix_api_url }}" method: POST body_format: json body: jsonrpc: "2.0" method: "proxygroup.create" params: name: "{{ clustename }}" failover_delay: "5m" min_online: 1 id: 1 headers: Content-Type: "application/json" Authorization: "Bearer {{ zabbix_auth_token }}" when: proxygroup_check.json.result | length == 0 register: proxygroup_check run_once: true # Run this task only once - name: Print proxygroup_check debug: msg: "{{ proxygroup_check.json.result.proxy_groupids[0] }}" - name: Check if proxy exists uri: url: "{{ zabbix_api_url }}" method: POST body_format: json body: jsonrpc: "2.0" method: "proxy.get" params: filter: name: "{{ zabbix_proxy_name }}" id: 2 headers: Content-Type: "application/json" Authorization: "Bearer {{ zabbix_auth_token }}" register: proxy_check - name: Print proxy_check debug: msg: "{{ proxy_check }}" - name: Create proxy if not exists uri: url: "{{ zabbix_api_url }}" method: POST body_format: json body: jsonrpc: "2.0" method: "proxy.create" params: name: "{{ zabbix_proxy_name }}" proxy_groupid: 1 operating_mode: 0 local_address: "{{ ansible_default_ipv4.address }}" port: "10051" id: 3 headers: Content-Type: "application/json" Authorization: "Bearer {{ zabbix_auth_token }}" when: proxy_check.json.result | length == 0 register: proxy_check2 - name: Print proxy_check debug: msg: "{{ proxy_check2 }}"