jegomez/ansible-role-zabbix-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ADD] Initial version

Browse Source
This commit is contained in:
Jorge Enrique Gómez Gómez 2024-10-22 18:19:12 -05:00
parent c3e0cb27f9
commit 5100d0eaa8
13 changed files with 475 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -0,0 +1,13 @@
# Ansible role that configures Zabbix Server in a server or container
To be used with Ansible-pull:
```console
apt install ansible
ansible-pull -U "ssh://git@gitea.agofer.net:22001/jegomez/ansible-role-zabbix-server.git"
```
Based on [Official Zabbix Server Role][1]
[1]: https://github.com/ansible-collections/community.zabbix/tree/main/roles/zabbix_server

14
local.yml Normal file
View File

@ -0,0 +1,14 @@
- hosts: localhost
gather_facts: yes
user: root
roles:
- zabbix_server
vars:
zabbix_admin_user: sistemas
zabbix_external_url: 'https://push.agofer.net'
zabbix_repo_deb_gpg_key_url: http://repo.zabbix.com/zabbix-official-repo.key
zabbix_repo_gpg_key: '/etc/apt/keyrings/zabbix-repo.asc'
#key: 'https://repo.zabbix.com/zabbix-official-repo-apr2024.gpg'

6
roles/zabbix_server/meta/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
# Meta: Dependencias de servidor zabbix
dependencies:
- { role: zabbix_common }
# - { role: postgresql }

101
roles/zabbix_server/tasks/instalar_gchat_media_type.yml Normal file
View File

@ -0,0 +1,101 @@
---
# Instala Media Type para enviar notificaciones via Google Chat
# a un webhook creado en una sala de Chat.
- name: Crear Media Type en servidor Zabbix usando API
zabbix_mediatype:
name: Webhook a Google Chat
description: 'Ver https://developers.google.com/hangouts/chat/how-tos/webhooks'
server_url: "http://{{ hostvars['zabbix_server'].ansible_fqdn }}/zabbix"
login_user: "{{ zabbix_admin_user }}"
login_password: "{{ zabbix_admin_pass }}"
type: 'webhook'
webhook_script: "{{ lookup('file', 'gchat_webhook.js') }}"
webhook_params:
- name: alert_message
value: '{ALERT.MESSAGE}'
- name: alert_subject
value: '{ALERT.SUBJECT}'
- name: event_date
value: '{EVENT.DATE}'
- name: event_id
value: '{EVENT.ID}'
- name: event_nseverity
value: '{EVENT.NSEVERITY}'
- name: event_opdata
value: '{EVENT.OPDATA}'
- name: event_recovery_date
value: '{EVENT.RECOVERY.DATE}'
- name: event_recovery_time
value: '{EVENT.RECOVERY.TIME}'
- name: event_severity
value: '{EVENT.SEVERITY}'
- name: event_source
value: '{EVENT.SOURCE}'
- name: event_status
value: '{EVENT.STATUS}'
- name: event_tags
value: '{EVENT.TAGS}'
- name: event_time
value: '{EVENT.TIME}'
- name: event_update_action
value: '{EVENT.UPDATE.ACTION}'
- name: event_update_date
value: '{EVENT.UPDATE.DATE}'
- name: event_update_message
value: '{EVENT.UPDATE.MESSAGE}'
- name: event_update_status
value: '{EVENT.UPDATE.STATUS}'
- name: event_update_time
value: '{EVENT.UPDATE.TIME}'
- name: event_update_user
value: '{USER.FULLNAME}'
- name: event_value
value: '{EVENT.VALUE}'
- name: gchat_endpoint
value: '{{ zabbix_gchat_endpoint }}'
- name: host_ip
value: '{HOST.IP}'
- name: host_name
value: '{HOST.NAME}'
- name: HTTPProxy
value: ''
- name: trigger_description
value: '{TRIGGER.DESCRIPTION}'
- name: trigger_id
value: '{TRIGGER.ID}'
- name: use_default_message
value: 'false'
- name: zabbix_url
value: '{{ zabbix_external_url }}'
message_templates:
- eventsource: triggers
recovery: operations
subject: "{EVENT.NAME}"
body: |
Problem started at {EVENT.TIME} on {EVENT.DATE}
Problem name: {EVENT.NAME}
Host: {HOST.NAME}
Severity: {EVENT.SEVERITY}
{TRIGGER.URL}
- eventsource: triggers
recovery: recovery_operations
subject: "Resolved: {EVENT.NAME}"
body: |
Problem has been resolved at {EVENT.RECOVERY.TIME} on {EVENT.RECOVERY.DATE}
Problem name: {EVENT.NAME}
Host: {HOST.NAME}
Severity: {EVENT.SEVERITY}
Original problem ID: {EVENT.ID}
{TRIGGER.URL}
- eventsource: triggers
recovery: update_operations
subject: "Updated: {EVENT.NAME}"
body: |
{USER.FULLNAME} {EVENT.UPDATE.ACTION} problem at {EVENT.UPDATE.DATE} {EVENT.UPDATE.TIME}.
{EVENT.UPDATE.MESSAGE}
Current problem status is {EVENT.STATUS}, acknowledged: {EVENT.ACK.STATUS}.
state: present
webhook_timeout: '30s'
delegate_to: ansible_server

27
roles/zabbix_server/tasks/instalar_plantilla_extensiones.yml Normal file
View File

@ -0,0 +1,27 @@
---
# Enlace git zabbix para templates 6.4
# https://git.zabbix.com/projects/ZBX/repos/zabbix/browse/templates?at=release%2F6.4
#
# Se debe modificar con los nuevos templates
# Descarga e instala plantilla para OS Linux que corresponde a las extensiones
# de agente Zabbix instaladas por el rol zabbix_agent_extensions
#
#
#
- name: Descargar plantilla en formato XML
get_url:
url: 'https://raw.githubusercontent.com/scoopex/zabbix-agent-extensions/master/zabbix_templates/5.2/custom-os-linux.xml'
dest: '{{ role_path }}/files/agent_extensions_5.2_custom_os_linux.xml'
mode: '0444'
delegate_to: ansible_server
- name: Importar plantilla en servidor Zabbix usando API
zabbix_template:
server_url: "http://{{ hostvars['zabbix_server'].ansible_fqdn }}/zabbix"
login_user: "{{ zabbix_admin_user }}"
login_password: "{{ zabbix_admin_pass }}"
template_xml: "{{ lookup('file', 'agent_extensions_5.2_custom_os_linux.xml') }}"
state: present
delegate_to: ansible_server

28
roles/zabbix_server/tasks/main.yml Normal file
View File

@ -0,0 +1,28 @@
---
# Instalar servidor zabbix
- name: Leer variables de acuerdo a la version de Ubuntu
include_vars: "{{ ansible_lsb.codename }}.yml"
- name: Descargar llave del repositorio
get_url:
url: "{{ zabbix_repo_deb_gpg_key_url }}"
dest: "{{ zabbix_repo_gpg_key }}"
mode: "0644"
- name: Agregar repositorio zabbix en nuevo formato
deb822_repository:
name: Zabbix
enabled: true
types: deb
uris: '{{ zabbix_repo822.uri }}'
suites: '{{ zabbix_repo822.dist }}'
components: main
architectures: '{{ zabbix_repo822.arch }}'
signed_by: '{{ zabbix_repo_gpg_key }}'
- name: Instalar servidor Zabbix
apt:
pkg: '{{ paquetes_zabbix_server }}'
state: 'latest'

22
roles/zabbix_server/tasks/reemplazar_envio_mensajes.yml Normal file
View File

@ -0,0 +1,22 @@
---
# Reemplazar envio de mensajes XMPP con programa externo
- name: Instalar sendxmpp para envío de mensajes por línea de comandos
apt:
name: 'sendxmpp'
state: latest
- name: Crear archivo de configuración sendxmpp
template:
src: 'sendxmpprc.j2'
dest: '/etc/zabbix/sendxmpprc'
mode: 0600
owner: 'zabbix'
group: 'zabbix'
- name: Crear script para enviar mensajes zabbix usando sendxmpp
copy:
src: 'xmpp.sh'
dest: '/usr/lib/zabbix/alertscripts/xmpp.sh'
mode: 0755

129
roles/zabbix_server/tasks/templates.yml Normal file
View File

@ -0,0 +1,129 @@
# github https://git.zabbix.com/projects/ZBX/repos/zabbix/browse/templates?at=refs%2Fheads%2Frelease%2F6.4
---
- name: Crear la carpeta de destino si no existe
file:
path: /usr/share/agofer/repositorio_zabbix
state: directory
mode: '0755'
#- name: Clonar el repositorio de GitHub con profundidad 1
# command: git clone --depth=1 https://git.zabbix.com/scm/zbx/zabbix.git /home/sistemas/repositorio_zabbix
# args:
# creates: /home/sistemas/repositorio_zabbix/.git
#
#- name: Crear la carpeta de destino en el directorio del rol si no existe
# file:
# path: "{{ role_path }}/files"
# state: directory
# mode: '0755'
#
#- name: Mover el contenido del repositorio al directorio del rol
# copy:
# src: "{{ item }}"
# dest: "{{ role_path }}/files/"
# remote_src: yes
# with_fileglob:
# - "/home/sistemas/repositorio_zabbix/*"
#
#- name: Limpiar directorios temporales
# file:
# path: /home/sistemas/repositorio_zabbix
# state: absent
#- name: Import Zabbix templates from JSON
# # set task level variables as we change ansible_connection plugin here
# vars:
# ansible_network_os: community.zabbix.zabbix
# ansible_connection: httpapi
# ansible_httpapi_port: 80
# ansible_httpapi_use_ssl: false
# ansible_httpapi_validate_certs: false
# ansible_zabbix_url_path: ''
# become: False
# community.zabbix.zabbix_template:
# template_json: "{{ lookup('file', 'zabbix_apache2.json') }}"
# state: present
#- name: Import Zabbix templates from XML
# set task level variables as we change ansible_connection plugin here
# vars:
# ansible_network_os: community.zabbix.zabbix
# ansible_connection: httpapi
# ansible_httpapi_port: 80
# ansible_httpapi_use_ssl: false
# ansible_httpapi_validate_certs: false
# ansible_zabbix_url_path: ''
# become: False
# zabbix_template:
# template_xml: "{{ lookup('file', 'zabbix_apache2.xml') }}"
# state: present
#- name: Import Zabbix template from Ansible dict variable
# set task level variables as we change ansible_connection plugin here
# vars:
# ansible_network_os: community.zabbix.zabbix
# ansible_connection: httpapi
# ansible_httpapi_port: 80
# ansible_httpapi_use_ssl: false
# ansible_httpapi_validate_certs: false
# ansible_zabbix_url_path: ''
# become: False
# zabbix_template:
# template_json:
# zabbix_export:
# version: "3.2"
# templates:
# - name: Template for Testing
# description: "Testing template import"
# template: Test Template
# groups:
# - name: Templates
# state: present
#
#- name: Configure macros on the existing Zabbix template
# # set task level variables as we change ansible_connection plugin here
# vars:
# ansible_network_os: community.zabbix.zabbix
# ansible_connection: httpapi
# ansible_httpapi_port: 80
# ansible_httpapi_use_ssl: false
# ansible_httpapi_validate_certs: false
# ansible_zabbix_url_path: ''
# become: False
# zabbix_template:
# template_name: Template
# macros:
# - macro: "{$TEST_MACRO}"
# value: "Example"
# state: present
#
#- name: Add tags to the existing Zabbix template
# set task level variables as we change ansible_connection plugin here
# vars:
# ansible_network_os: community.zabbix.zabbix
# ansible_connection: httpapi
# ansible_httpapi_port: 80
# ansible_httpapi_use_ssl: false
# ansible_httpapi_validate_certs: false
# ansible_zabbix_url_path: ''
# become: False
# zabbix_template:
# template_name: Template
# tags:
# - tag: class
# value: application
# state: present
#
#- name: Delete Zabbix template
# set task level variables as we change ansible_connection plugin here
# vars:
# ansible_network_os: community.zabbix.zabbix
# ansible_connection: httpapi
# ansible_httpapi_port: 80
# ansible_httpapi_use_ssl: false
# ansible_httpapi_validate_certs: false
# ansible_zabbix_url_path: ''
# become: False
# zabbix_template:
# template_name: Template
# state: absent

63
roles/zabbix_server/templates/nginx.conf.j2 Normal file
View File

@ -0,0 +1,63 @@
{{ ansible_managed | comment }}
server {
listen 80;
server_name servidorc0c8.dmz.agofer;
root /usr/share/zabbix;
index index.php;
location = /favicon.ico {
log_not_found off;
}
location / {
try_files $uri $uri/ =404;
}
location /assets {
access_log off;
expires 10d;
}
location ~ /\.ht {
deny all;
}
location ~ /(api\/|conf[^\.]|include|locale) {
deny all;
return 404;
}
location /vendor {
deny all;
return 404;
}
location ~ [^/]\.php(/|$) {
fastcgi_pass unix:/var/run/php/zabbix.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_param DOCUMENT_ROOT /usr/share/zabbix;
fastcgi_param SCRIPT_FILENAME /usr/share/zabbix$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED /usr/share/zabbix$fastcgi_script_name;
include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
}

24
roles/zabbix_server/templates/php-fpm.conf.j2 Normal file
View File

@ -0,0 +1,24 @@
[zabbix]
user = www-data
group = www-data
listen = /var/run/php/zabbix.sock
listen.owner = www-data
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 200
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/sessions/
php_value[max_execution_time] = 300
php_value[memory_limit] = 128M
php_value[post_max_size] = 16M
php_value[upload_max_filesize] = 2M
php_value[max_input_time] = 300
php_value[max_input_vars] = 10000

5
roles/zabbix_server/templates/sendxmpprc.j2 Normal file
View File

@ -0,0 +1,5 @@
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Configuracion de sendxmpp para enviar mensajes jabber por linea de comandos
# {{ ansible_managed }}
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pbx@agofer.com.co;talk.google.com:5222 64sXAapzYN8hMNE agofer.com.co

26
roles/zabbix_server/templates/zabbix_server.conf.j2 Normal file
View File

@ -0,0 +1,26 @@
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Archivo de configuracion del servidor Zabbix
# {{ ansible_managed }}
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LogFile=/var/log/zabbix/zabbix_server.log
LogFileSize=0
PidFile=/run/zabbix/zabbix_server.pid
SocketDir=/run/zabbix
DBName=zabbix
DBUser=zabbix
DBPassword={{ zabbix_psql_pass }}
StartTrappers=5
SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
{# 2024-01-17 Se aumentan estos valores, que estaban en su configuración default #}
CacheSize=2G
HistoryIndexCacheSize=512M
ValueCacheSize=400M
{# -JEG /2024-01-17 #}
Timeout=4
AlertScriptsPath=/usr/lib/zabbix/alertscripts
ExternalScripts=/usr/lib/zabbix/externalscripts
FpingLocation=/usr/bin/fping
Fping6Location=/usr/bin/fping6
LogSlowQueries=3000
StatsAllowedIP=127.0.0.1

17
roles/zabbix_server/vars/noble.yml Normal file
View File

@ -0,0 +1,17 @@
---
paquetes_zabbix_server:
- zabbix-server-pgsql
- zabbix-frontend-php
- php8.3-pgsql
- zabbix-nginx-conf
- zabbix-sql-scripts
- zabbix-agent2
- postgresql
- postgresql-contrib
zabbix_repo822:
arch: {{ 'amd64' if ansible_machine != 'aarch64' else 'arm64'}}
dist: 'noble'
uri: 'http://repo.zabbix.com/zabbix/7.0/ubuntu'