Debut de separation par distribution + ajout keepalived

2026-02-16 22:20:56 +00:00
parent 618c5ef1a0
commit f3855df1a8
15 changed files with 741 additions and 54 deletions
--- a/templates/keepalived.conf.j2
+++ b/templates/keepalived.conf.j2
@@ -0,0 +1,22 @@
+vrrp_track_process track_nginx {
+    process nginx
+    weight 10
+}
+
+vrrp_instance VI_1 {
+    state {{ keepalived.state }}
+    interface {{ansible_default_ipv4.interface}}
+    virtual_router_id 51
+    priority {{ keepalived.priority }}
+    advert_int 1
+    authentication {
+        auth_type PASS
+        auth_pass 12345
+    }
+    virtual_ipaddress {
+        {{ vip_address }}
+    }
+    track_process {
+         track_nginx
+      }
+}
--- a/templates/zabbix_front.conf.j2
+++ b/templates/zabbix_front.conf.j2
@@ -0,0 +1,67 @@
+?php
+// Zabbix GUI configuration file.
+
+$DB['TYPE']			= 'POSTGRESQL';
+$DB['SERVER']			= '{{db_host}}';
+$DB['PORT']			= '0';
+$DB['DATABASE']			= 'zabbix';
+$DB['USER']			= '';
+$DB['PASSWORD']			= '';
+
+// Schema name. Used for PostgreSQL.
+$DB['SCHEMA']			= '';
+
+// Used for TLS connection.
+$DB['ENCRYPTION']		= false;
+$DB['KEY_FILE']			= '';
+$DB['CERT_FILE']		= '';
+$DB['CA_FILE']			= '';
+$DB['VERIFY_HOST']		= false;
+$DB['CIPHER_LIST']		= '';
+
+// Vault configuration. Used if database credentials are stored in Vault secrets manager.
+{% if Vault is defined %}
+$DB['VAULT']			= '{{Vault}}';
+$DB['VAULT_URL']		= '{{VaultURL}}';
+$DB['VAULT_PREFIX']		= '{{VaultPrefix}}';
+$DB['VAULT_DB_PATH']		= '{{VaultDBPath}}';
+$DB['VAULT_TOKEN']		= '{{VaultToken}}';
+$DB['VAULT_CERT_FILE']		= '';
+$DB['VAULT_KEY_FILE']		= '';
+// Uncomment to bypass local caching of credentials.
+// $DB['VAULT_CACHE']		= true;
+{% endif %}
+// Uncomment and set to desired values to override Zabbix hostname/IP and port.
+// $ZBX_SERVER			= '';
+// $ZBX_SERVER_PORT		= '';
+
+$ZBX_SERVER_NAME		= 'zserver02.bv.stef.lan';
+
+$IMAGE_FORMAT_DEFAULT	= IMAGE_FORMAT_PNG;
+
+// Uncomment this block only if you are using Elasticsearch.
+// Elasticsearch url (can be string if same url is used for all types).
+//$HISTORY['url'] = [
+//	'uint' => 'http://localhost:9200',
+//	'text' => 'http://localhost:9200'
+//];
+// Value types stored in Elasticsearch.
+//$HISTORY['types'] = ['uint', 'text'];
+
+// Used for SAML authentication.
+// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings.
+//$SSO['SP_KEY']			= 'conf/certs/sp.key';
+//$SSO['SP_CERT']			= 'conf/certs/sp.crt';
+//$SSO['IDP_CERT']		= 'conf/certs/idp.crt';
+//$SSO['SETTINGS']		= [];
+
+// If set to false, support for HTTP authentication will be disabled.
+// $ALLOW_HTTP_AUTH = true;
+
+$ZBX_SERVER_TLS['ACTIVE'] = '0';
+$ZBX_SERVER_TLS['CA_FILE'] = '';
+$ZBX_SERVER_TLS['KEY_FILE'] = '';
+$ZBX_SERVER_TLS['CERT_FILE'] = '';
+$ZBX_SERVER_TLS['CERTIFICATE_ISSUER']  = '';
+$ZBX_SERVER_TLS['CERTIFICATE_SUBJECT'] = '';
+