# # Cookbook Name:: zabbix # Recipe:: server # # Copyright 2017, Linux-Help.org # Authors: # Eric Renfro # include_recipe 'chef-vault' include_recipe "#{cookbook_name}::database" include_recipe 'apache2' ################################# # Include Additional Repositories case node['platform_family'] when 'rhel' include_recipe 'yum-ius' include_recipe 'yum-zabbix' end ############################# # Setup and Install Webserver case node['zabbix']['webserver']['backend'] when 'apache' include_recipe "#{cookbook_name}::server_apache" when 'nginx' include_recipe "#{cookbook_name}::server_nginx" else Chef::Application.fatal!('Webserver backend can either be apache or nginx', 121) end include_recipe "#{cookbook_name}::server_php" ########################## # Setup and Install Apache # apache_module 'proxy' # apache_module 'proxy_fcgi' # # web_app "zabbix" do # server_name node['fqdn'] # server_aliases ["zabbix.#{node['domain']}"] # template %W{ # apache/#{node['platform']}/#{node['platform_version'].to_i}/zabbix.conf.erb # apache/#{node['platform']}/zabbix.conf.erb # apache/#{node['platform_family']}/#{node['platform_version'].to_i}/zabbix.conf.erb # apache/#{node['platform_family']}/zabbix.conf.erb # apache/default/zabbix.conf.erb # apache/zabbix.conf.erb # } # docroot "/usr/share/zabbix" # directory_index ["index.php"] # directory_options [ "FollowSymLinks" ] # allow_override [ "None" ] # end ####################### # Install and Setup PHP # case node['platform_family'] # when 'rhel' # # Remove distro-provided versions if installed # %w(php php-cli php-pear php-devel php-common).each do |pkg| # package pkg do # action :remove # end # end # # # Setup PHP to use yum-ius packages # node.default['php']['packages'] = %w(php56u php56u-bcmath php56u-gd php56u-mbstring php56u-xml php56u-xmlrpc php56u-cli php56u-opcache) # node.default['php']['fpm_package'] = 'php56u-fpm' # node.default['php']['fpm_user'] = 'php-fpm' # node.default['php']['fpm_group'] = 'php-fpm' # node.default['php']['gd']['package'] = 'php56u-gd' # node.default['php']['apcu']['package'] = 'php56u-pecl-apcu' # node.default['php']['ldap']['package'] = 'php56u-ldap' # # case node['zabbix']['database']['backend'] # when 'postgresql' # node.default['php']['packages'] += ['php56u-pgsql'] # node.default['php']['postgresql']['package'] = 'php56u-pgsql' # when 'mysql', 'mariadb', 'percona' # node.default['php']['packages'] += ['php56u-mysqlnd'] # node.default['php']['mysql']['package'] = 'php56u-mysqlnd' # end # end # # # Set PHP timezone # node.default['php']['directives'] = { # 'date.timezone' => node['zabbix']['php']['timezone'] # } # include_recipe 'php' ####################### # Install Zabbix Server case node['zabbix']['database']['backend'] when 'postgresql' %w(zabbix-server-pgsql zabbix-web-pgsql zabbix-get).each do |pkg| package pkg end when 'mysql', 'mariadb', 'percona' %w(zabbix-server-mysql zabbix-web-mysql zabbix-get).each do |pkg| package pkg end end ############################# # Install PHP-FPM Zabbix pool # php_fpm_pool 'zabbix' do # listen '127.0.0.1:9001' # user 'php-fpm' # group 'php-fpm' # chdir '/usr/share/zabbix' # max_children 50 # start_servers 5 # min_spare_servers 5 # max_spare_servers 35 # additional_config({ # 'pm.process_idle_timeout' => '10s', # 'pm.max_requests' => '500', # 'ping.path' => '/ping', # 'ping.response' => 'pong', # 'php_flag[display_errors]' => 'off', # 'php_admin_value[error_log]' => '/var/log/php-fpm/www-error.log', # 'php_admin_flag[log_errors]' => 'on', # 'php_admin_value[memory_limit]' => '128M', # 'php_value[session.save_handler]' => 'files', # 'php_value[session.save_path]' => '/var/lib/php-fpm/session', # 'php_value[soap.wsdl_cache_dir]' => '/var/lib/php-fpm/wsdlcache', # 'php_value[max_execution_time]' => '300', # 'php_value[post_max_size]' => '16M', # 'php_value[upload_max_filesize]' => '2M', # 'php_value[max_input_time]' => '300', # 'php_value[always_populate_raw_post_data]' => '-1' # }) # action :install # only_if { node['zabbix']['php']['use_fpm'] } # end ######################### # Configure Zabbix Server template "/etc/zabbix/zabbix_server.conf" do credentials = chef_vault_item("secrets", "zabbix") variables({ :DBUsername => credentials['username'], :DBPassword => credentials['password'], :DBDatabase => credentials['database'] }) source %W{ zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix_server.conf.erb zabbix/#{node['zabbix']['version']}/#{node['platform']}/zabbix_server.conf.erb zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/zabbix_server.conf.erb zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/zabbix_server.conf.erb zabbix/#{node['zabbix']['version']}/zabbix_server.conf.erb zabbix/zabbix_server.conf.erb default/zabbix_server.conf.erb zabbix_server.conf.erb } sensitive true mode "0640" owner "root" group "root" notifies :restart, "service[zabbix-server]", :immediately end directory "/etc/zabbix/web" do mode "0750" owner "root" #group "php-fpm" group case node['zabbix']['php']['use_fpm'] when true node['php']['fpm_group'] else case node['zabbix']['webserver']['backend'] when 'apache' node['apache']['group'] when 'nginx' node['nginx']['group'] end end end template "/etc/zabbix/web/zabbix.conf.php" do credentials = chef_vault_item("secrets", "zabbix") variables({ :DBUsername => credentials['username'], :DBPassword => credentials['password'], :DBDatabase => credentials['database'] }) source %W{ zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix.conf.php.erb zabbix/#{node['zabbix']['version']}/#{node['platform']}/zabbix.conf.php.erb zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/zabbix.conf.php.erb zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/zabbix.conf.php.erb zabbix/#{node['zabbix']['version']}/zabbix.conf.php.erb zabbix/zabbix.conf.php.erb default/zabbix.conf.php.erb zabbix.conf.php.erb } sensitive true mode "0640" owner "root" #group "php-fpm" group case node['zabbix']['php']['use_fpm'] when true node['php']['fpm_group'] else case node['zabbix']['webserver']['backend'] when 'apache' node['apache']['group'] when 'nginx' node['nginx']['group'] end end end template "/etc/zabbix/web/maintenance.inc.php" do source %W{ zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/maintenance.inc.php.erb zabbix/#{node['zabbix']['version']}/#{node['platform']}/maintenance.inc.php.erb zabbix/#{node['zabbix']['version']}/#{node['platform_family']}-#{node['platform_version'].to_i}/maintenance.inc.php.erb zabbix/#{node['zabbix']['version']}/#{node['platform_family']}/maintenance.inc.php.erb zabbix/#{node['zabbix']['version']}/maintenance.inc.php.erb zabbix/maintenance.inc.php.erb default/maintenance.inc.php.erb maintenance.inc.php.erb } sensitive true mode "0640" owner "root" #group "php-fpm" group case node['zabbix']['php']['use_fpm'] when true node['php']['fpm_group'] else case node['zabbix']['webserver']['backend'] when 'apache' node['apache']['group'] when 'nginx' node['nginx']['group'] end end end ################# # Manage Services service 'zabbix-server' do supports :restart => true, :start => true action [:enable, :start] subscribes :restart, "template[/etc/zabbix/zabbix_server.conf]", :delayed end service 'php-fpm' do action [:enable, :start] subscribes :reload, "php_fpm_pool[default]", :delayed only_if { node['zabbix']['php']['use_fpm'] } end ###################### # Include Zabbix Agent include_recipe 'zabbix::agent'