commit 941b13aa4938e774072c1f8d18c58f90340ec043 Author: Vassiliy Yegorov Date: Sat Jul 13 10:50:20 2019 +0700 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e60684c --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +.terraform +terraform.tfstate +terraform.tfstate.backup +terraform.tfvars +.terraform.tfstate.lock.* +vars.tf +host diff --git a/README.md b/README.md new file mode 100644 index 0000000..011437e --- /dev/null +++ b/README.md @@ -0,0 +1,20 @@ +# Zabbix сервер - контроль над сервисами + +## на примере пакета zabbix-server + * подразумевается, что у вас уже есть проект на GCP, есть созданный bucket для хранения tfstate и собственно установленный на вашей машине terraform (я использовал 0.12.2), а так же доменное имя и зона (я размещаю свою в aws_route53_zone) + +### Что надо подготовить: + * файл terraform.tfvars.example переименовать в terraform.tfvars и прописать там имя проекта с GCP (и ключи от aws - если делать как у меня) + * в файле vars.tf (переименовать с example) указать кол-ко витруальных машин (если нужно как-то по другому) и регион (если нужен другой) + +### Что получаем на выходе + 1. установленный и готовый к работе zabbix-server и сколько-то машин с агентами для тестирования + 2. смените на сервере тайм-зону (если вы не земляк с Новосибирска) (в файле scripts/zabconf/apache2.conf - если перед установкой) + +### Видео-урок + * Запись по работе с проектом можно посмотреть [тут](https://youtu.be/) + * Этот и много других уроков [тут](vk.com/realmanual) + +##### Автор + - **Vassiliy Yegorov** - *Initial work* - [vasyakrg](https://github.com/vasyakrg) + - [сайт](vk.com/realmanual) diff --git a/dns.tf b/dns.tf new file mode 100644 index 0000000..ad3bf01 --- /dev/null +++ b/dns.tf @@ -0,0 +1,14 @@ +#=============================================== +# Create A records to AWS +#=============================================== +data "aws_route53_zone" "dns_zone" { + name = "${var.dns_zone_name}" +} + +resource "aws_route53_record" "zabbix" { + zone_id = "${data.aws_route53_zone.dns_zone.id}" + name = "zabbix" + type = "A" + ttl = "300" + records = ["${google_compute_instance.zabbix.network_interface.0.access_config.0.nat_ip}"] +} diff --git a/instances.tf b/instances.tf new file mode 100644 index 0000000..00ea9fb --- /dev/null +++ b/instances.tf @@ -0,0 +1,52 @@ +#=============================================== +# Create PVE servers +#=============================================== +resource "google_compute_instance" "pve" { + count = "${var.count_instance}" + name = "serv-${count.index + 1}" + machine_type = "g1-small" + zone = "${var.zone_instance}" + tags = ["serv-${count.index + 1}"] + + # add image disk + boot_disk { + initialize_params { + image = var.disk_image + } + } + + # add network + network_interface { + network = "default" + access_config { + } + } + # ssh_key + metadata = { + sshKeys = "${var.default_user}:${file("~/.ssh/id_rsa.pub")}" + } + + metadata_startup_script = "${file("scripts/setupagent.sh")}" + + connection { + host = self.network_interface.0.access_config.0.nat_ip + type = "ssh" + user = "${var.default_user}" + private_key = "${file("~/.ssh/id_rsa")}" + } + + provisioner "file" { + source = "scripts/agents/zabbix_agent.conf" + destination = "/etc/zabbix/zabbix_agent.conf" + } + + provisioner "remote-exec" { + inline = [ + "sudo apt update", + "sudo apt install nginx -y", + "sudo echo Serv-${count.index + 1} >> /var/www/html/index.nginx-debian.html", + "sudo systemctl enable nginx && sudo systemctl start nginx" + ] + } + +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..3d35342 --- /dev/null +++ b/main.tf @@ -0,0 +1,71 @@ +#=============================================== +# Create firefall for all +#=============================================== +resource "google_compute_firewall" "firewall_vpn" { + name = "allow-zabbix" + + # name of net + network = "default" + + allow { + protocol = "tcp" + ports = [ + "443", "80", "10050" + ] + } + + source_ranges = ["0.0.0.0/0"] + target_tags = ["${var.zabbix_tag}"] +} + +#=============================================== +# Create zabbix server +#=============================================== +resource "google_compute_instance" "zabbix" { + name = "app-zabbix" + machine_type = "g1-small" + zone = "${var.zone_instance}" + tags = ["${var.zabbix_tag}"] + + # add image disk + boot_disk { + initialize_params { + image = var.disk_image + } + } + + # add network + network_interface { + network = "default" + access_config { + } + } + # ssh_key + metadata = { + sshKeys = "${var.default_user}:${file("~/.ssh/id_rsa.pub")}" + } + connection { + host = self.network_interface.0.access_config.0.nat_ip + type = "ssh" + user = "${var.default_user}" + private_key = "${file("~/.ssh/id_rsa")}" + } + + # provisioner "file" { + # source = "scripts/setupzabbix.sh" + # destination = "~/setupzabbix.sh" + # } + + metadata_startup_script = "${file("scripts/setupzabbix.sh")}" + + provisioner "file" { + source = "scripts/zabscripts" + destination = "/usr/lib/zabbix/alertscripts " + } + + provisioner "file" { + source = "scripts/zabconf" + destination = "/etc/zabbix" + } + +} diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 0000000..5ba5348 --- /dev/null +++ b/outputs.tf @@ -0,0 +1,7 @@ +# output "pve-servers_ip" { +# value = "${google_compute_instance.pve.*.network_interface.0.access_config.0.nat_ip}" +# } + +output "zabbix_ip" { + value = "${google_compute_instance.zabbix.network_interface.0.access_config.0.nat_ip}" +} diff --git a/provider.tf b/provider.tf new file mode 100644 index 0000000..3b83bd0 --- /dev/null +++ b/provider.tf @@ -0,0 +1,20 @@ +provider "google" { + project = var.project + region = var.region +} + +provider "aws" { + access_key = "${var.access_key}" + secret_key = "${var.secret_key}" + region = "${var.region_aws}" +} + +#=============================================== +# Bucket for .tfstate files - remote save +#=============================================== +terraform { + backend "gcs" { + bucket = "indigo-medium-242214-tf-state-prod" + prefix = "test/zabbix-app" + } +} diff --git a/scripts/setupagent.sh b/scripts/setupagent.sh new file mode 100755 index 0000000..53ee577 --- /dev/null +++ b/scripts/setupagent.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +sudo wget https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-2+bionic_all.deb +sudo dpkg -i zabbix-release_4.0-2+bionic_all.deb +sudo apt-get update +sudo apt install zabbix-agent -y +sudo service zabbix-agent start diff --git a/scripts/setupzabbix.sh b/scripts/setupzabbix.sh new file mode 100755 index 0000000..ac10dbd --- /dev/null +++ b/scripts/setupzabbix.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +sudo wget https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-2+bionic_all.deb +sudo dpkg -i zabbix-release_4.0-2+bionic_all.deb +sudo apt update + +sudo apt install zabbix-server-mysql -y +sudo apt install zabbix-frontend-php -y + +sudo mysql -uroot -e "create database zabbix character set utf8 collate utf8_bin;" +sudo mysql -uroot -e "grant all privileges on zabbix.* to zabbix@localhost identified by 'V7F4Uj12dcn5WAu';" +sudo mysql -uroot -e "FLUSH PRIVILEGES;" +sudo mysql -uroot -e "quit" + +sudo zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | sudo mysql -uzabbix zabbix -pV7F4Uj12dcn5WAu + +sudo service apache2 restart +sudo service zabbix-server start +sudo update-rc.d zabbix-server enable diff --git a/scripts/zabconf/apache.conf b/scripts/zabconf/apache.conf new file mode 100644 index 0000000..f5b16ea --- /dev/null +++ b/scripts/zabconf/apache.conf @@ -0,0 +1,69 @@ +# Define /zabbix alias, this is the default + + Alias /zabbix /usr/share/zabbix + + + + Options FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + php_value max_execution_time 300 + php_value memory_limit 256M + php_value post_max_size 160M + php_value upload_max_filesize 20M + php_value max_input_time 300 + php_value always_populate_raw_post_data -1 + php_value date.timezone Asia/Almaty + + + php_value max_execution_time 300 + php_value memory_limit 256M + php_value post_max_size 160M + php_value upload_max_filesize 20M + php_value max_input_time 300 + php_value always_populate_raw_post_data -1 + + # Change to you zone!! + php_value date.timezone Asia/Novosibirsk + + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + diff --git a/scripts/zabconf/zabbix_server.conf b/scripts/zabconf/zabbix_server.conf new file mode 100644 index 0000000..8d466e2 --- /dev/null +++ b/scripts/zabconf/zabbix_server.conf @@ -0,0 +1,671 @@ +# This is a configuration file for Zabbix server daemon +# To get more information about Zabbix, visit http://www.zabbix.com + +############ GENERAL PARAMETERS ################# + +### Option: ListenPort +# Listen port for trapper. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# ListenPort=10051 + +### Option: SourceIP +# Source IP address for outgoing connections. +# +# Mandatory: no +# Default: +# SourceIP= + +### Option: LogType +# Specifies where log messages are written to: +# system - syslog +# file - file specified with LogFile parameter +# console - standard output +# +# Mandatory: no +# Default: +# LogType=file + +### Option: LogFile +# Log file name for LogType 'file' parameter. +# +# Mandatory: no +# Default: +# LogFile= + +LogFile=/var/log/zabbix/zabbix_server.log + +### Option: LogFileSize +# Maximum size of log file in MB. +# 0 - disable automatic log rotation. +# +# Mandatory: no +# Range: 0-1024 +# Default: +# LogFileSize=1 + +LogFileSize=0 + +### Option: DebugLevel +# Specifies debug level: +# 0 - basic information about starting and stopping of Zabbix processes +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# 5 - extended debugging (produces even more information) +# +# Mandatory: no +# Range: 0-5 +# Default: +# DebugLevel=3 + +### Option: PidFile +# Name of PID file. +# +# Mandatory: no +# Default: +# PidFile=/tmp/zabbix_server.pid + +PidFile=/var/run/zabbix/zabbix_server.pid + +### Option: SocketDir +# IPC socket directory. +# Directory to store IPC sockets used by internal Zabbix services. +# +# Mandatory: no +# Default: +# SocketDir=/tmp + +SocketDir=/var/run/zabbix + +### Option: DBHost +# Database host name. +# If set to localhost, socket is used for MySQL. +# If set to empty string, socket is used for PostgreSQL. +# +# Mandatory: no +# Default: +# DBHost=localhost + +### Option: DBName +# Database name. +# For SQLite3 path to database file must be provided. DBUser and DBPassword are ignored. +# +# Mandatory: yes +# Default: +# DBName= + +DBName=zabbix + +### Option: DBSchema +# Schema name. Used for IBM DB2 and PostgreSQL. +# +# Mandatory: no +# Default: +# DBSchema= + +### Option: DBUser +# Database user. Ignored for SQLite. +# +# Mandatory: no +# Default: +# DBUser= + +DBUser=zabbix + +### Option: DBPassword +# Database password. Ignored for SQLite. +# Comment this line if no password is used. +# +# Mandatory: no +# Default: +# DBPassword= +DBPassword=V7F4Uj12dcn5WAu + +### Option: DBSocket +# Path to MySQL socket. +# +# Mandatory: no +# Default: +# DBSocket=/tmp/mysql.sock + +### Option: DBPort +# Database port when not using local socket. Ignored for SQLite. +# +# Mandatory: no +# Range: 1024-65535 +# Default (for MySQL): +# DBPort=3306 + +############ ADVANCED PARAMETERS ################ + +### Option: StartPollers +# Number of pre-forked instances of pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollers=5 + +### Option: StartIPMIPollers +# Number of pre-forked instances of IPMI pollers. +# The IPMI manager process is automatically started when at least one IPMI poller is started. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartIPMIPollers=0 + +### Option: StartPreprocessors +# Number of pre-forked instances of preprocessing workers. +# The preprocessing manager process is automatically started when preprocessor worker is started. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# StartPreprocessors=3 + +### Option: StartPollersUnreachable +# Number of pre-forked instances of pollers for unreachable hosts (including IPMI and Java). +# At least one poller for unreachable hosts must be running if regular, IPMI or Java pollers +# are started. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollersUnreachable=1 + +### Option: StartTrappers +# Number of pre-forked instances of trappers. +# Trappers accept incoming connections from Zabbix sender, active agents and active proxies. +# At least one trapper process must be running to display server availability and view queue +# in the frontend. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartTrappers=5 + +### Option: StartPingers +# Number of pre-forked instances of ICMP pingers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPingers=1 + +### Option: StartDiscoverers +# Number of pre-forked instances of discoverers. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartDiscoverers=1 + +### Option: StartHTTPPollers +# Number of pre-forked instances of HTTP pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartHTTPPollers=1 + +### Option: StartTimers +# Number of pre-forked instances of timers. +# Timers process time-based trigger functions and maintenance periods. +# Only the first timer process handles the maintenance periods. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# StartTimers=1 + +### Option: StartEscalators +# Number of pre-forked instances of escalators. +# +# Mandatory: no +# Range: 0-100 +# Default: +# StartEscalators=1 + +### Option: StartAlerters +# Number of pre-forked instances of alerters. +# Alerters send the notifications created by action operations. +# +# Mandatory: no +# Range: 0-100 +# Default: +# StartAlerters=3 + +### Option: JavaGateway +# IP address (or hostname) of Zabbix Java gateway. +# Only required if Java pollers are started. +# +# Mandatory: no +# Default: +# JavaGateway= +JavaGateway=127.0.0.1 + +### Option: JavaGatewayPort +# Port that Zabbix Java gateway listens on. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# JavaGatewayPort=10052 + +### Option: StartJavaPollers +# Number of pre-forked instances of Java pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartJavaPollers=0 +StartJavaPollers=5 + +### Option: StartVMwareCollectors +# Number of pre-forked vmware collector instances. +# +# Mandatory: no +# Range: 0-250 +# Default: + StartVMwareCollectors=1 + +### Option: VMwareFrequency +# How often Zabbix will connect to VMware service to obtain a new data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwareFrequency=60 + +### Option: VMwarePerfFrequency +# How often Zabbix will connect to VMware service to obtain performance data. +# +# Mandatory: no +# Range: 10-86400 +# Default: + VMwarePerfFrequency=60 + +### Option: VMwareCacheSize +# Size of VMware cache, in bytes. +# Shared memory size for storing VMware data. +# Only used if VMware collectors are started. +# +# Mandatory: no +# Range: 256K-2G +# Default: + VMwareCacheSize=8M + +### Option: VMwareTimeout +# Specifies how many seconds vmware collector waits for response from VMware service. +# +# Mandatory: no +# Range: 1-300 +# Default: + VMwareTimeout=10 + +### Option: SNMPTrapperFile +# Temporary file used for passing data from SNMP trap daemon to the server. +# Must be the same as in zabbix_trap_receiver.pl or SNMPTT configuration file. +# +# Mandatory: no +# Default: +# SNMPTrapperFile=/tmp/zabbix_traps.tmp +SNMPTrapperFile=/var/log/zabbix/snmptrapfmt.log + +SNMPTrapperFile=/var/log/snmptrap/snmptrap.log + +### Option: StartSNMPTrapper +# If 1, SNMP trapper process is started. +# +# Mandatory: no +# Range: 0-1 +# Default: +# StartSNMPTrapper=0 +StartSNMPTrapper=1 + +### Option: ListenIP +# List of comma delimited IP addresses that the trapper should listen on. +# Trapper will listen on all network interfaces if this parameter is missing. +# +# Mandatory: no +# Default: +# ListenIP=0.0.0.0 + +# ListenIP=127.0.0.1 + +### Option: HousekeepingFrequency +# How often Zabbix will perform housekeeping procedure (in hours). +# Housekeeping is removing outdated information from the database. +# To prevent Housekeeper from being overloaded, no more than 4 times HousekeepingFrequency +# hours of outdated information are deleted in one housekeeping cycle, for each item. +# To lower load on server startup housekeeping is postponed for 30 minutes after server start. +# With HousekeepingFrequency=0 the housekeeper can be only executed using the runtime control option. +# In this case the period of outdated information deleted in one housekeeping cycle is 4 times the +# period since the last housekeeping cycle, but not less than 4 hours and not greater than 4 days. +# +# Mandatory: no +# Range: 0-24 +# Default: +# HousekeepingFrequency=1 + +### Option: MaxHousekeeperDelete +# The table "housekeeper" contains "tasks" for housekeeping procedure in the format: +# [housekeeperid], [tablename], [field], [value]. +# No more than 'MaxHousekeeperDelete' rows (corresponding to [tablename], [field], [value]) +# will be deleted per one task in one housekeeping cycle. +# SQLite3 does not use this parameter, deletes all corresponding rows without a limit. +# If set to 0 then no limit is used at all. In this case you must know what you are doing! +# +# Mandatory: no +# Range: 0-1000000 +# Default: +# MaxHousekeeperDelete=5000 + +### Option: CacheSize +# Size of configuration cache, in bytes. +# Shared memory size for storing host, item and trigger data. +# +# Mandatory: no +# Range: 128K-8G +# Default: +# CacheSize=8M + +### Option: CacheUpdateFrequency +# How often Zabbix will perform update of configuration cache, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# CacheUpdateFrequency=60 + +### Option: StartDBSyncers +# Number of pre-forked instances of DB Syncers. +# +# Mandatory: no +# Range: 1-100 +# Default: +# StartDBSyncers=4 + +### Option: HistoryCacheSize +# Size of history cache, in bytes. +# Shared memory size for storing history data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryCacheSize=16M + +### Option: HistoryIndexCacheSize +# Size of history index cache, in bytes. +# Shared memory size for indexing history cache. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryIndexCacheSize=4M + +### Option: TrendCacheSize +# Size of trend cache, in bytes. +# Shared memory size for storing trends data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# TrendCacheSize=4M + +### Option: ValueCacheSize +# Size of history value cache, in bytes. +# Shared memory size for caching item history data requests. +# Setting to 0 disables value cache. +# +# Mandatory: no +# Range: 0,128K-64G +# Default: +# ValueCacheSize=8M + +### Option: Timeout +# Specifies how long we wait for agent, SNMP device or external check (in seconds). +# +# Mandatory: no +# Range: 1-30 +# Default: +# Timeout=30 + +Timeout=30 + +### Option: TrapperTimeout +# Specifies how many seconds trapper may spend processing new data. +# +# Mandatory: no +# Range: 1-300 +# Default: +# TrapperTimeout=300 + +### Option: UnreachablePeriod +# After how many seconds of unreachability treat a host as unavailable. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachablePeriod=45 + +### Option: UnavailableDelay +# How often host is checked for availability during the unavailability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnavailableDelay=60 + +### Option: UnreachableDelay +# How often host is checked for availability during the unreachability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachableDelay=15 + +### Option: AlertScriptsPath +# Full path to location of custom alert scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# AlertScriptsPath=${datadir}/zabbix/alertscripts + +AlertScriptsPath=/usr/lib/zabbix/alertscripts + +### Option: ExternalScripts +# Full path to location of external scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# ExternalScripts=${datadir}/zabbix/externalscripts + +ExternalScripts=/usr/lib/zabbix/externalscripts + +### Option: FpingLocation +# Location of fping. +# Make sure that fping binary has root ownership and SUID flag set. +# +# Mandatory: no +# Default: +# FpingLocation=/usr/sbin/fping + +FpingLocation=/usr/bin/fping + +### Option: Fping6Location +# Location of fping6. +# Make sure that fping6 binary has root ownership and SUID flag set. +# Make empty if your fping utility is capable to process IPv6 addresses. +# +# Mandatory: no +# Default: +# Fping6Location=/usr/sbin/fping6 + +Fping6Location=/usr/bin/fping6 + +### Option: SSHKeyLocation +# Location of public and private keys for SSH checks and actions. +# +# Mandatory: no +# Default: +# SSHKeyLocation= + +### Option: LogSlowQueries +# How long a database query may take before being logged (in milliseconds). +# Only works if DebugLevel set to 3, 4 or 5. +# 0 - don't log slow queries. +# +# Mandatory: no +# Range: 1-3600000 +# Default: +# LogSlowQueries=0 + +LogSlowQueries=3000 + +### Option: TmpDir +# Temporary directory. +# +# Mandatory: no +# Default: +# TmpDir=/tmp + +### Option: StartProxyPollers +# Number of pre-forked instances of pollers for passive proxies. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartProxyPollers=1 + +### Option: ProxyConfigFrequency +# How often Zabbix Server sends configuration data to a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600*24*7 +# Default: +# ProxyConfigFrequency=3600 + +### Option: ProxyDataFrequency +# How often Zabbix Server requests history data from a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# ProxyDataFrequency=1 + +### Option: AllowRoot +# Allow the server to run as 'root'. If disabled and the server is started by 'root', the server +# will try to switch to the user specified by the User configuration option instead. +# Has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Default: +# AllowRoot=0 + +### Option: User +# Drop privileges to a specific, existing user on the system. +# Only has effect if run as 'root' and AllowRoot is disabled. +# +# Mandatory: no +# Default: +# User=zabbix + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +# Mandatory: no +# Default: +# Include= + +# Include=/usr/local/etc/zabbix_server.general.conf +# Include=/usr/local/etc/zabbix_server.conf.d/ +# Include=/usr/local/etc/zabbix_server.conf.d/*.conf + +### Option: SSLCertLocation +# Location of SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLCertLocation=${datadir}/zabbix/ssl/certs + +### Option: SSLKeyLocation +# Location of private keys for SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLKeyLocation=${datadir}/zabbix/ssl/keys + +### Option: SSLCALocation +# Override the location of certificate authority (CA) files for SSL server certificate verification. +# If not set, system-wide directory will be used. +# This parameter is used only in web monitoring and SMTP authentication. +# +# Mandatory: no +# Default: +# SSLCALocation= + +####### LOADABLE MODULES ####### + +### Option: LoadModulePath +# Full path to location of server modules. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# LoadModulePath=${libdir}/modules + +### Option: LoadModule +# Module to load at server startup. Modules are used to extend functionality of the server. +# Format: LoadModule= +# The modules must be located in directory specified by LoadModulePath. +# It is allowed to include multiple LoadModule parameters. +# +# Mandatory: no +# Default: +# LoadModule= + +####### TLS-RELATED PARAMETERS ####### + +### Option: TLSCAFile +# Full pathname of a file containing the top-level CA(s) certificates for +# peer certificate verification. +# +# Mandatory: no +# Default: +# TLSCAFile= + +### Option: TLSCRLFile +# Full pathname of a file containing revoked certificates. +# +# Mandatory: no +# Default: +# TLSCRLFile= + +### Option: TLSCertFile +# Full pathname of a file containing the server certificate or certificate chain. +# +# Mandatory: no +# Default: +# TLSCertFile= + +### Option: TLSKeyFile +# Full pathname of a file containing the server private key. +# +# Mandatory: no +# Default: +# TLSKeyFile= diff --git a/scripts/zabscripts/slack.sh b/scripts/zabscripts/slack.sh new file mode 100644 index 0000000..a11bfdb --- /dev/null +++ b/scripts/zabscripts/slack.sh @@ -0,0 +1,23 @@ +#!/bin/bash +KEY="https://hooks.slack.com/services/" +TO="$1" +SUB="$2" +MESS="$3" + +if [[ $SUB == 'PROBLEM' ]] +then + ICON=":scream:" +elif [[ $SUB == 'OK' ]] +then + ICON=":ok_hand:" +else + ICON=":point_up_2:" +fi + +/usr/local/bin/curl -X POST --data-urlencode "payload={\"channel\": \"$TO\", \"username\": \"TradeNarK\", \"text\": \"$ICON $SUB\n$MESS\"}" $KEY + + +# settings to zabbix-server +# {ALERT.SENDTO} +# {ALERT.SUBJECT} +# {ALERT.MESSAGE} diff --git a/scripts/zabscripts/slack1.sh b/scripts/zabscripts/slack1.sh new file mode 100755 index 0000000..7c1c8ba --- /dev/null +++ b/scripts/zabscripts/slack1.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# Slack incoming web-hook URL and user name +url='https://hooks.slack.com/services/' # example: url='https://hooks.slack.com/services/QW3R7Y/D34DC0D3/BCADFGabcDEF123' +username='zabbix-server' + +## Values received by this script: +# To = $1 / Slack channel or user to send the message to, specified in the Zabbix web interface; "@username" or "#channel" +# Subject = $2 / subject of the message sent by Zabbix; by default, it is usually something like "(Problem|Resolved): Lack of free swap space on Zabbix server" +# Message = $3 / message body sent by Zabbix; by default, it is usually approximately 4 lines detailing the specific trigger involved +# Alternate URL = $4 (optional) / alternative Slack.com web-hook URL to replace the above hard-coded one; useful when multiple groups have seperate Slack teams +# Proxy = $5 (optional) / proxy host including port (such as "example.com:8080") + +# Get the user/channel ($1), subject ($2), and message ($3) +to="$1" +subject="$2" +message="$3" + +# Change message emoji and notification color depending on the subject indicating whether it is a trigger going in to problem state or recovering +#recoversub='^RECOVER(Y|ED)?$|^OK$|^Resolved*' +recoversub='Resolved' +problemsub='Problem' +#problemsub='^Беда*' +updatesub='Update' + +if [[ "$subject" =~ $recoversub ]]; then + emoji=':smile:' + color='#0C7BDC' +elif [[ "$subject" =~ $problemsub ]]; then + emoji=':face_palm:' + color='#FFC20A' +elif [[ "$subject" =~ $updatesub ]]; then + emoji=':scream:' + color='#FFC20A' +else + emoji=':pager:' + color='#CCCCCC' +fi + +# Replace the above hard-coded Slack.com web-hook URL entirely, if one was passed via the optional 4th parameter +url=${4-$url} + +# Use optional 5th parameter as proxy server for curl +proxy=${5-""} +if [[ "$proxy" != '' ]]; then + proxy="-x $proxy" +fi + +# Build JSON payload which will be HTTP POST'ed to the Slack.com web-hook URL +payload="payload={\"channel\": \"${to//\"/\\\"}\", \ +\"username\": \"${username//\"/\\\"}\", \ +\"attachments\": [{\"fallback\": \"${subject//\"/\\\"}\", \"title\": \"${subject//\"/\\\"}\", \"text\": \"${message//\"/\\\"}\", \"color\": \"${color}\"}], \ diff --git a/scripts/zabscripts/smsc.conf b/scripts/zabscripts/smsc.conf new file mode 100644 index 0000000..f02a447 --- /dev/null +++ b/scripts/zabscripts/smsc.conf @@ -0,0 +1,4 @@ +PATH=/bin:/usr/bin:/usr/local/bin + +USER_ID=X +PASSWORD=X diff --git a/scripts/zabscripts/smsc.sh b/scripts/zabscripts/smsc.sh new file mode 100755 index 0000000..c505cb5 --- /dev/null +++ b/scripts/zabscripts/smsc.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +TO_NUMBER="$1" +SUBJECT="$2" +MESSAGE="$3" +echo ${TO_NUMBER} >> /tmp/out.txt +echo ${SUBJECT} >> /tmp/out.txt +echo ${MESSAGE} >> /tmp/out.txt + +. smsc.conf + +SMSC_URL=${SMSC_URL:-"https://smsc.ru/sys/send.php"} + +TO_NUMBER=$(echo "${TO_NUMBER}" | sed 's/[^0123456789]//g') + +NL='' + +RESULT=$(curl --get --silent --show-error \ + --data-urlencode "login=${USER_ID}" \ + --data-urlencode "psw=${PASSWORD}" \ + --data-urlencode "phones=${TO_NUMBER}" \ + --data-urlencode "mes=${SUBJECT}:${MESSAGE}" \ + "${SMSC_URL}" 2>&1 +) + +STATUS=$? + +echo ${RESULT} +echo ${RESULT} >> /tmp/smsc.txt + +exit ${STATUS} diff --git a/scripts/zabscripts/telegram.sh b/scripts/zabscripts/telegram.sh new file mode 100755 index 0000000..7d9d3e0 --- /dev/null +++ b/scripts/zabscripts/telegram.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +TOKEN='' + +which curl &>/dev/null +if [ $? -ne 0 ] ; then echo 'FAIL: curl not found.' && exit 1 ; fi +if [ $# -ne 3 ] ; then echo 'FAIL: Params not defined.' && echo 'Usage: zabbix-to-telegram-notify.sh TelegramID Subject Message' && exit 1 ; fi + +CHAT_ID="$1" +SUBJECT="$2" +MESSAGE="$3" + +curl -s --header 'Content-Type: application/json' --request 'POST' --data "{\"chat_id\":\"${CHAT_ID}\",\"text\":\"${SUBJECT}\n${MESSAGE}\"}" "https:// +api.telegram.org/bot${TOKEN}/sendMessage" | grep -q '"ok":false,' +if [ $? -eq 0 ] ; then exit 1 ; fi diff --git a/scripts/zabscripts/zviewer.sh b/scripts/zabscripts/zviewer.sh new file mode 100755 index 0000000..c81ea5f --- /dev/null +++ b/scripts/zabscripts/zviewer.sh @@ -0,0 +1,10 @@ +#/bin/bash +if [ $# -eq 0 ] ; then echo 'FAIL: Params not defined.' && echo 'Usage: zbxviewer.sh Token Subject Message' && exit 1 ; fi + +if wget -V >/dev/null 2>&1 ; then + #use wget + wget -q "https://zbx.vovanys.com/push/sendPush.php?token=$1&title=$2&desc=$3" +else + #if wget not found, use curl + curl -kdG "https://zbx.vovanys.com/push/sendPush.php?token=$1&title=$2&desc=$3" +fi diff --git a/terraform.tfvars.example b/terraform.tfvars.example new file mode 100644 index 0000000..f617a15 --- /dev/null +++ b/terraform.tfvars.example @@ -0,0 +1,3 @@ +project = "" +secret_key = "" +access_key = "" diff --git a/vars.tf.example b/vars.tf.example new file mode 100644 index 0000000..fecf0b4 --- /dev/null +++ b/vars.tf.example @@ -0,0 +1,49 @@ +variable "project" { + default = "" +} + +variable "region" { + default = "us-central1" +} + +variable "default_user" { + default = "ubuntu" +} + +#=============================================== +# Count of PVE servers +#=============================================== +variable "count_instance" { + default = "0" +} + +variable "zone_instance" { + default = "us-central1-a" +} + +variable "disk_image" { + default = "ubuntu-1804-lts" +} + +variable "zabbix_tag" { + default = "zabbix-app" +} + +#==================# +# var for AWS +#==================# +variable "region_aws" { + default = "us-east-2" +} + +variable "access_key" { + default = "" +} + +variable "secret_key" { + default = "" +} + +variable "dns_zone_name" { + default = "" +} diff --git a/versions.tf b/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +}