diff --git a/README.md b/README.md index 91c834e..c19fcdf 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,6 @@ # Ansible-ZabbixAgent - - -## Requirements - -## Example +Ansible playbook to install and configure a machine as a Zabbix Agent. ## License diff --git a/hosts.yml b/hosts.yml new file mode 100644 index 0000000..4675c83 --- /dev/null +++ b/hosts.yml @@ -0,0 +1,10 @@ +--- +# file: hosts + +zabbixAgent: + hosts: + svr1: + ansible_host: 10.10.2.136 + + vars: + ansible_user: ansible diff --git a/roles/zabbixAgent/defaults/main.yml b/roles/zabbixAgent/defaults/main.yml new file mode 100644 index 0000000..4865bf8 --- /dev/null +++ b/roles/zabbixAgent/defaults/main.yml @@ -0,0 +1,16 @@ +--- +# file: roles/zabbixAgent/defaults/main.yml + +Zabbix_version: "7.0" +zabbixAgent_url: "https://repo.zabbix.com/zabbix/{{ Zabbix_version }}/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/x86_64/zabbix-release-latest.el{{ ansible_distribution_major_version }}.noarch.rpm" + +zabbixAgent_conf_server: "" +zabbixAgent_conf_listen_port: "" +zabbixAgent_conf_server_active: "" +zabbixAgent_conf_hostname: "{{ ansible_hostname }}" + +zabbixAgent_conf_tls_connect: "" +zabbixAgent_conf_tls_accept: "" +zabbixAgent_conf_psk_key: "" +zabbixAgent_conf_psk_file: "" +zabbixAgent_conf_psk_identity: "" diff --git a/roles/zabbixAgent/handlers/main.yml b/roles/zabbixAgent/handlers/main.yml new file mode 100644 index 0000000..05d5d9d --- /dev/null +++ b/roles/zabbixAgent/handlers/main.yml @@ -0,0 +1,12 @@ +--- +# file: roles/docker/zabbixAgent/main.yml + +- name: Restart zabbix-agent2 + service: + name: zabbix-agent2 + state: restarted + +- name: Reload firewalld + service: + name: firewalld + state: reloaded diff --git a/roles/zabbixAgent/tasks/main.yml b/roles/zabbixAgent/tasks/main.yml new file mode 100644 index 0000000..7ce4c6a --- /dev/null +++ b/roles/zabbixAgent/tasks/main.yml @@ -0,0 +1,63 @@ +--- +# file: roles/zabbixAgent/tasks/main.yml + +- name: Check if epel enabled + stat: + path: /etc/yum.repos.d/epel.repo + register: epel_result + +- name: Exclude Zabbix if epel enabled + yum_repository: + name: epel + file: epel + metalink: "https://mirrors.fedoraproject.org/metalink?repo=epel-$releasever&arch=$basearch&infra=$infra&content=$contentdir" + description: "Extra Packages for Enterprise Linux $releasever - $basearch" + exclude: "zabbix*" + enabled: true + gpgcheck: true + countme: true + gpgkey: "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever" + when: epel_result.stat.exists + +- name: Install Zabbix RPM + package: + name: "{{ zabbixAgent_url }}" + state: present + disable_gpg_check: true + +- name: Install ZabbixAgent + package: + name: + - zabbix-agent2 + - zabbix-agent2-plugin-* + state: present + +- name: Deploy ZabbixAgent configuration file + template: + src: "ansibleZabbixAgent.conf.j2" + dest: "/etc/zabbix/zabbix_agent2.d/ansibleZabbixAgent.conf" + notify: Restart zabbix-agent2 + +- name: Create psk file + copy: + content: "{{ zabbixAgent_conf_psk_key }}" + dest: "{{ zabbixAgent_conf_psk_file }}" + owner: zabbix + group: zabbix + mode: '0400' + when: zabbixAgent_conf_psk_key != '' and zabbixAgent_conf_psk_file != '' + +- name: Enable firewall rule listen_port + firewalld: + port: "{{ zabbixAgent_conf_listen_port }}/tcp" + permanent: yes + immediate: yes + state: enabled + notify: Reload firewalld + when: zabbixAgent_conf_listen_port != "" + +- name: Enable ZabbixAgent + service: + name: zabbix-agent2 + state: started + enabled: yes diff --git a/roles/zabbixAgent/templates/ansibleZabbixAgent.conf.j2 b/roles/zabbixAgent/templates/ansibleZabbixAgent.conf.j2 new file mode 100644 index 0000000..cfb7d81 --- /dev/null +++ b/roles/zabbixAgent/templates/ansibleZabbixAgent.conf.j2 @@ -0,0 +1,24 @@ +{% if zabbixAgent_conf_server != '' %} +Server={{ zabbixAgent_conf_server }} +{% endif %} +{% if zabbixAgent_conf_listen_port != '' %} +ListenPort={{ zabbixAgent_conf_listen_port }} +{% endif %} +{% if zabbixAgent_conf_server_active != '' %} +ServerActive={{ zabbixAgent_conf_server_active }} +{% endif %} +{% if zabbixAgent_conf_hostname != '' %} +Hostname={{ zabbixAgent_conf_hostname }} +{% endif %} +{% if zabbixAgent_conf_tls_connect != '' %} +TLSConnect={{ zabbixAgent_conf_tls_connect }} +{% endif %} +{% if zabbixAgent_conf_tls_accept != '' %} +TLSAccept={{ zabbixAgent_conf_tls_accept }} +{% endif %} +{% if zabbixAgent_conf_psk_file != '' %} +TLSPSKFile={{ zabbixAgent_conf_psk_file }} +{% endif %} +{% if zabbixAgent_conf_psk_identity != '' %} +TLSPSKIdentity={{ zabbixAgent_conf_psk_identity }} +{% endif %} diff --git a/site.yml b/site.yml new file mode 100644 index 0000000..99216ca --- /dev/null +++ b/site.yml @@ -0,0 +1,4 @@ +--- +## This playbook deploys the whole application stack in this site. + +- import_playbook: zabbixAgent.yml diff --git a/zabbixAgent.yml b/zabbixAgent.yml new file mode 100644 index 0000000..6179bc8 --- /dev/null +++ b/zabbixAgent.yml @@ -0,0 +1,7 @@ +--- +# file: zabbixAgent.yml + +- hosts: zabbixAgent + become: true + roles: + - zabbixAgent