jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2026-03-13 05:42:46 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
ef8839d33a1c920ea2676ebd901bbfdc5637b159
ansible/roles/zabbix_proxy/tasks/Rocky.yml
jaydee ef8839d33a build
2026-02-16 01:51:15 +01:00

316 lines
9.4 KiB
YAML
Raw Blame History

- name: Install Zabbix Proxy on Debian 13
vars:
zabbix_version: "7.4"
zabbix_server_ip: "192.168.77.101"
zabbix_proxy_name: "{{ inventory_hostname }}"
zabbix_db_file: "/var/lib/zabbix/zabbix_proxy.db"
zabbix_db_type: "sqlite" # sqlite | mysql | postgres
zabbix_api_url: "https://zabbix.sectorq.eu/api_jsonrpc.php"
zabbix_var_lib_path: "/var/lib/zabbix"
zabbix_config_path: "/etc/zabbix"
zabbix_log_path: "/var/log/zabbix"
clustename: rocky9
become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
block:
# ==========================================================
# Install repository
# ==========================================================
- name: Gather facts
ansible.builtin.setup:
- name: Show default IP
ansible.builtin.debug:
msg: "{{ ansible_default_ipv4.address }}"
- name: Install base packages
ansible.builtin.dnf:
name:
- wget
- gnupg
state: present
# - name: Create apt proxy file
# ansible.builtin.copy:
# dest: /etc/apt/apt.conf.d/02proxy
# content: |
# Acquire::http::Proxy "http://192.168.77.101:3142";
# Acquire::https::Proxy "false";
# ==========================================================
# Import Zabbix GPG key
# ==========================================================
- name: Import Zabbix 7.4 GPG key
ansible.builtin.rpm_key:
state: present
key: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD
# ==========================================================
# Install Zabbix repository
# ==========================================================
- name: Install Zabbix repository
ansible.builtin.dnf:
name: "https://repo.zabbix.com/zabbix/{{ zabbix_version }}/release/rocky/9/noarch/zabbix-release-{{ zabbix_version }}-3.el9.noarch.rpm"
state: present
disable_gpg_check: true
# ==========================================================
# Install proxy based on DB type
# ==========================================================
- name: Install SQLite proxy
ansible.builtin.dnf:
name:
- zabbix-proxy-sqlite3
- sqlite
- sqlite-devel
- zabbix-selinux-policy
state: present
when: zabbix_db_type == "sqlite"
- name: Install MySQL proxy
ansible.builtin.dnf:
name:
- zabbix-proxy-mysql
- zabbix-selinux-policy
- default-mysql-client
state: present
when: zabbix_db_type == "mysql"
- name: Install PostgreSQL proxy
ansible.builtin.dnf:
name:
- zabbix-proxy-pgsql
- postgresql-client
- zabbix-selinux-policy
state: present
when: zabbix_db_type == "postgres"
- name: Install Zabbix agent
ansible.builtin.dnf:
name: zabbix-agent2
state: present
# ==========================================================
# SQLite setup
# ==========================================================
- name: Ensure Zabbix directory ownership (SQLite)
file:
path: /var/lib/zabbix
owner: zabbix
group: zabbix
recurse: yes
when: zabbix_db_type == "sqlite"
# ==========================================================
# MySQL setup
# ==========================================================
- name: Import MySQL schema
shell: |
zcat /usr/share/zabbix/mysql/proxy.sql.gz | \
mysql -h {{ zabbix_db_host }} \
-u {{ zabbix_db_user }} \
-p{{ zabbix_db_password }} \
{{ zabbix_db_name }}
when: zabbix_db_type == "mysql"
# ==========================================================
# PostgreSQL setup
# ==========================================================
- name: Import PostgreSQL schema
shell: |
zcat /usr/share/zabbix/postgresql/proxy.sql.gz | \
PGPASSWORD={{ zabbix_db_password }} psql \
-h {{ zabbix_db_host }} \
-U {{ zabbix_db_user }} \
{{ zabbix_db_name }}
become_user: postgres
when: zabbix_db_type == "postgres"
- name: Configure Zabbix agent
lineinfile:
path: /etc/zabbix/zabbix_agent2.conf
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop: >-
{{ [
{'key': 'Server', 'value': '127.0.0.1'},
{'key': 'ServerActive', 'value': '{{ clustename }}-vm01.home.lan;{{ clustename }}-vm02.home.lan;{{ clustename }}-vm03.home.lan;{{clustename}}-vm04.home.lan;{{clustename}}-vm05.home.lan'},
{'key': 'Hostname', 'value': zabbix_proxy_name},
{'key': 'HostMetadata', 'value': 'linux,jaydee'},
]
}}
# ==========================================================
# Configure proxy
# ==========================================================
- name: Configure Zabbix proxy
lineinfile:
path: /etc/zabbix/zabbix_proxy.conf
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop: >-
{{
[
{'key': 'Server', 'value': zabbix_server_ip},
{'key': 'Hostname', 'value': zabbix_proxy_name},
{'key': 'ProxyMode', 'value': '0'}
]
+
(
(zabbix_db_type == "sqlite")
| ternary(
[
{'key': 'DBName', 'value': zabbix_db_file}
],
[
{'key': 'DBName', 'value': zabbix_db_name},
{'key': 'DBUser', 'value': zabbix_db_user},
{'key': 'DBPassword', 'value': zabbix_db_password},
{'key': 'DBHost', 'value': zabbix_db_host}
]
)
)
}}
# ==========================================================
# Start service
# ==========================================================
- name: Check SELinux status
command: getenforce
register: selinux_status
changed_when: false
- name: Display SELinux status
debug:
msg: "SELinux is {{ selinux_status.stdout }}"
- name: Add SELinux file context for Zabbix var_lib
sefcontext:
target: "{{ zabbix_var_lib_path }}(/.*)?"
setype: zabbix_var_lib_t
state: present
when: ansible_selinux.status == "enabled"
- name: Add SELinux file context for Zabbix logs
sefcontext:
target: "{{ zabbix_log_path }}(/.*)?"
setype: zabbix_log_t
state: present
when: ansible_selinux.status == "enabled"
- name: Restore SELinux contexts for Zabbix directories
command: restorecon -R {{ item }}
loop:
- "{{ zabbix_var_lib_path }}"
when: ansible_selinux.status == "enabled"
- name: Restart Zabbix proxy
systemd:
name: zabbix-proxy
state: restarted
enabled: yes
- name: Restart Zabbix agent
systemd:
name: zabbix-agent2
state: restarted
enabled: yes
- name: Check if proxy group exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxygroup.get"
params:
filter:
name: "{{ clustename }}"
id: 2
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
register: proxygroup_check
- name: Print proxygroup_check
debug:
msg: "{{ proxygroup_check }}"
- name: Create proxy if not exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxygroup.create"
params:
name: "{{ clustename }}"
failover_delay: "5m"
min_online: 1
id: 1
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
when: proxygroup_check.json.result | length == 0
register: proxygroup_check2
- name: Print proxygroup_check2
debug:
msg: "{{ proxygroup_check2 }}"
- name: Check if proxy exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxy.get"
params:
filter:
name: "{{ zabbix_proxy_name }}"
id: 2
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
register: proxy_check
- name: Print proxy_check
debug:
msg: "{{ proxy_check }}"
- name: Create proxy if not exists
uri:
url: "{{ zabbix_api_url }}"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "proxy.create"
params:
name: "{{ zabbix_proxy_name }}"
proxy_groupid: 1
operating_mode: 0
local_address: "{{ ansible_default_ipv4.address }}"
port: "10051"
id: 3
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ zabbix_auth_token }}"
when: proxy_check.json.result | length == 0
register: proxy_check2
- name: Print proxy_check
debug:
msg: "{{ proxy_check2 }}"
Reference in New Issue View Git Blame Copy Permalink