diff --git a/roles/zabbix_server/README.md b/roles/zabbix_server/README.md new file mode 100644 index 0000000000000000000000000000000000000000..7acc1eb767a3f4a0182cc2a48c5fa5e69ddfc11d --- /dev/null +++ b/roles/zabbix_server/README.md @@ -0,0 +1,30 @@ +Role Name +========= + +Ansible role for Zabbix Server + +Requirements +------------ + +Pass Base_server and base_platform role to configure server + +Role Variables +-------------- + +app_program: "Zabbix Server" + +zabbix_default_admin: "admin" +zabbix_default_password: "admin" + +app_instance_root: "{{ www_root }}/{{ app_instance_id }}" +app_data: "{{ www_root }}/{{ app_instance_id }}.data" + +database_type: "postgres" + +behind_reverse_proxy: "false" + +app_repo: "https://repo.zabbix.com/zabbix/{{ app_version }}/{{ ansible_distribution|lower }}/pool/main/z/zabbix-release/zabbix-release_{{ app_version }}-1%2B{{ ansible_distribution|lower }}{{ ansible_distribution_major_version }}_all.deb" + +zabbix_packages: ["zabbix-server-pgsql", "zabbix-web-pgsql", "zabbix-frontend-php", "zabbix-sql-scripts"] + + diff --git a/roles/zabbix_server/defaults/main.yml b/roles/zabbix_server/defaults/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..17d0a0b674a660015877bc383fc387517d416498 --- /dev/null +++ b/roles/zabbix_server/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# Default vars diff --git a/roles/zabbix_server/handlers/main.yml b/roles/zabbix_server/handlers/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..ab8da1c23315764a95aee852e4eb6712484dc7d6 --- /dev/null +++ b/roles/zabbix_server/handlers/main.yml @@ -0,0 +1,9 @@ +--- +- name: reload nginx zabbix_server + service: name=nginx state=reloaded + +- name: reload php-fpm {{ app_instance_id }} + service: name=php{{ php_version }}-fpm state=reloaded + +- name: restart zabbix-server + service: name=zabbix-server state=restarted diff --git a/roles/zabbix_server/tasks/install.yml b/roles/zabbix_server/tasks/install.yml new file mode 100644 index 0000000000000000000000000000000000000000..0d532eca6fd9734399cfbbe2fcf110d1f6361041 --- /dev/null +++ b/roles/zabbix_server/tasks/install.yml @@ -0,0 +1,102 @@ +--- +- name: Register Nextcloud in inventory + import_role: + name: _app_log_inventory + vars: + log_type: "install" + +- name: Create LetsEncrypt certificate + import_role: + name: _letsencrypt_certificate + when: behind_reverse_proxy == false + +- name: Create Database for Zabbix Server + import_role: + name: _create_database + +- name: Download Zabbix Debian release deb file + get_url: + url: "{{ app_repo_debian }}" + dest: "/tmp/zabbix-release.deb" + when: ansible_distribution == "Debian" + +- name: Download Zabbix Ubuntu release deb file + get_url: + url: "{{ app_repo_ubuntu }}" + dest: "/tmp/zabbix-release.deb" + when: ansible_distribution == "Ubuntu" + +- name: Apt install Zabbix release in Ubuntu/Debian + apt: deb="/tmp/zabbix-release.deb" + +- name: "Apt update" + apt: + update_cache: "True" + +- name: "Zabbix Server base packages" + apt: + name: "{{ zabbix_package }}" + state: latest + update_cache: true + loop: "{{ zabbix_packages }}" + loop_control: + loop_var: zabbix_package + +- name: Init Zabbix Server Postgres Database + expect: + command: /bin/bash -c "zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | psql -U {{ database_user }} -h 127.0.0.1 {{ database_name }}" + responses: + (?i)Password: '{{ database_password }}' + when: database_type == "postgres" + +- name: Import Backup Role + import_role: + name: _app_backup + +- name: "template {{ rev_proxy }}_zabbix_server_http.j2 {{ app_instance_id }}" + template: + src: "{{ rev_proxy }}_zabbix_server_http.j2" + dest: "/etc/{{ rev_proxy }}/sites-available/{{ app_instance_id }}.conf" + notify: reload {{ rev_proxy }} zabbix_server + +- name: "enable site for {{ app_domain }}" + file: + state: link + path: "/etc/{{ rev_proxy }}/sites-enabled/{{ app_instance_id }}.conf" + src: "/etc/{{ rev_proxy }}/sites-available/{{ app_instance_id }}.conf" + notify: reload {{ rev_proxy }} zabbix_server + +- import_role: + name: _app_logrotate + +- name: "template php_fpm_zabbix.j2 for {{ app_user }} {{ php_version }}" + template: + src: "php_fpm_zabbix.j2" + dest: "/etc/php/{{ php_version }}/fpm/pool.d/php-fpm-{{ app_user }}.conf" + notify: reload php-fpm {{ app_instance_id }} + +- name: "ufw: Allow port 443" + ufw: + rule: allow + port: "10051" + proto: tcp + src: '{{ item }}' + loop: + - 10.0.0.0/24 + - 172.16.16.0/24 + - 192.168.100.0/24 + +- name: configure zabbix php frontend + template: + src: "zabbix.conf.php.j2" + dest: "/usr/share/zabbix/conf/zabbix.conf.php" + notify: restart zabbix-server + +- name: "template zabbix_server configuration" + template: + src: "zabbix.conf.j2" + dest: "/etc/zabbix/zabbix_server.conf" + notify: restart zabbix-server + +- name: "ensure zabbix server is started" + service: name=zabbix-server state=started enabled=yes diff --git a/roles/zabbix_server/tasks/main.yml b/roles/zabbix_server/tasks/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..1af1a316273a460ee2273dcf7d156025d4e16019 --- /dev/null +++ b/roles/zabbix_server/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- import_tasks: install.yml + when: app_run in ['install', 'reinstall'] + +- import_tasks: uninstall.yml + when: app_run == 'uninstall' + +- import_role: + name: instance_prod + diff --git a/roles/zabbix_server/tasks/uninstall.yml b/roles/zabbix_server/tasks/uninstall.yml new file mode 100644 index 0000000000000000000000000000000000000000..deb0dbb3aa16059ffb4a81f1f7d006ef759c00e7 --- /dev/null +++ b/roles/zabbix_server/tasks/uninstall.yml @@ -0,0 +1,56 @@ +--- +- name: Register Nextcloud in inventory + import_role: + name: _app_log_inventory + vars: + log_type: "uninstall" + +- name: Create LetsEncrypt certificate + import_role: + name: _letsencrypt_certificate + when: behind_reverse_proxy == false + +- name: Create Database for Zabbix Server + import_role: + name: _create_database + +- name: Apt update + apt: update_cache=yes + when: ansible_os_family == "Debian" and result_zabbix_release is changed + +- name: Import Backup Role + import_role: + name: _app_backup + +- name: "remove {{ rev_proxy }} configuration for {{ app_instance_id }}" + file: + state: absent + dest: "/etc/{{ rev_proxy }}/sites-available/{{ app_instance_id }}.conf" + notify: reload {{ rev_proxy }} zabbix_server + +- name: "disable site for {{ app_domain }}" + file: + state: absent + path: "/etc/{{ rev_proxy }}/sites-enabled/{{ app_instance_id }}.conf" + notify: reload {{ rev_proxy }} zabbix_server + +- name: "remove php_fpm configuration for {{ app_instance_id }}" + file: + state: absent + dest: "/etc/php/{{ php_version }}/fpm/pool.d/php-fpm-{{ app_user }}.conf" + notify: reload php-fpm {{ app_instance_id }} + +- name: "remove zabbix_server configuration" + file: + state: absent + dest: "/etc/zabbix/zabbix_server.conf" + notify: restart zabbix-server + +- name: "Remove Zabbix Server base packages" + apt: + name: "{{ zabbix_package }}" + state: absent + update_cache: true + loop: "{{ zabbix_packages }}" + loop_control: + loop_var: zabbix_package diff --git a/roles/zabbix_server/templates/nginx_zabbix_server_http.j2 b/roles/zabbix_server/templates/nginx_zabbix_server_http.j2 new file mode 100644 index 0000000000000000000000000000000000000000..c408483bcfd38bf1ace2433f345df7871940a304 --- /dev/null +++ b/roles/zabbix_server/templates/nginx_zabbix_server_http.j2 @@ -0,0 +1,79 @@ +upstream php-handler{{ app_instance_id }} { + server unix:/var/run/php/{{ app_instance_id }}-php{{ php_version }}-fpm.sock; +} + +server { + listen 80; + listen [::]:80; + server_name {{ app_domain | mandatory }}; + # enforce https + return 301 https://$server_name$request_uri; +} + +server { + # Both IpV6 and IpV4 + # + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name {{ app_domain | mandatory }}; + + ssl_certificate /etc/letsencrypt/live/{{ app_domain }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ app_domain }}/privkey.pem; + + # Path to the root of your installation + root /usr/share/zabbix; + + access_log {{ www_log | mandatory }}/{{ app_instance_id }}/access.log combined if=$log_ua; + error_log {{ www_log | mandatory }}/{{ app_instance_id }}/error.log; + + index index.php; + + location = /favicon.ico { + log_not_found off; + } + + location / { + try_files $uri $uri/ =404; + } + + location /assets { + access_log off; + expires 10d; + } + + location ~ /\.ht { + deny all; + } + + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + + location ~ [^/]\.php(/|$) { + fastcgi_pass php-handler{{ app_instance_id }}; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + + fastcgi_param DOCUMENT_ROOT /usr/share/zabbix; + fastcgi_param SCRIPT_FILENAME /usr/share/zabbix$fastcgi_script_name; + fastcgi_param PATH_TRANSLATED /usr/share/zabbix$fastcgi_script_name; + + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_temp_file_write_size 256k; + } +} diff --git a/roles/zabbix_server/templates/php_fpm_zabbix.j2 b/roles/zabbix_server/templates/php_fpm_zabbix.j2 new file mode 100644 index 0000000000000000000000000000000000000000..fde27969f4dca3226b64813960a845188b5d89c5 --- /dev/null +++ b/roles/zabbix_server/templates/php_fpm_zabbix.j2 @@ -0,0 +1,24 @@ +[zabbix] +user = www-data +group = www-data + +listen = /var/run/php/{{ app_instance_id }}-php{{ php_version }}-fpm.sock +listen.owner = www-data +listen.allowed_clients = 127.0.0.1 + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 +pm.max_requests = 200 + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/sessions/ + +php_value[max_execution_time] = 300 +php_value[memory_limit] = 128M +php_value[post_max_size] = 16M +php_value[upload_max_filesize] = 2M +php_value[max_input_time] = 300 +php_value[max_input_vars] = 10000 diff --git a/roles/zabbix_server/templates/zabbix.conf.j2 b/roles/zabbix_server/templates/zabbix.conf.j2 new file mode 100644 index 0000000000000000000000000000000000000000..6740c718368a80bbe202f0b535d774dbacf65f42 --- /dev/null +++ b/roles/zabbix_server/templates/zabbix.conf.j2 @@ -0,0 +1,568 @@ +# This is a configuration file for Zabbix Server process +# To get more information about Zabbix, +# visit http://www.zabbix.com + +############ GENERAL PARAMETERS ################# + +### Option: NodeID +# Unique NodeID in distributed setup. +# 0 - standalone server +# +# Mandatory: no +# Range: 0-999 +# Default: +# NodeID=0 + +### Option: ListenPort +# Listen port for trapper. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# ListenPort=10051 +ListenPort=10051 + +### Option: SourceIP +# Source IP address for outgoing connections. +# +# Mandatory: no +# Default: +# SourceIP= + +### Option: LogFile +# Name of log file. +# If not set, syslog is used. +# +# Mandatory: no +# Default: +# LogFile= +LogFile=/var/log/zabbix/zabbix_server.log + +### Option: LogFileSize +# Maximum size of log file in MB. +# 0 - disable automatic log rotation. +# +# Mandatory: no +# Range: 0-1024 +# Default: +# LogFileSize=1 + +### Option: DebugLevel +# Specifies debug level +# 0 - no debug +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# +# Mandatory: no +# Range: 0-4 +# Default: +# DebugLevel=3 +# DebugLevel=3 + +### Option: PidFile +# Name of PID file. +# +# Mandatory: no +# Default: +# PidFile=/tmp/zabbix_server.pid +PidFile=/var/run/zabbix/zabbix_server.pid + +### Option: DBHost +# Database host name. +# If set to localhost, socket is used for MySQL. +# +# Mandatory: no +# Default: +# DBHost=localhost +DBHost=localhost + +### Option: DBName +# Database name. +# For SQLite3 path to database file must be provided. DBUser and DBPassword are ignored. +# +# Mandatory: yes +# Default: +# DBName= +DBName={{ database_name }} + +### Option: DBSchema +# Schema name. Used for IBM DB2. +# +# Mandatory: no +# Default: +# DBSchema= + +### Option: DBUser +# Database user. Ignored for SQLite. +# +# Mandatory: no +# Default: +# DBUser= +DBUser={{ database_user }} + +### Option: DBPassword +# Database password. Ignored for SQLite. +# Comment this line if no password is used. +# +# Mandatory: no +# Default: +# DBPassword= +DBPassword={{ database_password }} + +### Option: DBSocket +# Path to MySQL socket. +# +# Mandatory: no +# Default: +# DBSocket=/tmp/mysql.sock + +### Option: DBPort +# Database port when not using local socket. Ignored for SQLite. +# +# Mandatory: no +# Range: 1024-65535 +# Default (for MySQL): +DBPort=5432 + +############ ADVANCED PARAMETERS ################ + +### Option: StartPollers +# Number of pre-forked instances of pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollers=5 + +### Option: StartIPMIPollers +# Number of pre-forked instances of IPMI pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartIPMIPollers=0 + +### Option: StartPollersUnreachable +# Number of pre-forked instances of pollers for unreachable hosts (including IPMI). +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollersUnreachable=1 + +### Option: StartTrappers +# Number of pre-forked instances of trappers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartTrappers=5 + +### Option: StartPingers +# Number of pre-forked instances of ICMP pingers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPingers=1 + +### Option: StartDiscoverers +# Number of pre-forked instances of discoverers. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartDiscoverers=1 + +### Option: StartHTTPPollers +# Number of pre-forked instances of HTTP pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartHTTPPollers=1 + +### Option: StartTimers +# Number of pre-forked instances of timers. +# Timers process time-based trigger functions and maintenance periods. +# Only the first timer process handles the maintenance periods. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# StartTimers=1 + +{% if zabbix_java_gateway_state == "present" %} +### Option: JavaGateway +# IP address (or hostname) of Zabbix Java gateway. +# Only required if Java pollers are started. +# +# Mandatory: no +# Default: +# JavaGateway= +JavaGateway={{zabbix_java_gateway_config_listen_ip}} + +### Option: JavaGatewayPort +# Port that Zabbix Java gateway listens on. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# JavaGatewayPort=10052 +JavaGatewayPort={{zabbix_java_gateway_config_listen_port}} + +### Option: StartJavaPollers +# Number of pre-forked instances of Java pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartJavaPollers=0 +StartJavaPollers={{zabbix_java_gateway_config_java_pollers}} +{% endif %} + +### Option: StartVMwareCollectors +# Number of pre-forked vmware collector instances. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartVMwareCollectors=0 + +### Option: VMwareFrequency +# How often Zabbix will connect to VMware service to obtain a new data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwareFrequency=60 + +### Option: VMwareCacheSize +# Size of VMware cache, in bytes. +# Shared memory size for storing VMware data. +# Only used if VMware collectors are started. +# +# Mandatory: no +# Range: 256K-2G +# Default: +# VMwareCacheSize=8M + +### Option: SNMPTrapperFile +# Temporary file used for passing data from SNMP trap daemon to the server. +# Must be the same as in zabbix_trap_receiver.pl or SNMPTT configuration file. +# +# Mandatory: no +# Default: +# SNMPTrapperFile=/tmp/zabbix_traps.tmp + +### Option: StartSNMPTrapper +# If 1, SNMP trapper process is started. +# +# Mandatory: no +# Range: 0-1 +# Default: +# StartSNMPTrapper=0 + + +### Option: ListenIP +# List of comma delimited IP addresses that the trapper should listen on. +# Trapper will listen on all network interfaces if this parameter is missing. +# +# Mandatory: no +# Default: +# ListenIP=0.0.0.0 +ListenIP=0.0.0.0 + +### Option: HousekeepingFrequency +# How often Zabbix will perform housekeeping procedure (in hours). +# Housekeeping is removing unnecessary information from history, alert, and alarms tables. +# +# Mandatory: no +# Range: 1-24 +# Default: +# HousekeepingFrequency=1 + +### Option: MaxHousekeeperDelete +# The table "housekeeper" contains "tasks" for housekeeping procedure in the format: +# [housekeeperid], [tablename], [field], [value]. +# No more than 'MaxHousekeeperDelete' rows (corresponding to [tablename], [field], [value]) +# will be deleted per one task in one housekeeping cycle. +# SQLite3 does not use this parameter, deletes all corresponding rows without a limit. +# If set to 0 then no limit is used at all. In this case you must know what you are doing! +# +# Mandatory: no +# Range: 0-1000000 +# Default: +# MaxHousekeeperDelete=500 + +### Option: DisableHousekeeping +# If set to 1, disables housekeeping. +# +# Mandatory: no +# Range: 0-1 +# Default: +# DisableHousekeeping=0 + +### Option: SenderFrequency +# How often Zabbix will try to send unsent alerts (in seconds). +# +# Mandatory: no +# Range: 5-3600 +# Default: +# SenderFrequency=30 + +### Option: CacheSize +# Size of configuration cache, in bytes. +# Shared memory size for storing hosts and items data. +# +# Mandatory: no +# Range: 128K-1G +# Default: +# CacheSize=8M + +### Option: CacheUpdateFrequency +# How often Zabbix will perform update of configuration cache, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# CacheUpdateFrequency=60 + +### Option: StartDBSyncers +# Number of pre-forked instances of DB Syncers +# +# Mandatory: no +# Range: 1-100 +# Default: +# StartDBSyncers=4 + +### Option: HistoryCacheSize +# Size of history cache, in bytes. +# Shared memory size for storing history data. +# +# Mandatory: no +# Range: 128K-1G +# Default: +# HistoryCacheSize=8M + +### Option: TrendCacheSize +# Size of trend cache, in bytes. +# Shared memory size for storing trends data. +# +# Mandatory: no +# Range: 128K-1G +# Default: +# TrendCacheSize=4M + +### Option: HistoryTextCacheSize +# Size of text history cache, in bytes. +# Shared memory size for storing character, text or log history data. +# +# Mandatory: no +# Range: 128K-1G +# Default: +# HistoryTextCacheSize=16M + +### Option: ValueCacheSize +# Size of history value cache, in bytes. +# Shared memory size for caching item history data requests +# Setting to 0 disables value cache. +# +# Mandatory: no +# Range: 0,128K-64G +# Default: +# ValueCacheSize=8M + +### Option: NodeNoEvents +# If set to '1' local events won't be sent to master node. +# This won't impact ability of this node to propagate events from its child nodes. +# +# Mandatory: no +# Range: 0-1 +# Default: +# NodeNoEvents=0 + +### Option: NodeNoHistory +# If set to '1' local history won't be sent to master node. +# This won't impact ability of this node to propagate history from its child nodes. +# +# Mandatory: no +# Range: 0-1 +# Default: +# NodeNoHistory=0 + +### Option: Timeout +# Specifies how long we wait for agent, SNMP device or external check (in seconds). +# +# Mandatory: no +# Range: 1-30 +# Default: +# Timeout=3 + +### Option: TrapperTimeout +# Specifies how many seconds trapper may spend processing new data. +# +# Mandatory: no +# Range: 1-300 +# Default: +# TrapperTimeout=300 + +### Option: UnreachablePeriod +# After how many seconds of unreachability treat a host as unavailable. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachablePeriod=45 + +### Option: UnavailableDelay +# How often host is checked for availability during the unavailability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnavailableDelay=60 + +### Option: UnreachableDelay +# How often host is checked for availability during the unreachability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachableDelay=15 + +### Option: AlertScriptsPath +# Location of custom alert scripts +# +# Mandatory: no +# Default: +# AlertScriptsPath=/home/zabbix/bin/ +AlertScriptsPath=/etc/zabbix/alert.d/ + +### Option: ExternalScripts +# Location of external scripts +# +# Mandatory: no +# Default: +# ExternalScripts=/etc/zabbix/externalscripts + +### Option: FpingLocation +# Location of fping. +# Make sure that fping binary has root ownership and SUID flag set. +# +# Mandatory: no +# Default: +# FpingLocation=/usr/sbin/fping +FpingLocation=/usr/bin/fping + +### Option: Fping6Location +# Location of fping6. +# Make sure that fping6 binary has root ownership and SUID flag set. +# Make empty if your fping utility is capable to process IPv6 addresses. +# +# Mandatory: no +# Default: +# Fping6Location=/usr/sbin/fping6 +Fping6Location=/usr/bin/fping6 + +### Option: SSHKeyLocation +# Location of public keys for SSH checks +# +# Mandatory: no +# Default: +# SSHKeyLocation= + +### Option: LogSlowQueries +# How long a database query may take before being logged (in milliseconds). +# 0 - don't log slow queries. +# +# Mandatory: no +# Range: 1-3600000 +# Default: +# LogSlowQueries=0 + +### Option: TmpDir +# Temporary directory. +# +# Mandatory: no +# Default: +# TmpDir=/tmp + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# +# Mandatory: no +# Default: +# Include= + +# Include=/etc/zabbix/zabbix_server.general.conf +# Include=/etc/zabbix/zabbix_server/ + +### Option: StartProxyPollers +# Number of pre-forked instances of pollers for passive proxies. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartProxyPollers=1 + +### Option: ProxyConfigFrequency +# How often Zabbix Server sends configuration data to a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600*24*7 +# Default: +# ProxyConfigFrequency=3600 + +### Option: ProxyDataFrequency +# How often Zabbix Server requests history data from a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# ProxyDataFrequency=1 + +### Option: AllowRoot +# Allow the server to run as 'root'. If disabled and the server is started by 'root', the server +# will try to switch to user 'zabbix' instead. Has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Default: +# AllowRoot=0 + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +# Mandatory: no +# Default: +# Include= + +# Include=/usr/local/etc/zabbix_server.general.conf +# Include=/usr/local/etc/zabbix_server.conf.d/ + +####### LOADABLE MODULES ####### + +### Option: LoadModulePath +# Full path to location of server modules. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# LoadModulePath=${libdir}/modules + +### Option: LoadModule +# Module to load at server startup. Modules are used to extend functionality of the server. +# Format: LoadModule= +# The modules must be located in directory specified by LoadModulePath. +# It is allowed to include multiple LoadModule parameters. +# +# Mandatory: no +# Default: +# LoadModule= diff --git a/roles/zabbix_server/templates/zabbix.conf.php.j2 b/roles/zabbix_server/templates/zabbix.conf.php.j2 new file mode 100644 index 0000000000000000000000000000000000000000..1d904357107496dd271e4accf65c79f8d84b3234 --- /dev/null +++ b/roles/zabbix_server/templates/zabbix.conf.php.j2 @@ -0,0 +1,59 @@ + 'http://localhost:9200', +// 'text' => 'http://localhost:9200' +//]; +// Value types stored in Elasticsearch. +//$HISTORY['types'] = ['uint', 'text']; + +// Used for SAML authentication. +// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. +//$SSO['SP_KEY'] = 'conf/certs/sp.key'; +//$SSO['SP_CERT'] = 'conf/certs/sp.crt'; +//$SSO['IDP_CERT'] = 'conf/certs/idp.crt'; +//$SSO['SETTINGS'] = []; diff --git a/roles/zabbix_server/vars/main.yml b/roles/zabbix_server/vars/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..88cc9604f4f98faf2db3bf071d541f9eb1c50674 --- /dev/null +++ b/roles/zabbix_server/vars/main.yml @@ -0,0 +1,33 @@ +--- +app_program: "Zabbix Server" + +zabbix_default_admin: "admin" +zabbix_default_password: "admin" + +app_instance_root: "{{ www_root }}/{{ app_instance_id }}" +app_data: "{{ www_root }}/{{ app_instance_id }}.data" + +database_type: "postgres" +database_type_zabbix: "POSTGRESQL" +database_host: "localhost" +database_port: "5432" +database_schema: "public" + +timezone: "Europe/Paris" + +behind_reverse_proxy: "false" + +app_repo_debian: "https://repo.zabbix.com/zabbix/{{ app_version }}/{{ ansible_distribution|lower }}/pool/main/z/zabbix-release/zabbix-release_latest+{{ ansible_distribution|lower }}{{ ansible_distribution_major_version }}_all.deb" +app_repo_ubuntu: "https://repo.zabbix.com/zabbix/{{ app_version }}/{{ ansible_distribution|lower }}/pool/main/z/zabbix-release/zabbix-release_latest+{{ ansible_distribution|lower }}{{ ansible_distribution_version }}_all.deb" + +zabbix_packages: ["zabbix-server-pgsql", "zabbix-web-service", "zabbix-frontend-php", "zabbix-sql-scripts"] + +## Option for Java Gateway +zabbix_java_gateway_state: absent +zabbix_java_gateway_service_state: started +zabbix_java_gateway_service_enabled: yes +zabbix_java_gateway_config_listen_ip: localhost +zabbix_java_gateway_config_listen_port: 10052 +zabbix_java_gateway_config_pid_file: "/var/run/zabbix/zabbix_java_gateway.pid" +zabbix_java_gateway_config_start_pollers: 5 +zabbix_java_gateway_config_java_pollers: "{{zabbix_java_gateway_config_start_pollers}}"