From 941b13aa4938e774072c1f8d18c58f90340ec043 Mon Sep 17 00:00:00 2001 From: Vassiliy Yegorov Date: Sat, 13 Jul 2019 10:50:20 +0700 Subject: [PATCH] Initial commit --- .gitignore | 7 + README.md | 20 + dns.tf | 14 + instances.tf | 52 +++ main.tf | 71 +++ outputs.tf | 7 + provider.tf | 20 + scripts/setupagent.sh | 7 + scripts/setupzabbix.sh | 19 + scripts/zabconf/apache.conf | 69 +++ scripts/zabconf/zabbix_server.conf | 671 +++++++++++++++++++++++++++++ scripts/zabscripts/slack.sh | 23 + scripts/zabscripts/slack1.sh | 52 +++ scripts/zabscripts/smsc.conf | 4 + scripts/zabscripts/smsc.sh | 31 ++ scripts/zabscripts/telegram.sh | 15 + scripts/zabscripts/zviewer.sh | 10 + terraform.tfvars.example | 3 + vars.tf.example | 49 +++ versions.tf | 4 + 20 files changed, 1148 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 dns.tf create mode 100644 instances.tf create mode 100644 main.tf create mode 100644 outputs.tf create mode 100644 provider.tf create mode 100755 scripts/setupagent.sh create mode 100755 scripts/setupzabbix.sh create mode 100644 scripts/zabconf/apache.conf create mode 100644 scripts/zabconf/zabbix_server.conf create mode 100644 scripts/zabscripts/slack.sh create mode 100755 scripts/zabscripts/slack1.sh create mode 100644 scripts/zabscripts/smsc.conf create mode 100755 scripts/zabscripts/smsc.sh create mode 100755 scripts/zabscripts/telegram.sh create mode 100755 scripts/zabscripts/zviewer.sh create mode 100644 terraform.tfvars.example create mode 100644 vars.tf.example create mode 100644 versions.tf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e60684c --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +.terraform +terraform.tfstate +terraform.tfstate.backup +terraform.tfvars +.terraform.tfstate.lock.* +vars.tf +host diff --git a/README.md b/README.md new file mode 100644 index 0000000..011437e --- /dev/null +++ b/README.md @@ -0,0 +1,20 @@ +# Zabbix сервер - контроль над сервисами + +## на примере пакета zabbix-server + * подразумевается, что у вас уже есть проект на GCP, есть созданный bucket для хранения tfstate и собственно установленный на вашей машине terraform (я использовал 0.12.2), а так же доменное имя и зона (я размещаю свою в aws_route53_zone) + +### Что надо подготовить: + * файл terraform.tfvars.example переименовать в terraform.tfvars и прописать там имя проекта с GCP (и ключи от aws - если делать как у меня) + * в файле vars.tf (переименовать с example) указать кол-ко витруальных машин (если нужно как-то по другому) и регион (если нужен другой) + +### Что получаем на выходе + 1. установленный и готовый к работе zabbix-server и сколько-то машин с агентами для тестирования + 2. смените на сервере тайм-зону (если вы не земляк с Новосибирска) (в файле scripts/zabconf/apache2.conf - если перед установкой) + +### Видео-урок + * Запись по работе с проектом можно посмотреть [тут](https://youtu.be/) + * Этот и много других уроков [тут](vk.com/realmanual) + +##### Автор + - **Vassiliy Yegorov** - *Initial work* - [vasyakrg](https://github.com/vasyakrg) + - [сайт](vk.com/realmanual) diff --git a/dns.tf b/dns.tf new file mode 100644 index 0000000..ad3bf01 --- /dev/null +++ b/dns.tf @@ -0,0 +1,14 @@ +#=============================================== +# Create A records to AWS +#=============================================== +data "aws_route53_zone" "dns_zone" { + name = "${var.dns_zone_name}" +} + +resource "aws_route53_record" "zabbix" { + zone_id = "${data.aws_route53_zone.dns_zone.id}" + name = "zabbix" + type = "A" + ttl = "300" + records = ["${google_compute_instance.zabbix.network_interface.0.access_config.0.nat_ip}"] +} diff --git a/instances.tf b/instances.tf new file mode 100644 index 0000000..00ea9fb --- /dev/null +++ b/instances.tf @@ -0,0 +1,52 @@ +#=============================================== +# Create PVE servers +#=============================================== +resource "google_compute_instance" "pve" { + count = "${var.count_instance}" + name = "serv-${count.index + 1}" + machine_type = "g1-small" + zone = "${var.zone_instance}" + tags = ["serv-${count.index + 1}"] + + # add image disk + boot_disk { + initialize_params { + image = var.disk_image + } + } + + # add network + network_interface { + network = "default" + access_config { + } + } + # ssh_key + metadata = { + sshKeys = "${var.default_user}:${file("~/.ssh/id_rsa.pub")}" + } + + metadata_startup_script = "${file("scripts/setupagent.sh")}" + + connection { + host = self.network_interface.0.access_config.0.nat_ip + type = "ssh" + user = "${var.default_user}" + private_key = "${file("~/.ssh/id_rsa")}" + } + + provisioner "file" { + source = "scripts/agents/zabbix_agent.conf" + destination = "/etc/zabbix/zabbix_agent.conf" + } + + provisioner "remote-exec" { + inline = [ + "sudo apt update", + "sudo apt install nginx -y", + "sudo echo Serv-${count.index + 1} >> /var/www/html/index.nginx-debian.html", + "sudo systemctl enable nginx && sudo systemctl start nginx" + ] + } + +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..3d35342 --- /dev/null +++ b/main.tf @@ -0,0 +1,71 @@ +#=============================================== +# Create firefall for all +#=============================================== +resource "google_compute_firewall" "firewall_vpn" { + name = "allow-zabbix" + + # name of net + network = "default" + + allow { + protocol = "tcp" + ports = [ + "443", "80", "10050" + ] + } + + source_ranges = ["0.0.0.0/0"] + target_tags = ["${var.zabbix_tag}"] +} + +#=============================================== +# Create zabbix server +#=============================================== +resource "google_compute_instance" "zabbix" { + name = "app-zabbix" + machine_type = "g1-small" + zone = "${var.zone_instance}" + tags = ["${var.zabbix_tag}"] + + # add image disk + boot_disk { + initialize_params { + image = var.disk_image + } + } + + # add network + network_interface { + network = "default" + access_config { + } + } + # ssh_key + metadata = { + sshKeys = "${var.default_user}:${file("~/.ssh/id_rsa.pub")}" + } + connection { + host = self.network_interface.0.access_config.0.nat_ip + type = "ssh" + user = "${var.default_user}" + private_key = "${file("~/.ssh/id_rsa")}" + } + + # provisioner "file" { + # source = "scripts/setupzabbix.sh" + # destination = "~/setupzabbix.sh" + # } + + metadata_startup_script = "${file("scripts/setupzabbix.sh")}" + + provisioner "file" { + source = "scripts/zabscripts" + destination = "/usr/lib/zabbix/alertscripts " + } + + provisioner "file" { + source = "scripts/zabconf" + destination = "/etc/zabbix" + } + +} diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 0000000..5ba5348 --- /dev/null +++ b/outputs.tf @@ -0,0 +1,7 @@ +# output "pve-servers_ip" { +# value = "${google_compute_instance.pve.*.network_interface.0.access_config.0.nat_ip}" +# } + +output "zabbix_ip" { + value = "${google_compute_instance.zabbix.network_interface.0.access_config.0.nat_ip}" +} diff --git a/provider.tf b/provider.tf new file mode 100644 index 0000000..3b83bd0 --- /dev/null +++ b/provider.tf @@ -0,0 +1,20 @@ +provider "google" { + project = var.project + region = var.region +} + +provider "aws" { + access_key = "${var.access_key}" + secret_key = "${var.secret_key}" + region = "${var.region_aws}" +} + +#=============================================== +# Bucket for .tfstate files - remote save +#=============================================== +terraform { + backend "gcs" { + bucket = "indigo-medium-242214-tf-state-prod" + prefix = "test/zabbix-app" + } +} diff --git a/scripts/setupagent.sh b/scripts/setupagent.sh new file mode 100755 index 0000000..53ee577 --- /dev/null +++ b/scripts/setupagent.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +sudo wget https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-2+bionic_all.deb +sudo dpkg -i zabbix-release_4.0-2+bionic_all.deb +sudo apt-get update +sudo apt install zabbix-agent -y +sudo service zabbix-agent start diff --git a/scripts/setupzabbix.sh b/scripts/setupzabbix.sh new file mode 100755 index 0000000..ac10dbd --- /dev/null +++ b/scripts/setupzabbix.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +sudo wget https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-2+bionic_all.deb +sudo dpkg -i zabbix-release_4.0-2+bionic_all.deb +sudo apt update + +sudo apt install zabbix-server-mysql -y +sudo apt install zabbix-frontend-php -y + +sudo mysql -uroot -e "create database zabbix character set utf8 collate utf8_bin;" +sudo mysql -uroot -e "grant all privileges on zabbix.* to zabbix@localhost identified by 'V7F4Uj12dcn5WAu';" +sudo mysql -uroot -e "FLUSH PRIVILEGES;" +sudo mysql -uroot -e "quit" + +sudo zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | sudo mysql -uzabbix zabbix -pV7F4Uj12dcn5WAu + +sudo service apache2 restart +sudo service zabbix-server start +sudo update-rc.d zabbix-server enable diff --git a/scripts/zabconf/apache.conf b/scripts/zabconf/apache.conf new file mode 100644 index 0000000..f5b16ea --- /dev/null +++ b/scripts/zabconf/apache.conf @@ -0,0 +1,69 @@ +# Define /zabbix alias, this is the default + + Alias /zabbix /usr/share/zabbix + + + + Options FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + php_value max_execution_time 300 + php_value memory_limit 256M + php_value post_max_size 160M + php_value upload_max_filesize 20M + php_value max_input_time 300 + php_value always_populate_raw_post_data -1 + php_value date.timezone Asia/Almaty + + + php_value max_execution_time 300 + php_value memory_limit 256M + php_value post_max_size 160M + php_value upload_max_filesize 20M + php_value max_input_time 300 + php_value always_populate_raw_post_data -1 + + # Change to you zone!! + php_value date.timezone Asia/Novosibirsk + + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + + + + Order deny,allow + Deny from all + + Order deny,allow + Deny from all + + diff --git a/scripts/zabconf/zabbix_server.conf b/scripts/zabconf/zabbix_server.conf new file mode 100644 index 0000000..8d466e2 --- /dev/null +++ b/scripts/zabconf/zabbix_server.conf @@ -0,0 +1,671 @@ +# This is a configuration file for Zabbix server daemon +# To get more information about Zabbix, visit http://www.zabbix.com + +############ GENERAL PARAMETERS ################# + +### Option: ListenPort +# Listen port for trapper. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# ListenPort=10051 + +### Option: SourceIP +# Source IP address for outgoing connections. +# +# Mandatory: no +# Default: +# SourceIP= + +### Option: LogType +# Specifies where log messages are written to: +# system - syslog +# file - file specified with LogFile parameter +# console - standard output +# +# Mandatory: no +# Default: +# LogType=file + +### Option: LogFile +# Log file name for LogType 'file' parameter. +# +# Mandatory: no +# Default: +# LogFile= + +LogFile=/var/log/zabbix/zabbix_server.log + +### Option: LogFileSize +# Maximum size of log file in MB. +# 0 - disable automatic log rotation. +# +# Mandatory: no +# Range: 0-1024 +# Default: +# LogFileSize=1 + +LogFileSize=0 + +### Option: DebugLevel +# Specifies debug level: +# 0 - basic information about starting and stopping of Zabbix processes +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# 5 - extended debugging (produces even more information) +# +# Mandatory: no +# Range: 0-5 +# Default: +# DebugLevel=3 + +### Option: PidFile +# Name of PID file. +# +# Mandatory: no +# Default: +# PidFile=/tmp/zabbix_server.pid + +PidFile=/var/run/zabbix/zabbix_server.pid + +### Option: SocketDir +# IPC socket directory. +# Directory to store IPC sockets used by internal Zabbix services. +# +# Mandatory: no +# Default: +# SocketDir=/tmp + +SocketDir=/var/run/zabbix + +### Option: DBHost +# Database host name. +# If set to localhost, socket is used for MySQL. +# If set to empty string, socket is used for PostgreSQL. +# +# Mandatory: no +# Default: +# DBHost=localhost + +### Option: DBName +# Database name. +# For SQLite3 path to database file must be provided. DBUser and DBPassword are ignored. +# +# Mandatory: yes +# Default: +# DBName= + +DBName=zabbix + +### Option: DBSchema +# Schema name. Used for IBM DB2 and PostgreSQL. +# +# Mandatory: no +# Default: +# DBSchema= + +### Option: DBUser +# Database user. Ignored for SQLite. +# +# Mandatory: no +# Default: +# DBUser= + +DBUser=zabbix + +### Option: DBPassword +# Database password. Ignored for SQLite. +# Comment this line if no password is used. +# +# Mandatory: no +# Default: +# DBPassword= +DBPassword=V7F4Uj12dcn5WAu + +### Option: DBSocket +# Path to MySQL socket. +# +# Mandatory: no +# Default: +# DBSocket=/tmp/mysql.sock + +### Option: DBPort +# Database port when not using local socket. Ignored for SQLite. +# +# Mandatory: no +# Range: 1024-65535 +# Default (for MySQL): +# DBPort=3306 + +############ ADVANCED PARAMETERS ################ + +### Option: StartPollers +# Number of pre-forked instances of pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollers=5 + +### Option: StartIPMIPollers +# Number of pre-forked instances of IPMI pollers. +# The IPMI manager process is automatically started when at least one IPMI poller is started. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartIPMIPollers=0 + +### Option: StartPreprocessors +# Number of pre-forked instances of preprocessing workers. +# The preprocessing manager process is automatically started when preprocessor worker is started. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# StartPreprocessors=3 + +### Option: StartPollersUnreachable +# Number of pre-forked instances of pollers for unreachable hosts (including IPMI and Java). +# At least one poller for unreachable hosts must be running if regular, IPMI or Java pollers +# are started. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollersUnreachable=1 + +### Option: StartTrappers +# Number of pre-forked instances of trappers. +# Trappers accept incoming connections from Zabbix sender, active agents and active proxies. +# At least one trapper process must be running to display server availability and view queue +# in the frontend. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartTrappers=5 + +### Option: StartPingers +# Number of pre-forked instances of ICMP pingers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPingers=1 + +### Option: StartDiscoverers +# Number of pre-forked instances of discoverers. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartDiscoverers=1 + +### Option: StartHTTPPollers +# Number of pre-forked instances of HTTP pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartHTTPPollers=1 + +### Option: StartTimers +# Number of pre-forked instances of timers. +# Timers process time-based trigger functions and maintenance periods. +# Only the first timer process handles the maintenance periods. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# StartTimers=1 + +### Option: StartEscalators +# Number of pre-forked instances of escalators. +# +# Mandatory: no +# Range: 0-100 +# Default: +# StartEscalators=1 + +### Option: StartAlerters +# Number of pre-forked instances of alerters. +# Alerters send the notifications created by action operations. +# +# Mandatory: no +# Range: 0-100 +# Default: +# StartAlerters=3 + +### Option: JavaGateway +# IP address (or hostname) of Zabbix Java gateway. +# Only required if Java pollers are started. +# +# Mandatory: no +# Default: +# JavaGateway= +JavaGateway=127.0.0.1 + +### Option: JavaGatewayPort +# Port that Zabbix Java gateway listens on. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# JavaGatewayPort=10052 + +### Option: StartJavaPollers +# Number of pre-forked instances of Java pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartJavaPollers=0 +StartJavaPollers=5 + +### Option: StartVMwareCollectors +# Number of pre-forked vmware collector instances. +# +# Mandatory: no +# Range: 0-250 +# Default: + StartVMwareCollectors=1 + +### Option: VMwareFrequency +# How often Zabbix will connect to VMware service to obtain a new data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwareFrequency=60 + +### Option: VMwarePerfFrequency +# How often Zabbix will connect to VMware service to obtain performance data. +# +# Mandatory: no +# Range: 10-86400 +# Default: + VMwarePerfFrequency=60 + +### Option: VMwareCacheSize +# Size of VMware cache, in bytes. +# Shared memory size for storing VMware data. +# Only used if VMware collectors are started. +# +# Mandatory: no +# Range: 256K-2G +# Default: + VMwareCacheSize=8M + +### Option: VMwareTimeout +# Specifies how many seconds vmware collector waits for response from VMware service. +# +# Mandatory: no +# Range: 1-300 +# Default: + VMwareTimeout=10 + +### Option: SNMPTrapperFile +# Temporary file used for passing data from SNMP trap daemon to the server. +# Must be the same as in zabbix_trap_receiver.pl or SNMPTT configuration file. +# +# Mandatory: no +# Default: +# SNMPTrapperFile=/tmp/zabbix_traps.tmp +SNMPTrapperFile=/var/log/zabbix/snmptrapfmt.log + +SNMPTrapperFile=/var/log/snmptrap/snmptrap.log + +### Option: StartSNMPTrapper +# If 1, SNMP trapper process is started. +# +# Mandatory: no +# Range: 0-1 +# Default: +# StartSNMPTrapper=0 +StartSNMPTrapper=1 + +### Option: ListenIP +# List of comma delimited IP addresses that the trapper should listen on. +# Trapper will listen on all network interfaces if this parameter is missing. +# +# Mandatory: no +# Default: +# ListenIP=0.0.0.0 + +# ListenIP=127.0.0.1 + +### Option: HousekeepingFrequency +# How often Zabbix will perform housekeeping procedure (in hours). +# Housekeeping is removing outdated information from the database. +# To prevent Housekeeper from being overloaded, no more than 4 times HousekeepingFrequency +# hours of outdated information are deleted in one housekeeping cycle, for each item. +# To lower load on server startup housekeeping is postponed for 30 minutes after server start. +# With HousekeepingFrequency=0 the housekeeper can be only executed using the runtime control option. +# In this case the period of outdated information deleted in one housekeeping cycle is 4 times the +# period since the last housekeeping cycle, but not less than 4 hours and not greater than 4 days. +# +# Mandatory: no +# Range: 0-24 +# Default: +# HousekeepingFrequency=1 + +### Option: MaxHousekeeperDelete +# The table "housekeeper" contains "tasks" for housekeeping procedure in the format: +# [housekeeperid], [tablename], [field], [value]. +# No more than 'MaxHousekeeperDelete' rows (corresponding to [tablename], [field], [value]) +# will be deleted per one task in one housekeeping cycle. +# SQLite3 does not use this parameter, deletes all corresponding rows without a limit. +# If set to 0 then no limit is used at all. In this case you must know what you are doing! +# +# Mandatory: no +# Range: 0-1000000 +# Default: +# MaxHousekeeperDelete=5000 + +### Option: CacheSize +# Size of configuration cache, in bytes. +# Shared memory size for storing host, item and trigger data. +# +# Mandatory: no +# Range: 128K-8G +# Default: +# CacheSize=8M + +### Option: CacheUpdateFrequency +# How often Zabbix will perform update of configuration cache, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# CacheUpdateFrequency=60 + +### Option: StartDBSyncers +# Number of pre-forked instances of DB Syncers. +# +# Mandatory: no +# Range: 1-100 +# Default: +# StartDBSyncers=4 + +### Option: HistoryCacheSize +# Size of history cache, in bytes. +# Shared memory size for storing history data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryCacheSize=16M + +### Option: HistoryIndexCacheSize +# Size of history index cache, in bytes. +# Shared memory size for indexing history cache. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryIndexCacheSize=4M + +### Option: TrendCacheSize +# Size of trend cache, in bytes. +# Shared memory size for storing trends data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# TrendCacheSize=4M + +### Option: ValueCacheSize +# Size of history value cache, in bytes. +# Shared memory size for caching item history data requests. +# Setting to 0 disables value cache. +# +# Mandatory: no +# Range: 0,128K-64G +# Default: +# ValueCacheSize=8M + +### Option: Timeout +# Specifies how long we wait for agent, SNMP device or external check (in seconds). +# +# Mandatory: no +# Range: 1-30 +# Default: +# Timeout=30 + +Timeout=30 + +### Option: TrapperTimeout +# Specifies how many seconds trapper may spend processing new data. +# +# Mandatory: no +# Range: 1-300 +# Default: +# TrapperTimeout=300 + +### Option: UnreachablePeriod +# After how many seconds of unreachability treat a host as unavailable. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachablePeriod=45 + +### Option: UnavailableDelay +# How often host is checked for availability during the unavailability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnavailableDelay=60 + +### Option: UnreachableDelay +# How often host is checked for availability during the unreachability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachableDelay=15 + +### Option: AlertScriptsPath +# Full path to location of custom alert scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# AlertScriptsPath=${datadir}/zabbix/alertscripts + +AlertScriptsPath=/usr/lib/zabbix/alertscripts + +### Option: ExternalScripts +# Full path to location of external scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# ExternalScripts=${datadir}/zabbix/externalscripts + +ExternalScripts=/usr/lib/zabbix/externalscripts + +### Option: FpingLocation +# Location of fping. +# Make sure that fping binary has root ownership and SUID flag set. +# +# Mandatory: no +# Default: +# FpingLocation=/usr/sbin/fping + +FpingLocation=/usr/bin/fping + +### Option: Fping6Location +# Location of fping6. +# Make sure that fping6 binary has root ownership and SUID flag set. +# Make empty if your fping utility is capable to process IPv6 addresses. +# +# Mandatory: no +# Default: +# Fping6Location=/usr/sbin/fping6 + +Fping6Location=/usr/bin/fping6 + +### Option: SSHKeyLocation +# Location of public and private keys for SSH checks and actions. +# +# Mandatory: no +# Default: +# SSHKeyLocation= + +### Option: LogSlowQueries +# How long a database query may take before being logged (in milliseconds). +# Only works if DebugLevel set to 3, 4 or 5. +# 0 - don't log slow queries. +# +# Mandatory: no +# Range: 1-3600000 +# Default: +# LogSlowQueries=0 + +LogSlowQueries=3000 + +### Option: TmpDir +# Temporary directory. +# +# Mandatory: no +# Default: +# TmpDir=/tmp + +### Option: StartProxyPollers +# Number of pre-forked instances of pollers for passive proxies. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartProxyPollers=1 + +### Option: ProxyConfigFrequency +# How often Zabbix Server sends configuration data to a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600*24*7 +# Default: +# ProxyConfigFrequency=3600 + +### Option: ProxyDataFrequency +# How often Zabbix Server requests history data from a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# ProxyDataFrequency=1 + +### Option: AllowRoot +# Allow the server to run as 'root'. If disabled and the server is started by 'root', the server +# will try to switch to the user specified by the User configuration option instead. +# Has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Default: +# AllowRoot=0 + +### Option: User +# Drop privileges to a specific, existing user on the system. +# Only has effect if run as 'root' and AllowRoot is disabled. +# +# Mandatory: no +# Default: +# User=zabbix + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +# Mandatory: no +# Default: +# Include= + +# Include=/usr/local/etc/zabbix_server.general.conf +# Include=/usr/local/etc/zabbix_server.conf.d/ +# Include=/usr/local/etc/zabbix_server.conf.d/*.conf + +### Option: SSLCertLocation +# Location of SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLCertLocation=${datadir}/zabbix/ssl/certs + +### Option: SSLKeyLocation +# Location of private keys for SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLKeyLocation=${datadir}/zabbix/ssl/keys + +### Option: SSLCALocation +# Override the location of certificate authority (CA) files for SSL server certificate verification. +# If not set, system-wide directory will be used. +# This parameter is used only in web monitoring and SMTP authentication. +# +# Mandatory: no +# Default: +# SSLCALocation= + +####### LOADABLE MODULES ####### + +### Option: LoadModulePath +# Full path to location of server modules. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# LoadModulePath=${libdir}/modules + +### Option: LoadModule +# Module to load at server startup. Modules are used to extend functionality of the server. +# Format: LoadModule= +# The modules must be located in directory specified by LoadModulePath. +# It is allowed to include multiple LoadModule parameters. +# +# Mandatory: no +# Default: +# LoadModule= + +####### TLS-RELATED PARAMETERS ####### + +### Option: TLSCAFile +# Full pathname of a file containing the top-level CA(s) certificates for +# peer certificate verification. +# +# Mandatory: no +# Default: +# TLSCAFile= + +### Option: TLSCRLFile +# Full pathname of a file containing revoked certificates. +# +# Mandatory: no +# Default: +# TLSCRLFile= + +### Option: TLSCertFile +# Full pathname of a file containing the server certificate or certificate chain. +# +# Mandatory: no +# Default: +# TLSCertFile= + +### Option: TLSKeyFile +# Full pathname of a file containing the server private key. +# +# Mandatory: no +# Default: +# TLSKeyFile= diff --git a/scripts/zabscripts/slack.sh b/scripts/zabscripts/slack.sh new file mode 100644 index 0000000..a11bfdb --- /dev/null +++ b/scripts/zabscripts/slack.sh @@ -0,0 +1,23 @@ +#!/bin/bash +KEY="https://hooks.slack.com/services/" +TO="$1" +SUB="$2" +MESS="$3" + +if [[ $SUB == 'PROBLEM' ]] +then + ICON=":scream:" +elif [[ $SUB == 'OK' ]] +then + ICON=":ok_hand:" +else + ICON=":point_up_2:" +fi + +/usr/local/bin/curl -X POST --data-urlencode "payload={\"channel\": \"$TO\", \"username\": \"TradeNarK\", \"text\": \"$ICON $SUB\n$MESS\"}" $KEY + + +# settings to zabbix-server +# {ALERT.SENDTO} +# {ALERT.SUBJECT} +# {ALERT.MESSAGE} diff --git a/scripts/zabscripts/slack1.sh b/scripts/zabscripts/slack1.sh new file mode 100755 index 0000000..7c1c8ba --- /dev/null +++ b/scripts/zabscripts/slack1.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# Slack incoming web-hook URL and user name +url='https://hooks.slack.com/services/' # example: url='https://hooks.slack.com/services/QW3R7Y/D34DC0D3/BCADFGabcDEF123' +username='zabbix-server' + +## Values received by this script: +# To = $1 / Slack channel or user to send the message to, specified in the Zabbix web interface; "@username" or "#channel" +# Subject = $2 / subject of the message sent by Zabbix; by default, it is usually something like "(Problem|Resolved): Lack of free swap space on Zabbix server" +# Message = $3 / message body sent by Zabbix; by default, it is usually approximately 4 lines detailing the specific trigger involved +# Alternate URL = $4 (optional) / alternative Slack.com web-hook URL to replace the above hard-coded one; useful when multiple groups have seperate Slack teams +# Proxy = $5 (optional) / proxy host including port (such as "example.com:8080") + +# Get the user/channel ($1), subject ($2), and message ($3) +to="$1" +subject="$2" +message="$3" + +# Change message emoji and notification color depending on the subject indicating whether it is a trigger going in to problem state or recovering +#recoversub='^RECOVER(Y|ED)?$|^OK$|^Resolved*' +recoversub='Resolved' +problemsub='Problem' +#problemsub='^Беда*' +updatesub='Update' + +if [[ "$subject" =~ $recoversub ]]; then + emoji=':smile:' + color='#0C7BDC' +elif [[ "$subject" =~ $problemsub ]]; then + emoji=':face_palm:' + color='#FFC20A' +elif [[ "$subject" =~ $updatesub ]]; then + emoji=':scream:' + color='#FFC20A' +else + emoji=':pager:' + color='#CCCCCC' +fi + +# Replace the above hard-coded Slack.com web-hook URL entirely, if one was passed via the optional 4th parameter +url=${4-$url} + +# Use optional 5th parameter as proxy server for curl +proxy=${5-""} +if [[ "$proxy" != '' ]]; then + proxy="-x $proxy" +fi + +# Build JSON payload which will be HTTP POST'ed to the Slack.com web-hook URL +payload="payload={\"channel\": \"${to//\"/\\\"}\", \ +\"username\": \"${username//\"/\\\"}\", \ +\"attachments\": [{\"fallback\": \"${subject//\"/\\\"}\", \"title\": \"${subject//\"/\\\"}\", \"text\": \"${message//\"/\\\"}\", \"color\": \"${color}\"}], \ diff --git a/scripts/zabscripts/smsc.conf b/scripts/zabscripts/smsc.conf new file mode 100644 index 0000000..f02a447 --- /dev/null +++ b/scripts/zabscripts/smsc.conf @@ -0,0 +1,4 @@ +PATH=/bin:/usr/bin:/usr/local/bin + +USER_ID=X +PASSWORD=X diff --git a/scripts/zabscripts/smsc.sh b/scripts/zabscripts/smsc.sh new file mode 100755 index 0000000..c505cb5 --- /dev/null +++ b/scripts/zabscripts/smsc.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +TO_NUMBER="$1" +SUBJECT="$2" +MESSAGE="$3" +echo ${TO_NUMBER} >> /tmp/out.txt +echo ${SUBJECT} >> /tmp/out.txt +echo ${MESSAGE} >> /tmp/out.txt + +. smsc.conf + +SMSC_URL=${SMSC_URL:-"https://smsc.ru/sys/send.php"} + +TO_NUMBER=$(echo "${TO_NUMBER}" | sed 's/[^0123456789]//g') + +NL='' + +RESULT=$(curl --get --silent --show-error \ + --data-urlencode "login=${USER_ID}" \ + --data-urlencode "psw=${PASSWORD}" \ + --data-urlencode "phones=${TO_NUMBER}" \ + --data-urlencode "mes=${SUBJECT}:${MESSAGE}" \ + "${SMSC_URL}" 2>&1 +) + +STATUS=$? + +echo ${RESULT} +echo ${RESULT} >> /tmp/smsc.txt + +exit ${STATUS} diff --git a/scripts/zabscripts/telegram.sh b/scripts/zabscripts/telegram.sh new file mode 100755 index 0000000..7d9d3e0 --- /dev/null +++ b/scripts/zabscripts/telegram.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +TOKEN='' + +which curl &>/dev/null +if [ $? -ne 0 ] ; then echo 'FAIL: curl not found.' && exit 1 ; fi +if [ $# -ne 3 ] ; then echo 'FAIL: Params not defined.' && echo 'Usage: zabbix-to-telegram-notify.sh TelegramID Subject Message' && exit 1 ; fi + +CHAT_ID="$1" +SUBJECT="$2" +MESSAGE="$3" + +curl -s --header 'Content-Type: application/json' --request 'POST' --data "{\"chat_id\":\"${CHAT_ID}\",\"text\":\"${SUBJECT}\n${MESSAGE}\"}" "https:// +api.telegram.org/bot${TOKEN}/sendMessage" | grep -q '"ok":false,' +if [ $? -eq 0 ] ; then exit 1 ; fi diff --git a/scripts/zabscripts/zviewer.sh b/scripts/zabscripts/zviewer.sh new file mode 100755 index 0000000..c81ea5f --- /dev/null +++ b/scripts/zabscripts/zviewer.sh @@ -0,0 +1,10 @@ +#/bin/bash +if [ $# -eq 0 ] ; then echo 'FAIL: Params not defined.' && echo 'Usage: zbxviewer.sh Token Subject Message' && exit 1 ; fi + +if wget -V >/dev/null 2>&1 ; then + #use wget + wget -q "https://zbx.vovanys.com/push/sendPush.php?token=$1&title=$2&desc=$3" +else + #if wget not found, use curl + curl -kdG "https://zbx.vovanys.com/push/sendPush.php?token=$1&title=$2&desc=$3" +fi diff --git a/terraform.tfvars.example b/terraform.tfvars.example new file mode 100644 index 0000000..f617a15 --- /dev/null +++ b/terraform.tfvars.example @@ -0,0 +1,3 @@ +project = "" +secret_key = "" +access_key = "" diff --git a/vars.tf.example b/vars.tf.example new file mode 100644 index 0000000..fecf0b4 --- /dev/null +++ b/vars.tf.example @@ -0,0 +1,49 @@ +variable "project" { + default = "" +} + +variable "region" { + default = "us-central1" +} + +variable "default_user" { + default = "ubuntu" +} + +#=============================================== +# Count of PVE servers +#=============================================== +variable "count_instance" { + default = "0" +} + +variable "zone_instance" { + default = "us-central1-a" +} + +variable "disk_image" { + default = "ubuntu-1804-lts" +} + +variable "zabbix_tag" { + default = "zabbix-app" +} + +#==================# +# var for AWS +#==================# +variable "region_aws" { + default = "us-east-2" +} + +variable "access_key" { + default = "" +} + +variable "secret_key" { + default = "" +} + +variable "dns_zone_name" { + default = "" +} diff --git a/versions.tf b/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +}