Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor zabbix web #1235

Merged
merged 23 commits into from
Jun 11, 2024
+143 −354
Merged

Refactor zabbix web #1235

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
4efc621
Single common task to install zabbix-web
eb4x Mar 26, 2024
f22855e
Remove mysql install tasks
eb4x May 8, 2024
e17762b
Improve when condition logic for os_family
eb4x May 8, 2024
f2ccb55
Swap out remi for appstream php:8.0/common
eb4x May 8, 2024
873f5ea
Make it clear tasks are a workaround
eb4x May 18, 2024
614d61a
Remove zabbix 5.0 related task
eb4x May 18, 2024
85ed950
Remove tasks and checks guarding against EL7
eb4x May 18, 2024
b5986ee
Move delegated_dbhost to first block
eb4x May 24, 2024
e2b4e79
Bump mysql container image, add workarounds
eb4x May 24, 2024
c3deb66
Increase similarity in init-mysql between roles
eb4x May 24, 2024
c56cf4e
Provide the default port for database servers
eb4x May 25, 2024
25e7480
Remove unused zabbix_selinux_dependencies
eb4x May 25, 2024
12173d9
Group selinux booleans, and apply regardless
eb4x May 25, 2024
bece271
Install selinux packages regardless
eb4x May 25, 2024
a86fb55
RedHat: zabbix_web_php_dependencies goes unused
eb4x May 8, 2024
3cb8643
Single task for installing zabbix-apache-conf
eb4x Jun 9, 2024
3e1036b
Single task for installing zabbix-nginx-conf
eb4x Jun 9, 2024
3d8e0ac
Move installation of debian php deps
eb4x Jun 9, 2024
542f21f
Move installation of debian php-pgsql
eb4x Jun 9, 2024
780c9c7
RedHat: Remove zabbix-{{ ..._http_server }}-conf
eb4x Jun 9, 2024
99dd628
zabbix_underscore_version goes unused
eb4x Jun 9, 2024
0d9a25d
Remove useless when conditions and notifies
eb4x Jun 10, 2024
8859729
Merge branch 'main' into refactor_zabbix_web
pyrodie18 Jun 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 3 additions & 6 deletions molecule/zabbix_proxy/prepare.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,24 +60,21 @@
ansible.builtin.shell: "apt-get update && echo exit 0 > /usr/sbin/policy-rc.d"
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family != 'RedHat'
when: ansible_facts['os_family'] == 'Debian'

- name: "Installing packages on NON-CentOS"
- name: "Installing packages on Debian family"
ansible.builtin.apt:
name:
- net-tools
- apt-utils
- python3-pip
- gpg-agent
- sudo
- doc-base
update_cache: true
state: present
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family != 'RedHat'
when: ansible_facts['os_family'] == 'Debian'

- name: "Configure SUDO."
ansible.builtin.lineinfile:
Expand Down
29 changes: 4 additions & 25 deletions molecule/zabbix_server/prepare.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
- name: "Create MySQL Container"
docker_container:
name: "{{ item.name }}-db"
image: mysql:8.0.32
image: mysql:8.0
state: started
recreate: true
networks:
Expand Down Expand Up @@ -56,25 +56,13 @@
when:
- ansible_os_family == 'RedHat'

- name: "Installing packages on CentOS"
ansible.builtin.yum:
name:
- mysql
state: present
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family == 'RedHat'
- inventory_hostname in groups['mysql']

- name: "Apt update"
ansible.builtin.shell: "apt-get update && echo exit 0 > /usr/sbin/policy-rc.d"
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family != 'RedHat'
when: ansible_facts['os_family'] == 'Debian'

- name: "Installing packages on NON-CentOS"
- name: "Installing packages on Debian family"
ansible.builtin.apt:
name:
- net-tools
Expand All @@ -86,19 +74,10 @@
state: present
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family != 'RedHat'
when: ansible_facts['os_family'] == 'Debian'

- name: "Configure SUDO."
ansible.builtin.lineinfile:
dest: /etc/sudoers
line: "Defaults !requiretty"
state: present

- name: "Make sure the docs are installed."
ansible.builtin.lineinfile:
dest: /etc/yum.conf
line: "tsflags=nodocs"
state: absent
when:
- ansible_os_family == 'RedHat'
2 changes: 0 additions & 2 deletions molecule/zabbix_web/molecule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@ provisioner:
zabbix_web_version: 6.0
mysql:
zabbix_server_database: mysql
zabbix_server_dbport: 3306
zabbix_server_dbhost: "{{ inventory_hostname }}-db"
zabbix_server_dbhost_run_install: false
zabbix_server_privileged_host: "%"
Expand All @@ -56,7 +55,6 @@ provisioner:
zabbix_server_mysql_login_port: 3306
pgsql:
zabbix_server_database: pgsql
zabbix_server_dbport: 5432
zabbix_server_dbhost: "{{ inventory_hostname }}-db"
zabbix_server_dbhost_run_install: false
zabbix_server_pgsql_login_host: "{{ inventory_hostname }}-db"
Expand Down
112 changes: 31 additions & 81 deletions molecule/zabbix_web/prepare.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,25 +56,13 @@
when:
- ansible_os_family == 'RedHat'

- name: "Installing MySQL on CentOS"
ansible.builtin.yum:
name:
- mysql
state: present
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family == 'RedHat'
- inventory_hostname in groups['mysql']

- name: "Apt update"
ansible.builtin.shell: "apt-get update"
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family != 'RedHat'
when: ansible_facts['os_family'] == 'Debian'

- name: "Installing packages on NON-CentOS"
- name: "Installing packages on Debian family"
ansible.builtin.apt:
name:
- net-tools
Expand All @@ -87,46 +75,17 @@
state: present
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- ansible_os_family != 'RedHat'
when: ansible_facts['os_family'] == 'Debian'

- name: "Configure SUDO."
ansible.builtin.lineinfile:
dest: /etc/sudoers
line: "Defaults !requiretty"
state: present

- name: "Make sure the docs are installed."
ansible.builtin.lineinfile:
dest: /etc/yum.conf
line: "tsflags=nodocs"
state: absent
when:
- ansible_os_family == 'RedHat'

- name: PyMySQL
ansible.builtin.pip:
name: PyMySQL
register: installation_dependencies
until: installation_dependencies is succeeded
when:
- inventory_hostname in groups['mysql']

- name: Enabeling PHP 8.0
block:
- name: Add epel
ansible.builtin.include_role:
name: geerlingguy.repo-epel

- name: Add remi
ansible.builtin.include_role:
name: geerlingguy.repo-remi

- name: Reset dnf library
ansible.builtin.shell: dnf module reset php

- name: Set php Version
ansible.builtin.shell: dnf module enable -y php:remi-8.0
- name: Enabling PHP 8.0
ansible.builtin.dnf:
name: "@php:8.0/common"
when:
- ansible_os_family == 'RedHat'
- ansible_distribution_major_version == "8"
Expand All @@ -148,43 +107,34 @@
- php-pecl-apcu
- php-xml
when:
- ansible_distribution_major_version >= '8'
- ansible_os_family == "RedHat"

- name: Set PHP Version (Ubuntu 2204)
ansible.builtin.set_fact:
__php_default_version_debian: "8.1"
when:
- ansible_distribution_major_version >= '22'
- ansible_os_family == "Debian"

- name: Set PHP Version (Ubuntu 2404)
ansible.builtin.set_fact:
__php_default_version_debian: "8.3"
- name: Workaround for geerlingguy.php missing ubuntu-24.04 support
when:
- ansible_distribution_major_version >= '24'
- ansible_os_family == "Debian"

- name: Set PHP packages (Ubuntu 2204 & 2404)
ansible.builtin.set_fact:
__php_packages:
- php{{ __php_default_version_debian }}-common
- php{{ __php_default_version_debian }}-cli
- php{{ __php_default_version_debian }}-dev
- php{{ __php_default_version_debian }}-fpm
- libpcre3-dev
- php{{ __php_default_version_debian }}-gd
- php{{ __php_default_version_debian }}-curl
- php{{ __php_default_version_debian }}-imap
- php-json
- php{{ __php_default_version_debian }}-opcache
- php{{ __php_default_version_debian }}-xml
- php{{ __php_default_version_debian }}-mbstring
- php{{ __php_default_version_debian }}-apcu
- php{{ __php_default_version_debian }}-sqlite3
when:
- ansible_distribution_major_version >= '22'
- ansible_os_family == "Debian"
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] >= '24'
block:
- name: Set PHP Version
ansible.builtin.set_fact:
__php_default_version_debian: "8.3"

- name: Set PHP packages
ansible.builtin.set_fact:
__php_packages:
- php{{ __php_default_version_debian }}-common
- php{{ __php_default_version_debian }}-cli
- php{{ __php_default_version_debian }}-dev
- php{{ __php_default_version_debian }}-fpm
- libpcre3-dev
- php{{ __php_default_version_debian }}-gd
- php{{ __php_default_version_debian }}-curl
- php{{ __php_default_version_debian }}-imap
- php-json
- php{{ __php_default_version_debian }}-opcache
- php{{ __php_default_version_debian }}-xml
- php{{ __php_default_version_debian }}-mbstring
- php{{ __php_default_version_debian }}-apcu
- php{{ __php_default_version_debian }}-sqlite3

roles:
- role: geerlingguy.apache
Expand Down
10 changes: 5 additions & 5 deletions molecule/zabbix_web/requirements.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
- src: geerlingguy.apache
- src: geerlingguy.nginx
- src: geerlingguy.php
- src: geerlingguy.repo-epel
- src: geerlingguy.repo-remi
roles:
- src: geerlingguy.apache
- src: geerlingguy.nginx
- src: geerlingguy.php
version: '5.0.1'
14 changes: 6 additions & 8 deletions roles/zabbix_proxy/tasks/initialize-mysql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@

- name: "MySQL Database prep"
when: zabbix_proxy_database_creation | bool
become: "{{ zabbix_proxy_dbhost_run_install }}"
delegate_to: "{{ zabbix_proxy_real_dbhost | default(zabbix_proxy_dbhost_run_install | ternary(delegated_dbhost, inventory_hostname)) }}"
vars:
delegated_dbhost: "{{ (zabbix_proxy_dbhost == 'localhost') | ternary(inventory_hostname, zabbix_proxy_dbhost) }}"
Expand Down Expand Up @@ -56,12 +57,14 @@
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
name: "{{ zabbix_proxy_dbuser }}"
password: "{{ zabbix_proxy_dbpassword }}"
priv: "{{ zabbix_proxy_dbname }}.*:ALL"
host: "{{ zabbix_proxy_privileged_host }}"
priv: "{{ zabbix_proxy_dbname }}.*:ALL"
state: present

- name: "MySQL verify or create schema"
when: zabbix_proxy_database_sqlload | bool
vars:
delegated_dbhost: "{{ (zabbix_proxy_dbhost == 'localhost') | ternary(inventory_hostname, zabbix_proxy_dbhost) }}"
tags:
- database
block:
Expand All @@ -76,8 +79,6 @@
rescue:
- name: "MySQL | Get and set schema import overrides"
delegate_to: "{{ zabbix_proxy_real_dbhost | default(zabbix_proxy_dbhost_run_install | ternary(delegated_dbhost, inventory_hostname)) }}"
vars:
delegated_dbhost: "{{ (zabbix_proxy_dbhost == 'localhost') | ternary(inventory_hostname, zabbix_proxy_dbhost) }}"
block:
- name: "MySQL | Get current value for variables"
community.mysql.mysql_variables:
Expand All @@ -95,15 +96,15 @@
register: _mysql_variable_defaults

- name: "MySQL | Set variable overrides for schema import"
when: item.msg != _mysql_schema_import_overrides[item.name]
community.mysql.mysql_variables:
variable: "{{ item.name }}"
value: "{{ _mysql_schema_import_overrides[item.name] }}"
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_user: "{{ zabbix_proxy_mysql_login_user | default(omit) }}"
login_password: "{{ zabbix_proxy_mysql_login_password | default(omit) }}"
login_host: "{{ zabbix_proxy_mysql_login_host | default(omit) }}"
login_port: "{{ zabbix_proxy_mysql_login_port | default(omit) }}"
login_unix_socket: "{{ zabbix_proxy_mysql_login_unix_socket | default(omit) }}"
when: item.msg != _mysql_schema_import_overrides[item.name]
loop: "{{ _mysql_variable_defaults.results }}"
loop_control:
label: "{{ item.name }}: {{ _mysql_schema_import_overrides[item.name] }}"
Expand All @@ -126,10 +127,7 @@

always:
- name: "MySQL | Revert variable overrides for schema import"
when: _mysql_variable_defaults is defined
delegate_to: "{{ zabbix_proxy_real_dbhost | default(zabbix_proxy_dbhost_run_install | ternary(delegated_dbhost, inventory_hostname)) }}"
vars:
delegated_dbhost: "{{ (zabbix_proxy_dbhost == 'localhost') | ternary(inventory_hostname, zabbix_proxy_dbhost) }}"
community.mysql.mysql_variables:
variable: "{{ item.name }}"
value: "{{ item.msg }}"
Expand Down
12 changes: 11 additions & 1 deletion roles/zabbix_server/tasks/initialize-mysql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,18 @@
- database
- dependencies

# NOTE: Upgrading system-packages with pip is generally a bad idea, but
# these packaged older versions seems to have a problem with mysql 8 and above
- name: Upgrade pymysql
when:
- ansible_facts['distribution'] in ['Debian', 'Ubuntu']
- ansible_facts['distribution_release'] in ['bullseye', 'focal']
ansible.builtin.pip:
name: "pymysql>=0.10.0,<0.11.0"
state: latest

- name: "MySQL Database prep"
when: zabbix_server_database_creation
when: zabbix_server_database_creation | bool
become: "{{ zabbix_server_dbhost_run_install }}"
delegate_to: "{{ zabbix_server_real_dbhost | default(zabbix_server_dbhost_run_install | ternary(delegated_dbhost, inventory_hostname)) }}"
vars:
Expand Down
8 changes: 4 additions & 4 deletions roles/zabbix_web/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,15 +43,16 @@ zabbix_server_dbhost: localhost
zabbix_server_dbname: zabbix-server
zabbix_server_dbuser: zabbix-server
zabbix_server_dbpassword: zabbix-server
zabbix_server_dbport: 5432
_zabbix_server_database_default_port:
mysql: 3306
pgsql: 5432
zabbix_server_dbport: "{{ _zabbix_server_database_default_port[zabbix_server_database] }}"
zabbix_server_dbencryption: false
zabbix_server_dbverifyhost: false
zabbix_server_dbschema:

# Yum/APT Variables
zabbix_web_version_minor: "*"
zabbix_web_disable_repo:
- epel

# Elasticsearch
# zabbix_server_history_url:
Expand All @@ -68,7 +69,6 @@ zabbix_server_history_types:
- "dbl"

# SELinux specific
zabbix_web_selinux: false
selinux_allow_httpd_can_connect_ldap: false
selinux_allow_httpd_can_network_connect_db: false
selinux_allow_httpd_can_connect_zabbix: false
Expand Down
Loading
Loading