From 92774ab574fc4cdc6bc33bce9e1ebf655ae97f66 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Sat, 23 May 2020 16:12:13 +0200 Subject: [PATCH] Added Server role --- roles/zabbix-server/CHANGELOG.md | 177 ++++++ roles/zabbix-server/CODE_OF_CONDUCT.md | 3 + roles/zabbix-server/CONTRIBUTING.md | 88 +++ roles/zabbix-server/LICENSE | 21 + roles/zabbix-server/PULL_REQUEST_TEMPLATE.md | 12 + roles/zabbix-server/README.md | 320 ++++++++++ roles/zabbix-server/defaults/main.yml | 126 ++++ .../zabbix-server/files/install_semodule.bsx | Bin 0 -> 1102 bytes roles/zabbix-server/handlers/main.yml | 7 + roles/zabbix-server/inventory | 9 + roles/zabbix-server/meta/main.yml | 26 + .../molecule/default/Dockerfile.j2 | 7 + .../molecule/default/INSTALL.rst | 16 + .../zabbix-server/molecule/default/create.yml | 84 +++ .../molecule/default/destroy.yml | 32 + .../molecule/default/molecule.yml | 48 ++ .../molecule/default/playbook.yml | 4 + .../molecule/default/prepare.yml | 49 ++ .../molecule/default/requirements.yml | 4 + .../molecule/default/tests/test_default.py | 50 ++ .../molecule/default/yaml-lint.yml | 9 + roles/zabbix-server/requirements.yml | 4 + roles/zabbix-server/setup.cfg | 2 + roles/zabbix-server/tasks/Debian.yml | 157 +++++ roles/zabbix-server/tasks/RedHat.yml | 231 +++++++ roles/zabbix-server/tasks/main.yml | 71 +++ roles/zabbix-server/tasks/mysql.yml | 204 +++++++ roles/zabbix-server/tasks/postgresql.yml | 163 +++++ roles/zabbix-server/tasks/scripts.yml | 20 + .../templates/zabbix_server.conf.j2 | 577 ++++++++++++++++++ roles/zabbix-server/vars/Debian.yml | 6 + roles/zabbix-server/vars/RedHat.yml | 6 + roles/zabbix-server/vars/main.yml | 2 + roles/zabbix-server/vars/zabbix.yml | 143 +++++ 34 files changed, 2678 insertions(+) create mode 100644 roles/zabbix-server/CHANGELOG.md create mode 100644 roles/zabbix-server/CODE_OF_CONDUCT.md create mode 100644 roles/zabbix-server/CONTRIBUTING.md create mode 100644 roles/zabbix-server/LICENSE create mode 100644 roles/zabbix-server/PULL_REQUEST_TEMPLATE.md create mode 100644 roles/zabbix-server/README.md create mode 100644 roles/zabbix-server/defaults/main.yml create mode 100755 roles/zabbix-server/files/install_semodule.bsx create mode 100644 roles/zabbix-server/handlers/main.yml create mode 100644 roles/zabbix-server/inventory create mode 100644 roles/zabbix-server/meta/main.yml create mode 100644 roles/zabbix-server/molecule/default/Dockerfile.j2 create mode 100644 roles/zabbix-server/molecule/default/INSTALL.rst create mode 100644 roles/zabbix-server/molecule/default/create.yml create mode 100644 roles/zabbix-server/molecule/default/destroy.yml create mode 100644 roles/zabbix-server/molecule/default/molecule.yml create mode 100644 roles/zabbix-server/molecule/default/playbook.yml create mode 100644 roles/zabbix-server/molecule/default/prepare.yml create mode 100644 roles/zabbix-server/molecule/default/requirements.yml create mode 100644 roles/zabbix-server/molecule/default/tests/test_default.py create mode 100644 roles/zabbix-server/molecule/default/yaml-lint.yml create mode 100644 roles/zabbix-server/requirements.yml create mode 100644 roles/zabbix-server/setup.cfg create mode 100644 roles/zabbix-server/tasks/Debian.yml create mode 100644 roles/zabbix-server/tasks/RedHat.yml create mode 100644 roles/zabbix-server/tasks/main.yml create mode 100644 roles/zabbix-server/tasks/mysql.yml create mode 100644 roles/zabbix-server/tasks/postgresql.yml create mode 100644 roles/zabbix-server/tasks/scripts.yml create mode 100644 roles/zabbix-server/templates/zabbix_server.conf.j2 create mode 100644 roles/zabbix-server/vars/Debian.yml create mode 100644 roles/zabbix-server/vars/RedHat.yml create mode 100644 roles/zabbix-server/vars/main.yml create mode 100644 roles/zabbix-server/vars/zabbix.yml diff --git a/roles/zabbix-server/CHANGELOG.md b/roles/zabbix-server/CHANGELOG.md new file mode 100644 index 000000000..f63de6d3f --- /dev/null +++ b/roles/zabbix-server/CHANGELOG.md @@ -0,0 +1,177 @@ +# ansible-zabbix-server Release + +Below an overview of all changes in the releases. + +Version (Release date) + +FINAL and LAST release for this role in this repository. This role will be transferred to: https://github.com/ansible-collections/community.zabbix/ + +1.8.0 (2020-05-23) + + * allow remote login to db server from zabbix server #166 (By pull request: Vinclame (Thanks!)) + * Improving readability #167 (By pull request: santiagomr (Thanks!)) + * delegated_dbhost create/import tasks was missing create.sql file. #168 (By pull request: Vinclame (Thanks!)) + * zabbix_database_sqlload variable README fix #171 (By pull request: bdekker-routit (Thanks!)) + * Avoid conflicts with zabbix_version var #172 (By pull request: santiagomr (Thanks!)) + * make zabbix service start/enable optional #174 (By pull request: tenhishadow (Thanks!)) + * Add SELinux workaround #175 (By pull request: SimBou (Thanks!)) + * Use the correct naming as suggested in dj-wasabi/ansible-zabbix-agent #301 #176 + * fix issue with datafiles_path on RHEL8 #177 (By pull request: SimBou (Thanks!)) + * Fix check_mode for dpkg_exclude_line.rc on Debian/Ubuntu (Closes: #179) #180 (By pull request: kr4ut (Thanks!)) + * ability to manage zabbix-server service #181 (By pull request: Vinclame (Thanks!)) + +1.7.0 (2019-12-01) + + * Using the correct properties in examples #159 + * Updating to Zabbix 4.4 #160 + * Trying to use a Matrix in Travis and see what happens.. :-) #161 + * Added RHEL8 specific stuff #162 (By pull request: bdekker-routit (Thanks!)) + * Replaced version_compare #164 (By pull request: m3t4Lm4n (Thanks!)) + +1.6.0 (2019-09-27) + + * Install Python bindings based on interpreter; Closes dj-wasabi/ansible-zabbix-server#148 #149 (By pull request: kr4ut (Thanks!)) + * Update zabbix_server.conf.j2 #153 (By pull request: Grzyboll (Thanks!)) + * Fixed installation on Debian 10 (buster) #156 (By pull request: banzayats (Thanks!)) + * Workaround for importing create.sql.gz issue on Debian 10 #157 (By pull request: banzayats (Thanks!)) + +1.5.0 (2019-04-14) + + * docs: fix basic grammar mistakes #131 (By pull request: mirmire (Thanks!)) + * fix deprecation warning in ansible 2.4 #132 (By pull request: bessonovevgen (Thanks!)) + * Add Alertscript and Externalscript install #133 (By pull request: gmcgilvray (Thanks!)) + * modified placement of seboolean variables #135 (By pull request: average-joe (Thanks!)) + * fix installation when zabbix_repo="other" #136 (By pull request: wschaft (Thanks!)) + * alertscripts-fix #137 (By pull request: gmcgilvray (Thanks!)) + * Added retries for package installations #139 + * [E204] Lines should be no longer than 120 chars #140 + * Update README.md #141 (By pull request: mklvr (Thanks!)) + * Fix Zabbix installation on Bionic #142 (By pull request: logan2211 (Thanks!)) + * Fix typo on config #143 (By pull request: mrdumpty (Thanks!)) + * Updating to Zabbix 4.2 #145 + +1.4.0 (2018-11-23) + + * Fixes Deprecation Warnings for Ansible 2.7 to prepare.yml #121 (By pull request: borener (Thanks!)) + * Removes loops that are now causing Deprecation warnings in redhat.yml #122 (By pull request: borener (Thanks!)) + * Fix Deprecation warning associated with apt loops in Debian.yml #123 (By pull request: borener (Thanks!)) + * Make it a service only #124 + * Pre 4.0 config #125 (By pull request: Boolman (Thanks!)) + * Add install_recommends option to the apt-get install of zabbix-server #127 (By pull request: gmcgilvray (Thanks!)) + * Fix for: unable to install older releases of zabbix-server #129 + * Set the correct rights for configuration file #130 + +1.3.0 (2018-10-19) + + * Make it work with Zabbix 4.0 #112 + * added zabbix server package variable to upgrade packages when necessary #116 (By pull request: average-joe (Thanks!)) + * Changes to allow pgsql connection without ssh to remote db #111 (By pull request: ericsysmin (Thanks!)) + +1.2.0 (2018-09-11) + + * Added several files like license, code-of-conduct and contributing #92 + * added parameters to mysql_user task #95 (By pull request: average-joe (Thanks!)) + * Adding login parameters to database import task #103 (By pull request: rubentsirunyan (Thanks!)) + * Updated supported versions #104 (By pull request: dnmvisser (Thanks!)) + * Clarifying some stuff about dependencies #105 + * Reflect license change to MIT in README #107 (By pull request: stephankn (Thanks!)) + * Made some fixes specific to work with older Zabbix versions #108 + * Changes path to suggested in issue #109 + +1.1.0 (2018-05-20) + + * Use the service for ubuntu 14.04 + * Use the `zabbix_server_database` and `zabbix_server_database_long` as how it is documented + * Support Debian 9 + * Use Ansible 2.4 as minimum version + * Fixed/Removed some deprecation warnings + * Use specific version of libraries #87 + * Postgresql 10 support #73 (By pull request: eshikhov (Thanks!)) + * Update README.md #76 (By pull request: aminmaghsodi (Thanks!)) + * Update RedHat.yml #82 (By pull request: tshtilman (Thanks!)) + * Testing with Molecule V2 + +1.0.0 (2017-08-30) + + * From ini to yml style. + * Replace shell tasks with modules. + * Installing default 3.4. + * Prefixed all properties that started with `server_` with the value `zabbix_`. + * Added upgrade part in documentation. + * Documentation: Fix Formatting #71 (By pull request: fxfitz (Thanks!)) + * Fix permissions on Zabbix includedir #68 (By pull request: clement-lefevre (Thanks!)) + * Set Molecule to V1 for now since V2 is released. + +0.8.0 (2017-06-16) + + * Changed the dependency-definition to get rid of a deprecation warning #41 (By pull request: madonius (Thanks!)) + * Using a changed_when to fool ansible-lint #42 + * Create vhost config in correct directory and link to enable #47 (By pull request: stephankn (Thanks!)) + * Removing not needed ServerAlias entry #48 + * Updating when statement due to comment #50 + * Renaming docker-py to docker #54 + * skip steps related to zabbix-web package when not installing it #56 (By pull request: flyapen (Thanks!)) + * Fix for Wrong directory api instead of app in apache_vhost.conf.j2 #53 + +0.7.0 (2016-12-30) + + * Set up distributive-related config-ownership #40 (By pull request: envrm (Thanks!)) + * fix apache restart when using tag 'apache' … #39 (By pull request: lhoss (Thanks!)) + * debian/ubuntu: install postgresql-client pkg (instead of postgresql which contains the postgres server) #38 (By pull request: lhoss (Thanks!)) + * fix early failures when running the zabbix-server playbook in check-mode #37 (By pull request: lhoss (Thanks!)) + * Update main.yml #36 (By pull request: cognoscibilis (Thanks!)) + * Configurable zabbix server port and database port #34 (By pull request: vincepii (Thanks!)) + * debian and ubuntu repository install was generalized #32 (By pull request: matheuscunha (Thanks!)) + * Zabbix 3.2.0 + +0.6.0 (2016-08-24) + + * Removed Test Kitchen tests, added molecule tests + * Added collation and encoding for MySQL databases #23 + * Add SELinux specifics #19 (By pull request: mescanef (Thanks!)) + * Fixes in the README.md file #18 (By pull request: mescanef (Thanks!)) + * Fix for: zabbix_repo - inconsistent use between server and agent roles. #17 + * Fix for: apache 2.2. and 2.4 #15 + +0.5.1 (2016-04-03) + + * Fix for: zabbix_server.conf file mode #14 + * Fix for: Support for v3+ Server Configuration #13 + +0.5.0 (2016-03-28) + + * Zabbix 3.0 + * MySQL database creation on other host (delegation) + +0.4.0 (2016-02-05) + + * fix #2: server_dbhost allows for remote database but role does not fully support setting up on remote db #11 (By pull request: lhoss (Thanks!)) + * Added basic travis test + * Fixed installation on Debian / Ubuntu for installing mysqldb-python package. + +0.3.0 (2015-11-24) + + * Add test-kitchen #7 (By pull request: kostyrevaa (Thanks!)) + * Force apt cache update after installing Zabbix's gpg key #8 (By pull request: SAL-e (Thanks!)) + * tasks/mysql.yml - [add] install mysql client on RHEL base 7 #9 (By pull request: clopnis (Thanks!)) + * Updated test-kitchen tests + * Added BATS tests + * Added CHANGELOG.md file + +0.2.1 (2015-06-30) + + * Fix unzip schema files for RedHat #5 (By pull request: kostyrevaa (Thanks!)) + * Fix missed required space #6 (By pull request: kostyrevaa (Thanks!)) + +0.2.0 (2015-03-20) + + * Various fixes #3 (By pull request: srvg (Thanks!)) + * Add optional configuration for Apache virtualhost aliases #4 (By pull request: srvg (Thanks!)) + +0.1.0 (2015-02-01) + + * Two minor changes for installation #1 (By pull request: drmikecrowe (Thanks!)) + +0.0.1 (2014-10-31) + + * Initial creation \ No newline at end of file diff --git a/roles/zabbix-server/CODE_OF_CONDUCT.md b/roles/zabbix-server/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..e28ac17f7 --- /dev/null +++ b/roles/zabbix-server/CODE_OF_CONDUCT.md @@ -0,0 +1,3 @@ +# Code of Conduct + +The Code of Conduct from Ansible found [here](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html) applies to this Ansible role as well. diff --git a/roles/zabbix-server/CONTRIBUTING.md b/roles/zabbix-server/CONTRIBUTING.md new file mode 100644 index 000000000..c3107be31 --- /dev/null +++ b/roles/zabbix-server/CONTRIBUTING.md @@ -0,0 +1,88 @@ +# Contributing to this role + +**Table of content** + +- [Contributing to this role](#contributing-to-this-role) + * [Contributing](#contributing) + * [(local) Development](#-local--development) + + [Requirements](#requirements) + + [Execution](#execution) +- [Other](#other) + * [Virtualenv](#virtualenv) + * [Links](#links) + +Thank you very much for taking time to improve this Ansible role. + +## Contributing + +Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms. [Contributor Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). + +1. Fork the repo + +2. Create a branch and apply your changes to this branch. + + a. Make sure you have updated the documentation when adding new variables; + + b. Don't forget to add/update tests so we can test the functionality during each Pull Request; + + c. Make sure the tests will succeed. + +3. Push the branch to your fork and submit a pull request. + +**Note** + +Pull Requests that fail during the tests will not be merged. + +## Coding Guidelines + +Style guides are important because they ensure consistency in the content, look, and feel of a book or a website. + +* [Ansible Style Guide](http://docs.ansible.com/ansible/latest/dev_guide/style_guide/) +* It's "Ansible" when referring to the product and ``ansible`` when referring to the command line tool, package, etc +* Playbooks should be written in multi-line YAML with ``key: value``. The form ``key=value`` is only for ``ansible`` ad-hoc, not for ``ansible-playbook``. +* Tasks should always have a ``name:`` + +## (local) Development + +This role makes use of Molecule to test the execution of the role and verify it. In the root of the repository, a file named `requirements.txt` exists and contains the versions used by the tests. + +### Requirements + +You can install them with the following command: + +``` +pip install -r requirements.txt +``` + +Once the dependencies are installed, please install Docker, as Molecule is configured in this repository to create Docker containers. See [this](https://docs.docker.com/install/) link to install Docker on your system. + +### Execution + +Once everything is installed, you can validate your changes by executing: +``` +molecule test +``` + +It should run without any issues. + +# Other + +## Virtualenv + +Suggestion is to create a virtualenv so you won't have issues with other projects. + +Some web pages describing for virtual env: + +* http://thepythonguru.com/python-virtualenv-guide/ +* https://realpython.com/python-virtual-environments-a-primer/ +* https://www.dabapps.com/blog/introduction-to-pip-and-virtualenv-python/ + +## Links + +[Molecule](https://molecule.readthedocs.io/) + +[Ansible](https://www.ansible.com/) + +[Molecule V2 with your own role](https://werner-dijkerman.nl/2017/09/05/using-molecule-v2-to-test-ansible-roles/) + +**End note**: Have fun making changes. If a feature helps you, then others find it helpful too and I will happily have it merged. diff --git a/roles/zabbix-server/LICENSE b/roles/zabbix-server/LICENSE new file mode 100644 index 000000000..6922fb326 --- /dev/null +++ b/roles/zabbix-server/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2018 Werner Dijkerman + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/roles/zabbix-server/PULL_REQUEST_TEMPLATE.md b/roles/zabbix-server/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..70c5edefc --- /dev/null +++ b/roles/zabbix-server/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,12 @@ +**Description of PR** + + +**Type of change** + + +Feature Pull Request +Bugfix Pull Request +Docs Pull Request + +**Fixes an issue** + diff --git a/roles/zabbix-server/README.md b/roles/zabbix-server/README.md new file mode 100644 index 000000000..8daf1cb6f --- /dev/null +++ b/roles/zabbix-server/README.md @@ -0,0 +1,320 @@ +Table of Contents + +- [Overview](#overview) +- [Upgrades](#upgrades) + * [1.0.0](#100) +- [Requirements](#requirements) + * [Operating systems](#operating-systems) + * [Zabbix Versions](#zabbix-versions) + + [Zabbix 4.4](#zabbix-44) + + [Zabbix 4.2](#zabbix-42) + + [Zabbix 4.0](#zabbix-40) + + [Zabbix 3.4](#zabbix-34) + + [Zabbix 3.2](#zabbix-32) + + [Zabbix 3.0](#zabbix-30) + + [Zabbix 2.4](#zabbix-24) + + [Zabbix 2.2](#zabbix-22) +- [Installation](#installation) +- [Role Variables](#role-variables) + * [Main variables](#main-variables) + + [Overall Zabbix](#overall-zabbix) + + [Zabbix Server](#zabbix-server) + + [Custom Zabbix Scripts](#custom-zabbix-scripts) + + [TLS Specific configuration](#tls-specific-configuration) + * [Database](#database) +- [Dependencies](#dependencies) +- [Example Playbook](#example-playbook) +- [Molecule](#molecule) +- [Contributors](#contributors) +- [License](#license) +- [Author Information](#author-information) + +# Overview + +Badges: + +[![Build Status](https://travis-ci.org/dj-wasabi/ansible-zabbix-server.svg?branch=master)](https://travis-ci.org/dj-wasabi/ansible-zabbix-server) + +This is a role for installing and maintaining the zabbix-server. + +This is one of the 'dj-wasabi' roles which configures your whole zabbix environment. See below for the complete list: + + * zabbix-web (https://galaxy.ansible.com/dj-wasabi/zabbix-web/) + * zabbix-server (https://galaxy.ansible.com/dj-wasabi/zabbix-server/) + * zabbix-proxy (https://galaxy.ansible.com/dj-wasabi/zabbix-proxy/) + * zabbix-javagateway (https://galaxy.ansible.com/dj-wasabi/zabbix-javagateway/) + * zabbix-agent (https://galaxy.ansible.com/dj-wasabi/zabbix-agent/) + +# Upgrades + +## 1.0.0 + +With this 1.0.0 release, the following is changed: + +* This repository will only contain all the actions that are needed for correctly configuring a Zabbix Server. All tasks regarding the frontend/webui of Zabbix has been transferred to the `dj-wasabi.zabbix-web` role. +* All properties start with `zabbix_` now. Example, property named `server_dbuser` is now `zabbix_server_dbuser`. + +# Requirements + +## Operating systems + +This role will work on the following operating systems: + + * Red Hat + * Debian + * Ubuntu + +So, you'll need one of those operating systems.. :-) +Please send Pull Requests or suggestions when you want to use this role for other Operating systems. + +## Zabbix Versions + +See the following list of supported Operating systems with the Zabbix releases: + +### Zabbix 4.4 + + * CentOS 7.x, 8.x + * Amazon 7.x + * RedHat 7.x, 8.x + * OracleLinux 7.x, 8.x + * Scientific Linux 7.x, 8.x + * Ubuntu 14.04, 16.04, 18.04 + * Debian 8, 9 + +### Zabbix 4.2 + + * CentOS 7.x + * Amazon 7.x + * RedHat 7.x + * OracleLinux 7.x + * Scientific Linux 7.x + * Ubuntu 14.04, 16.04, 18.04 + * Debian 8, 9 + +### Zabbix 4.0 + + * CentOS 7.x + * Amazon 7.x + * RedHat 7.x + * OracleLinux 7.x + * Scientific Linux 7.x + * Ubuntu 14.04, 16.04, 18.04 + * Debian 8, 9 + +### Zabbix 3.4 + + * CentOS 7.x + * Amazon 7.x + * RedHat 7.x + * OracleLinux 7.x + * Scientific Linux 7.x + * Ubuntu 14.04, 16.04 + * Debian 7, 8, 9 + + +### Zabbix 3.2 + + * CentOS 7.x + * Amazon 7.x + * RedHat 7.x + * OracleLinux 7.x + * Scientific Linux 7.x + * Ubuntu 14.04, 16.04 + * Debian 7, 8 + +### Zabbix 3.0 + + * CentOS 5.x, 6.x, 7.x + * Amazon 5.x, 6.x, 7.x + * RedHat 5.x, 6.x, 7.x + * OracleLinux 5.x, 6.x, 7.x + * Scientific Linux 5.x, 6.x, 7.x + * Ubuntu 14.04 + * Debian 7, 8 + +### Zabbix 2.4 + + * CentOS 6.x, 7.x + * Amazon 6.x, 7.x + * RedHat 6.x, 7.x + * OracleLinux 6.x, 7.x + * Scientific Linux 6.x, 7.x + * Ubuntu 12.04 14.04 + * Debian 7 + +### Zabbix 2.2 + + * CentOS 5.x, 6.x + * RedHat 5.x, 6.x + * OracleLinux 5.x, 6.x + * Scientific Linux 5.x, 6.x + * Ubuntu 12.04 + * Debian 7 + * xenserver 6 + +# Installation + +Installing this role is very simple: `ansible-galaxy install dj-wasabi.zabbix-server` + +Please be aware that this role only installs the Zabbix Server and not the Zabbix Web. If you do want to have a Zabbix Web, please execute the following command: `ansible-galaxy install dj-wasabi.zabbix-web` + +Default username/password for the Zabbix Web interface is the default one installed by Zabbix. + +Username: Admin +Password: zabbix + +# Role Variables + +## Main variables + +The following is an overview of all available configuration default for this role. + +### Overall Zabbix + +* `zabbix_server_version`: This is the version of zabbix. Default: 4.4. Can be overridden to 3.2, 3.0, 2.4, or 2.2. Previously the variable `zabbix_version` was used directly but it could cause [some inconvenience](https://github.com/dj-wasabi/ansible-zabbix-agent/pull/303). That variable is maintained by retrocompativility. +* `zabbix_repo_yum`: A list with Yum repository configuration. +* `zabbix_repo`: Default: _zabbix_ + * _epel_ install agent from EPEL repo + * _zabbix_ (default) install agent from Zabbix repo + * _other_ install agent from pre-existing or other repo +* `zabbix_server_package_state`: Default: _present_. Can be overridden to "latest" to update packages when needed. +* `zabbix_service_state`: Default: `started`. Can be overridden to stopped if needed +* `zabbix_service_enabled`: Default: `True` Can be overridden to `False` if needed +* `zabbix_selinux`: Enables an SELinux policy so that the server will run. Default: False. + +### Zabbix Server + +* `zabbix_server_name`: The name of the Zabbix Server. +* `zabbix_server_database`: The type of database used. Can be: mysql or pgsql +* `zabbix_server_database_long`: The type of database used, but long name. Can be: mysql or postgresql +* `zabbix_server_hostname`: The hostname on which the zabbix-server is running. Default set to: {{ inventory_hostname }} +* `zabbix_server_listenport`: On which port the Zabbix Server is available. Default: 10051 +* `zabbix_server_dbhost`: The hostname on which the database is running. +* `zabbix_server_real_dbhost`: The hostname of the dbhost that is running behind a loadbalancer/VIP (loadbalancers doesn't accept ssh connections) +* `zabbix_server_dbname`: The database name which is used by the Zabbix Server. +* `zabbix_server_dbuser`: The database username which is used by the Zabbix Server. +* `zabbix_server_dbpassword`: The database user password which is used by the Zabbix Server. +* `zabbix_server_dbport`: The database port which is used by the Zabbix Server. +* `zabbix_database_creation`: True / False. When you don't want to create the database including user, you can set it to False. +* `zabbix_server_install_recommends`: True / False. False does not install the recommended packages that come with the zabbix-server install. Default true +* `zabbix_server_install_database_client`: True / False. False does not install database client. Default true +* `zabbix_database_sqlload`:True / False. When you don't want to load the sql files into the database, you can set it to False. +* `zabbix_server_dbencoding`: The encoding for the MySQL database. Default set to `utf8` +* `zabbix_server_dbcollation`: The collation for the MySQL database. Default set to `utf8_bin` +* `zabbix_server_manage_service`: True / False. When you run multiple Zabbix servers in a High Available cluster setup (e.g. pacemaker), you don't want Ansible to manage the zabbix-server service, because Pacemaker is in control of zabbix-server service. + +### Custom Zabbix Scripts + +Define these variables to copy scripts to your respective scripts path. + +* `zabbix_server_alertscripts`: List of alertscripts to be added to `zabbix_server_alertscriptspath` +* `zabbix_server_externalscripts`: List of alertscripts to be added to `zabbix_server_externalscriptspath` + +Example: + +```bash + zabbix_server_alertscripts: + - path: "{{ lookup('first_found', 'zabbix-scripts/somescript.php') }}" + name: "somescript.php" +``` + +### TLS Specific configuration + +These variables are specific for Zabbix 3.0 and higher: + +* `zabbix_server_tlsconnect`: How the agent should connect to server or proxy. Used for active checks. + Possible values: + * unencrypted + * psk + * cert +* `zabbix_server_tlsaccept`: What incoming connections to accept. + Possible values: + * unencrypted + * psk + * cert +* `zabbix_server_tlscafile`: Full pathname of a file containing the top-level CA(s) certificates for peer certificate verification. +* `zabbix_server_tlscrlfile`: Full pathname of a file containing revoked certificates. +* `zabbix_server_tlsservercertissuer`: Allowed server certificate issuer. +* `zabbix_server_tlsservercertsubject`: Allowed server certificate subject. +* `zabbix_server_tlscertfile`: Full pathname of a file containing the agent certificate or certificate chain. +* `zabbix_server_tlskeyfile`: Full pathname of a file containing the agent private key. + +## Database + +There are some zabbix-server specific variables which will be used for the zabbix-server configuration file. These can be found in the defaults/main.yml file. There are 3 which need some explanation: +```bash + #zabbix_server_database: mysql + #zabbix_server_database_long: mysql + zabbix_server_database: pgsql + zabbix_server_database_long: postgresql + [...] + zabbix_server_dbport: 5432 +``` + +There are 2 database_types which will be supported: mysql and postgresql. You'll need to comment or uncomment the database you would like to use and adjust the port number (`server_dbport`) accordingly (`5432` is the default postgresql port). In example from above, the postgresql database is used. If you want to use mysql, uncomment the 2 lines from mysql and comment the 2 lines for postgresql and change the database port to the mysql one (default mysql port is `3306`). + +If you use mysql, then you should define mysql username, password and host to prepare zabbix database, otherwise they will be considered as their default value (and therefore, connecting to database will be considered as connecting to localhost with no password). The keys are below: + +```bash + zabbix_server_mysql_login_host + zabbix_server_mysql_login_user + zabbix_server_mysql_login_password +``` +If you use pgsql, then you should define pgsql username, password and host to prepare zabbix database, otherwise they will be considered as their default value (and therefore, connecting to database will be considered as connecting to localhost with no password). The keys are below: + +```bash + zabbix_server_pgsql_login_host + zabbix_server_pgsql_login_user + zabbix_server_pgsql_login_password +``` + + +# Dependencies + +For the databases you should find a role that suits your needs, as I don't want to force you for using a specific role. Before applying this Zabbix Server role, the database service should already be installed and running, and should be able to handle the modules in Ansible that belong to that database. + +This role will **not** install a MySQL or PostgreSQL service. + +This role will create a Zabbix user and a Zabbix database in the configured database type. + +# Example Playbook + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: zabbix-server + become: yes + roles: + - { role: dj-wasabi.zabbix-server, zabbix_server_database: mysql, zabbix_server_database_long: mysql } + + +# Molecule + +This role is configured to be tested with Molecule. You can find on these pages some more information regarding Molecule: + +* http://werner-dijkerman.nl/2016/07/10/testing-ansible-roles-with-molecule-testinfra-and-docker/ +* http://werner-dijkerman.nl/2016/07/27/extending-ansible-role-testing-with-molecule-by-adding-group_vars-dependencies-and-using-travis-ci/ +* http://werner-dijkerman.nl/2016/07/31/testing-ansible-roles-in-a-cluster-setup-with-docker-and-molecule/ + +# Contributors + +The following have contributed to this Ansible role (List of Fame): + + * drmikecrowe + * srvg + * kostyrevaa + * clopnis + * SAL-e + * lhoss + * mescanef + +# License + +MIT + +# Author Information + +This is my first attempt to create an ansible role, so please send suggestion or pull requests to make this role better. + +Github: https://github.com/dj-wasabi/ansible-zabbix-server + +mail: ikben [ at ] werner-dijkerman . nl diff --git a/roles/zabbix-server/defaults/main.yml b/roles/zabbix-server/defaults/main.yml new file mode 100644 index 000000000..5adb7edce --- /dev/null +++ b/roles/zabbix-server/defaults/main.yml @@ -0,0 +1,126 @@ +--- +# defaults file; +# zabbix role specific + +zabbix_server_version: 4.4 +zabbix_version: "{{ zabbix_server_version }}" +zabbix_repo: zabbix + +zabbix_server_package_state: present +zabbix_server_install_recommends: True +zabbix_server_install_database_client: True + +zabbix_service_state: started +zabbix_service_enabled: True + +zabbix_repo_yum: + - name: zabbix + description: Zabbix Official Repository - $basearch + baseurl: http://repo.zabbix.com/zabbix/{{ zabbix_version }}/rhel/{{ ansible_distribution_major_version }}/$basearch/ + gpgcheck: 0 + gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX + state: present + - name: zabbix-non-supported + description: Zabbix Official Repository non-supported - $basearch + baseurl: http://repo.zabbix.com/non-supported/rhel/{{ ansible_distribution_major_version }}/$basearch/ + gpgcheck: 0 + gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX + state: present + +# Database +zabbix_server_database: pgsql +zabbix_server_database_long: postgresql +zabbix_database_creation: True +zabbix_database_sqlload: True + +# zabbix-server specific vars +zabbix_server_listenport: 10051 +zabbix_server_sourceip: +zabbix_server_logtype: file +zabbix_server_logfile: /var/log/zabbix/zabbix_server.log +zabbix_server_logfilesize: 10 +zabbix_server_debuglevel: 3 +zabbix_server_pidfile: /var/run/zabbix/zabbix_server.pid +zabbix_server_socketdir: /var/run/zabbix +zabbix_server_real_dbhost: +zabbix_server_dbhost: localhost +zabbix_server_dbname: zabbix-server +zabbix_server_dbencoding: utf8 +zabbix_server_dbcollation: utf8_bin +zabbix_server_dbschema: +zabbix_server_dbuser: zabbix-server +zabbix_server_dbpassword: zabbix-server +zabbix_server_dbsocket: +zabbix_server_dbport: 5432 +zabbix_server_privileged_host: localhost +zabbix_server_historystorageurl: +zabbix_server_historystoragetypes: uint,dbl,str,log,text +zabbix_server_historystoragedateindex: 0 +zabbix_server_exportdir: +zabbix_server_exportfilesize: 1G +zabbix_server_startpollers: 5 +zabbix_server_startipmipollers: 0 +zabbix_server_startpollersunreachable: 1 +zabbix_server_starttrappers: 5 +zabbix_server_startpingers: 1 +zabbix_server_startdiscoverers: 1 +zabbix_server_starthttppollers: 1 +zabbix_server_starttimers: 1 +zabbix_server_javagateway: +zabbix_server_javagatewayport: 10052 +zabbix_server_startjavapollers: 5 +zabbix_server_startvmwarecollectors: 0 +zabbix_server_vmwarefrequency: 60 +zabbix_server_vmwarecachesize: 8M +zabbix_server_snmptrapperfile: /tmp/zabbix_traps.tmp +zabbix_server_startsnmptrapper: 0 +zabbix_server_listenip: +zabbix_server_housekeepingfrequency: 1 +zabbix_server_maxhousekeeperdelete: 500 +zabbix_server_senderfrequency: 30 +zabbix_server_cachesize: 8M +zabbix_server_cacheupdatefrequency: 60 +zabbix_server_startdbsyncers: 4 +zabbix_server_historycachesize: 8M +zabbix_server_historyindexcachesize: 4M +zabbix_server_trendcachesize: 4M +zabbix_server_historytextcachesize: 16M +zabbix_server_valuecachesize: 8M +zabbix_server_nodenoevents: 0 +zabbix_server_nodenohistory: 0 +zabbix_server_timeout: 3 +zabbix_server_trappertimeout: 300 +zabbix_server_unreachableperiod: 45 +zabbix_server_unavailabledelay: 60 +zabbix_server_unreachabledelay: 15 +zabbix_server_alertscriptspath: /usr/lib/zabbix/alertscripts +zabbix_server_externalscriptspath: /usr/lib/zabbix/externalscripts +zabbix_server_fpinglocation: /usr/sbin/fping +zabbix_server_fping6location: /usr/sbin/fping6 +zabbix_server_sshkeylocation: +zabbix_server_logslowqueries: 0 +zabbix_server_tmpdir: /tmp +zabbix_server_startproxypollers: 1 +zabbix_server_proxyconfigfrequency: 3600 +zabbix_server_proxydatafrequency: 1 +zabbix_server_allowroot: 0 +zabbix_server_user: zabbix +zabbix_server_include: /etc/zabbix/zabbix_server.conf.d +zabbix_server_sslcertlocation: ${datadir}/zabbix/ssl/certs +zabbix_server_sslkeylocation: ${datadir}/zabbix/ssl/keys +zabbix_server_sslcalocation: +zabbix_server_loadmodulepath: ${libdir}/modules +zabbix_server_loadmodule: +zabbix_server_tlscafile: +zabbix_server_tlscrlfile: +zabbix_server_tlscertfile: +zabbix_server_tlskeyfile: +zabbix_server_startescalators: 1 +zabbix_server_vmwareperffrequency: 60 +zabbix_server_vmwaretimeout: 10 +zabbix_server_manage_service: True + +# SELinux specific +zabbix_selinux: False +selinux_allow_zabbix_can_network: False +selinux_allow_zabbix_can_http: False diff --git a/roles/zabbix-server/files/install_semodule.bsx b/roles/zabbix-server/files/install_semodule.bsx new file mode 100755 index 0000000000000000000000000000000000000000..d37320c9f92d80ae3227f8c23a754d960ed92fca GIT binary patch literal 1102 zcmZuuZAep57+yprr>vkd%EEVR)hy=JKrQ>AZ0Jx^rfDU5x!!x+PHuPCd++A_SVU1s z;h&Ns@}rz3X&Pim87ZYG1O_3}h%C||#mW-<&T1cOwLE{$;eDRxJ*ShT!fA48 z(TEUcj22KRrtUZ+X7Yg-uz(A!L?jXxry&JGBoDGc4r)7StfJs;!gvH`3u`rDP+R;! z5&IB|rCZ;Kn4Y42@F^2$rmXe7m63zfqS`os+!W1(ofIdN+6b;*ex0nc1 z#8?Dum551H^F@-;!uc~}+)S@mA023p^;iCpcwcrRK?KSp{t;>Il0Y*O&;ny5HvCsS z*v?x73DT2O_v-XJlqz$+gv~st*-(Ub>*Er18CrLhF3g9GnjDInDp7m1Nhz5WrPM$P zFAz?GeR|jo5wU;uBJ0r2td>N4&bmE*Nzj7MBOTR9=?|I4oR8BvXk`kE&ft45T|K08xqO+cu?4z7kwFPBpd< zRkU!JJ*X%BkyWFqoz)f0$c2Vy!=<|5`p%xqJ1##Q-Qx(zzVea%RA;Jg8Gqi&EHtcm zqI1PMGrw)Rd*(zXaZa9#yrvJfjY-|h3YHEQ6~DVRr){|U= 0 + + - name: Create docker network(s) + docker_network: + name: "{{ item }}" + docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}" + state: present + with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}" + + - name: Create molecule instance(s) + docker_container: + name: "{{ item.name }}" + docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}" + hostname: "{{ item.hostname | default(item.name) }}" + image: "molecule_local/{{ item.image }}" + state: started + recreate: false + log_driver: none + command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}" + privileged: "{{ item.privileged | default(omit) }}" + security_opts: "{{ item.security_opts | default(omit) }}" + volumes: "{{ item.volumes | default(omit) }}" + tmpfs: "{{ item.tmpfs | default(omit) }}" + capabilities: "{{ item.capabilities | default(omit) }}" + exposed_ports: "{{ item.exposed_ports | default(omit) }}" + published_ports: "{{ item.published_ports | default(omit) }}" + ulimits: "{{ item.ulimits | default(omit) }}" + networks: "{{ item.networks | default(omit) }}" + dns_servers: "{{ item.dns_servers | default(omit) }}" + register: server + with_items: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: docker_jobs + until: docker_jobs.finished + retries: 300 + with_items: "{{ server.results }}" diff --git a/roles/zabbix-server/molecule/default/destroy.yml b/roles/zabbix-server/molecule/default/destroy.yml new file mode 100644 index 000000000..fa48f36a2 --- /dev/null +++ b/roles/zabbix-server/molecule/default/destroy.yml @@ -0,0 +1,32 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}" + tasks: + - name: Destroy molecule instance(s) + docker_container: + name: "{{ item.name }}" + docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}" + state: absent + force_kill: "{{ item.force_kill | default(true) }}" + register: server + with_items: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: docker_jobs + until: docker_jobs.finished + retries: 300 + with_items: "{{ server.results }}" + + - name: Delete docker network(s) + docker_network: + name: "{{ item }}" + docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}" + state: absent + with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}" diff --git a/roles/zabbix-server/molecule/default/molecule.yml b/roles/zabbix-server/molecule/default/molecule.yml new file mode 100644 index 000000000..a16074f55 --- /dev/null +++ b/roles/zabbix-server/molecule/default/molecule.yml @@ -0,0 +1,48 @@ +--- +dependency: + name: galaxy + options: + ignore-certs: True + ignore-errors: True + role-file: requirements.yml + +driver: + name: docker +lint: + name: yamllint + options: + config-file: molecule/default/yaml-lint.yml +platforms: + - name: zabbix-server-${MY_MOLECULE_CONTAINER:-mysql-centos} + image: ${MY_MOLECULE_IMAGE:-"milcom/centos7-systemd"} + privileged: True + command: /sbin/init + groups: + - ${MY_MOLECULE_GROUP:-mysql} + +provisioner: + name: ansible + lint: + name: ansible-lint + inventory: + group_vars: + mysql: + zabbix_server_database: mysql + zabbix_server_database_long: mysql + zabbix_server_dbport: 3306 + postgresql: + zabbix_server_database: pgsql + zabbix_server_database_long: postgresql + +scenario: + name: default + converge_sequence: + - dependency + - create + - prepare + - converge + +verifier: + name: testinfra + lint: + name: flake8 diff --git a/roles/zabbix-server/molecule/default/playbook.yml b/roles/zabbix-server/molecule/default/playbook.yml new file mode 100644 index 000000000..e523a3fb6 --- /dev/null +++ b/roles/zabbix-server/molecule/default/playbook.yml @@ -0,0 +1,4 @@ +--- +- hosts: all + roles: + - role: ansible-zabbix-server diff --git a/roles/zabbix-server/molecule/default/prepare.yml b/roles/zabbix-server/molecule/default/prepare.yml new file mode 100644 index 000000000..ebd8cccdd --- /dev/null +++ b/roles/zabbix-server/molecule/default/prepare.yml @@ -0,0 +1,49 @@ +--- +- name: Prepare + hosts: all + pre_tasks: + - name: "Installing packages" + yum: + name: + - net-tools + - which + - libselinux-python + state: present + register: installation_dependencies + when: + - ansible_os_family == 'RedHat' + + - name: "Installing which on NON-CentOS" + apt: + name: + - net-tools + - apt-utils + state: present + when: + - ansible_os_family != 'RedHat' + + - name: "Configure SUDO." + lineinfile: + dest: /etc/sudoers + line: "Defaults !requiretty" + state: present + + - name: "Make sure the docs are installed." + lineinfile: + dest: /etc/yum.conf + line: "tsflags=nodocs" + state: absent + + - name: "Create group for imaginary host" + add_host: + name: imaginary-host + groups: + - mysql + - postgresql + changed_when: False + + roles: + - role: geerlingguy.postgresql + when: inventory_hostname in groups['postgresql'] + - role: geerlingguy.mysql + when: inventory_hostname in groups['mysql'] diff --git a/roles/zabbix-server/molecule/default/requirements.yml b/roles/zabbix-server/molecule/default/requirements.yml new file mode 100644 index 000000000..3015f430d --- /dev/null +++ b/roles/zabbix-server/molecule/default/requirements.yml @@ -0,0 +1,4 @@ +--- +- src: geerlingguy.apache +- src: geerlingguy.mysql +- src: geerlingguy.postgresql diff --git a/roles/zabbix-server/molecule/default/tests/test_default.py b/roles/zabbix-server/molecule/default/tests/test_default.py new file mode 100644 index 000000000..3721db343 --- /dev/null +++ b/roles/zabbix-server/molecule/default/tests/test_default.py @@ -0,0 +1,50 @@ +import os +import pytest + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def test_zabbiserver_running_and_enabled(Service, SystemInfo): + if SystemInfo.distribution == 'centos': + zabbix = Service("zabbix-server") + assert zabbix.is_enabled + assert zabbix.is_running + + +@pytest.mark.parametrize("server", [("zabbix-server-pgsql"), ("zabbix-server-mysql")]) +def test_zabbix_package(Package, TestinfraBackend, server, SystemInfo): + host = TestinfraBackend.get_hostname() + host = host.replace("-centos", "") + host = host.replace("-debian", "") + host = host.replace("-ubuntu", "") + + if host == server: + if SystemInfo.distribution in ['debian', 'ubuntu']: + zabbix_server = Package(server) + assert zabbix_server.version.startswith("1:4.4") + elif SystemInfo.distribution == 'centos': + zabbix_server = Package(server) + assert zabbix_server.version.startswith("4.4") + assert zabbix_server.is_installed + + +def test_zabbix_server_dot_conf(File): + zabbix_server_conf = File("/etc/zabbix/zabbix_server.conf") + assert zabbix_server_conf.user == "zabbix" + assert zabbix_server_conf.group == "zabbix" + assert zabbix_server_conf.mode == 0o640 + + assert zabbix_server_conf.contains("ListenPort=10051") + assert zabbix_server_conf.contains("DBHost=localhost") + assert zabbix_server_conf.contains("DebugLevel=3") + + +def test_zabbix_include_dir(File): + zabbix_include_dir = File("/etc/zabbix/zabbix_server.conf.d") + assert zabbix_include_dir.is_directory + assert zabbix_include_dir.user == "zabbix" + assert zabbix_include_dir.group == "zabbix" + # assert zabbix_include_dir.mode == 0o644 diff --git a/roles/zabbix-server/molecule/default/yaml-lint.yml b/roles/zabbix-server/molecule/default/yaml-lint.yml new file mode 100644 index 000000000..0b3abb7c8 --- /dev/null +++ b/roles/zabbix-server/molecule/default/yaml-lint.yml @@ -0,0 +1,9 @@ +--- + +extends: default + +rules: + line-length: + max: 280 + level: warning + truthy: disable diff --git a/roles/zabbix-server/requirements.yml b/roles/zabbix-server/requirements.yml new file mode 100644 index 000000000..3015f430d --- /dev/null +++ b/roles/zabbix-server/requirements.yml @@ -0,0 +1,4 @@ +--- +- src: geerlingguy.apache +- src: geerlingguy.mysql +- src: geerlingguy.postgresql diff --git a/roles/zabbix-server/setup.cfg b/roles/zabbix-server/setup.cfg new file mode 100644 index 000000000..1fd489337 --- /dev/null +++ b/roles/zabbix-server/setup.cfg @@ -0,0 +1,2 @@ +[flake8] +max-line-length = 160 diff --git a/roles/zabbix-server/tasks/Debian.yml b/roles/zabbix-server/tasks/Debian.yml new file mode 100644 index 000000000..54dd9b93e --- /dev/null +++ b/roles/zabbix-server/tasks/Debian.yml @@ -0,0 +1,157 @@ +--- + +- name: "Include Zabbix gpg ids" + include_vars: zabbix.yml + +- name: "Set some variables" + set_fact: + zabbix_short_version: "{{ zabbix_version | regex_replace('\\.', '') }}" + zabbix_server_apt_repository: + - "http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution.lower() }}/" + - "{{ ansible_distribution_release }}" + - "main" + zabbix_python_prefix: "python{% if ansible_python_version is version('3', '>=') %}3{% endif %}" + +- name: "Debian | Set some facts" + set_fact: + datafiles_path: /usr/share/zabbix-server-{{ zabbix_server_database }} + when: + - zabbix_version is version('3.0', '<') + tags: + - zabbix-server + - init + - config + +- name: "Debian | Set some facts for Zabbix 3.0" + set_fact: + datafiles_path: /usr/share/doc/zabbix-server-{{ zabbix_server_database }} + when: + - zabbix_version is version('3.0', '>=') + tags: + - zabbix-server + - init + - config + +- name: "Debian | Install gpg key" + apt_key: + id: "{{ sign_keys[zabbix_short_version][ansible_distribution_release]['sign_key'] }}" + url: http://repo.zabbix.com/zabbix-official-repo.key + register: zabbix_server_repo_files_installed + until: zabbix_server_repo_files_installed is succeeded + when: + - zabbix_repo == "zabbix" + become: yes + tags: + - zabbix-server + - init + +- name: "Debian | Installing repository {{ ansible_distribution }}" + apt_repository: + repo: "{{ item }} {{ zabbix_server_apt_repository | join(' ') }}" + state: present + when: zabbix_repo == "zabbix" + with_items: + - deb-src + - deb + tags: + - zabbix-server + - init + +- name: apt-get clean + shell: apt-get clean; rm -rf /tmp/*; apt-get update + args: + warn: False + changed_when: False + tags: + - skip_ansible_lint + +# On certain 18.04 images, such as docker or lxc, dpkg is configured not to +# install files into paths /usr/share/doc/* +# Since this is where Zabbix installs its database schemas, we need to allow +# files to be installed to /usr/share/doc/zabbix* +- name: Check for the dpkg exclude line + command: grep -F 'path-exclude=/usr/share/doc/*' /etc/dpkg/dpkg.cfg.d/excludes + register: dpkg_exclude_line + failed_when: false + changed_when: false + check_mode: no + +- name: Allow Zabbix dpkg installs to /usr/share/doc/zabbix* + lineinfile: + path: /etc/dpkg/dpkg.cfg.d/excludes + line: 'path-include=/usr/share/doc/zabbix*' + when: + - dpkg_exclude_line.rc == 0 + +- name: "Debian | Installing zabbix-server-{{ zabbix_server_database }}" + apt: + pkg: zabbix-server-{{ zabbix_server_database }} + state: "{{ zabbix_server_package_state }}" + update_cache: yes + cache_valid_time: 0 + install_recommends: "{{ zabbix_server_install_recommends }}" + register: zabbix_server_package_installed + until: zabbix_server_package_installed is succeeded + tags: + - zabbix-server + - init + +- name: "Debian | Install Ansible module dependencies" + apt: + name: "{{ zabbix_python_prefix }}-psycopg2" + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_database_creation + tags: + - zabbix-server + - init + +- name: "Debian | Install Mysql Client package" + apt: + name: + - mysql-client + - "{{ zabbix_python_prefix }}-mysqldb" + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_server_database == 'mysql' + - zabbix_server_install_database_client + - ansible_distribution_release != "buster" + tags: + - zabbix-server + - init + - database + +- name: "Debian 10 | Install Mysql Client package" + apt: + name: + - mariadb-client + - "{{ zabbix_python_prefix }}-mysqldb" + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_server_database == 'mysql' + - zabbix_server_install_database_client + - ansible_distribution_release == "buster" + tags: + - zabbix-server + - init + - database + +- name: "Debian | Install PostgreSQL Client package" + apt: + name: postgresql-client + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_server_database == 'pgsql' + - zabbix_server_install_database_client + tags: + - zabbix-server + - init + - database diff --git a/roles/zabbix-server/tasks/RedHat.yml b/roles/zabbix-server/tasks/RedHat.yml new file mode 100644 index 000000000..7afb84228 --- /dev/null +++ b/roles/zabbix-server/tasks/RedHat.yml @@ -0,0 +1,231 @@ +--- +# Tasks specific for RedHat systems + +- name: "RedHat | Use Zabbix package name" + set_fact: + zabbix_server_package: "zabbix-server-{{ zabbix_server_database }}" + when: + - zabbix_repo == "zabbix" or zabbix_repo == "other" + tags: + - zabbix-server + +- name: "RedHat | Use EPEL package name" + set_fact: + zabbix_server_package: "zabbix{{ zabbix_short_version }}-server-{{ zabbix_server_database }}" + when: + - zabbix_repo == "epel" + tags: + - zabbix-server + +- name: "RedHat | Set some facts EPEL" + set_fact: + datafiles_path: "/usr/share/zabbix-{{ zabbix_server_database_long }}" + when: + - zabbix_repo == "epel" + tags: + - zabbix-server + +- name: "RedHat | Set some facts Zabbix < 3.0" + set_fact: + datafiles_path: "/usr/share/doc/zabbix-server-{{ zabbix_server_database }}-{{ zabbix_version }}*" + when: + - zabbix_version is version('3.0', '<') + tags: + - zabbix-server + +- name: "RedHat | Set facts for Zabbix >= 3.0" + set_fact: + datafiles_path: "/usr/share/doc/zabbix-server-{{ zabbix_server_database }}-{{ zabbix_version }}*" + when: + - zabbix_version is version('3.0', '>=') + tags: + - zabbix-server + +- name: "RedHat | Set facts for RHEL8" + set_fact: + datafiles_path: "/usr/share/doc/zabbix-server-{{ zabbix_server_database }}" + when: + - ansible_distribution_major_version == "8" + tags: + - zabbix-server + +- name: "Make sure old file is absent" + file: + path: /etc/yum.repos.d/zabbix-supported.repo + state: absent + become: yes + +- name: "RedHat | Install basic repo file" + yum_repository: + name: "{{ item.name }}" + description: "{{ item.description }}" + baseurl: "{{ item.baseurl }}" + gpgcheck: "{{ item.gpgcheck }}" + gpgkey: "{{ item.gpgkey }}" + state: "{{ item.state | default('present') }}" + with_items: "{{ zabbix_repo_yum }}" + when: + - zabbix_repo == "zabbix" + tags: + - zabbix-server + +- name: "RedHat | Installing zabbix-server-{{ zabbix_server_database }}" + yum: + pkg: "{{ zabbix_server_package }}" + state: "{{ zabbix_server_package_state }}" + register: zabbix_server_package_installed + until: zabbix_server_package_installed is succeeded + tags: + - zabbix-server + +- name: "RedHat | Install Ansible module dependencies" + yum: + name: python-psycopg2 + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_database_creation + - zabbix_server_database == 'pgsql' + - ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6" + tags: + - zabbix-server + +- name: "RedHat | Install Ansible module dependencies on RHEL8" + yum: + name: python3-psycopg2 + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_database_creation + - zabbix_server_database == 'pgsql' + - ansible_distribution_major_version == "8" + tags: + - zabbix-server + +- name: "RedHat | Install Mysql Client package RHEL7" + yum: + name: + - mariadb + - MySQL-python + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_server_database == 'mysql' + - ansible_distribution_major_version == "7" + tags: + - zabbix-server + +- name: "RedHat | Install Mysql Client package RHEL5 - 6" + yum: + name: + - mysql + - MySQL-python + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_server_database == 'mysql' + - ansible_distribution_major_version == "6" or ansible_distribution_major_version == "5" + tags: + - zabbix-server + +- name: "RedHat | Install PostgreSQL client package" + yum: + name: postgresql + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - zabbix_server_database == 'pgsql' + tags: + - zabbix-server + +- name: "RedHat | Install related SELinux package" + yum: + name: + - libsemanage-python + - policycoreutils + - checkpolicy + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - selinux_allow_zabbix_can_network + - ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6" + - zabbix_selinux | bool + tags: + - zabbix-server + +- name: "RedHat | Install related SELinux package on RHEL8" + yum: + name: + - python3-libsemanage + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - selinux_allow_zabbix_can_network + - ansible_distribution_major_version == "8" + - zabbix_selinux | bool + tags: + - zabbix-server + +- name: "RedHat | Enable httpd_can_connect_zabbix SELinux boolean" + seboolean: + name: httpd_can_connect_zabbix + state: yes + persistent: yes + when: + - selinux_allow_zabbix_can_http + - zabbix_selinux | bool + tags: + - zabbix-server + +- name: "RedHat | Enable zabbix_can_network SELinux boolean" + seboolean: + name: zabbix_can_network + state: yes + persistent: yes + when: + - selinux_allow_zabbix_can_network + - zabbix_selinux | bool + tags: + - zabbix-server + +- name: "RedHat | Install related SELinux package to fix issues" + yum: + name: + - policycoreutils-python + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - ansible_distribution_major_version == "7" or ansible_distribution_major_version == "6" + - zabbix_selinux | bool + tags: + - zabbix-server + +- name: "RedHat | Install related SELinux package to fix issues on RHEL8" + yum: + name: + - policycoreutils + - checkpolicy + state: present + register: zabbix_server_dependencies_installed + until: zabbix_server_dependencies_installed is succeeded + when: + - ansible_distribution_major_version == "8" + - zabbix_selinux | bool + tags: + - zabbix-server + +- name: "RedHat | Add SEmodule to fix SELinux issue: zabbix_server_alerter.sock" + script: + cmd: files/install_semodule.bsx + args: + creates: /etc/selinux/targeted/active/modules/400/zabbix_server_add/cil + when: + - zabbix_selinux | bool diff --git a/roles/zabbix-server/tasks/main.yml b/roles/zabbix-server/tasks/main.yml new file mode 100644 index 000000000..5626a1c53 --- /dev/null +++ b/roles/zabbix-server/tasks/main.yml @@ -0,0 +1,71 @@ +--- +# tasks file for wdijkerman.zabbix + +# straight to getenforce binary , workaround for missing python_selinux library +- name: "Get getenforce binary" + stat: + path: /usr/sbin/getenforce + register: getenforce_bin + become: yes + +- name: "Collect getenforce output" + command: getenforce + register: sestatus + when: 'getenforce_bin.stat.exists' + changed_when: false + become: yes + check_mode: no + +- name: "Set zabbix_selinux to true if getenforce returns Enforcing or Permissive" + set_fact: + zabbix_selinux: "{{ true }}" + when: 'getenforce_bin.stat.exists and ("Enforcing" in sestatus.stdout or "Permissive" in sestatus.stdout)' + +- name: "Include OS-specific variables" + include_vars: "{{ ansible_os_family }}.yml" + +- name: "Install the correct repository" + include_tasks: "{{ ansible_os_family }}.yml" + +- name: "Installing the postgresql database" + include_tasks: "{{ zabbix_server_database_long }}.yml" + +- name: "Configure zabbix-server" + template: + src: zabbix_server.conf.j2 + dest: /etc/zabbix/zabbix_server.conf + owner: zabbix + group: zabbix + mode: 0640 + notify: + - zabbix-server restarted + tags: + - zabbix-server + - init + - config + +- name: "Create include dir zabbix-server" + file: + path: "{{ zabbix_server_include }}" + owner: zabbix + group: zabbix + state: directory + mode: 0755 + tags: + - zabbix-server + - init + - config + +- name: "Add zabbix-server scripts" + include: "scripts.yml" + when: ( zabbix_server_alertscripts is defined ) or + ( zabbix_server_externalscripts is defined ) + +- name: "Zabbix-server started" + service: + name: zabbix-server + state: "{{ zabbix_service_state }}" + enabled: "{{ zabbix_service_enabled }}" + tags: + - zabbix-server + when: zabbix_server_manage_service | bool diff --git a/roles/zabbix-server/tasks/mysql.yml b/roles/zabbix-server/tasks/mysql.yml new file mode 100644 index 000000000..4a31f034a --- /dev/null +++ b/roles/zabbix-server/tasks/mysql.yml @@ -0,0 +1,204 @@ +--- +# task file for mysql +- name: "Set the correct delegated_dbhost (to support MySQL db deployment on a remote dbhost)" + set_fact: + delegated_dbhost: "{{ zabbix_server_dbhost if (zabbix_server_dbhost != 'localhost') else inventory_hostname }}" + +- name: "Override delegated_dbhost with real dbhost when dbhost is behind loadbalancer" + set_fact: + delegated_dbhost: "{{ zabbix_server_real_dbhost }}" + when: zabbix_server_real_dbhost | default(false) + +- name: "MySQL | Create database" + mysql_db: + name: "{{ zabbix_server_dbname }}" + encoding: "{{ zabbix_server_dbencoding }}" + collation: "{{ zabbix_server_dbcollation }}" + login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}" + login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}" + login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}" + login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}" + login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}" + state: present + when: zabbix_database_creation + register: zabbix_database_created + delegate_to: "{{ delegated_dbhost }}" + tags: + - zabbix-server + - database + - skip_ansible_lint + +- name: "MySQL | Create database user" + mysql_user: + login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}" + login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}" + login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}" + login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}" + login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}" + name: "{{ zabbix_server_dbuser }}" + password: "{{ zabbix_server_dbpassword }}" + priv: "{{ zabbix_server_dbname }}.*:ALL" + host: "{{ zabbix_server_privileged_host }}" + state: present + when: zabbix_database_creation + delegate_to: "{{ delegated_dbhost }}" + tags: + - zabbix-server + - database + +- name: "Get the file for create.sql >= 3.0" + shell: ls -1 {{ datafiles_path }}/create.sq* + changed_when: False + when: + - zabbix_version is version('3.0', '>=') + - zabbix_database_sqlload | bool + register: ls_output_create + tags: + - zabbix-server + - database + +- name: "Check if we have done files >= 3.0" + stat: + path: /etc/zabbix/create.done + register: done_file + when: + - zabbix_version is version('3.0', '>=') + - zabbix_database_sqlload | bool + +- name: "MySQL | Disable InnoDB Strict Mode" + mysql_variables: + variable: innodb_strict_mode + value: 0 + when: + - zabbix_version is version('3.0', '>=') + - zabbix_database_sqlload | bool + - not done_file.stat.exists + - ansible_distribution_release == "buster" + delegate_to: "{{ delegated_dbhost }}" + tags: + - zabbix-server + - database + +- name: "Fetch sql create file" + fetch: + src: "{{ ls_output_create.stdout }}" + dest: /tmp/{{ role_name }}/ + flat: yes + when: + - delegated_dbhost != inventory_hostname + - zabbix_database_sqlload | bool + - not done_file.stat.exists + +- name: "Copy sql create file" + copy: + src: /tmp/{{ role_name }}/ + dest: "{{ ls_output_create.stdout | dirname }}" + delegate_to: "{{ delegated_dbhost }}" + when: + - delegated_dbhost != inventory_hostname + - zabbix_database_sqlload | bool + - not done_file.stat.exists + +- name: "MySQL | Create database and import file >= 3.0" + mysql_db: + login_host: "{{ zabbix_server_mysql_login_host | default(omit) }}" + login_user: "{{ zabbix_server_mysql_login_user | default(omit) }}" + login_password: "{{ zabbix_server_mysql_login_password | default(omit) }}" + login_port: "{{ zabbix_server_mysql_login_port | default(omit) }}" + login_unix_socket: "{{ zabbix_server_mysql_login_unix_socket | default(omit) }}" + name: "{{ zabbix_server_dbname }}" + encoding: "{{ zabbix_server_dbencoding }}" + collation: "{{ zabbix_server_dbcollation }}" + state: import + target: "{{ ls_output_create.stdout }}" + when: + - zabbix_version is version('3.0', '>=') + - zabbix_database_sqlload | bool + - not done_file.stat.exists + delegate_to: "{{ delegated_dbhost }}" + tags: + - zabbix-server + - database + +- name: "Check if we have sql_done files >= 3.0" + file: + path: /etc/zabbix/create.done + state: touch + when: + - zabbix_version is version('3.0', '>=') + - zabbix_database_sqlload | bool + - not done_file.stat.exists + +- name: "Get the correct path for the SQL files < 3.0" + shell: ls -1 {{ datafiles_path }}/{{ mysql_create_dir }}{{ item }}.sql* + changed_when: False + register: ls_output_schema + with_items: + - schema + - images + - data + when: + - zabbix_version is version('3.0', '<') + - zabbix_database_sqlload | bool + tags: + - zabbix-server + - database + +- name: "Check if we have done files < 3.0" + stat: + path: /etc/zabbix/{{ item }}.done + register: done_files + with_items: + - schema + - images + - data + when: + - zabbix_version is version('3.0', '<') + - zabbix_database_sqlload | bool + tags: + - zabbix-server + - database + +- name: "Create fact if sql_done files exists" + set_fact: + sql_files_executed: "{{ sql_files_executed | default({}) | combine({item.item: item.stat}) }}" + with_items: "{{ done_files.results }}" + when: + - zabbix_version is version('3.0', '<') + - zabbix_database_sqlload | bool + tags: + - zabbix-server + - database + +- name: "MySQL | Create database and import files < 3.0" + mysql_db: + name: "{{ zabbix_server_dbname }}" + encoding: "{{ zabbix_server_dbencoding }}" + collation: "{{ zabbix_server_dbcollation }}" + state: import + target: "{{ item.stdout }}" + with_items: "{{ ls_output_schema.results }}" + when: + - zabbix_version is version('3.0', '<') + - zabbix_database_sqlload | bool + - not sql_files_executed[item.item].exists + delegate_to: "{{ delegated_dbhost }}" + tags: + - zabbix-server + - database + +- name: "Check if we have sql_done files < 3.0" + file: + path: /etc/zabbix/{{ item }}.done + state: touch + with_items: + - schema + - images + - data + when: + - zabbix_version is version('3.0', '<') + - zabbix_database_sqlload | bool + - not sql_files_executed[item].exists + tags: + - zabbix-server + - database diff --git a/roles/zabbix-server/tasks/postgresql.yml b/roles/zabbix-server/tasks/postgresql.yml new file mode 100644 index 000000000..0f21f12e4 --- /dev/null +++ b/roles/zabbix-server/tasks/postgresql.yml @@ -0,0 +1,163 @@ +--- +# task file for postgresql + +- name: "Set the correct delegated_dbhost (to support postgres db deployment on a remote dbhost)" + set_fact: + delegated_dbhost: "{{ zabbix_server_dbhost if (zabbix_server_dbhost != 'localhost') else inventory_hostname }}" + +- name: "PostgreSQL | Delegated" + block: + - name: "PostgreSQL | Delegated | Create database" + postgresql_db: + name: "{{ zabbix_server_dbname }}" + port: "{{ zabbix_server_dbport }}" + state: present + - name: "PostgreSQL | Delegated | Create database user" + postgresql_user: + db: "{{ zabbix_server_dbname }}" + name: "{{ zabbix_server_dbuser }}" + password: "md5{{ (zabbix_server_dbpassword + zabbix_server_dbuser)|hash('md5') }}" + port: "{{ zabbix_server_dbport }}" + priv: ALL + state: present + encrypted: yes + become: yes + become_user: postgres + delegate_to: "{{ delegated_dbhost }}" + when: + - zabbix_database_creation + - zabbix_server_pgsql_login_host is not defined + tags: + - zabbix-server + - database + +- name: "PostgreSQL | Remote" + block: + - name: "PostgreSQL | Remote | Create database" + postgresql_db: + login_host: "{{ zabbix_server_pgsql_login_host | default(omit) }}" + login_user: "{{ zabbix_server_pgsql_login_user | default(omit) }}" + login_password: "{{ zabbix_server_pgsql_login_password | default(omit) }}" + login_unix_socket: "{{ zabbix_server_pgsql_login_unix_socket | default(omit) }}" + name: "{{ zabbix_server_dbname }}" + port: "{{ zabbix_server_dbport }}" + state: present + - name: "PostgreSQL | Remote | Create database user" + postgresql_user: + login_host: "{{ zabbix_server_pgsql_login_host | default(omit) }}" + login_user: "{{ zabbix_server_pgsql_login_user | default(omit) }}" + login_password: "{{ zabbix_server_pgsql_login_password | default(omit) }}" + db: "{{ zabbix_server_dbname }}" + name: "{{ zabbix_server_dbuser }}" + password: "md5{{ (zabbix_server_dbpassword + zabbix_server_dbuser)|hash('md5') }}" + port: "{{ zabbix_server_dbport }}" + priv: ALL + state: present + encrypted: yes + when: + - zabbix_database_creation + - zabbix_server_pgsql_login_host is defined + tags: + - zabbix-server + - database + +- name: "PostgreSQL | Create schema" + shell: > + cd {{ datafiles_path }} && + if [ -f create.sql.gz ]; then gunzip create.sql.gz ; fi && + psql -h '{{ zabbix_server_dbhost }}' + -U '{{ zabbix_server_dbuser }}' + -d '{{ zabbix_server_dbname }}' + -p '{{ zabbix_server_dbport }}' + -f create.sql && touch /etc/zabbix/schema.done + args: + creates: /etc/zabbix/schema.done + warn: no + environment: + PGPASSWORD: '{{ zabbix_server_dbpassword }}' + when: + - zabbix_version is version('3.0', '>=') + - zabbix_database_sqlload + tags: + - zabbix-server + - database + +- name: "Get complete path" + shell: ls -d {{ datafiles_path }} + register: datafiles_path_full + changed_when: False + when: + - (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload) + tags: + - skip_ansible_lint + +- name: "Check if we have a create dir" + stat: + path: "{{ datafiles_path_full.stdout }}/create" + register: create_dir_or_not + when: + - (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload) + +- name: "Set fact" + set_fact: + datafiles_path: "{{ datafiles_path }}/create" + when: + - (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload) + - create_dir_or_not.stat.isdir is defined and create_dir_or_not.stat.isdir + - create_dir_or_not.stat.exists + +- name: "PostgreSQL | Importing schema file" + shell: > + cd {{ datafiles_path }} && + if [ -f schema.sql.gz ]; then gunzip schema.sql.gz ; fi && + psql -h '{{ zabbix_server_dbhost }}' + -U '{{ zabbix_server_dbuser }}' + -d '{{ zabbix_server_dbname }}' + -p '{{ zabbix_server_dbport }}' + -f schema.sql && touch /etc/zabbix/schema.done + args: + creates: /etc/zabbix/schema.done + warn: no + environment: + PGPASSWORD: '{{ zabbix_server_dbpassword }}' + when: + - (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload) + tags: + - zabbix-server + - database + +- name: "PostgreSQL | Importing images file" + shell: > + cd {{ datafiles_path }} && + psql -h '{{ zabbix_server_dbhost }}' + -U '{{ zabbix_server_dbuser }}' + -d '{{ zabbix_server_dbname }}' + -p '{{ zabbix_server_dbport }}' + -f images.sql && touch /etc/zabbix/images.done + args: + creates: /etc/zabbix/images.done + warn: no + environment: + PGPASSWORD: '{{ zabbix_server_dbpassword }}' + when: (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload) + tags: + - zabbix-server + - database + +- name: "PostgreSQL | Importing data file" + shell: > + cd {{ datafiles_path }} && + psql -h '{{ zabbix_server_dbhost }}' + -U '{{ zabbix_server_dbuser }}' + -d '{{ zabbix_server_dbname }}' + -p '{{ zabbix_server_dbport }}' + -f data.sql && touch /etc/zabbix/data.done + args: + creates: /etc/zabbix/data.done + warn: no + environment: + PGPASSWORD: '{{ zabbix_server_dbpassword }}' + when: (zabbix_version is version('3.0', '<') and zabbix_database_sqlload) or (zabbix_repo == "epel" and zabbix_database_sqlload) + tags: + - zabbix-server + - database diff --git a/roles/zabbix-server/tasks/scripts.yml b/roles/zabbix-server/tasks/scripts.yml new file mode 100644 index 000000000..418436128 --- /dev/null +++ b/roles/zabbix-server/tasks/scripts.yml @@ -0,0 +1,20 @@ +--- +- name: "Configure zabbix-server alertscripts" + template: + src: "{{ item.path }}" + dest: "{{ zabbix_server_alertscriptspath }}/{{ item.name }}" + owner: zabbix + group: zabbix + mode: 0755 + with_items: "{{ zabbix_server_alertscripts }}" + when: zabbix_server_alertscripts is defined + +- name: "Configure zabbix-server externalscripts" + template: + src: "{{ item.path }}" + dest: "{{ zabbix_server_externalscriptspath }}/{{ item.name }}" + owner: zabbix + group: zabbix + mode: 0755 + with_items: "{{ zabbix_server_externalscripts }}" + when: zabbix_server_externalscripts is defined diff --git a/roles/zabbix-server/templates/zabbix_server.conf.j2 b/roles/zabbix-server/templates/zabbix_server.conf.j2 new file mode 100644 index 000000000..5097af27b --- /dev/null +++ b/roles/zabbix-server/templates/zabbix_server.conf.j2 @@ -0,0 +1,577 @@ +# this is a configuration file for zabbix server process +# to get more information about zabbix, visit http://www.zabbix.com + +############ general parameters ################# +### option: listenport +# listen port for trapper. +# +ListenPort={{ zabbix_server_listenport }} + +### option: sourceip +# source ip address for outgoing connections. +# +{% if zabbix_server_sourceip is defined and zabbix_server_sourceip %} +SourceIP={{ zabbix_server_sourceip }} +{% endif %} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: LogType +# Specifies where log messages are written to: +# system - syslog +# file - file specified with LogFile parameter +# console - standard output +# +# Mandatory: no +# Default: +LogType={{ zabbix_server_logtype }} +{% endif %} + +### option: logfile +# name of log file. +# if not set, syslog is used. +# +LogFile={{ zabbix_server_logfile }} + +### option: logfilesize +# maximum size of log file in mb. +# 0 - disable automatic log rotation. +# +LogFileSize={{ zabbix_server_logfilesize }} + +### option: debuglevel +# specifies debug level +# 0 - no debug +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# +DebugLevel={{ zabbix_server_debuglevel }} + +### Option: SocketDir +# IPC socket directory. +# Directory to store IPC sockets used by internal Zabbix services. +# +# Mandatory: no +# Default: +# SocketDir=/tmp + +{% if zabbix_version is version('3.4', '>=') %} +SocketDir={{ zabbix_server_socketdir }} +{% endif %} + +### option: pidfile +# name of pid file. +# +PidFile={{ zabbix_server_pidfile }} + +### option: dbhost +# database host name. +# if set to localhost, socket is used for mysql. +# if set to empty string, socket is used for postgresql. +# +DBHost={{ zabbix_server_dbhost }} + +### option: dbname +# database name. +# for sqlite3 path to database file must be provided. dbuser and dbpassword are ignored. +# +DBName={{ zabbix_server_dbname }} + +### option: dbschema +# schema name. used for ibm db2. +# +{% if zabbix_server_dbschema is defined and zabbix_server_dbschema %} +DBSchema={{ zabbix_server_dbschema }} +{% endif %} + +### option: dbuser +# database user. ignored for sqlite. +# +DBUser={{ zabbix_server_dbuser }} + +### option: dbpassword +# database password. ignored for sqlite. +# comment this line if no password is used. +# +DBPassword={{ zabbix_server_dbpassword }} + +### option: dbsocket +# path to mysql socket. +# +{% if zabbix_server_dbsocket is defined and zabbix_server_dbsocket %} +DBSocket={{ zabbix_server_dbsocket }} +{% endif %} + +### option: dbport +# database port when not using local socket. ignored for sqlite. +# +{% if zabbix_server_dbport is defined and zabbix_server_dbport %} +DBPort={{ zabbix_server_dbport }} +{% endif %} + +### Option: HistoryStorageURL +# History storage HTTP[S] URL. +# +# Mandatory: no +# Default: +{% if zabbix_server_historystorageurl is defined and zabbix_server_historystorageurl %} +HistoryStorageURL={{ zabbix_server_historystorageurl }} +{% endif %} + +{% if zabbix_version is version('3.4', '>=') %} +### Option: HistoryStorageTypes +# Comma separated list of value types to be sent to the history storage. +# +# Mandatory: no +# Default: +HistoryStorageTypes={{ zabbix_server_historystoragetypes }} +{% endif %} + +{% if zabbix_version is version('4.0', '>=') %} +### Option: HistoryStorageDateIndex +# Enable preprocessing of history values in history storage to store values in different indices based on date. +# 0 - disable +# 1 - enable +# +# Mandatory: no +# Default: +HistoryStorageDateIndex={{ zabbix_server_historystoragedateindex }} +{% endif %} + +{% if zabbix_version is version('4.0', '>=') %} +### Option: ExportDir +# Directory for real time export of events, history and trends in newline delimited JSON format. +# If set, enables real time export. +# +# Mandatory: no +# Default: +{% if zabbix_server_exportdir is defined and zabbix_server_exportdir %} +ExportDir={{ zabbix_server_exportdir }} +{% endif %} +{% endif %} + +{% if zabbix_version is version('4.0', '>=') %} +### Option: ExportFileSize +# Maximum size per export file in bytes. +# Only used for rotation if ExportDir is set. +# +# Mandatory: no +# Range: 1M-1G +# Default: +ExportFileSize={{ zabbix_server_exportfilesize }} +{% endif %} +############ advanced parameters ################ + +### option: startpollers +# number of pre-forked instances of pollers. +# +StartPollers={{ zabbix_server_startpollers }} + +### option: startipmipollers +# number of pre-forked instances of ipmi pollers. +# +StartIPMIPollers={{ zabbix_server_startipmipollers }} + +### option: startpollersunreachable +# number of pre-forked instances of pollers for unreachable hosts (including ipmi). +# +StartPollersUnreachable={{ zabbix_server_startpollersunreachable }} + +### option: starttrappers +# number of pre-forked instances of trappers. +# trappers accept incoming connections from zabbix sender, active agents, active proxies and child nodes. +# at least one trapper process must be running to display server availability in the frontend. +# +StartTrappers={{ zabbix_server_starttrappers }} + +### option: startpingers +# number of pre-forked instances of icmp pingers. +# +StartPingers={{ zabbix_server_startpingers }} + +### option: startdiscoverers +# number of pre-forked instances of discoverers. +# +StartDiscoverers={{ zabbix_server_startdiscoverers }} + +### option: starthttppollers +# number of pre-forked instances of http pollers. +# +StartHTTPPollers={{ zabbix_server_starthttppollers }} + +{% if zabbix_version is version('2.0', '>=') %} +### option: starttimers +# number of pre-forked instances of timers. +# timers process time-based trigger functions and maintenance periods. +# only the first timer process handles the maintenance periods. +# +StartTimers={{ zabbix_server_starttimers }} +{% endif %} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: StartEscalators +# Number of pre-forked instances of escalators. +# +StartEscalators={{ zabbix_server_startescalators }} +{% endif %} + +### option: javagateway +# ip address (or hostname) of zabbix java gateway. +# only required if java pollers are started. +# +{% if zabbix_server_javagateway is defined and zabbix_server_javagateway %} +JavaGateway={{ zabbix_server_javagateway }} + +### option: javagatewayport +# port that zabbix java gateway listens on. +# +JavaGatewayPort={{ zabbix_server_javagatewayport }} + +### option: startjavapollers +# number of pre-forked instances of java pollers. +# +StartJavaPollers={{ zabbix_server_startjavapollers }} +{% endif %} + +{% if zabbix_version is version('2.2', '>=') %} +### option: startvmwarecollectors +# number of pre-forked vmware collector instances. +# +StartVMwareCollectors={{ zabbix_server_startvmwarecollectors }} + +### option: vmwarefrequency +# how often zabbix will connect to vmware service to obtain a new data. +# +VMwareFrequency={{ zabbix_server_vmwarefrequency }} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: VMwarePerfFrequency +# How often Zabbix will connect to VMware service to obtain performance data. +# +# Mandatory: no +VMwarePerfFrequency={{ zabbix_server_vmwareperffrequency }} +{% endif %} + +### option: vmwarecachesize +# size of vmware cache, in bytes. +# shared memory size for storing vmware data. +# only used if vmware collectors are started. +# +VMwareCacheSize={{ zabbix_server_vmwarecachesize }} +{% endif %} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: VMwareTimeout +# Specifies how many seconds vmware collector waits for response from VMware service. +# +VMwareTimeout={{ zabbix_server_vmwaretimeout }} +{% endif %} + +### option: snmptrapperfile +# temporary file used for passing data from snmp trap daemon to the server. +# must be the same as in zabbix_trap_receiver.pl or snmptt configuration file. +# +SNMPTrapperFile={{ zabbix_server_snmptrapperfile }} + +### option: startsnmptrapper +# if 1, snmp trapper process is started. +# +StartSNMPTrapper={{ zabbix_server_startsnmptrapper }} + +### option: listenip +# list of comma delimited ip addresses that the trapper should listen on. +# trapper will listen on all network interfaces if this parameter is missing. +# +{% if zabbix_server_listenip is defined and zabbix_server_listenip %} +ListenIP={{ zabbix_server_listenip }} +{% endif %} + +### option: housekeepingfrequency +# How often Zabbix will perform housekeeping procedure (in hours). +# Housekeeping is removing outdated information from the database. +# To prevent Housekeeper from being overloaded, no more than 4 times HousekeepingFrequency +# hours of outdated information are deleted in one housekeeping cycle, for each item. +# To lower load on server startup housekeeping is postponed for 30 minutes after server start. +# With HousekeepingFrequency=0 the housekeeper can be only executed using the runtime control option. +# In this case the period of outdated information deleted in one housekeeping cycle is 4 times the +# period since the last housekeeping cycle, but not less than 4 hours and not greater than 4 days. +# +HousekeepingFrequency={{ zabbix_server_housekeepingfrequency }} + +### option: maxhousekeeperdelete +# The table "housekeeper" contains "tasks" for housekeeping procedure in the format: +# [housekeeperid], [tablename], [field], [value]. +# No more than 'MaxHousekeeperDelete' rows (corresponding to [tablename], [field], [value]) +# will be deleted per one task in one housekeeping cycle. +# SQLite3 does not use this parameter, deletes all corresponding rows without a limit. +# If set to 0 then no limit is used at all. In this case you must know what you are doing! +# +MaxHousekeeperDelete={{ zabbix_server_maxhousekeeperdelete }} + +{% if zabbix_version is version('3.2', '<=') %} +### option: senderfrequency +# how often zabbix will try to send unsent alerts (in seconds). +# +SenderFrequency={{ zabbix_server_senderfrequency }} +{% endif %} + +### option: cachesize +# size of configuration cache, in bytes. +# shared memory size for storing host, item and trigger data. +# +CacheSize={{ zabbix_server_cachesize }} + +### option: cacheupdatefrequency +# how often zabbix will perform update of configuration cache, in seconds. +# +CacheUpdateFrequency={{ zabbix_server_cacheupdatefrequency }} + +### option: startdbsyncers +# number of pre-forked instances of db syncers +# +StartDBSyncers={{ zabbix_server_startdbsyncers }} + +### option: historycachesize +# size of history cache, in bytes. +# shared memory size for storing history data. +# +HistoryCacheSize={{ zabbix_server_historycachesize }} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: HistoryIndexCacheSize +# Size of history index cache, in bytes. +# Shared memory size for indexing history cache. +# +HistoryIndexCacheSize={{ zabbix_server_historyindexcachesize }} +{% endif %} + +### option: trendcachesize +# size of trend cache, in bytes. +# shared memory size for storing trends data. +# +TrendCacheSize={{ zabbix_server_trendcachesize }} + +{% if zabbix_version is version('3.0', '<') %} + ### option: historytextcachesize +# size of text history cache, in bytes. +# shared memory size for storing character, text or log history data. +# +HistoryTextCacheSize={{ zabbix_server_historytextcachesize }} +{% endif %} + +{% if zabbix_version is version('2.2', '>=') %} +### option: valuecachesize +# size of history value cache, in bytes. +# shared memory size for caching item history data requests +# setting to 0 disables value cache. +# +ValueCacheSize={{ zabbix_server_valuecachesize }} +{% endif %} + +{% if zabbix_version is version('2.4', '<') %} +### option: nodenoevents +# if set to '1' local events won't be sent to master node. +# this won't impact ability of this node to propagate events from its child nodes. +# +NodeNoEvents={{ zabbix_server_nodenoevents }} + +### option: nodenohistory +# if set to '1' local history won't be sent to master node. +# this won't impact ability of this node to propagate history from its child nodes. +# +NodeNoHistory={{ zabbix_server_nodenohistory }} +{% endif %} + +### option: timeout +# specifies how long we wait for agent, snmp device or external check (in seconds). +# +Timeout={{ zabbix_server_timeout }} + +### option: trappertimeout +# specifies how many seconds trapper may spend processing new data. +# +TrapperTimeout={{ zabbix_server_trappertimeout }} + +### option: unreachableperiod +# after how many seconds of unreachability treat a host as unavailable. +# +UnreachablePeriod={{ zabbix_server_unreachableperiod }} + +### option: unavailabledelay +# how often host is checked for availability during the unavailability period, in seconds. +# +UnavailableDelay={{ zabbix_server_unavailabledelay }} + +### option: unreachabledelay +# how often host is checked for availability during the unreachability period, in seconds. +# +UnreachableDelay={{ zabbix_server_unreachabledelay }} + +### option: alertscriptspath +# full path to location of custom alert scripts. +# default depends on compilation options. +# +AlertScriptsPath={{ zabbix_server_alertscriptspath }} + +### option: externalscripts +# full path to location of external scripts. +# default depends on compilation options. +# +ExternalScripts={{ zabbix_server_externalscriptspath }} + +### option: fpinglocation +# location of fping. +# make sure that fping binary has root ownership and suid flag set. +# +FpingLocation={{ zabbix_server_fpinglocation }} + +### option: fping6location +# location of fping6. +# make sure that fping6 binary has root ownership and suid flag set. +# make empty if your fping utility is capable to process ipv6 addresses. +# +Fping6Location={{ zabbix_server_fping6location }} + +### option: sshkeylocation +# location of public and private keys for ssh checks and actions. +# +{% if zabbix_server_sshkeylocation is defined and zabbix_server_sshkeylocation %} +SSHKeyLocation={{ zabbix_server_sshkeylocation }} +{% endif %} + +### option: logslowqueries +# how long a database query may take before being logged (in milliseconds). +# only works if debuglevel set to 3 or 4. +# 0 - don't log slow queries. +# +LogSlowQueries={{ zabbix_server_logslowqueries }} + +### option: tmpdir +# temporary directory. +# +TmpDir={{ zabbix_server_tmpdir }} + +### option: startproxypollers +# number of pre-forked instances of pollers for passive proxies. +# +StartProxyPollers={{ zabbix_server_startproxypollers }} + +### option: proxyconfigfrequency +# how often zabbix server sends configuration data to a zabbix proxy in seconds. +# this parameter is used only for proxies in the passive mode. +# +ProxyConfigFrequency={{ zabbix_server_proxyconfigfrequency }} + +### option: proxydatafrequency +# how often zabbix server requests history data from a zabbix proxy in seconds. +# this parameter is used only for proxies in the passive mode. +# +ProxyDataFrequency={{ zabbix_server_proxydatafrequency }} + +{% if zabbix_version is version('2.2', '>=') %} +### option: allowroot +# allow the server to run as 'root'. if disabled and the server is started by 'root', the server +# will try to switch to user 'zabbix' instead. has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +AllowRoot={{ zabbix_server_allowroot }} +{% endif %} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: User +# Drop privileges to a specific, existing user on the system. +# Only has effect if run as 'root' and AllowRoot is disabled. +# +User={{ zabbix_server_user }} +{% endif %} + +### option: include +# you may include individual files or all files in a directory in the configuration file. +# installing zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +Include={{ zabbix_server_include }} + +{% if zabbix_version is version('3.0', '>=') %} +### Option: SSLCertLocation +# Location of SSL client certificates. +# This parameter is used only in web monitoring. +# +SSLCertLocation={{ zabbix_server_sslcertlocation }} + +### Option: SSLKeyLocation +# Location of private keys for SSL client certificates. +# This parameter is used only in web monitoring. +# +SSLKeyLocation={{ zabbix_server_sslkeylocation }} + +### Option: SSLCALocation +# Override the location of certificate authority (CA) files for SSL server certificate verification. +# If not set, system-wide directory will be used. +# This parameter is used only in web monitoring and SMTP authentication. +# +{% if zabbix_server_sslcalocation is defined and zabbix_server_sslcalocation is not none %} +SSLCALocation={{ zabbix_server_sslcalocation }} +{% endif %} +{% endif %} + +####### loadable modules ####### +{% if zabbix_version is version('2.2', '>=') %} +### option: loadmodulepath +# full path to location of server modules. +# default depends on compilation options. +# +LoadModulePath={{ zabbix_server_loadmodulepath }} +{% endif %} + +### option: loadmodule +# module to load at server startup. modules are used to extend functionality of the server. +# format: loadmodule= +# the modules must be located in directory specified by loadmodulepath. +# it is allowed to include multiple loadmodule parameters. +# +{% if zabbix_server_loadmodule is defined and zabbix_server_loadmodule %} +LoadModule = {{ loadmodule }} +{% endif %} + +{% if zabbix_version is version('3.0', '>=') %} +####### TLS-RELATED PARAMETERS ####### + +### Option: TLSCAFile +# Full pathname of a file containing the top-level CA(s) certificates for +# peer certificate verification. +# +# Mandatory: no +# Default: +{% if zabbix_server_tlscafile is defined and zabbix_server_tlscafile is not none %} +TLSCAFile={{ zabbix_server_tlscafile }} +{% endif %} + +### Option: TLSCRLFile +# Full pathname of a file containing revoked certificates. +# +# Mandatory: no +# Default: +{% if zabbix_server_tlscrlfile is defined and zabbix_server_tlscrlfile is not none %} +TLSCRLFile={{ zabbix_server_tlscrlfile }} +{% endif %} + +### Option: TLSCertFile +# Full pathname of a file containing the server certificate or certificate chain. +# +# Mandatory: no +# Default: +{% if zabbix_server_tlscertfile is defined and zabbix_server_tlscertfile is not none %} +TLSCertFile={{ zabbix_server_tlscertfile }} +{% endif %} + +### Option: TLSKeyFile +# Full pathname of a file containing the server private key. +# +# Mandatory: no +# Default: +{% if zabbix_server_tlskeyfile is defined and zabbix_server_tlskeyfile is not none %} +TLSKeyFile={{ zabbix_server_tlskeyfile }} +{% endif %} +{% endif %} diff --git a/roles/zabbix-server/vars/Debian.yml b/roles/zabbix-server/vars/Debian.yml new file mode 100644 index 000000000..1eecc3170 --- /dev/null +++ b/roles/zabbix-server/vars/Debian.yml @@ -0,0 +1,6 @@ +--- +apache_user: www-data +apache_group: www-data +apache_log: apache2 + +mysql_create_dir: '' diff --git a/roles/zabbix-server/vars/RedHat.yml b/roles/zabbix-server/vars/RedHat.yml new file mode 100644 index 000000000..8c1997706 --- /dev/null +++ b/roles/zabbix-server/vars/RedHat.yml @@ -0,0 +1,6 @@ +--- +apache_user: apache +apache_group: apache +apache_log: httpd + +mysql_create_dir: create/ diff --git a/roles/zabbix-server/vars/main.yml b/roles/zabbix-server/vars/main.yml new file mode 100644 index 000000000..5be481a33 --- /dev/null +++ b/roles/zabbix-server/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for dj-wasabi.zabbix diff --git a/roles/zabbix-server/vars/zabbix.yml b/roles/zabbix-server/vars/zabbix.yml new file mode 100644 index 000000000..326db76e4 --- /dev/null +++ b/roles/zabbix-server/vars/zabbix.yml @@ -0,0 +1,143 @@ +--- + +sign_keys: + "44": + bionic: + sign_key: A14FE591 + sonya: + sign_key: A14FE591 + serena: + sign_key: A14FE591 + stretch: + sign_key: A14FE591 + buster: + sign_key: 79EA5ED4 + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + xenial: + sign_key: E709712C + "42": + bionic: + sign_key: A14FE591 + sonya: + sign_key: A14FE591 + serena: + sign_key: A14FE591 + stretch: + sign_key: A14FE591 + buster: + sign_key: 79EA5ED4 + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + xenial: + sign_key: E709712C + "40": + bionic: + sign_key: A14FE591 + sonya: + sign_key: A14FE591 + serena: + sign_key: A14FE591 + stretch: + sign_key: A14FE591 + buster: + sign_key: 79EA5ED4 + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + xenial: + sign_key: E709712C + "34": + bionic: + sign_key: A14FE591 + sonya: + sign_key: A14FE591 + serena: + sign_key: A14FE591 + stretch: + sign_key: A14FE591 + buster: + sign_key: 79EA5ED4 + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + xenial: + sign_key: E709712C + "32": + sonya: + sign_key: 79EA5ED4 + serena: + sign_key: 79EA5ED4 + stretch: + sign_key: A14FE591 + buster: + sign_key: 79EA5ED4 + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + xenial: + sign_key: E709712C + "30": + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + stretch: + sign_key: A14FE591 + buster: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + xenial: + sign_key: E709712C + "24": + wheezy: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + precise: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + "22": + squeeze: + sign_key: 79EA5ED4 + jessie: + sign_key: 79EA5ED4 + precise: + sign_key: 79EA5ED4 + trusty: + sign_key: 79EA5ED4 + lucid: + sign_key: 79EA5ED4 + +suse: + "openSUSE Leap": + "42": + name: server:monitoring + url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_Leap_{{ ansible_distribution_version }}/ + "openSUSE": + "12": + name: server_monitoring + url: http://download.opensuse.org/repositories/server:/monitoring/openSUSE_{{ ansible_distribution_version }} + "SLES": + "11": + name: server_monitoring + url: http://download.opensuse.org/repositories/server:/monitoring/SLE_11_SP3/