Compare commits
9 commits
enhancemen
...
develop
Author | SHA1 | Date | |
---|---|---|---|
14a3932083 | |||
ab689872e7 | |||
e535a6047b | |||
66ae4ce460 | |||
1d47d104f2 | |||
6127eea09c | |||
36067f0c83 | |||
9364c8df4c | |||
2b54793017 |
23 changed files with 666 additions and 119 deletions
23
.kitchen.yml
23
.kitchen.yml
|
@ -23,8 +23,9 @@ platforms:
|
||||||
suites:
|
suites:
|
||||||
- name: server
|
- name: server
|
||||||
driver:
|
driver:
|
||||||
forward:
|
networks:
|
||||||
- 8087:80
|
- netdev: user,id=user,net=192.168.1.0/24,hostname=%h,hostfwd=tcp::%p-:22,hostfwd=tcp::8087-:80
|
||||||
|
device: virtio-net-pci,netdev=user
|
||||||
run_list:
|
run_list:
|
||||||
- recipe[zabbix::database]
|
- recipe[zabbix::database]
|
||||||
- recipe[zabbix::server]
|
- recipe[zabbix::server]
|
||||||
|
@ -34,6 +35,24 @@ suites:
|
||||||
database:
|
database:
|
||||||
repo:
|
repo:
|
||||||
pgdg: true
|
pgdg: true
|
||||||
|
- name: server-nginx
|
||||||
|
driver:
|
||||||
|
networks:
|
||||||
|
- netdev: user,id=user,net=192.168.1.0/24,hostname=%h,hostfwd=tcp::%p-:22,hostfwd=tcp::8086-:80
|
||||||
|
device: virtio-net-pci,netdev=user
|
||||||
|
run_list:
|
||||||
|
- recipe[zabbix::database]
|
||||||
|
- recipe[zabbix::server]
|
||||||
|
attributes:
|
||||||
|
tags: [ 'httpd' ]
|
||||||
|
zabbix:
|
||||||
|
webserver:
|
||||||
|
backend: nginx
|
||||||
|
database:
|
||||||
|
repo:
|
||||||
|
pgdg: true
|
||||||
|
php:
|
||||||
|
use_fpm: false
|
||||||
- name: agent
|
- name: agent
|
||||||
run_list:
|
run_list:
|
||||||
- recipe[zabbix::default]
|
- recipe[zabbix::default]
|
||||||
|
|
|
@ -3,8 +3,12 @@ source "https://supermarket.chef.io"
|
||||||
metadata
|
metadata
|
||||||
|
|
||||||
cookbook "chef-vault", '>= 2.1.1'
|
cookbook "chef-vault", '>= 2.1.1'
|
||||||
|
cookbook "apache2", '>= 3.2.2'
|
||||||
|
cookbook "chef_nginx", '>= 5.0.7'
|
||||||
|
#cookbook "httpd", '>= 0.4.4'
|
||||||
|
cookbook "php", '>= 2.2.0'
|
||||||
cookbook "postgresql", '>= 6.0.1'
|
cookbook "postgresql", '>= 6.0.1'
|
||||||
|
cookbook "yum-ius", '>= 2.1.0'
|
||||||
cookbook "yum-zabbix", path: "../yum-zabbix"
|
cookbook "yum-zabbix", path: "../yum-zabbix"
|
||||||
#cookbook "apt-zabbix", path: "../apt-zabbix"
|
#cookbook "apt-zabbix", path: "../apt-zabbix"
|
||||||
#cookbook "mysql", '>= 8.2.0'
|
#cookbook "mysql", '>= 8.2.0'
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,20 @@
|
||||||
default['zabbix']['database']['backend'] = 'postgresql'
|
default['zabbix']['database']['backend'] = 'postgresql'
|
||||||
default['zabbix']['database']['repo']['pgdg'] = false
|
default['zabbix']['database']['repo']['pgdg'] = false
|
||||||
|
default['zabbix']['webserver']['backend'] = 'apache'
|
||||||
|
default['zabbix']['webserver']['port'] = '80'
|
||||||
|
default['zabbix']['php']['use_fpm'] = true
|
||||||
|
default['zabbix']['php']['timezone'] = 'America/New_York'
|
||||||
|
default['zabbix']['ssl']['enable'] = false
|
||||||
|
default['zabbix']['ssl']['port'] = '443'
|
||||||
|
default['zabbix']['ssl']['cacert'] = nil
|
||||||
|
default['zabbix']['ssl']['server_cert'] = nil
|
||||||
|
default['zabbix']['ssl']['server_key'] = nil
|
||||||
|
default['zabbix']['ssl']['ssl_protocols'] = [ "TLSv1.2" ]
|
||||||
|
default['zabbix']['ssl']['ssl_ciphers'] = [
|
||||||
|
"HIGH",
|
||||||
|
"!aNULL",
|
||||||
|
"!MD5"
|
||||||
|
]
|
||||||
|
|
||||||
default['zabbix']['version'] = "3.0"
|
default['zabbix']['version'] = "3.0"
|
||||||
default['zabbix']['agent_meta'] = []
|
default['zabbix']['agent_meta'] = []
|
||||||
|
|
|
@ -4,7 +4,7 @@ maintainer_email 'psi-jack@linux-help.org'
|
||||||
license 'Apache 2.0'
|
license 'Apache 2.0'
|
||||||
description 'Installs Zabbix Server & Client agents for EL linux distributions'
|
description 'Installs Zabbix Server & Client agents for EL linux distributions'
|
||||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||||
version '1.5.0'
|
version '1.5.2'
|
||||||
source_url 'https://git.linux-help.org/Linux-Help/zabbix' if respond_to?(:source_url)
|
source_url 'https://git.linux-help.org/Linux-Help/zabbix' if respond_to?(:source_url)
|
||||||
issues_url 'https://git.linux-help.org/Linux-Help/zabbix/issues' if respond_to?(:issues_url)
|
issues_url 'https://git.linux-help.org/Linux-Help/zabbix/issues' if respond_to?(:issues_url)
|
||||||
|
|
||||||
|
@ -15,7 +15,12 @@ end
|
||||||
recipe 'zabbix', 'Installs zabbix'
|
recipe 'zabbix', 'Installs zabbix'
|
||||||
|
|
||||||
depends 'chef-vault', '>= 2.1.1'
|
depends 'chef-vault', '>= 2.1.1'
|
||||||
|
depends 'apache2', '>= 3.2.2'
|
||||||
|
depends 'chef_nginx', '>= 5.0.7'
|
||||||
|
#depends 'httpd', '>= 0.4.4'
|
||||||
|
depends 'php', '>= 2.2.0'
|
||||||
depends 'postgresql', '>= 6.0.1'
|
depends 'postgresql', '>= 6.0.1'
|
||||||
|
depends 'yum-ius', '>= 2.1.0'
|
||||||
depends 'yum-zabbix', '>= 1.0.1'
|
depends 'yum-zabbix', '>= 1.0.1'
|
||||||
#depends 'apt-zabbix'
|
#depends 'apt-zabbix'
|
||||||
#depends 'mysql', '>= 8.2.0'
|
#depends 'mysql', '>= 8.2.0'
|
||||||
|
|
|
@ -16,7 +16,16 @@ end
|
||||||
|
|
||||||
# Install custom zabbix_agentd.conf
|
# Install custom zabbix_agentd.conf
|
||||||
template "/etc/zabbix/zabbix_agentd.conf" do
|
template "/etc/zabbix/zabbix_agentd.conf" do
|
||||||
source "zabbix_agentd.conf.erb"
|
source %W{
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix_agentd.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}/zabbix_agentd.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/zabbix_agentd.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/zabbix_agentd.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/zabbix_agentd.conf.erb
|
||||||
|
zabbix/zabbix_agentd.conf.erb
|
||||||
|
default/zabbix_agentd.conf.erb
|
||||||
|
zabbix_agentd.conf.erb
|
||||||
|
}
|
||||||
mode "0644"
|
mode "0644"
|
||||||
owner "root"
|
owner "root"
|
||||||
group "root"
|
group "root"
|
||||||
|
@ -49,25 +58,6 @@ remote_directory "/etc/zabbix/trap.d" do
|
||||||
action :create
|
action :create
|
||||||
end
|
end
|
||||||
|
|
||||||
if node['recipes'].include?('mongodb') or node['tags'].include?('mongodb')
|
|
||||||
template "/etc/zabbix/trap.d/mongo26.config" do
|
|
||||||
owner "root"
|
|
||||||
group "root"
|
|
||||||
mode "0700"
|
|
||||||
source "mongo26.config.erb"
|
|
||||||
sensitive true
|
|
||||||
credentials = Chef::EncryptedDataBagItem.load("odhp_credentials", "credentials")
|
|
||||||
variables({
|
|
||||||
:users => credentials['mongo']['users'][node.chef_environment]
|
|
||||||
})
|
|
||||||
end
|
|
||||||
else
|
|
||||||
file "/etc/zabbix/trap.d/mongo26.config" do
|
|
||||||
action :delete
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
|
|
||||||
# Link live agents to node
|
# Link live agents to node
|
||||||
node['zabbix']['trap_scripts']['live']['add'].each do |script|
|
node['zabbix']['trap_scripts']['live']['add'].each do |script|
|
||||||
link "/etc/zabbix/trap.d/live/#{script}" do
|
link "/etc/zabbix/trap.d/live/#{script}" do
|
||||||
|
@ -115,4 +105,3 @@ cron "zabbix_daily" do
|
||||||
command %Q{/etc/zabbix/trap.d/runtrap daily >/dev/null 2>&1}
|
command %Q{/etc/zabbix/trap.d/runtrap daily >/dev/null 2>&1}
|
||||||
only_if { node['zabbix']['trap_scripts']['daily']['add'].any? }
|
only_if { node['zabbix']['trap_scripts']['daily']['add'].any? }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -35,6 +35,7 @@ directory '/tmp/database' do
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/tmp/database/schema.sql' do
|
cookbook_file '/tmp/database/schema.sql' do
|
||||||
|
sensitive true
|
||||||
source %W{
|
source %W{
|
||||||
host-#{node['fqdn']}/schema.sql
|
host-#{node['fqdn']}/schema.sql
|
||||||
#{node['zabbix']['database']['backend']}/#{node['zabbix']['version']}/schema.sql
|
#{node['zabbix']['database']['backend']}/#{node['zabbix']['version']}/schema.sql
|
||||||
|
@ -45,6 +46,7 @@ cookbook_file '/tmp/database/schema.sql' do
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/tmp/database/images.sql' do
|
cookbook_file '/tmp/database/images.sql' do
|
||||||
|
sensitive true
|
||||||
source %W{
|
source %W{
|
||||||
host-#{node['fqdn']}/images.sql
|
host-#{node['fqdn']}/images.sql
|
||||||
#{node['zabbix']['database']['backend']}/#{node['zabbix']['version']}/images.sql
|
#{node['zabbix']['database']['backend']}/#{node['zabbix']['version']}/images.sql
|
||||||
|
@ -55,6 +57,7 @@ cookbook_file '/tmp/database/images.sql' do
|
||||||
end
|
end
|
||||||
|
|
||||||
cookbook_file '/tmp/database/data.sql' do
|
cookbook_file '/tmp/database/data.sql' do
|
||||||
|
sensitive true
|
||||||
source %W{
|
source %W{
|
||||||
host-#{node['fqdn']}/data.sql
|
host-#{node['fqdn']}/data.sql
|
||||||
#{node['zabbix']['database']['backend']}/#{node['zabbix']['version']}/data.sql
|
#{node['zabbix']['database']['backend']}/#{node['zabbix']['version']}/data.sql
|
||||||
|
@ -66,12 +69,11 @@ end
|
||||||
|
|
||||||
bash 'create_zabbix_db_user' do
|
bash 'create_zabbix_db_user' do
|
||||||
user 'postgres'
|
user 'postgres'
|
||||||
sensitive true
|
#sensitive true
|
||||||
credentials = chef_vault_item("secrets", "zabbix")
|
credentials = chef_vault_item("secrets", "zabbix")
|
||||||
code <<-EOH
|
code <<-EOH
|
||||||
psql -c "CREATE DATABASE zabbix WITH ENCODING='UTF-8';"
|
psql -c "CREATE USER \"#{credentials['username']}\" WITH PASSWORD '#{credentials['password']}';"
|
||||||
psql -c "CREATE USER zabbix WITH PASSWORD '#{credentials['postgres']}';"
|
psql -c "CREATE DATABASE \"#{credentials['database']}\" WITH OWNER \"#{credentials['username']}\" ENCODING 'UTF-8';"
|
||||||
psql -c "GRANT ALL PRIVILEGES ON DATABASE zabbix TO zabbix;"
|
|
||||||
EOH
|
EOH
|
||||||
action :nothing
|
action :nothing
|
||||||
subscribes :run, 'directory[/tmp/database]', :immediately
|
subscribes :run, 'directory[/tmp/database]', :immediately
|
||||||
|
@ -79,7 +81,11 @@ end
|
||||||
|
|
||||||
bash 'initialize_zabbix_db' do
|
bash 'initialize_zabbix_db' do
|
||||||
sensitive true
|
sensitive true
|
||||||
user 'postgres'
|
credentials = chef_vault_item("secrets", "zabbix")
|
||||||
|
environment({
|
||||||
|
"PGUSER" => credentials['username'],
|
||||||
|
"PGPASSWORD" => credentials['password']
|
||||||
|
})
|
||||||
code <<-EOH
|
code <<-EOH
|
||||||
psql -d zabbix -f /tmp/database/schema.sql
|
psql -d zabbix -f /tmp/database/schema.sql
|
||||||
psql -d zabbix -f /tmp/database/images.sql
|
psql -d zabbix -f /tmp/database/images.sql
|
||||||
|
|
|
@ -7,6 +7,8 @@
|
||||||
# Eric Renfro <psi-jack@linux-help.org>
|
# Eric Renfro <psi-jack@linux-help.org>
|
||||||
#
|
#
|
||||||
|
|
||||||
|
include_recipe 'chef-vault'
|
||||||
|
|
||||||
%w{zabbix-proxy-sqlite3 zabbix-get}.each do |pkg|
|
%w{zabbix-proxy-sqlite3 zabbix-get}.each do |pkg|
|
||||||
yum_package pkg do
|
yum_package pkg do
|
||||||
version '3.0.5-1.el6'
|
version '3.0.5-1.el6'
|
||||||
|
@ -23,11 +25,20 @@ directory "/var/lib/zabbix" do
|
||||||
end
|
end
|
||||||
|
|
||||||
template "/etc/zabbix/zabbix_proxy.conf" do
|
template "/etc/zabbix/zabbix_proxy.conf" do
|
||||||
credentials = Chef::EncryptedDataBagItem.load("odhp_credentials", "credentials")
|
credentials = chef_vault_item("secrets", "zabbix")
|
||||||
variables({
|
variables({
|
||||||
:DBPassword => credentials['zabbix']['postgres_password']
|
:credentials => credentials
|
||||||
})
|
})
|
||||||
source "zabbix_proxy.conf.erb"
|
source %W{
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix_proxy.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}/zabbix_proxy.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/zabbix_proxy.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/zabbix_proxy.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/zabbix_proxy.conf.erb
|
||||||
|
zabbix/zabbix_proxy.conf.erb
|
||||||
|
default/zabbix_proxy.conf.erb
|
||||||
|
zabbix_proxy.conf.erb
|
||||||
|
}
|
||||||
sensitive true
|
sensitive true
|
||||||
mode "0640"
|
mode "0640"
|
||||||
owner "root"
|
owner "root"
|
||||||
|
@ -41,4 +52,3 @@ service 'zabbix-proxy' do
|
||||||
end
|
end
|
||||||
|
|
||||||
include_recipe 'zabbix::agent'
|
include_recipe 'zabbix::agent'
|
||||||
|
|
||||||
|
|
|
@ -7,103 +7,157 @@
|
||||||
# Eric Renfro <psi-jack@linux-help.org>
|
# Eric Renfro <psi-jack@linux-help.org>
|
||||||
#
|
#
|
||||||
|
|
||||||
%w{httpd mod_ssl}.each do |pkg|
|
include_recipe 'chef-vault'
|
||||||
yum_package pkg do
|
include_recipe "#{cookbook_name}::database"
|
||||||
version '2.2.15-39.el6'
|
|
||||||
allow_downgrade true
|
#################################
|
||||||
action :install
|
# Include Additional Repositories
|
||||||
end
|
case node['platform_family']
|
||||||
|
when 'rhel'
|
||||||
|
include_recipe 'yum-ius'
|
||||||
|
include_recipe 'yum-zabbix'
|
||||||
end
|
end
|
||||||
|
|
||||||
%w{php56u php56u-bcmath php56u-gd php56u-mbstring php56u-pgsql php56u-xml php56u-xmlrpc php56u-cli php56u-opcache}.each do |pkg|
|
#############################
|
||||||
yum_package pkg do
|
# Setup and Install Webserver
|
||||||
version '5.6.28-1.ius.centos6'
|
case node['zabbix']['webserver']['backend']
|
||||||
allow_downgrade true
|
when 'apache'
|
||||||
action :install
|
include_recipe "#{cookbook_name}::server_apache"
|
||||||
end
|
when 'nginx'
|
||||||
|
include_recipe "#{cookbook_name}::server_nginx"
|
||||||
|
else
|
||||||
|
Chef::Application.fatal!('Webserver backend can either be apache or nginx', 121)
|
||||||
end
|
end
|
||||||
|
|
||||||
%w{zabbix-server-pgsql zabbix-web-pgsql zabbix-get}.each do |pkg|
|
#######################
|
||||||
yum_package pkg do
|
# Setup and Install PHP
|
||||||
version '3.0.5-1.el6'
|
include_recipe "#{cookbook_name}::server_php"
|
||||||
allow_downgrade true
|
|
||||||
action :install
|
#######################
|
||||||
end
|
# Install Zabbix Server
|
||||||
end
|
case node['zabbix']['database']['backend']
|
||||||
|
when 'postgresql'
|
||||||
template "/etc/httpd/conf/httpd.conf" do
|
%w(zabbix-server-pgsql zabbix-web-pgsql zabbix-get).each do |pkg|
|
||||||
source "httpd.conf.erb"
|
package pkg
|
||||||
mode "0644"
|
end
|
||||||
owner "root"
|
when 'mysql', 'mariadb', 'percona'
|
||||||
group "root"
|
%w(zabbix-server-mysql zabbix-web-mysql zabbix-get).each do |pkg|
|
||||||
notifies :restart, "service[httpd]", :delayed
|
package pkg
|
||||||
end
|
end
|
||||||
|
|
||||||
template "/etc/httpd/conf.d/zabbix.conf" do
|
|
||||||
source "zabbix_httpd.conf.erb"
|
|
||||||
mode "0644"
|
|
||||||
owner "root"
|
|
||||||
group "root"
|
|
||||||
notifies :restart, "service[httpd]", :delayed
|
|
||||||
end
|
|
||||||
|
|
||||||
template "/etc/httpd/conf.d/security.conf" do
|
|
||||||
source "security.conf.erb"
|
|
||||||
mode "0644"
|
|
||||||
owner "root"
|
|
||||||
group "root"
|
|
||||||
notifies :restart, "service[httpd]", :delayed
|
|
||||||
end
|
|
||||||
|
|
||||||
template "/etc/httpd/conf.d/ssl.conf" do
|
|
||||||
source "ssl.conf.erb"
|
|
||||||
mode "0644"
|
|
||||||
owner "root"
|
|
||||||
group "root"
|
|
||||||
notifies :restart, "service[httpd]", :delayed
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Configure Zabbix Server
|
||||||
template "/etc/zabbix/zabbix_server.conf" do
|
template "/etc/zabbix/zabbix_server.conf" do
|
||||||
credentials = Chef::EncryptedDataBagItem.load("odhp_credentials", "credentials")
|
credentials = chef_vault_item("secrets", "zabbix")
|
||||||
variables({
|
variables({
|
||||||
:DBPassword => credentials['zabbix']['postgres_password']
|
:credentials => credentials
|
||||||
})
|
})
|
||||||
source "zabbix_server.conf.erb"
|
source %W{
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix_server.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}/zabbix_server.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/zabbix_server.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/zabbix_server.conf.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/zabbix_server.conf.erb
|
||||||
|
zabbix/zabbix_server.conf.erb
|
||||||
|
default/zabbix_server.conf.erb
|
||||||
|
zabbix_server.conf.erb
|
||||||
|
}
|
||||||
sensitive true
|
sensitive true
|
||||||
mode "0640"
|
mode "0640"
|
||||||
owner "root"
|
owner "root"
|
||||||
group "root"
|
group "root"
|
||||||
notifies :restart, "service[zabbix-server]", :immediately
|
notifies :restart, "service[zabbix-server]", :immediately
|
||||||
end
|
end
|
||||||
|
|
||||||
|
directory "/etc/zabbix/web" do
|
||||||
|
mode "0750"
|
||||||
|
owner "root"
|
||||||
|
group case node['zabbix']['php']['use_fpm']
|
||||||
|
when true
|
||||||
|
node['php']['fpm_group']
|
||||||
|
else
|
||||||
|
case node['zabbix']['webserver']['backend']
|
||||||
|
when 'apache'
|
||||||
|
node['apache']['group']
|
||||||
|
when 'nginx'
|
||||||
|
node['php']['fpm_group']
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
template "/etc/zabbix/web/zabbix.conf.php" do
|
template "/etc/zabbix/web/zabbix.conf.php" do
|
||||||
credentials = Chef::EncryptedDataBagItem.load("odhp_credentials", "credentials")
|
credentials = chef_vault_item("secrets", "zabbix")
|
||||||
variables({
|
variables({
|
||||||
:DBPassword => credentials['zabbix']['postgres_password']
|
:credentials => credentials
|
||||||
})
|
})
|
||||||
source "zabbix_web.conf.erb"
|
source %W{
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix.conf.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}/zabbix.conf.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/zabbix.conf.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/zabbix.conf.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/zabbix.conf.php.erb
|
||||||
|
zabbix/zabbix.conf.php.erb
|
||||||
|
default/zabbix.conf.php.erb
|
||||||
|
zabbix.conf.php.erb
|
||||||
|
}
|
||||||
sensitive true
|
sensitive true
|
||||||
mode "0640"
|
mode "0640"
|
||||||
owner "root"
|
owner "root"
|
||||||
group "apache"
|
group case node['zabbix']['php']['use_fpm']
|
||||||
|
when true
|
||||||
|
node['php']['fpm_group']
|
||||||
|
else
|
||||||
|
case node['zabbix']['webserver']['backend']
|
||||||
|
when 'apache'
|
||||||
|
node['apache']['group']
|
||||||
|
when 'nginx'
|
||||||
|
node['php']['fpm_group']
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
template "/etc/php.ini" do
|
template "/etc/zabbix/web/maintenance.inc.php" do
|
||||||
source "php.ini.erb"
|
source %W{
|
||||||
mode "0644"
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/maintenance.inc.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform']}/maintenance.inc.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/maintenance.inc.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/maintenance.inc.php.erb
|
||||||
|
zabbix/#{node['zabbix']['version']}/maintenance.inc.php.erb
|
||||||
|
zabbix/maintenance.inc.php.erb
|
||||||
|
default/maintenance.inc.php.erb
|
||||||
|
maintenance.inc.php.erb
|
||||||
|
}
|
||||||
|
sensitive true
|
||||||
|
mode "0640"
|
||||||
owner "root"
|
owner "root"
|
||||||
group "root"
|
group case node['zabbix']['php']['use_fpm']
|
||||||
notifies :restart, "service[httpd]", :immediately
|
when true
|
||||||
end
|
node['php']['fpm_group']
|
||||||
|
else
|
||||||
service 'httpd' do
|
case node['zabbix']['webserver']['backend']
|
||||||
supports :restart => true, :start => true
|
when 'apache'
|
||||||
action :enable
|
node['apache']['group']
|
||||||
|
when 'nginx'
|
||||||
|
node['php']['fpm_group']
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
#################
|
||||||
|
# Manage Services
|
||||||
service 'zabbix-server' do
|
service 'zabbix-server' do
|
||||||
supports :restart => true, :start => true
|
supports :restart => true, :start => true
|
||||||
action :enable
|
action [:enable, :start]
|
||||||
|
subscribes :restart, "template[/etc/zabbix/zabbix_server.conf]", :delayed
|
||||||
end
|
end
|
||||||
|
|
||||||
|
service 'php-fpm' do
|
||||||
|
action [:enable, :start]
|
||||||
|
subscribes :reload, "php_fpm_pool[default]", :delayed
|
||||||
|
only_if { node['zabbix']['php']['use_fpm'] }
|
||||||
|
end
|
||||||
|
|
||||||
|
######################
|
||||||
|
# Include Zabbix Agent
|
||||||
include_recipe 'zabbix::agent'
|
include_recipe 'zabbix::agent'
|
||||||
|
|
36
recipes/server_apache.rb
Normal file
36
recipes/server_apache.rb
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
#
|
||||||
|
# Cookbook Name:: zabbix
|
||||||
|
# Recipe:: server_apache
|
||||||
|
#
|
||||||
|
# Copyright 2017, Linux-Help.org
|
||||||
|
# Authors:
|
||||||
|
# Eric Renfro <psi-jack@linux-help.org>
|
||||||
|
#
|
||||||
|
|
||||||
|
include_recipe 'apache2'
|
||||||
|
|
||||||
|
##########################
|
||||||
|
# Setup and Install Apache
|
||||||
|
%w(proxy proxy_fcgi).each do |mod|
|
||||||
|
apache_module mod do
|
||||||
|
only_if { node['zabbix']['php']['use_fpm'] }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
web_app "zabbix" do
|
||||||
|
tname = node['zabbix']['php']['use_fpm'] ? "zabbix-fpm" : "zabbix-mod"
|
||||||
|
server_name node['fqdn']
|
||||||
|
server_aliases ["zabbix.#{node['domain']}"]
|
||||||
|
template %W{
|
||||||
|
apache/#{node['platform']}/#{node['platform_version'].to_i}/#{tname}.conf.erb
|
||||||
|
apache/#{node['platform']}/#{tname}.conf.erb
|
||||||
|
apache/#{node['platform_family']}/#{node['platform_version'].to_i}/#{tname}.conf.erb
|
||||||
|
apache/#{node['platform_family']}/#{tname}.conf.erb
|
||||||
|
apache/default/#{tname}.conf.erb
|
||||||
|
apache/#{tname}.conf.erb
|
||||||
|
}
|
||||||
|
docroot "/usr/share/zabbix"
|
||||||
|
directory_index ["index.php"]
|
||||||
|
directory_options [ "FollowSymLinks" ]
|
||||||
|
allow_override [ "None" ]
|
||||||
|
end
|
34
recipes/server_nginx.rb
Normal file
34
recipes/server_nginx.rb
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
#
|
||||||
|
# Cookbook Name:: zabbix
|
||||||
|
# Recipe:: server_nginx
|
||||||
|
#
|
||||||
|
# Copyright 2017, Linux-Help.org
|
||||||
|
# Authors:
|
||||||
|
# Eric Renfro <psi-jack@linux-help.org>
|
||||||
|
#
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Setup and Install nginx
|
||||||
|
node.default['nginx']['default_site_enabled'] = false
|
||||||
|
include_recipe 'chef_nginx'
|
||||||
|
|
||||||
|
nginx_site "zabbix" do
|
||||||
|
template 'nginx/zabbix.conf.erb'
|
||||||
|
variables({
|
||||||
|
:params => {
|
||||||
|
:server_port => node['zabbix']['webserver']['port'],
|
||||||
|
:ssl_port => node['zabbix']['ssl']['port'],
|
||||||
|
:server_name => [ "#{node['fqdn']}, zabbix.#{node['domain']}" ],
|
||||||
|
:docroot => '/usr/share/zabbix',
|
||||||
|
:cacert => node['zabbix']['ssl']['cacert'],
|
||||||
|
:server_cert => node['zabbix']['ssl']['server_cert'],
|
||||||
|
:server_key => node['zabbix']['ssl']['server_key'],
|
||||||
|
:ssl_proto => node['zabbix']['ssl']['ssl_protocols'],
|
||||||
|
:ssl_ciphers => node['zabbix']['ssl']['ssl_ciphers']
|
||||||
|
}
|
||||||
|
})
|
||||||
|
end
|
||||||
|
|
||||||
|
file "/etc/nginx/conf.d/default.conf" do
|
||||||
|
action :delete
|
||||||
|
end
|
82
recipes/server_php.rb
Normal file
82
recipes/server_php.rb
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
#
|
||||||
|
# Cookbook Name:: zabbix
|
||||||
|
# Recipe:: server_php
|
||||||
|
#
|
||||||
|
# Copyright 2017, Linux-Help.org
|
||||||
|
# Authors:
|
||||||
|
# Eric Renfro <psi-jack@linux-help.org>
|
||||||
|
#
|
||||||
|
|
||||||
|
#######################
|
||||||
|
# Install and Setup PHP
|
||||||
|
case node['platform_family']
|
||||||
|
when 'rhel'
|
||||||
|
# Remove distro-provided versions if installed
|
||||||
|
%w(php php-cli php-pear php-devel php-common).each do |pkg|
|
||||||
|
package pkg do
|
||||||
|
action :remove
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Setup PHP to use yum-ius packages
|
||||||
|
node.default['php']['packages'] = %w(php56u php56u-bcmath php56u-gd php56u-mbstring php56u-xml php56u-xmlrpc php56u-cli php56u-opcache)
|
||||||
|
node.default['php']['fpm_package'] = 'php56u-fpm'
|
||||||
|
node.default['php']['fpm_user'] = 'php-fpm'
|
||||||
|
node.default['php']['fpm_group'] = 'php-fpm'
|
||||||
|
node.default['php']['gd']['package'] = 'php56u-gd'
|
||||||
|
node.default['php']['apcu']['package'] = 'php56u-pecl-apcu'
|
||||||
|
node.default['php']['ldap']['package'] = 'php56u-ldap'
|
||||||
|
|
||||||
|
if node['zabbix']['php']['use_fpm'] != true
|
||||||
|
if node['zabbix']['webserver']['backend'] == 'apache'
|
||||||
|
node.default['php']['packages'] += ['php56u']
|
||||||
|
end
|
||||||
|
end
|
||||||
|
case node['zabbix']['database']['backend']
|
||||||
|
when 'postgresql'
|
||||||
|
node.default['php']['packages'] += ['php56u-pgsql']
|
||||||
|
node.default['php']['postgresql']['package'] = 'php56u-pgsql'
|
||||||
|
when 'mysql', 'mariadb', 'percona'
|
||||||
|
node.default['php']['packages'] += ['php56u-mysqlnd']
|
||||||
|
node.default['php']['mysql']['package'] = 'php56u-mysqlnd'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Set PHP timezone
|
||||||
|
node.default['php']['directives'] = {
|
||||||
|
'date.timezone' => node['zabbix']['php']['timezone']
|
||||||
|
}
|
||||||
|
include_recipe 'php'
|
||||||
|
|
||||||
|
#############################
|
||||||
|
# Install PHP-FPM Zabbix pool
|
||||||
|
php_fpm_pool 'zabbix' do
|
||||||
|
listen '127.0.0.1:9001'
|
||||||
|
user 'php-fpm'
|
||||||
|
group 'php-fpm'
|
||||||
|
#chdir '/usr/share/zabbix'
|
||||||
|
max_children 50
|
||||||
|
start_servers 5
|
||||||
|
min_spare_servers 5
|
||||||
|
max_spare_servers 35
|
||||||
|
additional_config({
|
||||||
|
'pm.process_idle_timeout' => '10s',
|
||||||
|
'pm.max_requests' => '500',
|
||||||
|
'ping.path' => '/ping',
|
||||||
|
'ping.response' => 'pong',
|
||||||
|
'php_flag[display_errors]' => 'off',
|
||||||
|
'php_admin_value[error_log]' => '/var/log/php-fpm/www-error.log',
|
||||||
|
'php_admin_flag[log_errors]' => 'on',
|
||||||
|
'php_admin_value[memory_limit]' => '128M',
|
||||||
|
'php_value[session.save_handler]' => 'files',
|
||||||
|
'php_value[session.save_path]' => '/var/lib/php-fpm/session',
|
||||||
|
'php_value[soap.wsdl_cache_dir]' => '/var/lib/php-fpm/wsdlcache',
|
||||||
|
'php_value[max_execution_time]' => '300',
|
||||||
|
'php_value[post_max_size]' => '16M',
|
||||||
|
'php_value[upload_max_filesize]' => '2M',
|
||||||
|
'php_value[max_input_time]' => '300',
|
||||||
|
'php_value[always_populate_raw_post_data]' => '-1'
|
||||||
|
})
|
||||||
|
action :install
|
||||||
|
only_if { node['zabbix']['php']['use_fpm'] || node['zabbix']['webserver']['backend'] == 'nginx' }
|
||||||
|
end
|
|
@ -7,6 +7,8 @@
|
||||||
# Eric Renfro <psi-jack@linux-help.org>
|
# Eric Renfro <psi-jack@linux-help.org>
|
||||||
#
|
#
|
||||||
|
|
||||||
|
include_recipe 'chef-vault'
|
||||||
|
|
||||||
node.override['zabbix']['trap_scripts']['live']['add'] = []
|
node.override['zabbix']['trap_scripts']['live']['add'] = []
|
||||||
node.override['zabbix']['trap_scripts']['live']['del'] = []
|
node.override['zabbix']['trap_scripts']['live']['del'] = []
|
||||||
node.override['zabbix']['trap_scripts']['daily']['add'] = []
|
node.override['zabbix']['trap_scripts']['daily']['add'] = []
|
||||||
|
@ -39,10 +41,25 @@ end
|
||||||
# MongoDB
|
# MongoDB
|
||||||
#
|
#
|
||||||
if node['recipes'].include?('mongodb') or node.tags.include?('mongodb')
|
if node['recipes'].include?('mongodb') or node.tags.include?('mongodb')
|
||||||
node.override['zabbix']['trap_scripts']['live']['add'] += ['mongo26.sh', 'ssl_check_mongo.sh']
|
node.override['zabbix']['trap_scripts']['live']['add'] += ['mongo26.sh', 'ssl_check_mongo.sh']
|
||||||
node.override['zabbix']['agent_meta'] += ['MongoDB']
|
node.override['zabbix']['agent_meta'] += ['MongoDB']
|
||||||
|
|
||||||
|
template "/etc/zabbix/trap.d/mongo26.config" do
|
||||||
|
owner "root"
|
||||||
|
group "root"
|
||||||
|
mode "0700"
|
||||||
|
source "mongo26.config.erb"
|
||||||
|
sensitive true
|
||||||
|
credentials = chef_vault_item("secrets", "mongodb")
|
||||||
|
variables({
|
||||||
|
:credentials => credentials
|
||||||
|
})
|
||||||
|
end
|
||||||
else
|
else
|
||||||
node.override['zabbix']['trap_scripts']['live']['del'] += ['mongo26.sh', 'ssl_check_mongo.sh']
|
node.override['zabbix']['trap_scripts']['live']['del'] += ['mongo26.sh', 'ssl_check_mongo.sh']
|
||||||
|
file "/etc/zabbix/trap.d/mongo26.config" do
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
###########################################################
|
###########################################################
|
||||||
|
|
77
templates/apache/zabbix-fpm.conf.erb
Normal file
77
templates/apache/zabbix-fpm.conf.erb
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
<% if node['apache']['version'] != '2.4' -%>
|
||||||
|
NameVirtualHost *:<%= @params[:server_port] %>
|
||||||
|
<% end -%>
|
||||||
|
<VirtualHost *:<%= @params[:server_port] %>>
|
||||||
|
ServerName <%= @params[:server_name] %>
|
||||||
|
<% if @params[:server_aliases] -%>
|
||||||
|
ServerAlias <%= @params[:server_aliases].join " " %>
|
||||||
|
<% end -%>
|
||||||
|
DocumentRoot <%= @params[:docroot] %>
|
||||||
|
|
||||||
|
# The following lines prevent .user.ini files from being viewed by Web clients.
|
||||||
|
<Files ".user.ini">
|
||||||
|
Require all denied
|
||||||
|
</Files>
|
||||||
|
|
||||||
|
# Allow php to handle Multiviews.
|
||||||
|
AddType text/html .php
|
||||||
|
|
||||||
|
# Enable http authorization headers.
|
||||||
|
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
|
||||||
|
|
||||||
|
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9001/usr/share/zabbix/$1
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>>
|
||||||
|
Options <%= [@params[:directory_options] || "FollowSymLinks" ].flatten.join " " %>
|
||||||
|
AllowOverride <%= [@params[:allow_override] || "None" ].flatten.join " " %>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all granted
|
||||||
|
<% else -%>
|
||||||
|
Order allow,deny
|
||||||
|
Allow from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/conf>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/app>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/include>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/local>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
ErrorLog <%= node['apache']['log_dir'] %>/<%= @params[:name] %>-error.log
|
||||||
|
CustomLog <%= node['apache']['log_dir'] %>/<%= @params[:name] %>-access.log combined
|
||||||
|
|
||||||
|
<% if @params[:directory_index] -%>
|
||||||
|
DirectoryIndex <%= [@params[:directory_index]].flatten.join " " %>
|
||||||
|
<% end -%>
|
||||||
|
</VirtualHost>
|
81
templates/apache/zabbix-mod.conf.erb
Normal file
81
templates/apache/zabbix-mod.conf.erb
Normal file
|
@ -0,0 +1,81 @@
|
||||||
|
<% if node['apache']['version'] != '2.4' -%>
|
||||||
|
NameVirtualHost *:<%= @params[:server_port] %>
|
||||||
|
<% end -%>
|
||||||
|
<VirtualHost *:<%= @params[:server_port] %>>
|
||||||
|
ServerName <%= @params[:server_name] %>
|
||||||
|
<% if @params[:server_aliases] -%>
|
||||||
|
ServerAlias <%= @params[:server_aliases].join " " %>
|
||||||
|
<% end -%>
|
||||||
|
DocumentRoot <%= @params[:docroot] %>
|
||||||
|
|
||||||
|
# The following lines prevent .user.ini files from being viewed by Web clients.
|
||||||
|
<Files ".user.ini">
|
||||||
|
Require all denied
|
||||||
|
</Files>
|
||||||
|
|
||||||
|
# Allow php to handle Multiviews.
|
||||||
|
AddType text/html .php
|
||||||
|
|
||||||
|
<IfModule mod_php5.c>
|
||||||
|
php_value max_execution_time 300
|
||||||
|
php_value memory_limit 128M
|
||||||
|
php_value post_max_size 16M
|
||||||
|
php_value upload_max_filesize 2M
|
||||||
|
php_value max_input_time 300
|
||||||
|
php_value always_populate_raw_post_data -1
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>>
|
||||||
|
Options <%= [@params[:directory_options] || "FollowSymLinks" ].flatten.join " " %>
|
||||||
|
AllowOverride <%= [@params[:allow_override] || "None" ].flatten.join " " %>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all granted
|
||||||
|
<% else -%>
|
||||||
|
Order allow,deny
|
||||||
|
Allow from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/conf>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/app>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/include>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<Directory <%= @params[:docroot] %>/local>
|
||||||
|
<% if node['apache']['version'] == '2.4' -%>
|
||||||
|
Require all denied
|
||||||
|
<% else -%>
|
||||||
|
Order deny,allow
|
||||||
|
Deny from all
|
||||||
|
<% end -%>
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
ErrorLog <%= node['apache']['log_dir'] %>/<%= @params[:name] %>-error.log
|
||||||
|
CustomLog <%= node['apache']['log_dir'] %>/<%= @params[:name] %>-access.log combined
|
||||||
|
|
||||||
|
<% if @params[:directory_index] -%>
|
||||||
|
DirectoryIndex <%= [@params[:directory_index]].flatten.join " " %>
|
||||||
|
<% end -%>
|
||||||
|
</VirtualHost>
|
|
@ -1,3 +1,2 @@
|
||||||
mongoUser="<%= @users['mmsagent']['username'] %>"
|
mongoUser="<%= @credentials['username'] %>"
|
||||||
mongoPass="<%= @users['mmsagent']['password'] %>"
|
mongoPass="<%= @credentials['password'] %>"
|
||||||
|
|
||||||
|
|
26
templates/fpm/zabbix.conf.erb
Normal file
26
templates/fpm/zabbix.conf.erb
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
[zabbix]
|
||||||
|
user = php-fpm
|
||||||
|
group = php-fpm
|
||||||
|
listen = 127.0.0.1:9001
|
||||||
|
listen.allowed_clients = 127.0.0.1
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 50
|
||||||
|
pm.start_servers = 5
|
||||||
|
pm.min_spare_servers = 5
|
||||||
|
pm.max_spare_servers = 35
|
||||||
|
pm.process_idle_timeout = 10s;
|
||||||
|
pm.max_requests = 500
|
||||||
|
ping.path = /ping
|
||||||
|
ping.response = pong
|
||||||
|
php_flag[display_errors] = off
|
||||||
|
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
|
||||||
|
php_admin_flag[log_errors] = on
|
||||||
|
php_admin_value[memory_limit] = 128M
|
||||||
|
php_value[session.save_handler] = files
|
||||||
|
php_value[session.save_path] = /var/lib/php-fpm/session
|
||||||
|
php_value[soap.wsdl_cache_dir] = /var/lib/php-fpm/wsdlcache
|
||||||
|
php_value[max_execution_time] = 300
|
||||||
|
php_value[post_max_size] = 16M
|
||||||
|
php_value[upload_max_filesize] = 2M
|
||||||
|
php_value[max_input_time] = 300
|
||||||
|
php_value[always_populate_raw_post_data] = -1
|
62
templates/nginx/zabbix.conf.erb
Normal file
62
templates/nginx/zabbix.conf.erb
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
upstream php-handler {
|
||||||
|
server 127.0.0.1:9001;
|
||||||
|
}
|
||||||
|
|
||||||
|
<% if node['zabbix']['ssl']['enable'] %>
|
||||||
|
server {
|
||||||
|
listen <%= @params['server_port'] %> default_server;
|
||||||
|
listen [::]:<%= @params['server_port'] %> default_server;
|
||||||
|
server_name _;
|
||||||
|
return 301 https://$host:<%= @params['ssl_port'] %>$request_uri;
|
||||||
|
}
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
server {
|
||||||
|
<% if node['zabbix']['ssl']['enable'] %>
|
||||||
|
listen <%= @params[:ssl_port] %> default_server;
|
||||||
|
listen [::]:<%= @params[:ssl_port] %> default_server;
|
||||||
|
<% else %>
|
||||||
|
listen <%= @params[:server_port] %> default_server;
|
||||||
|
listen [::]:<%= @params[:server_port] %> default_server;
|
||||||
|
<% end %>
|
||||||
|
server_name <%= [@params[:server_name]].flatten.join ", " %>;
|
||||||
|
access_log /var/log/nginx/zabbix.log;
|
||||||
|
error_log /var/log/nginx/zabbix.error;
|
||||||
|
<% if node['zabbix']['ssl']['enable'] %>
|
||||||
|
ssl on;
|
||||||
|
ssl_certificate <%= @params[:server_cert] %>;
|
||||||
|
ssl_certificate_key <%= @params[:server_cert] %>;
|
||||||
|
ssl_protocols <%= [@params[:ssl_proto]].flatten.join " " %>;
|
||||||
|
#ssl_ciphers <%= [@params[:ssl_ciphers]].flatten.join ":" %>;
|
||||||
|
<% end %>
|
||||||
|
root <%= @params[:docroot] %>;
|
||||||
|
index index.php index.html;
|
||||||
|
client_max_body_size 5m;
|
||||||
|
client_body_buffer_size 128k;
|
||||||
|
|
||||||
|
#location ~ \.php$ {
|
||||||
|
location ~ [^/]\.php(/|$) {
|
||||||
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||||
|
if (!-f $document_root$fastcgi_script_name) {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
#fastcgi_pass unix:/var/run/zabbix.socket;
|
||||||
|
fastcgi_pass php-handler;
|
||||||
|
include fastcgi_params;
|
||||||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
|
||||||
|
expires max;
|
||||||
|
log_not_found off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ /\.ht {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ /\. {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
}
|
29
templates/zabbix/3.0/maintenance.inc.php.erb
Normal file
29
templates/zabbix/3.0/maintenance.inc.php.erb
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
<?php
|
||||||
|
/*
|
||||||
|
** Zabbix
|
||||||
|
** Copyright (C) 2001-2016 Zabbix SIA
|
||||||
|
**
|
||||||
|
** This program is free software; you can redistribute it and/or modify
|
||||||
|
** it under the terms of the GNU General Public License as published by
|
||||||
|
** the Free Software Foundation; either version 2 of the License, or
|
||||||
|
** (at your option) any later version.
|
||||||
|
**
|
||||||
|
** This program is distributed in the hope that it will be useful,
|
||||||
|
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
** GNU General Public License for more details.
|
||||||
|
**
|
||||||
|
** You should have received a copy of the GNU General Public License
|
||||||
|
** along with this program; if not, write to the Free Software
|
||||||
|
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
**/
|
||||||
|
|
||||||
|
|
||||||
|
// Maintenance mode
|
||||||
|
//define('ZBX_DENY_GUI_ACCESS', 1);
|
||||||
|
|
||||||
|
// IP range, who are allowed to connect to FrontEnd
|
||||||
|
//$ZBX_GUI_ACCESS_IP_RANGE = array('127.0.0.1');
|
||||||
|
|
||||||
|
// MSG shown on Warning screen!
|
||||||
|
//$_REQUEST['warning_msg'] = 'Zabbix is under maintenance.';
|
|
@ -1,13 +1,15 @@
|
||||||
<?php
|
<?php
|
||||||
|
// MANAGED BY CHEF
|
||||||
|
//
|
||||||
// Zabbix GUI configuration file.
|
// Zabbix GUI configuration file.
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$DB['TYPE'] = 'POSTGRESQL';
|
$DB['TYPE'] = 'POSTGRESQL';
|
||||||
$DB['SERVER'] = 'localhost';
|
$DB['SERVER'] = 'localhost';
|
||||||
$DB['PORT'] = '0';
|
$DB['PORT'] = '0';
|
||||||
$DB['DATABASE'] = 'zabbix';
|
$DB['DATABASE'] = '<%= @credentials['database'] %>';
|
||||||
$DB['USER'] = 'zabbixmaster';
|
$DB['USER'] = '<%= @credentials['username'] %>';
|
||||||
$DB['PASSWORD'] = '<%= @DBPassword %>';
|
$DB['PASSWORD'] = '<%= @credentials['password'] %>';
|
||||||
|
|
||||||
// Schema name. Used for IBM DB2 and PostgreSQL.
|
// Schema name. Used for IBM DB2 and PostgreSQL.
|
||||||
$DB['SCHEMA'] = '';
|
$DB['SCHEMA'] = '';
|
||||||
|
@ -17,4 +19,3 @@ $ZBX_SERVER_PORT = '10051';
|
||||||
$ZBX_SERVER_NAME = 'Zabbix';
|
$ZBX_SERVER_NAME = 'Zabbix';
|
||||||
|
|
||||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||||
|
|
|
@ -81,7 +81,7 @@ PidFile=/var/run/zabbix/zabbix_server.pid
|
||||||
# Default:
|
# Default:
|
||||||
# DBName=
|
# DBName=
|
||||||
|
|
||||||
DBName=zabbix
|
DBName=<%= @credentials['database'] %>
|
||||||
|
|
||||||
### Option: DBSchema
|
### Option: DBSchema
|
||||||
# Schema name. Used for IBM DB2 and PostgreSQL.
|
# Schema name. Used for IBM DB2 and PostgreSQL.
|
||||||
|
@ -97,7 +97,7 @@ DBName=zabbix
|
||||||
# Default:
|
# Default:
|
||||||
# DBUser=
|
# DBUser=
|
||||||
|
|
||||||
DBUser=zabbixmaster
|
DBUser=<%= @credentials['username'] %>
|
||||||
|
|
||||||
### Option: DBPassword
|
### Option: DBPassword
|
||||||
# Database password. Ignored for SQLite.
|
# Database password. Ignored for SQLite.
|
||||||
|
@ -105,7 +105,7 @@ DBUser=zabbixmaster
|
||||||
#
|
#
|
||||||
# Mandatory: no
|
# Mandatory: no
|
||||||
# Default:
|
# Default:
|
||||||
DBPassword=<%= @DBPassword %>
|
DBPassword=<%= @credentials['password'] %>
|
||||||
|
|
||||||
### Option: DBSocket
|
### Option: DBSocket
|
||||||
# Path to MySQL socket.
|
# Path to MySQL socket.
|
5
test/fixtures/data_bags/secrets/zabbix.json
vendored
5
test/fixtures/data_bags/secrets/zabbix.json
vendored
|
@ -1,5 +1,6 @@
|
||||||
{
|
{
|
||||||
"id": "zabbix",
|
"id": "zabbix",
|
||||||
"postgres": "password",
|
"username": "zabbix",
|
||||||
"server": "password"
|
"password": "password",
|
||||||
|
"database": "zabbix"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue