stef
/
role_zabbix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ajout Alma en cours

main
stef 2026-02-17 23:01:51 +00:00
parent f3855df1a8
commit 7c8f30ce06
7 changed files with 114 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
defaults/main.yml
View File

@ -1,66 +1,7 @@
--- ---
# defaults file for zabbix # defaults file for zabbix
Debian: zabbix_version: 7.4
repo: https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_latest_7.4+debian13_all.deb
db:
packages:
- postgresql-contrib
- postgresql
- python3-psycopg2
- zabbix-sql-scripts
- zabbix-agent2
srv:
packages:
- zabbix-server-pgsql
- zabbix-agent2
front:
packages:
- zabbix-frontend-php
- php8.4-pgsql
- zabbix-nginx-conf
- nginx
- zabbix-agent2
proxy:
packages:
- mariadb-server
- zabbix-proxy-mysql
- zabbix-sql-scripts
- zabbix-agent2
agent:
packages:
- zabbix-agent2
rhel_db_packages:
- postgresql-server
- postgresql
- postgresql-plpython3
- zabbix-agent2
rhel_srv_packages:
- zabbix-server-pgsql
- zabbix-sql-scripts
- zabbix-selinux-policy
- zabbix-agent2
rhel_agent_packages:
- zabbix-agent2
rhel_front_packages:
- zabbix-web-pgsql
- zabbix-nginx-conf
- zabbix-agent2
rhel_proxy_packages:
- mariadb
- zabbix-proxy-mysql
- zabbix-sql-scripts
- zabbix-agent2
roles_cibles: ['srv', 'proxy'] roles_cibles: ['srv', 'proxy']
db_name: zabbix db_name: zabbix

5
handlers/main.yml
View File

@ -10,6 +10,11 @@
name: nginx name: nginx
state: restarted state: restarted
- name: Restart php-fpm
service:
name: php-fpm
state: restarted
- name: Restart Zabbix Server - name: Restart Zabbix Server
service: service:
name: zabbix-server name: zabbix-server

48
tasks/RedHat/install-db.yml
View File

@ -1,15 +1,31 @@
- name: Install RHEL packages - name: Database - Install RHEL packages
ansible.builtin.dnf: ansible.builtin.dnf:
name: "{{ item }}" name: "{{ item }}"
state: latest state: present
loop: "{{ db.packages }}" loop: "{{ db.packages }}"
tags: tags:
- install_db - install_db
when: ansible_os_family == "RedHat"
- name: Enable and start service postgresl - name: Database - Check if postgrsql configured
stat:
path: /var/lib/pgsql/data
register: postgresqldata
- name: Database - debug
debug:
var: postgresqldata
- name: Database - Init DB
ansible.builtin.shell:
cmd: postgresql-setup --initdb
when: postgresqldata.stat.exists == false
tags:
- install_db
- name: Database - Enable and start service postgresl
ansible.builtin.service: ansible.builtin.service:
name: postgresql name: postgresql
state: started state: started
@ -17,7 +33,7 @@
tags: tags:
- install_db - install_db
- name: Generate create db script - name: Database - Generate create db script
ansible.builtin.template: ansible.builtin.template:
src: create_db.j2 src: create_db.j2
dest: /tmp/create_db.sql dest: /tmp/create_db.sql
@ -25,26 +41,26 @@
tags: tags:
- install_db - install_db
- name: Run create db script - name: Database - Run create db script
ansible.builtin.shell: su - postgres -c 'psql -f /tmp/create_db.sql' ansible.builtin.shell: su - postgres -c 'psql -f /tmp/create_db.sql'
tags: tags:
- install_db - install_db
- name: Add zabbix user to pg_hba - name: Database - Add zabbix user to pg_hba
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/postgresql/{{ postgresql_version }}/main/pg_hba.conf path: /var/lib/pgsql/data/pg_hba.conf
insertafter: '# Database administrative login by Unix domain socket' insertafter: '# "local" is for Unix domain socket connections only'
line: "local {{ db_name }} {{ db_user }} trust" line: "local {{ db_name }} {{ db_user }} trust"
firstmatch: yes firstmatch: yes
state: present state: present
- name: Find Group - name: Database -Find Group
set_fact: set_fact:
my_group: "{{ group_names | first }}" my_group: "{{ group_names | first }}"
- name: Créer les entrées pg_hba pour tous les hosts avec rôle 'srv' - name: Database - Créer les entrées pg_hba pour tous les hosts avec rôle 'srv'
lineinfile: lineinfile:
path: /etc/postgresql/{{ postgresql_version }}/main/pg_hba.conf path: /var/lib/pgsql/data/pg_hba.conf
line: "host {{ db_name }} {{ db_user }} {{ hostvars[item]['ansible_default_ipv4']['address'] }}/32 md5" line: "host {{ db_name }} {{ db_user }} {{ hostvars[item]['ansible_default_ipv4']['address'] }}/32 md5"
state: present state: present
loop: "{{ groups[my_group] }}" loop: "{{ groups[my_group] }}"
@ -53,16 +69,16 @@
- hostvars[item].role == 'srv' or hostvars[item].role == 'front' - hostvars[item].role == 'srv' or hostvars[item].role == 'front'
- hostvars[item]['ansible_default_ipv4'] is defined - hostvars[item]['ansible_default_ipv4'] is defined
- name: Configure postgres Listen address - name: Database - Configure postgres Listen address
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/postgresql/17/main/postgresql.conf path: /var/lib/pgsql/data/postgresql.conf
regexp: '^#listen_addresses = .*' regexp: '^#listen_addresses = .*'
line: "listen_addresses = '*'" line: "listen_addresses = '*'"
tags: tags:
- install_db - install_db
- name: Restart postgresql - name: Database - Restart postgresql
service: service:
name: postgresql name: postgresql
state: restarted state: restarted

36
tasks/RedHat/install-front.yml 100644
View File

@ -0,0 +1,36 @@
- name: Front - Install packages
ansible.builtin.dnf:
name: "{{ item }}"
state: present
loop: "{{ front.packages }}"
tags:
- install_front
- name: Front - Configure nginx port
ansible.builtin.lineinfile:
path: /etc/nginx/conf.d/zabbix.conf
regexp: 'listen 8080;'
line: " listen 80;"
tags:
- install_front
notify: Restart nginx
- name: Front - Configure nginx url
ansible.builtin.lineinfile:
path: /etc/nginx/conf.d/zabbix.conf
regexp: 'server_name example.com;'
line: " server_name {{ inventory_hostname }};"
tags:
- install_front
notify:
- Restart nginx
- Restart php-fpm
- name: Front - Configure keepalived
ansible.builtin.template:
src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
owner: root
group: root
mode: 0644
notify: Restart Keepalived

5
tasks/RedHat/install-srv.yml
View File

@ -1,12 +1,10 @@
- name: Server - Install packages - name: Server - Install packages
ansible.builtin.dnf: ansible.builtin.dnf:
name: "{{ item }}" name: "{{ item }}"
state: latest state: present
loop: "{{ srv.packages }}" loop: "{{ srv.packages }}"
tags: tags:
- install_srv - install_srv
when: ansible_os_family == "RedHat"
- name: Server - Generate srv config - name: Server - Generate srv config
ansible.builtin.template: ansible.builtin.template:
src: zabbix_server.conf.j2 src: zabbix_server.conf.j2
@ -49,5 +47,6 @@
enabled: true enabled: true
loop: loop:
- zabbix-server - zabbix-server
- zabbix-agent2
tags: tags:
- install_srv - install_srv

50
tasks/main.yml
View File

@ -4,14 +4,29 @@
debug: var=ansible_os_family debug: var=ansible_os_family
- name: include os variables - name: include os variables
include_vars: "{{ansible_os_family}}.yml" include_vars: "{{ ansible_os_family }}.yml"
tags: always tags: always
- name: Prepare RHEL
- name: Prepare Alma
when: ansible_distribution == "AlmaLinux"
block:
- name: add gpg
ansible.builtin.dnf:
name: gnupg2
state: present
- name: Import a key from a url
ansible.builtin.rpm_key:
state: present
key: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-B5333005
- name: Add Package
ansible.builtin.dnf:
name: "https://repo.zabbix.com/zabbix/{{ zabbix_version }}/release/alma/{{ ansible_distribution_major_version }}/noarch/zabbix-release-latest-{{ zabbix_version }}.el{{ ansible_distribution_major_version }}.noarch.rpm"
state: present
- name: Prepare RH like
when: ansible_os_family == "RedHat"
block: block:
- name: Alma Repo
ansible.builtin.shell:
cmd: "rpm -Uvh {{repo}}"
- name: disable firewall - name: disable firewall
ansible.builtin.service: ansible.builtin.service:
name: firewalld name: firewalld
@ -20,17 +35,16 @@
- name: clean repo - name: clean repo
ansible.builtin.shell: ansible.builtin.shell:
cmd: dnf clean all cmd: dnf clean all
when: ansible_os_family == "RedHat"
- name: Prepare Debian - name: Prepare Debian
block:
- name: Debian Repo
ansible.builtin.apt:
deb: "{{repo}}"
- name: Mise à jour le cache des paquets
ansible.builtin.apt:
update_cache: yes
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"
block:
- name: Debian Repo
ansible.builtin.apt:
deb: "{{repo}}"
- name: Mise à jour le cache des paquets
ansible.builtin.apt:
update_cache: yes
- name: Database - Install - name: Database - Install
when: role == "db" when: role == "db"
@ -47,11 +61,11 @@
tags: tags:
- install_srv - install_srv
- name: Proxy - Install # - name: Proxy - Install
ansible.builtin.include_tasks: "{{ansible_os_family}}/install-proxy.yml" # ansible.builtin.include_tasks: "{{ansible_os_family}}/install-proxy.yml"
tags: # tags:
- install_proxy # - install_proxy
when: role == "proxy" # when: role == "proxy"
- name: Front - Install - name: Front - Install

8
vars/RedHat.yml
View File

@ -1,17 +1,19 @@
repo:
db: db:
packages: packages:
- postgresql-server - postgresql-server
- postgresql-contrib
- postgresql - postgresql
- postgresql-plpython3 - postgresql-plpython3
- zabbix-sql-scripts
- zabbix-agent2 - zabbix-agent2
- zabbix-agent2-plugin-postgresql
srv: srv:
packages: packages:
- zabbix-server-pgsql - zabbix-server-pgsql
- zabbix-sql-scripts
- zabbix-selinux-policy - zabbix-selinux-policy
- zabbix-agent2 - zabbix-agent2
- keepalived
agent: agent:
packages: packages:
- zabbix-agent2 - zabbix-agent2
@ -20,6 +22,8 @@ front:
- zabbix-web-pgsql - zabbix-web-pgsql
- zabbix-nginx-conf - zabbix-nginx-conf
- zabbix-agent2 - zabbix-agent2
- zabbix-selinux-policy
- php-fpm
proxy: proxy:
packages: packages:
- mariadb - mariadb