118 lines
3 KiB
YAML
118 lines
3 KiB
YAML
---
|
|
# tasks file for zabbix-server
|
|
# Install guide: Zabbix 6 LTS, postgres and nginx:
|
|
# https://www.zabbix.com/download?zabbix=6.0&os_distribution=red_hat_enterprise_linux&os_version=9&components=server_frontend_agent&db=pgsql&ws=nginx
|
|
|
|
- name: Configure the EPEL repository
|
|
ansible.builtin.yum_repository:
|
|
name: epel
|
|
description: "Extras Packages for Enterprise Linux $releasever - $basearch"
|
|
enabled: true
|
|
gpgcheck: true
|
|
baseurl: "http://infrastructure.fedoraproject.org/pub/epel/9/Everything/$basearch/"
|
|
gpgkey: "http://infrastructure.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-9"
|
|
exclude: "zabbix*"
|
|
tags:
|
|
- configure-dnf
|
|
|
|
- name: Install the zabbix rpm
|
|
command: "rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/9/x86_64/zabbix-release-6.0-4.el9.noarch.rpm"
|
|
ignore_errors: True
|
|
tags:
|
|
- packages
|
|
|
|
- name: Installing required pkgs for Zabbix
|
|
ansible.builtin.dnf:
|
|
name: "{{ zabbix_server_pkgs }}"
|
|
state: latest
|
|
tags:
|
|
- packages
|
|
|
|
- include_tasks: db.yml
|
|
|
|
- name: Configuring postgres server
|
|
ansible.builtin.template:
|
|
src: pg_hba.conf.j2
|
|
dest: /var/lib/pgsql/data/pg_hba.conf
|
|
mode: 0600
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Configuring zabbix server
|
|
ansible.builtin.template:
|
|
src: zabbix_server.conf.j2
|
|
dest: /etc/zabbix/zabbix_server.conf
|
|
mode: 0600
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Set ownership on /etc/zabbix/web/
|
|
ansible.builtin.file:
|
|
path: /etc/zabbix/web
|
|
state: directory
|
|
recurse: yes
|
|
owner: nginx
|
|
group: nginx
|
|
|
|
- name: Configure Zabbix web UI
|
|
ansible.builtin.template:
|
|
src: zabbix.conf.php.j2
|
|
dest: /etc/zabbix/web/zabbix.conf.php
|
|
mode: 0600
|
|
owner: nginx
|
|
group: nginx
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Install IDP certificate
|
|
ansible.builtin.copy:
|
|
content: "{{ lookup('ansible.builtin.file',
|
|
private + '/files/saml2/' + env + '/keys/idp.crt')
|
|
| regex_search('-----BEGIN CERTIFICATE-----\n[^-]*\n-----END CERTIFICATE-----',
|
|
multiline=True) }}\n"
|
|
dest: /usr/share/zabbix/conf/certs/idp.crt
|
|
mode: 0644
|
|
owner: nginx
|
|
group: nginx
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Configure nginx nginx.conf
|
|
ansible.builtin.template:
|
|
src: nginx.conf.j2
|
|
dest: /etc/nginx/nginx.conf
|
|
mode: 0644
|
|
owner: nginx
|
|
group: nginx
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Configure nginx conf.d/zabbix.conf
|
|
ansible.builtin.template:
|
|
src: nginx_zabbix.conf.j2
|
|
dest: /etc/nginx/conf.d/zabbix.conf
|
|
mode: 0644
|
|
owner: nginx
|
|
group: nginx
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Configure /etc/php-fpm.d/www.conf file
|
|
ansible.builtin.copy:
|
|
src: php-fpm_www.conf
|
|
dest: /etc/php-fpm.d/www.conf
|
|
mode: 0600
|
|
owner: nginx
|
|
group: nginx
|
|
tags:
|
|
- zabbix-configuration
|
|
|
|
- name: Configure nginx conf.d/zabbix.conf
|
|
ansible.builtin.copy:
|
|
src: php-fpm_zabbix.conf
|
|
dest: /etc/php-fpm.d/zabbix.conf
|
|
mode: 0600
|
|
owner: nginx
|
|
group: nginx
|
|
tags:
|
|
- zabbix-configuration
|