Ansible Script 추가

2023-12-19 13:36:16 +09:00
parent 0273450ff6
commit 05cb8d9269
2610 changed files with 281893 additions and 0 deletions
--- a/ansible/01_old/roles/zabbix-agent/tasks/Linux.yml
+++ b/ansible/01_old/roles/zabbix-agent/tasks/Linux.yml
@@ -0,0 +1,239 @@
+---
+- name: "Set default ip address for zabbix_agent_ip"
+  ansible.builtin.set_fact:
+    zabbix_agent_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4'].address }}"
+  when:
+    - zabbix_agent_ip is not defined
+    - "'ansible_default_ipv4' in hostvars[inventory_hostname]"
+  tags:
+    - config
+
+- name: "Get Total Private IP Addresses"
+  ansible.builtin.set_fact:
+    total_private_ip_addresses: "{{ ansible_all_ipv4_addresses | ansible.utils.ipaddr('private') | length }}"
+  when:
+    - ansible_all_ipv4_addresses is defined
+    - not (zabbix_agent_dont_detect_ip)
+  tags:
+    - config
+
+- name: "Set first public ip address for zabbix_agent_ip"
+  ansible.builtin.set_fact:
+    zabbix_agent_ip: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('public') | first }}"
+    zabbix_agent_server: "{{ zabbix_agent_server_public_ip | default(zabbix_agent_server) }}"
+    zabbix_agent_serveractive: "{{ zabbix_agent_serveractive_public_ip | default(zabbix_agent_serveractive) }}"
+    zabbix_agent2_server: "{{ zabbix_agent_server_public_ip | default(zabbix_agent2_server) }}"
+    zabbix_agent2_serveractive: "{{ zabbix_agent_serveractive_public_ip | default(zabbix_agent2_serveractive) }}"
+  when:
+    - zabbix_agent_ip is not defined
+    - total_private_ip_addresses is defined
+    - total_private_ip_addresses == '0'
+  tags:
+    - config
+
+- name: "Set first private ip address for zabbix_agent_ip"
+  ansible.builtin.set_fact:
+    zabbix_agent_ip: "{{ ansible_all_ipv4_addresses | ansible.netcommon.ipaddr('private') | first }}"
+  when:
+    - zabbix_agent_ip is not defined
+    - total_private_ip_addresses is defined
+    - total_private_ip_addresses != '0'
+  tags:
+    - config
+
+- name: "Fail invalid specified agent_listeninterface"
+  ansible.builtin.fail:
+    msg: "The specified network interface does not exist"
+  when:
+    - (zabbix_agent_listeninterface)
+    - (zabbix_agent_listeninterface not in ansible_interfaces)
+  tags:
+    - config
+
+- name: "Set network interface"
+  ansible.builtin.set_fact:
+    network_interface: ansible_{{ zabbix_agent_listeninterface }}
+  when:
+    - (zabbix_agent_listeninterface)
+    - not zabbix_agent_listenip
+  tags:
+    - config
+
+- name: "Get IP of agent_listeninterface when no agent_listenip specified"
+  ansible.builtin.set_fact:
+    zabbix_agent_listenip: "{{ hostvars[inventory_hostname][network_interface]['ipv4'].address | default('0.0.0.0') }}"
+  when:
+    - (zabbix_agent_listeninterface)
+    - not zabbix_agent_listenip
+  tags:
+    - config
+    - api
+
+- name: "Default agent_listenip to all when not specified"
+  ansible.builtin.set_fact:
+    zabbix_agent_listenip: "0.0.0.0"
+  when:
+    - not (zabbix_agent_listenip)
+  tags:
+    - config
+
+- name: "Fail invalid specified agent_listenip"
+  ansible.builtin.fail:
+    msg: "The agent_listenip does not exist"
+  when:
+    - zabbix_agent_listenip != '0.0.0.0'
+    - zabbix_agent_listenip != '127.0.0.1'
+    - (zabbix_agent_listenip not in ansible_all_ipv4_addresses)
+  tags:
+    - config
+
+- name: "Configure SELinux when enabled"
+  ansible.builtin.include_tasks: selinux.yml
+  when:
+    - zabbix_selinux | bool
+
+- name: "Adding zabbix group"
+  ansible.builtin.group:
+    name: zabbix
+    state: present
+    gid: "{{ zabbix_agent_docker_user_gid | default(omit) }}"
+  become: true
+  when:
+    - zabbix_agent_docker | bool
+  tags:
+    - config
+
+- name: "Adding zabbix user"
+  ansible.builtin.user:
+    name: zabbix
+    group: zabbix
+    state: present
+    create_home: false
+    home: /etc/zabbix
+    uid: "{{ zabbix_agent_docker_user_uid | default(omit) }}"
+    system: true
+  become: true
+  when:
+    - zabbix_agent_docker | bool
+  tags:
+    - config
+
+- name: "Configure zabbix-agent"
+  ansible.builtin.template:
+    src: "{{ 'zabbix_agentd.conf.j2' if not zabbix_agent2 else 'zabbix_agent2.conf.j2' }}"
+    dest: "/etc/zabbix/{{ zabbix_agent_conf if not zabbix_agent2 else zabbix_agent2_conf }}"
+    owner: root
+    group: root
+    mode: "{{ zabbix_agent_conf_mode }}"
+  notify:
+    - restart zabbix-agent
+  become: true
+  when:
+    - not (zabbix_agent_docker | bool)
+  tags:
+    - config
+
+- name: "Create directory for PSK file if not exist."
+  ansible.builtin.file:
+    path: "{{ zabbix_agent_tlspskfile | dirname }}"
+    mode: 0755
+    state: directory
+  become: true
+  when:
+    - zabbix_agent_tlspskfile is defined
+    - zabbix_agent_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
+    - not (zabbix_agent2 | bool)
+  tags:
+    - config
+
+- name: "Create directory for PSK file if not exist (zabbix-agent2)"
+  ansible.builtin.file:
+    path: "{{ zabbix_agent2_tlspskfile | dirname }}"
+    mode: 0755
+    state: directory
+  become: true
+  when:
+    - zabbix_agent2_tlspskfile is defined
+    - zabbix_agent2_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
+    - zabbix_agent2 | bool
+  tags:
+    - config
+
+- name: "Place TLS PSK File"
+  ansible.builtin.copy:
+    dest: "{{ zabbix_agent_tlspskfile }}"
+    content: "{{ zabbix_agent_tlspsk_secret }}"
+    owner: zabbix
+    group: zabbix
+    mode: 0400
+  become: true
+  when:
+    - zabbix_agent_tlspskfile is defined
+    - zabbix_agent_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
+    - zabbix_agent_tlspsk_secret is defined
+    - not (zabbix_agent2 | bool)
+  notify:
+    - restart zabbix-agent
+  tags:
+    - config
+
+- name: "Place TLS PSK File (zabbix-agent2)"
+  ansible.builtin.copy:
+    dest: "{{ zabbix_agent2_tlspskfile }}"
+    content: "{{ zabbix_agent2_tlspsk_secret }}"
+    owner: zabbix
+    group: zabbix
+    mode: 0400
+  become: true
+  when:
+    - zabbix_agent2_tlspskfile is defined
+    - zabbix_agent2_tlspskfile # https://github.com/ansible-collections/community.zabbix/issues/680
+    - zabbix_agent2_tlspsk_secret is defined
+    - zabbix_agent2 | bool
+  notify:
+    - restart zabbix-agent
+  tags:
+    - config
+
+- name: "Create include dir zabbix-agent"
+  ansible.builtin.file:
+    path: "{{ zabbix_agent_include if not zabbix_agent2 else zabbix_agent2_include }}"
+    owner: root
+    group: zabbix
+    mode: "{{ zabbix_agent_include_mode if not zabbix_agent2 else zabbix_agent2_include_mode }}"
+    state: directory
+  become: true
+  tags:
+    - config
+
+- name: "Install the Docker container"
+  ansible.builtin.include_tasks: Docker.yml
+  when:
+    - zabbix_agent_docker | bool
+
+- name: "Remove zabbix-agent installation when zabbix-agent2 is used."
+  ansible.builtin.include_tasks: remove.yml
+  when:
+    - zabbix_agent2 | bool
+    - zabbix_agent_package_remove
+
+- name: "Make sure the zabbix-agent service is running"
+  ansible.builtin.service:
+    name: "{{ zabbix_agent_service }}"
+    state: started
+    enabled: true
+  become: true
+  when:
+    - not (zabbix_agent_docker | bool)
+  tags:
+    - service
+
+- name: "Give zabbix-agent access to system.hw.chassis info"
+  ansible.builtin.file:
+    path: /sys/firmware/dmi/tables/DMI
+    owner: root
+    group: zabbix
+  become: true
+  when: zabbix_agent_chassis | bool
+  tags:
+    - config