Infrastructure/ansible
5
0
Fork 0
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions

Zabbix-stg: More base server config

Browse source 
This adds:
- Matrix media type
- User for a Matrix bot
- Trigger using Matrix & the bot
- PSK configuration, using the PSK file already deployed
- 2 base templates
  - a general one suitable even for Koji
  - a dependant one for all other hosts
- Autoregistration config to use the new base template

This is all scoped to staging via a new include in main.yml
This commit is contained in:
Greg Sutcliffe 2025-03-31 15:04:56 +01:00
parent 01a5c40b69
commit 7f60fdf690
6 changed files with 2423 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
inventory/group_vars/zabbix_stg
View file

@ -21,3 +21,4 @@ num_cpus: 2
# the host_vars/$hostname file
tcp_ports: [80, 443]
notes: Test instance for zabbix server
zabbix_stg_matrix_roomid: "!dODrizXNtqWjiylAyh:fedora.im"

188
roles/zabbix/zabbix_server/files/matrix_mediatype.js Normal file
View file

@ -0,0 +1,188 @@
const required_input = [
"matrix_url",
"matrix_room",
"matrix_token",
"alert_subject",
"alert_message",
"event_severity",
"event_is_problem",
"event_is_update",
"enable_colors",
"enable_icons",
]
const update_color = "#000000"
const recovery_color = "#098e68"
const severity_colors = [
"#5a5a5a", // Not classified
"#2caed6", // Information
"#d6832c", // Warning
"#d6542c", // Average
"#d62c2c", // High
"#ff0000", // Disaster
]
const update_icon = String.fromCodePoint("0x1f4dd")
const recovery_icon = String.fromCodePoint("0x2705")
const severity_icons = [
String.fromCodePoint("0x2754"), // Not classified
String.fromCodePoint("0x2139"), // Information
String.fromCodePoint("0x26a0"), // Warning
String.fromCodePoint("0x274c"), // Average
String.fromCodePoint("0x1f525"), // High
String.fromCodePoint("0x1f4a5"), // Disaster
]
var Matrix = {
validate: function (params) {
required_input.forEach(function (key) {
if (key in params && params[key] != undefined) {
Matrix[key] = params[key]
} else {
throw "Missing value for key: " + key
}
})
Matrix.alert_subject = Matrix.alert_subject.replace(/\r/g, "")
Matrix.alert_message = Matrix.alert_message.replace(/\r/g, "")
Matrix.event_severity = parseInt(Matrix.event_severity)
Matrix.event_is_problem = parseInt(Matrix.event_is_problem)
Matrix.event_is_update = parseInt(Matrix.event_is_update)
if (typeof params.event_url === "string" && params.event_url.trim() !== "") {
Matrix.event_url = params.event_url
}
Matrix.enable_colors = Matrix.enable_colors.toLowerCase() == "true"
Matrix.enable_icons = Matrix.enable_icons.toLowerCase() == "true"
if (typeof params.http_proxy === "string" && params.http_proxy.trim() !== "") {
Matrix.http_proxy = params.http_proxy
}
if (Matrix.event_is_problem == 1) {
if (Matrix.event_is_update == 0) {
Matrix.kind = "problem"
Matrix.color = severity_colors[Matrix.event_severity]
Matrix.icon = severity_icons[Matrix.event_severity]
} else {
Matrix.kind = "update"
Matrix.color = update_color
Matrix.icon = update_icon
}
} else {
Matrix.kind = "recovery"
Matrix.color = recovery_color
Matrix.icon = recovery_icon
}
},
request: function (path, payload) {
var request = new HttpRequest()
request.addHeader("Content-Type: application/json")
request.addHeader("Authorization: Bearer " + Matrix.matrix_token)
var url = Matrix.matrix_url + path
Zabbix.Log(4, "[Matrix Webhook] new request to: " + url)
if (Matrix.http_proxy != undefined) {
request.setProxy(Matrix.http_proxy)
}
var blob = request.post(url, JSON.stringify(payload))
if (request.getStatus() !== 200) {
var resp = JSON.parse(blob)
if (request.getStatus() == 403 && resp.error.indexOf("not in room") !== -1) {
throw "User is not in room"
}
Zabbix.Log(4, "[Matrix Webhook] Request failed: " + resp.error)
throw "Request failed: " + request.getStatus() + " " + resp.error
}
},
joinRoom: function () {
Matrix.request("/_matrix/client/r0/rooms/" + Matrix.matrix_room + "/join", {})
},
sendMessage: function () {
var body = ""
if (Matrix.enable_icons && Matrix.icon) {
body += Matrix.icon + " "
}
body += Matrix.alert_subject + "\n"
body += Matrix.alert_message
if (Matrix.event_url != undefined) {
body += "\n" + Matrix.event_url
}
var formatted_body = ""
if (Matrix.enable_colors) {
formatted_body += '<span data-mx-color="{color}">'.replace("{color}", Matrix.color)
} else {
formatted_body += "<span>"
}
formatted_body += "<strong>"
if (Matrix.enable_icons && Matrix.icon) {
formatted_body += Matrix.icon + " "
}
if (Matrix.event_url != undefined) {
formatted_body += '<a href="{href}">'.replace("{href}", Matrix.event_url)
}
formatted_body += Matrix.alert_subject
if (Matrix.event_url != undefined) {
formatted_body += "</a>"
}
formatted_body += "</strong><br />"
formatted_body += Matrix.alert_message.replace(/\n/g, "<br />")
formatted_body += "</span>"
const payload = {
body: body,
msgtype: "m.notice",
format: "org.matrix.custom.html",
formatted_body: formatted_body,
}
Matrix.request(
"/_matrix/client/r0/rooms/" + Matrix.matrix_room + "/send/m.room.message",
payload
)
},
}
try {
var params = JSON.parse(value)
Matrix.validate(params)
try {
Matrix.sendMessage()
} catch (error) {
if (error == "User is not in room") {
Matrix.joinRoom()
Matrix.sendMessage()
} else {
throw error
}
}
return "OK"
} catch (error) {
Zabbix.Log(4, "[Matrix Webhook] Error: " + error)
throw "Sending failed: " + error
}

1711
roles/zabbix/zabbix_server/files/templates/linux_autoregister.yaml Normal file
View file

File diff suppressed because it is too large Load diff

354
roles/zabbix/zabbix_server/files/templates/linux_hosts.yaml Normal file
View file

@ -0,0 +1,354 @@
zabbix_export:
version: '7.0'
template_groups:
- uuid: a333cbd6a3ad44baaa4eee4b0c0b1bec
name: Fedora
templates:
- uuid: 28d6d64b3a5041b7a5d2d166b26f25a8
template: 'Linux Hosts'
name: 'Linux Hosts'
description: 'Builds upon "Linux Autoregistration" to enable the remaining triggers / prototypes for non-Koji hosts'
templates:
- name: 'Linux Autoregistration'
groups:
- name: Fedora
discovery_rules:
- uuid: 34e769e2da244b338e7d3b1126e6bcc1
name: 'Block devices discovery'
type: ZABBIX_ACTIVE
key: vfs.dev.discovery
delay: 1h
filter:
evaltype: AND
conditions:
- macro: '{#DEVNAME}'
value: '{$VFS.DEV.DEVNAME.MATCHES}'
formulaid: A
- macro: '{#DEVNAME}'
value: '{$VFS.DEV.DEVNAME.NOT_MATCHES}'
operator: NOT_MATCHES_REGEX
formulaid: B
- macro: '{#DEVTYPE}'
value: disk
formulaid: C
lifetime: 30d
enabled_lifetime_type: DISABLE_NEVER
item_prototypes:
- uuid: 9a0448cf8a184d52a7872df410f25d6c
name: '{#DEVNAME}: Disk average queue size (avgqu-sz)'
type: DEPENDENT
key: 'vfs.dev.queue_size[{#DEVNAME}]'
delay: '0'
history: 7d
value_type: FLOAT
description: 'The current average disk queue; the number of requests outstanding on the disk while the performance data is being collected.'
preprocessing:
- type: JSONPATH
parameters:
- '$[10]'
- type: CHANGE_PER_SECOND
parameters:
- ''
- type: MULTIPLIER
parameters:
- '0.001'
master_item:
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 1b3559f0d90948f0a72c2fdfdc80930c
name: '{#DEVNAME}: Disk read request avg waiting time (r_await)'
type: CALCULATED
key: 'vfs.dev.read.await[{#DEVNAME}]'
history: 7d
value_type: FLOAT
units: '!ms'
params: '(last(//vfs.dev.read.time.rate[{#DEVNAME}])/(last(//vfs.dev.read.rate[{#DEVNAME}])+(last(//vfs.dev.read.rate[{#DEVNAME}])=0)))*1000*(last(//vfs.dev.read.rate[{#DEVNAME}]) > 0)'
description: 'This formula contains two Boolean expressions that evaluate to 1 or 0 in order to set the calculated metric to zero and to avoid the exception - division by zero.'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 3bb5f84b2e954c28843fa1fb3898c035
name: '{#DEVNAME}: Disk read rate'
type: DEPENDENT
key: 'vfs.dev.read.rate[{#DEVNAME}]'
delay: '0'
history: 7d
value_type: FLOAT
units: '!r/s'
description: 'r/s (read operations per second) - the number (after merges) of read requests completed per second for the device.'
preprocessing:
- type: JSONPATH
parameters:
- '$[0]'
- type: CHANGE_PER_SECOND
parameters:
- ''
master_item:
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: df02934521b54864b2538b764c5d549c
name: '{#DEVNAME}: Disk read time (rate)'
type: DEPENDENT
key: 'vfs.dev.read.time.rate[{#DEVNAME}]'
delay: '0'
history: 7d
value_type: FLOAT
description: 'The rate of total read time counter; used in `r_await` calculation.'
preprocessing:
- type: JSONPATH
parameters:
- '$[3]'
- type: CHANGE_PER_SECOND
parameters:
- ''
- type: MULTIPLIER
parameters:
- '0.001'
master_item:
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 72546bd5eefb4ac7a0b2992a25e5f0c6
name: '{#DEVNAME}: Disk utilization'
type: DEPENDENT
key: 'vfs.dev.util[{#DEVNAME}]'
delay: '0'
history: 7d
value_type: FLOAT
units: '%'
description: 'This item is the percentage of elapsed time during which the selected disk drive was busy while servicing read or write requests.'
preprocessing:
- type: JSONPATH
parameters:
- '$[9]'
- type: CHANGE_PER_SECOND
parameters:
- ''
- type: MULTIPLIER
parameters:
- '0.1'
master_item:
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 8422c37735774134996be62580e7bf10
name: '{#DEVNAME}: Disk write request avg waiting time (w_await)'
type: CALCULATED
key: 'vfs.dev.write.await[{#DEVNAME}]'
history: 7d
value_type: FLOAT
units: '!ms'
params: '(last(//vfs.dev.write.time.rate[{#DEVNAME}])/(last(//vfs.dev.write.rate[{#DEVNAME}])+(last(//vfs.dev.write.rate[{#DEVNAME}])=0)))*1000*(last(//vfs.dev.write.rate[{#DEVNAME}]) > 0)'
description: 'This formula contains two Boolean expressions that evaluate to 1 or 0 in order to set the calculated metric to zero and to avoid the exception - division by zero.'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 4ba78909402d4bb8ab32f12c679ea3dc
name: '{#DEVNAME}: Disk write rate'
type: DEPENDENT
key: 'vfs.dev.write.rate[{#DEVNAME}]'
delay: '0'
history: 7d
value_type: FLOAT
units: '!w/s'
description: 'w/s (write operations per second) - the number (after merges) of write requests completed per second for the device.'
preprocessing:
- type: JSONPATH
parameters:
- '$[4]'
- type: CHANGE_PER_SECOND
parameters:
- ''
master_item:
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 7717dd9841004fa08b35b0e9f42bffae
name: '{#DEVNAME}: Disk write time (rate)'
type: DEPENDENT
key: 'vfs.dev.write.time.rate[{#DEVNAME}]'
delay: '0'
history: 7d
value_type: FLOAT
description: 'The rate of total write time counter; used in `w_await` calculation.'
preprocessing:
- type: JSONPATH
parameters:
- '$[7]'
- type: CHANGE_PER_SECOND
parameters:
- ''
- type: MULTIPLIER
parameters:
- '0.001'
master_item:
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
tags:
- tag: component
value: storage
- tag: disk
value: '{#DEVNAME}'
- uuid: 39877664726f4886aa88f3d1592bbcb2
name: '{#DEVNAME}: Get stats'
type: ZABBIX_ACTIVE
key: 'vfs.file.contents[/sys/block/{#DEVNAME}/stat]'
history: '0'
value_type: TEXT
trends: '0'
description: 'The contents of get `/sys/block/{#DEVNAME}/stat` to get the disk statistics.'
preprocessing:
- type: JAVASCRIPT
parameters:
- 'return JSON.stringify(value.trim().split(/ +/));'
tags:
- tag: component
value: raw
trigger_prototypes:
- uuid: e7d0c8f816de481b8790709b24c44c81
expression: 'min(/Linux Hosts/vfs.dev.read.await[{#DEVNAME}],15m) > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"} or min(/Linux Hosts/vfs.dev.write.await[{#DEVNAME}],15m) > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"}'
name: '{#DEVNAME}: Disk read/write request responses are too high'
event_name: '{#DEVNAME}: Disk read/write request responses are too high (read > {$VFS.DEV.READ.AWAIT.WARN:"{#DEVNAME}"} ms for 15m or write > {$VFS.DEV.WRITE.AWAIT.WARN:"{#DEVNAME}"} ms for 15m)'
priority: WARNING
description: 'This trigger might indicate the disk {#DEVNAME} saturation.'
manual_close: 'YES'
tags:
- tag: scope
value: performance
graph_prototypes:
- uuid: feca6a365b8d49d2a66ff4bfac089fc9
name: '{#DEVNAME}: Disk average waiting time'
graph_items:
- color: 199C0D
item:
host: 'Linux Hosts'
key: 'vfs.dev.read.await[{#DEVNAME}]'
- sortorder: '1'
drawtype: GRADIENT_LINE
color: F63100
item:
host: 'Linux Hosts'
key: 'vfs.dev.write.await[{#DEVNAME}]'
- uuid: b136583f822a4d48a52a17f4bb0d07d8
name: '{#DEVNAME}: Disk read/write rates'
graph_items:
- color: 199C0D
item:
host: 'Linux Hosts'
key: 'vfs.dev.read.rate[{#DEVNAME}]'
- sortorder: '1'
drawtype: GRADIENT_LINE
color: F63100
item:
host: 'Linux Hosts'
key: 'vfs.dev.write.rate[{#DEVNAME}]'
- uuid: 8863772fb82b49a891ea50cbec5cdd06
name: '{#DEVNAME}: Disk utilization and queue'
graph_items:
- color: 199C0D
yaxisside: RIGHT
item:
host: 'Linux Hosts'
key: 'vfs.dev.queue_size[{#DEVNAME}]'
- sortorder: '1'
drawtype: GRADIENT_LINE
color: F63100
item:
host: 'Linux Hosts'
key: 'vfs.dev.util[{#DEVNAME}]'
preprocessing:
- type: DISCARD_UNCHANGED_HEARTBEAT
parameters:
- 1h
triggers:
- uuid: cd709f79294341b4ad24213adc2cbfd5
expression: 'min(/Linux Hosts/system.cpu.util,5m)>{$CPU.UTIL.CRIT}'
name: 'Linux: High CPU utilization'
event_name: 'Linux: High CPU utilization (over {$CPU.UTIL.CRIT}% for 5m)'
opdata: 'Current utilization: {ITEM.LASTVALUE1}'
priority: WARNING
description: 'The CPU utilization is too high. The system might be slow to respond.'
dependencies:
- name: 'Linux: Load average is too high'
expression: |
min(/Linux Hosts/system.cpu.load[all,avg1],5m)/last(/Linux Hosts/system.cpu.num)>{$LOAD_AVG_PER_CPU.MAX.WARN}
and last(/Linux Hosts/system.cpu.load[all,avg5])>0
and last(/Linux Hosts/system.cpu.load[all,avg15])>0
tags:
- tag: scope
value: performance
- uuid: d3e1eaa726cc4ab8b2dcadae64a0fd55
expression: 'min(/Linux Hosts/vm.memory.utilization,5m)>{$MEMORY.UTIL.MAX}'
name: 'Linux: High memory utilization'
event_name: 'Linux: High memory utilization (>{$MEMORY.UTIL.MAX}% for 5m)'
priority: AVERAGE
description: 'The system is running out of free memory.'
dependencies:
- name: 'Linux: Lack of available memory'
expression: 'max(/Linux Hosts/vm.memory.size[available],5m)<{$MEMORY.AVAILABLE.MIN} and last(/Linux Hosts/vm.memory.size[total])>0'
tags:
- tag: scope
value: capacity
- tag: scope
value: performance
- uuid: 61ce552ec3774a01b89de3edce1d00ae
expression: 'max(/Linux Hosts/system.swap.size[,pfree],5m)<{$SWAP.PFREE.MIN.WARN} and last(/Linux Hosts/system.swap.size[,total])>0'
name: 'Linux: High swap space usage'
event_name: 'Linux: High swap space usage (less than {$SWAP.PFREE.MIN.WARN}% free)'
opdata: 'Free: {ITEM.LASTVALUE1}, total: {ITEM.LASTVALUE2}'
priority: WARNING
description: 'If there is no swap configured, this trigger is ignored.'
dependencies:
- name: 'Linux: High memory utilization'
expression: 'min(/Linux Hosts/vm.memory.utilization,5m)>{$MEMORY.UTIL.MAX}'
- name: 'Linux: Lack of available memory'
expression: 'max(/Linux Hosts/vm.memory.size[available],5m)<{$MEMORY.AVAILABLE.MIN} and last(/Linux Hosts/vm.memory.size[total])>0'
tags:
- tag: scope
value: capacity
- uuid: 6e638060373b44398dd22b01564bc326
expression: 'max(/Linux Hosts/vm.memory.size[available],5m)<{$MEMORY.AVAILABLE.MIN} and last(/Linux Hosts/vm.memory.size[total])>0'
name: 'Linux: Lack of available memory'
event_name: 'Linux: Lack of available memory (<{$MEMORY.AVAILABLE.MIN} of {ITEM.VALUE2})'
opdata: 'Available: {ITEM.LASTVALUE1}, total: {ITEM.LASTVALUE2}'
priority: AVERAGE
tags:
- tag: scope
value: capacity
- tag: scope
value: performance
- uuid: cebd3b42cd2042b8a76eac570ce70b4c
expression: |
min(/Linux Hosts/system.cpu.load[all,avg1],5m)/last(/Linux Hosts/system.cpu.num)>{$LOAD_AVG_PER_CPU.MAX.WARN}
and last(/Linux Hosts/system.cpu.load[all,avg5])>0
and last(/Linux Hosts/system.cpu.load[all,avg15])>0
name: 'Linux: Load average is too high'
event_name: 'Linux: Load average is too high (per CPU load over {$LOAD_AVG_PER_CPU.MAX.WARN} for 5m)'
opdata: 'Load averages(1m 5m 15m): ({ITEM.LASTVALUE1} {ITEM.LASTVALUE3} {ITEM.LASTVALUE4}), # of CPUs: {ITEM.LASTVALUE2}'
priority: AVERAGE
description: 'The load average per CPU is too high. The system may be slow to respond.'
tags:
- tag: scope
value: capacity
- tag: scope
value: performance

163
roles/zabbix/zabbix_server/tasks/configure_api.yml Normal file
View file

@ -0,0 +1,163 @@
---
# Use a block so we can specify the connection vars once
- name: API Block
vars:
ansible_zabbix_auth_key: "{{ (env == 'staging') | ternary(zabbix_stg_hostname, zabbix_hostname) }}"
ansible_network_os: community.zabbix.zabbix
ansible_connection: httpapi
ansible_httpapi_port: 443
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_host: "{{ (env == 'staging') | ternary(zabbix_stg_hostname, zabbix_hostname) }}"
ansible_zabbix_url_path: "" # If Zabbix WebUI runs on non-default (zabbix) path ,e.g. http://<FQDN>/zabbixeu
block:
- name: Create a webhook mediatype
community.zabbix.zabbix_mediatype:
name: Matrix
type: "webhook"
description: "Matrix webhook - See https://github.com/jooola/zabbix-matrix-webhook#readme"
webhook_script: "{{ lookup('file', './matrix_mediatype.js') }}"
webhook_params:
- name: alert_message
value: "{ALERT.MESSAGE}"
- name: alert_subject
value: "{ALERT.SUBJECT}"
- name: enable_colors
value: "true"
- name: enable_icons
value: "true"
- name: event_is_problem
value: "{EVENT.VALUE}"
- name: event_is_update
value: "{EVENT.UPDATE.STATUS}"
- name: event_severity
value: "{EVENT.NSEVERITY}"
- name: event_url
value: "https://{{ (env == 'staging') | ternary(zabbix_stg_hostname, zabbix_hostname) }}/tr_events.php?triggerid={TRIGGER.ID}&eventid={EVENT.ID}"
- name: http_proxy
value: ""
- name: matrix_room
value: "{ALERT.SENDTO}"
- name: matrix_token
value: "{{ (env == 'staging') | ternary(zabbix_stg_matrix_token, zabbix_matrix_token) }}"
- name: matrix_url
value: "https://fedora.ems.host"
message_templates:
- subject: "{EVENT.NAME} ({EVENT.ID})"
body: "Severity: {EVENT.SEVERITY} started at {EVENT.DATE} {EVENT.TIME} on {HOST.NAME}"
eventsource: triggers
recovery: operations
- subject: "{EVENT.NAME} [{EVENT.DURATION}] ({EVENT.ID})"
body: "Severity: {EVENT.SEVERITY} resolved at {EVENT.RECOVERY.DATE} {EVENT.RECOVERY.TIME} on {HOST.NAME}"
eventsource: triggers
recovery: recovery_operations
- subject: "{EVENT.NAME} ({EVENT.AGE})"
body: |
{USER.FULLNAME} {EVENT.UPDATE.ACTION} problem at {EVENT.UPDATE.DATE} {EVENT.UPDATE.TIME}
{EVENT.UPDATE.MESSAGE}
Current problem status: {EVENT.STATUS}
Age: {EVENT.AGE}
Acknowledged: {EVENT.ACK.STATUS}
eventsource: triggers
recovery: update_operations
tags:
- zabbix_configuration
- zabbix_triggers
- name: Create a new Zabbix user for Matrix triggers
community.zabbix.zabbix_user:
username: matrix-bot
name: Matrix
surname: Bot
usrgrps:
- Zabbix administrators
passwd: "{{ (env == 'staging') | ternary(zabbix_stg_botuser_pwd, zabbix_botuser_pwd) }}"
user_medias:
- mediatype: Matrix
sendto: "{{ (env == 'staging') | ternary(zabbix_stg_matrix_roomid, zabbix_matrix_roomid) }}"
period: 1-7,00:00-24:00
severity:
not_classified: yes
information: yes
warning: yes
average: yes
high: yes
disaster: yes
active: yes
state: present
tags:
- zabbix_configuration
- zabbix_users
- name: Send alerts to Matrix
community.zabbix.zabbix_action:
name: "Send alerts to Matrix"
event_source: "trigger"
state: present
status: enabled
esc_period: 1m
conditions:
- type: "trigger_severity"
operator: ">="
value: "Information"
operations:
- type: send_message
media_type: "Matrix"
send_to_users:
- "matrix-bot"
recovery_operations:
- type: send_message
media_type: "Matrix"
send_to_users:
- "matrix-bot"
tags:
- zabbix_configuration
- zabbix_users
- zabbix_triggers
# Templates seem to always report a change :/
- name: Import Base Auto-registration template
community.zabbix.zabbix_template:
template_yaml: "{{ lookup('file', 'templates/linux_autoregister.yaml') }}"
state: present
tags:
- zabbix_configuration
- zabbix_templates
# Templates seem to always report a change :/
- name: Import dependant Linux Host template
community.zabbix.zabbix_template:
template_yaml: "{{ lookup('file', 'templates/linux_hosts.yaml') }}"
state: present
tags:
- zabbix_configuration
- zabbix_templates
# PSK config: this can't be checked so it will always report a change
- name: Construct PSK filename
ansible.builtin.set_fact:
psk_file: "{{ private }}/files/zabbix/fedora{{ env_suffix }}.psk"
- name: Configure autoregistration via PSK
community.zabbix.zabbix_autoregister:
tls_accept:
- tls_with_psk
tls_psk_identity: "{{ zabbix_tls_psk_identity }}"
tls_psk: "{{ lookup('ansible.builtin.file', psk_file) }}"
tags:
- zabbix_configuration
- name: Configure autoregistration action
community.zabbix.zabbix_action:
name: "Add host to base template"
event_source: "auto_registration"
state: present
status: enabled
esc_period: 1m
operations:
- type: add_host
- type: link_to_template
templates:
- Linux Autoregistration
tags:
- zabbix_configuration

6
roles/zabbix/zabbix_server/tasks/main.yml
View file

@ -4,5 +4,11 @@
tags:
- zabbix-configuration
- name: Configure Zabbix via api
ansible.builtin.include_tasks: configure_api.yml
tags:
- zabbix-configuration
when: env == "staging"
# - include_tasks: plugins.yml
- include_tasks: start_services.yml