Skip to content

Commit

Permalink
Zabbix-22-04
Browse files Browse the repository at this point in the history
  • Loading branch information
@RoshanAssistanz
RoshanAssistanz committed Mar 2, 2023
1 parent 2047a85 commit 1da48d9
Show file tree
Hide file tree
Showing 3 changed files with 287 additions and 0 deletions.
45 changes: 45 additions & 0 deletions common-files/opt/cloudstack/zabbix_cleanup.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
#!/bin/bash

RED='\033[1;31m'
NC='\033[0m'

echo -e "${RED}
################################################################################################################
# Your MarketPlace App has been deployed successfully! #
# Passwords are stored under /root/ #
################################################################################################################
${NC}"

echo
echo -e "${RED}This message will be removed in the next login!${NC}"
echo
echo
echo -e "${RED}Refer to the MySQL root password${NC}"
echo
cat /root/.mysql_root_password
echo
echo -e "${RED}Refer to the Zabbix Database Credentials${NC}"
echo
cat /root/.zabbix_database_credentials
echo
echo -e "${RED}Refer to the Zabbix Admin Panel Credentials${NC}"
echo
cat /root/.zabbix_admin_credentials
echo

#Cleanup script
rm -rf /usr/local/src/
mkdir -p /usr/local/src/
rm -rf /var/lib/cloud/instances/*
rm -rf /var/lib/cloud/data/*
find /var/log -mtime -1 -type f -exec truncate -s 0 {} \; >/dev/null 2>&1
rm -rf /var/log/*.gz /var/log/*.[0-9] /var/log/*-????????
cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/wtmp
apt-get -y autoremove >/dev/null 2>&1
apt-get -y autoclean >/dev/null 2>&1
history -c
cat /dev/null > /root/.bash_history
unset HISTFILE

rm -rf /root/.bashrc
cp /etc/skel/.bashrc /root
11 changes: 11 additions & 0 deletions zabbix-22-04/zabbix.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#!/bin/bash

mkdir -p {/usr/local/src/zabbix-22-04/etc/apache2/sites-available/,/usr/local/src/zabbix-22-04/var/www/html/,/usr/local/src/zabbix-22-04/opt/cloudstack/,/usr/local/src/zabbix-22-04/}

cd /usr/local/src/zabbix-22-04/etc/apache2/sites-available/ && wget https://raw.githubusercontent.com/stackbill/marketplace/main/common-files/etc/apache2/sites-available/000-default.conf

cd /usr/local/src/zabbix-22-04/var/www/html/ && wget https://raw.githubusercontent.com/stackbill/marketplace/main/common-files/var/www/html/index.html

cd /usr/local/src/zabbix-22-04/opt/cloudstack/ && wget https://raw.githubusercontent.com/stackbill/marketplace/main/common-files/opt/cloudstack/zabbix_cleanup.sh

cd /usr/local/src/zabbix-22-04/ && wget https://raw.githubusercontent.com/stackbill/marketplace/main/zabbix-22-04/zabbix.yaml
231 changes: 231 additions & 0 deletions zabbix-22-04/zabbix.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,231 @@
- name: Zabbix Setup
hosts: localhost
tasks:
- name: Restarting sshd
shell: "sed -i 's/#Match User anoncvs/ForceCommand echo Please wait until the installation is completed..../g' /etc/ssh/sshd_config && systemctl restart sshd"

- name: Updating Packages
ansible.builtin.apt:
update_cache: yes

- debug:
msg: "Installing Apache"

- name: Installing apache
apt:
name: [ 'apache2' , 'python3-certbot-apache' ]
state: latest

- name: Removing site files
file:
path: "{{ item }}"
state: absent
with_items:
- /etc/apache2/sites-available/000-default.conf
- /var/www/html/index.html

- name: Copy files
copy:
src: "{{ item.confsrc }}"
dest: "{{ item.confdest }}"
with_items:
- { confsrc: '/usr/local/src/zabbix-22-04/etc/apache2/sites-available/000-default.conf', confdest: '/etc/apache2/sites-available/'}
- { confsrc: '/usr/local/src/zabbix-22-04/var/www/html/index.html', confdest: '/var/www/html/'}

- name: Starting service apache2
service:
name: apache2
state: started

- name: Getting the status of the service
shell: systemctl status apache2 | grep 'since'
register: status

- debug:
var: status.stdout

- debug:
msg: "Installing Mysql"

- name: Installing mysql
apt:
name: mysql-server
state: latest

- name: Starting service mysql
service:
name: mysql
state: started

- name: Getting the status of the service
shell: systemctl status mysql | grep 'since'
register: status

- debug:
var: status.stdout

- name: Generating root password
shell: openssl rand -hex 24
register: rootpassword

- debug:
var: rootpassword.stdout

- name: Storing mysql password
copy:
dest: "/root/.mysql_root_password"
content: |
root_mysql_pass = "{{ rootpassword.stdout }}"
- name: Remove anonymous users
command: 'mysql -ne "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
changed_when: False

- name: Disallow root login remotely
command: 'mysql -ne "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: False

- name: Remove test database and access to it
command: 'mysql -ne "{{ item }}"'
with_items:
- DROP DATABASE IF EXISTS test
- DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'
changed_when: False

- name: Reload privilege tables
command: 'mysql -ne "{{ item }}"'
with_items:
- FLUSH PRIVILEGES
changed_when: False

- name: Alter Password
shell: "{{ item }}"
with_items:
- mysql -n --execute="ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '{{ rootpassword.stdout }}';"

- debug:
msg: "Mysql root password is stored under /root/.mysql_root_password"

# - name: Change login type
# shell: 'mysql -u root -p{{ rootpassword.stdout }} -n --execute="ALTER USER 'root'@'localhost' IDENTIFIED WITH auth_socket;" > /dev/null 2>&1'

- name: Zabbix file
ansible.builtin.get_url:
url: https://repo.zabbix.com/zabbix/6.2/ubuntu/pool/main/z/zabbix-release/zabbix-release_6.2-2%2Bubuntu22.04_all.deb
dest: /usr/local/src/

- shell: dpkg -i /usr/local/src/zabbix-release_6.2-2%2Bubuntu22.04_all.deb

- name: Updating Packages
ansible.builtin.apt:
update_cache: yes

- name: Generating database password for zabbix
shell: openssl rand -hex 24
register: zabbixpassword

- debug:
var: zabbixpassword.stdout

- name: Storing Zabbix password
copy:
dest: "/root/.zabbix_database_credentials"
content: |
zabbix_database = zabbix
zabbix_user = zabbix
zabbix_pass = "{{ zabbixpassword.stdout }}"
- name: Installing zabbix
apt:
name: ['zabbix-server-mysql', 'zabbix-frontend-php', 'zabbix-apache-conf', 'zabbix-sql-scripts', 'zabbix-agent']
state: latest

- name: Creating Zabbix database
shell: "{{ item }}"
with_items:
- mysql -e 'create database zabbix character set utf8mb4 collate utf8mb4_bin;' -u root -p{{ rootpassword.stdout }}
- mysql -e "create user zabbix@localhost identified by '{{ zabbixpassword.stdout }}';" -u root -p{{ rootpassword.stdout }}
- mysql -e "grant all privileges on zabbix.* to zabbix@localhost;" -u root -p{{ rootpassword.stdout }}
- mysql -e "set global log_bin_trust_function_creators = 1;" -u root -p{{ rootpassword.stdout }}

- name: Import zabbix database
shell: "{{ item }}"
with_items:
- zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | mysql --default-character-set=utf8mb4 -u zabbix -p{{ zabbixpassword.stdout }} zabbix
- mysql -e "set global log_bin_trust_function_creators = 0;" -u root -p{{ rootpassword.stdout }}

- name: Replacing DB password
shell: "sed -i 's/# DBPassword=/DBPassword={{ zabbixpassword.stdout }}/g' /etc/zabbix/zabbix_server.conf"

- name: Generating password for zabbix Admin Panel
shell: openssl rand -hex 24
register: zabbixadmpassword

- debug:
var: zabbixadmpassword.stdout

- name: Storing Zabbix Admin password
copy:
dest: "/root/.zabbix_admin_credentials"
content: |
zabbix_user = Admin
zabbix_pass = "{{ zabbixadmpassword.stdout }}"
- name: Generating bycrypt
shell: htpasswd -nbBC 10 Admin {{ zabbixadmpassword.stdout }} | grep -i admin | cut -d ":" -f 2
register: admincrypt

- name: Updating the zabbix admin password
shell: "{{ item }}"
with_items:
- mysql -e 'update zabbix.users set passwd="{{ admincrypt.stdout }}" where username="Admin";' -u root -p{{ rootpassword.stdout }}

- name: Installing language
apt:
name: language-pack-en
state: latest

- name: Enable services and start
ansible.builtin.systemd:
name: "{{ item }}"
state: started
enabled: true
with_items:
- zabbix-server
- zabbix-agent
- apache2

- name: Restarting services
service:
name: "{{ item }}"
state: restarted
with_items:
- zabbix-server
- zabbix-agent
- apache2

- name: Creating a directory for shell script
ansible.builtin.file:
path: /opt/cloudstack
state: directory

- name: Copy files for shell script
copy:
src: "{{ item.confsrc }}"
dest: "{{ item.confdest }}"
with_items:
- { confsrc: '/usr/local/src/zabbix-22-04/opt/cloudstack/zabbix_cleanup.sh', confdest: '/opt/cloudstack/'}

- name: Adding a line for shell script
lineinfile:
path: /root/.bashrc
line: "chmod +x /opt/cloudstack/zabbix_cleanup.sh && /opt/cloudstack/zabbix_cleanup.sh"
state: present

- name: Restarting sshd
shell: "sed -i 's/ForceCommand echo Please wait until the installation is completed..../#Match User anoncvs/g' /etc/ssh/sshd_config && systemctl restart sshd"

0 comments on commit 1da48d9

Please sign in to comment.