commit 7df6c0273bc362b4cdd0a79d4560548ae7a813dd Author: meaz Date: Sun Feb 5 11:48:17 2023 +0100 first commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8000dd9 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.vagrant diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..d745f27 --- /dev/null +++ b/LICENSE @@ -0,0 +1,19 @@ +MIT License Copyright (c) 2021 "Stichting Disroot.org" + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice (including the next +paragraph) shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS +OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF +OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/Playbooks/zabbix.yml b/Playbooks/zabbix.yml new file mode 100644 index 0000000..5ad62ef --- /dev/null +++ b/Playbooks/zabbix.yml @@ -0,0 +1,11 @@ +--- + +- hosts: zabbix + roles: + - mariadb + # - nginx + #- php-fpm + - zabbix + + vars_files: + - ../defaults/main.yml diff --git a/README.MD b/README.MD new file mode 100644 index 0000000..6299f4e --- /dev/null +++ b/README.MD @@ -0,0 +1,22 @@ +# Zabbix - Ansible Role + +This role deploys, configures and updates Zabbix. You can deploy test instance using `Vagrantfile` attached to the role. + +`vagrant up` +`ansible-playbook -b Playbooks/zabbix.yml` + +Then you can access Zabbix from your computer on http://192.168.33.27 +The default login credentials for Zabbix are: +Username: Admin +Password: zabbix + +## TODO + - obviously better Readme file + - Find better way that zabbix_installed: 'false' and zabbix_proxy_installed: 'false' + + +## CHANGELOG +- **15.01.2021** - Make it ready for public release + - Create readme file + - Create Playbook + - Create Vagrantfile diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..e83c9e0 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,20 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# All Vagrant configuration is done below. The "2" in Vagrant.configure +# configures the configuration version (we support older styles for +# backwards compatibility). Please don't change it unless you know what +# you're doing. +Vagrant.configure("2") do |config| + #config.ssh.insert_key = false + config.vm.define "zabbix" do |zabbix| + zabbix.vm.box = "generic/debian10" + zabbix.vm.provider :libvirt do |libvirt| + libvirt.memory = 256 + end + zabbix.vm.network "forwarded_port", guest: 80, host: 8888, host_ip: "192.168.33.27" + zabbix.vm.network "forwarded_port", guest: 443, host: 4443, host_ip: "192.168.33.27" + zabbix.vm.network "private_network", ip: "192.168.33.27" + +end +end diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..d0da146 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,155 @@ +--- + +#zabbix_installed: 'false' +zabbix_proxy_installed: 'true' + +#main +zabbix_version: '5.0' +zabbix_agent: 'true' +zabbix_server: 'true' +zabbix_proxy: 'false' + +#Zabbix Server +zabbix_server_hostname: 'localhost' +zabbix_server_name: 'Monitoring Monitoring' +zabbix_server_listen_port: '10051' +zabbix_server_log_path: '/var/log/zabbix/zabbix_server.log' +zabbix_server_log_size: '1' #in MB +zabbix_debug_level: '3' +# 0 - basic information about starting and stopping of Zabbix processes +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# 5 - extended debugging (produces even more information) +zabbix_server_db_host: 'localhost' +zabbix_server_db_plugin: 'mysql' +zabbix_server_db_port: '0' +zabbix_server_db_name: 'zabbix' +zabbix_server_db_user: 'zabbixadmin' +zabbix_server_db_passwd: 'changeme' +zabbix_server_pollers: '5' # Number of pre-forked instances of pollers. +zabbix_server_ipmi_pollers: '0' +zabbix_server_timeout: '4' +zabbix_server_alert_scripts: '/usr/lib/zabbix/alertscripts/usr/lib/zabbix/alertscripts' +zabbix_server_external_scripts: '/usr/lib/zabbix/externalscripts' +zabbix_server_fping: '/usr/bin/fping' +zabbix_server_fping6: '/usr/bin/fping6' +zabbix_server_queries_slow: '3000' +zabbix_cachesize: '8M' + +#Zabbix Client +zabbix_agent_params: + - name: "container" + +zabbix_agent_pid: '/var/run/zabbix/zabbix_agentd.pid' +zabbix_agent_logfile: '/var/log/zabbix/zabbix_agentd.log' +zabbix_agent_log_size: '1' +zabbix_agent_debug_level: '3' +zabbix_agent_server_address: "{{ zabbix_server_hostname }}" +zabbix_agent_listen_port: '10050' +zabbix_agent_pkg: + - zabbix-agent + - gzip + - zabbix-get + - zabbix-sender +zabbix_client_pkg: + - zabbix-agent + - gzip + +#Zabbix Scripts +zabbix_scripts_deploy: 'false' +zabbix_scripts_repo: 'https://git.disroot.org/Disroot/zabbix-scripts.git' +zabbix_scripts_dir: '/usr/local/bin/zabbix-scripts' +zabbix_scripts_version: 'master' +#Zabbix Proxy +zabbix_proxy_pkg: + - zabbix-proxy-mysql + - gzip +zabbix_apache: + - apache2 + - libapache2-mod-php5 +zabbix_proxy_mode: '0' +zabbix_proxy_master_server: 'monitoring.example.com' +zabbix_proxy_hostname: 'proxy.example.lan' +zabbix_proxy_listen_port: '10051' +zabbix_proxy_file_size: '1' +zabbix_proxy_debug_level: '3' +zabbix_proxy_db_host: 'localhost' +zabbix_proxy_db_name: 'zabbix_proxy' +zabbix_proxy_db_user: 'zabbixproxyadmin' +zabbix_proxy_db_passwd: 'dupa123' +zabbix_proxy_local_buffer: '0' +zabbix_proxy_offline_buffer: '1' +zabbix_proxy_heartbeat_freq: '60' +zabbix_proxy_config_freq: '3600' +zabbix_proxy_data_sernder_freq: '1' +zabbix_proxy_start_pollers: '5' +zabbix_proxy_ipmi_pollers: '0' + +#PHP Vars +php_version: '8.0' +php_etc_path: '/etc/php' +install_php: 'true' +pool_listen: '/var/run/php/php{{ php_version }}-fpm.sock' + +php_pkgs: + - php{{ php_version }}-fpm + - php{{ php_version }}-bz2 + - php{{ php_version }}-cgi + - php{{ php_version }}-cli + - php{{ php_version }}-common + - php{{ php_version }}-curl + - php{{ php_version }}-dev + - php{{ php_version }}-enchant + - php{{ php_version }}-gd + - php{{ php_version }}-gmp + - php{{ php_version }}-igbinary + - php{{ php_version }}-interbase + - php{{ php_version }}-intl + - php{{ php_version }}-mbstring # frontend + - php{{ php_version }}-msgpack + - php{{ php_version }}-pspell + - php{{ php_version }}-readline + - php{{ php_version }}-zip + - php{{ php_version }}-gd # frontend + - php{{ php_version }}-bcmath # frontend + - php{{ php_version }}-xml # frontend + - php{{ php_version }}-ldap # frontend + + +#nginx +nginx_default_vhost: 'zabbix' +nginx_default_vhost_ssl: 'zabbix' +#nginx_www_dir: '/var/www/' +nginx_vhosts: + +- name: 'zabbix' + template: 'zabbix' + proto: 'http' + listen: '80' + root: '/usr/share/zabbix' + use_access_log: 'true' + use_error_log: 'true' + nginx_error_log_level: 'warn' + state: 'enable' + letsencrypt: 'false' + +# MARIADB CONFIG +mariadb_databases: + - name: '{{ zabbix_server_db_name }}' + collation: 'utf8_general_ci' # should it be utf8_bin? + encoding: 'utf8' + - name: '{{ zabbix_proxy_db_name }}' + collation: 'utf8_general_ci' + encoding: 'utf8' + +mariadb_users: + - name: '{{ zabbix_server_db_user }}' + host: '{{ zabbix_server_db_host }}' + password: '{{ zabbix_server_db_passwd }}' + priv: '{{ zabbix_server_db_name }}.*:ALL' + - name: '{{ zabbix_proxy_db_user }}' + host: '{{ zabbix_proxy_db_host }}' + password: '{{ zabbix_proxy_db_passwd }}' + priv: '{{ zabbix_proxy_db_name }}.*:ALL' diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..53ecdfa --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,16 @@ +--- + +- name: restart zabbix_server + systemd: + name: zabbix-server + state: restarted + +- name: restart zabbix_agent + systemd: + name: zabbix-agent + state: restarted + +- name: restart zabbix_proxy + systemd: + name: zabbix-proxy + state: restarted diff --git a/tasks/apt.yml b/tasks/apt.yml new file mode 100644 index 0000000..24ce20d --- /dev/null +++ b/tasks/apt.yml @@ -0,0 +1,12 @@ +--- + +- name: "[APT] - Install gpg key" + apt_key: + id: 79EA5ED4 + url: http://repo.zabbix.com/zabbix-official-repo.key + +- name: "[APT] - Add repository Debian" + apt_repository: + repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_version }}/debian/ {{ ansible_distribution_release }} main" + state: present + filename: zabbix diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..89c4367 --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,46 @@ +--- + +- name: '[Configure] - Configure Zabbix Server' + template: + src: 'templates/zabbix_server.conf.j2' + dest: '/etc/zabbix/zabbix_server.conf' + owner: 'root' + group: 'root' + mode: '0644' + when: zabbix_server == 'true' + notify: restart zabbix_server + +- name: '[Configure] - Create Zabbix frontend Dir' + file: + path: '/etc/zabbix/web' + state: 'directory' + +- name: '[Configure] - Configure Zabbix Proxy' + template: + src: 'templates/zabbix_proxy.conf.j2' + dest: '/etc/zabbix/zabbix_proxy.conf' + owner: 'root' + group: 'root' + mode: '0644' + when: zabbix_proxy == 'true' + notify: restart zabbix_proxy + +- name: '[Configure] - Configure Zabbix frontend' + template: + src: 'templates/zabbix.conf.php.j2' + dest: '/etc/zabbix/web/zabbix.conf.php' + owner: 'www-data' + group: 'www-data' + mode: '0644' + when: zabbix_server == 'true' + notify: restart zabbix_server + +- name: '[Configure] - Configure Zabbix Agent' + template: + src: 'templates/zabbix_agentd.conf.j2' + dest: '/etc/zabbix/zabbix_agentd.conf' + owner: 'root' + group: 'root' + mode: '0644' + when: zabbix_agent == 'true' + notify: restart zabbix_agent diff --git a/tasks/install_agent.yml b/tasks/install_agent.yml new file mode 100644 index 0000000..ab48d5f --- /dev/null +++ b/tasks/install_agent.yml @@ -0,0 +1,43 @@ +--- + +- name: "[Agent] - Install Zabbix from repository" + apt: + name: "{{ zabbix_agent_pkg }}" + state: latest + update_cache: yes + install_recommends: no + cache_valid_time: 3600 + notify: + - restart zabbix_agent + +- name: "[Agent] - Make sure the service is enabled" + systemd: + name: zabbix-agent + enabled: yes + +- name: "[Agent] - Deploy Zabbix custom userparameters" + template: + src: 'zabbix_agent.d/userparameter_container.conf.j2' + dest: '/etc/zabbix/zabbix_agentd.d/userparameter_container.conf' + notify: + - restart zabbix_agent + +- name: "[Agent] - Deploy Zabbix scripts" + git: + repo: '{{ zabbix_scripts_repo }}' + dest: '{{ zabbix_scripts_dir }}' + force: 'yes' + version: '{{ zabbix_scripts_version }}' + when: zabbix_scripts_deploy == 'true' + +- name: '[Agent] - Ensure config dir path exists' + file: + path: '/var/local/container-scripts' + state: 'directory' + mode: '0755' + +- name: "[Agent] - Configure scripts" + template: + src: 'zabbix-scripts.cfg.j2' + dest: '/var/local/container-scripts/zabbix-scripts.cfg' + when: zabbix_scripts_deploy == 'true' diff --git a/tasks/install_client.yml b/tasks/install_client.yml new file mode 100644 index 0000000..2b2c40e --- /dev/null +++ b/tasks/install_client.yml @@ -0,0 +1,10 @@ +--- + +- name: "[APT] - Install Zabbix from repository" + apt: + name: "{{ zabbix_client_pkg }}" + state: latest + update_cache: yes + install_recommends: no + notify: + - restart zabbix_agent diff --git a/tasks/install_proxy.yml b/tasks/install_proxy.yml new file mode 100644 index 0000000..50101d1 --- /dev/null +++ b/tasks/install_proxy.yml @@ -0,0 +1,33 @@ +--- + +- name: '[Proxy] - Install Zabbix Proxy from repository' + apt: + name: "{{ zabbix_proxy_pkg }}" + state: latest + update_cache: yes + install_recommends: no + cache_valid_time: 3600 + notify: + - restart zabbix_proxy + +- name: "[Agent] - Make sure the service is enabled" + systemd: + name: zabbix-proxy + enabled: yes + +- name: '[Proxy] - Remove apache2' + apt: + name: "{{ zabbix_apache }}" + state: absent + +- name: '[Proxy] - Importing Zabbix Proxy schema. Onetime only shot' + mysql_db: + login_host: "{{ zabbix_proxy_db_host }}" + login_password: "{{ zabbix_proxy_db_passwd }}" + login_user: '{{ zabbix_proxy_db_user }}' + name: "{{ zabbix_proxy_db_name }}" + state: import + target: /usr/share/doc/zabbix-proxy-mysql/schema.sql.gz + when: zabbix_proxy_installed == 'false' + notify: + - restart zabbix_server diff --git a/tasks/install_server.yml b/tasks/install_server.yml new file mode 100644 index 0000000..7ead633 --- /dev/null +++ b/tasks/install_server.yml @@ -0,0 +1,44 @@ +--- + +- name: '[Server] - Install Zabbix from repository' + apt: + pkg: + - zabbix-server-mysql + - zabbix-frontend-php + - gzip + - python3-pymysql + state: latest + update_cache: yes + install_recommends: no + cache_valid_time: 3600 + notify: + - restart zabbix_server + +- name: "[Agent] - Make sure the service is enabled" + systemd: + name: zabbix-server + enabled: yes + +- name: '[Server] - Remove apache2' + apt: + name: "{{ zabbix_apache }}" + state: absent + +- name: "[Check] - Zabbix is already installed?" + shell: + cmd: "{{ zabbix_server_db_plugin }} -h {{ zabbix_server_db_host }} -u {{ zabbix_server_db_user }} -p{{ zabbix_server_db_passwd }} {{ zabbix_server_db_name }} -se 'SELECT instanceid from config;'" + register: zabbix_installed + ignore_errors: true + +- name: '[Server] - Importing Zabbix database. Onetime only shot' + mysql_db: + login_host: "{{ zabbix_server_db_host }}" + login_password: "{{ zabbix_server_db_passwd }}" + login_user: '{{ zabbix_server_db_user }}' + name: "{{ zabbix_server_db_name }}" + state: import + target: /usr/share/doc/zabbix-server-mysql/create.sql.gz + when: "'ERROR 1146' in zabbix_installed.stderr" + # ERROR 1146 means the table doesn't exist + notify: + - restart zabbix_server diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..282acfa --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,19 @@ +--- + +- name: Manage apt apt_repository + include: apt.yml + +- name: Install Zabbix Server + include: install_server.yml + when: zabbix_server == 'true' + +- name: install Zabbix Agent + include: install_agent.yml + when: zabbix_agent == 'true' + +- name: install Zabbix Proxy + include: install_proxy.yml + when: zabbix_proxy == 'true' + +- name: Configure Zabbix + include: configure.yml diff --git a/templates/zabbix-scripts.cfg.j2 b/templates/zabbix-scripts.cfg.j2 new file mode 100644 index 0000000..5267706 --- /dev/null +++ b/templates/zabbix-scripts.cfg.j2 @@ -0,0 +1,6 @@ +# {{ ansible_managed }} + +# Zabbix scripts configuration file +{% for item in zabbix_scripts_config_items %} +{{ item.key }}="{{ item.value }}" +{% endfor %} diff --git a/templates/zabbix.conf.php.j2 b/templates/zabbix.conf.php.j2 new file mode 100644 index 0000000..a14ae5e --- /dev/null +++ b/templates/zabbix.conf.php.j2 @@ -0,0 +1,19 @@ + " -f 2 | head -n 1 +{% endif %} + +{% if item.name == 'dovecot' %} +# Dovecot +UserParameter=dovecot.usercount,cat /tmp/dovecot_user_count +UserParameter=dovecot.devicecount,cat /tmp/dovecot_device_count +UserParameter=dovecot.processes,ps -A |grep imap |wc -l +{% endif %} + +{% if item.name == 'lufi' %} +# Lufi +UserParameter=lufi[*],cat /tmp/lufi_stats | grep $1 | cut -d' ' -f2- +{% endif %} +{% if item.name == 'privatebin' %} +# PrivateBin +UserParameter=privatebin[*],cat /tmp/bin_stats | grep $1 | cut -d' ' -f2- +{% endif %} +{% if item.name == 'framadate' %} +# Framadate +UserParameter=framadate[*],cat /tmp/framadate_stats | grep $1 | cut -d' ' -f2- +{% endif %} +{% if item.name == 'etherpad' %} +# Etherpad +UserParameter=etherpad[*],cat /tmp/pad_stats | grep $1 | cut -d' ' -f2- +{% endif %} +{% if item.name == 'ethercalc' %} +# Ethercalc +UserParameter=ethercalc[*],cat /tmp/ethercalc_stats | grep $1 | cut -d' ' -f2- +{% endif %} +{% endfor %} diff --git a/templates/zabbix_agentd.conf.j2 b/templates/zabbix_agentd.conf.j2 new file mode 100644 index 0000000..aa7ce19 --- /dev/null +++ b/templates/zabbix_agentd.conf.j2 @@ -0,0 +1,394 @@ +# This is a configuration file for Zabbix agent daemon (Unix) +# To get more information about Zabbix, visit http://www.zabbix.com + +############ GENERAL PARAMETERS ################# + +### Option: PidFile +# Name of PID file. +# +# Mandatory: no +# Default: +# PidFile=/tmp/zabbix_agentd.pid + +PidFile={{ zabbix_agent_pid }} + +### Option: LogType +# Specifies where log messages are written to: +# system - syslog +# file - file specified with LogFile parameter +# console - standard output +# +# Mandatory: no +# Default: +# LogType=file + +### Option: LogFile +# Log file name for LogType 'file' parameter. +# +# Mandatory: no +# Default: +# LogFile= + +LogFile={{ zabbix_agent_logfile }} + +### Option: LogFileSize +# Maximum size of log file in MB. +# 0 - disable automatic log rotation. +# +# Mandatory: no +# Range: 0-1024 +# Default: +# LogFileSize=1 + +LogFileSize={{ zabbix_agent_log_size }} + +### Option: DebugLevel +# Specifies debug level: +# 0 - basic information about starting and stopping of Zabbix processes +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# 5 - extended debugging (produces even more information) +# +# Mandatory: no +# Range: 0-5 +# Default: +DebugLevel={{ zabbix_agent_debug_level }} + +### Option: SourceIP +# Source IP address for outgoing connections. +# +# Mandatory: no +# Default: +# SourceIP= + +### Option: EnableRemoteCommands +# Whether remote commands from Zabbix server are allowed. +# 0 - not allowed +# 1 - allowed +# +# Mandatory: no +# Default: +# EnableRemoteCommands=0 + +### Option: LogRemoteCommands +# Enable logging of executed shell commands as warnings. +# 0 - disabled +# 1 - enabled +# +# Mandatory: no +# Default: +# LogRemoteCommands=0 + +##### Passive checks related + +### Option: Server +# List of comma delimited IP addresses (or hostnames) of Zabbix servers. +# Incoming connections will be accepted only from the hosts listed here. +# If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally. +# +# Mandatory: no +# Default: +# Server= + +Server={{ zabbix_agent_server_address }} + +### Option: ListenPort +# Agent will listen on this port for connections from the server. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +ListenPort={{ zabbix_agent_listen_port }} + +### Option: ListenIP +# List of comma delimited IP addresses that the agent should listen on. +# First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks. +# +# Mandatory: no +# Default: +# ListenIP=0.0.0.0 + +### Option: StartAgents +# Number of pre-forked instances of zabbix_agentd that process passive checks. +# If set to 0, disables passive checks and the agent will not listen on any TCP port. +# +# Mandatory: no +# Range: 0-100 +# Default: +# StartAgents=3 + +##### Active checks related + +### Option: ServerActive +# List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks. +# If port is not specified, default port is used. +# IPv6 addresses must be enclosed in square brackets if port for that host is specified. +# If port is not specified, square brackets for IPv6 addresses are optional. +# If this parameter is not specified, active checks are disabled. +# Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1] +# +# Mandatory: no +# Default: +# ServerActive= + +ServerActive={{ zabbix_agent_server_address }} + +### Option: Hostname +# Unique, case sensitive hostname. +# Required for active checks and must match hostname as configured on the server. +# Value is acquired from HostnameItem if undefined. +# +# Mandatory: no +# Default: +# Hostname= + +Hostname={{ inventory_hostname }} + +### Option: HostnameItem +# Item used for generating Hostname if it is undefined. Ignored if Hostname is defined. +# Does not support UserParameters or aliases. +# +# Mandatory: no +# Default: +# HostnameItem=system.hostname + +### Option: HostMetadata +# Optional parameter that defines host metadata. +# Host metadata is used at host auto-registration process. +# An agent will issue an error and not start if the value is over limit of 255 characters. +# If not defined, value will be acquired from HostMetadataItem. +# +# Mandatory: no +# Range: 0-255 characters +# Default: +# HostMetadata= + +### Option: HostMetadataItem +# Optional parameter that defines an item used for getting host metadata. +# Host metadata is used at host auto-registration process. +# During an auto-registration request an agent will log a warning message if +# the value returned by specified item is over limit of 255 characters. +# This option is only used when HostMetadata is not defined. +# +# Mandatory: no +# Default: +# HostMetadataItem= + +### Option: RefreshActiveChecks +# How often list of active checks is refreshed, in seconds. +# +# Mandatory: no +# Range: 60-3600 +# Default: +# RefreshActiveChecks=120 + +### Option: BufferSend +# Do not keep data longer than N seconds in buffer. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# BufferSend=5 + +### Option: BufferSize +# Maximum number of values in a memory buffer. The agent will send +# all collected data to Zabbix Server or Proxy if the buffer is full. +# +# Mandatory: no +# Range: 2-65535 +# Default: +# BufferSize=100 + +### Option: MaxLinesPerSecond +# Maximum number of new lines the agent will send per second to Zabbix Server +# or Proxy processing 'log' and 'logrt' active checks. +# The provided value will be overridden by the parameter 'maxlines', +# provided in 'log' or 'logrt' item keys. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# MaxLinesPerSecond=20 + +############ ADVANCED PARAMETERS ################# + +### Option: Alias +# Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one. +# Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed. +# Different Alias keys may reference the same item key. +# For example, to retrieve the ID of user 'zabbix': +# Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1] +# Now shorthand key zabbix.userid may be used to retrieve data. +# Aliases can be used in HostMetadataItem but not in HostnameItem parameters. +# +# Mandatory: no +# Range: +# Default: + +### Option: Timeout +# Spend no more than Timeout seconds on processing +# +# Mandatory: no +# Range: 1-30 +# Default: +# Timeout=3 + +### Option: AllowRoot +# Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent +# will try to switch to the user specified by the User configuration option instead. +# Has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Default: +# AllowRoot=0 + +### Option: User +# Drop privileges to a specific, existing user on the system. +# Only has effect if run as 'root' and AllowRoot is disabled. +# +# Mandatory: no +# Default: +# User=zabbix + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +# Mandatory: no +# Default: +# Include= + +Include=/etc/zabbix/zabbix_agentd.d/*.conf + +# Include=/usr/local/etc/zabbix_agentd.userparams.conf +# Include=/usr/local/etc/zabbix_agentd.conf.d/ +# Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf + +####### USER-DEFINED MONITORED PARAMETERS ####### + +### Option: UnsafeUserParameters +# Allow all characters to be passed in arguments to user-defined parameters. +# The following characters are not allowed: +# \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @ +# Additionally, newline characters are not allowed. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Range: 0-1 +# Default: +# UnsafeUserParameters=0 + +### Option: UserParameter +# User-defined parameter to monitor. There can be several user-defined parameters. +# Format: UserParameter=, +# See 'zabbix_agentd' directory for examples. +# +# Mandatory: no +# Default: +# UserParameter= + +####### LOADABLE MODULES ####### + +### Option: LoadModulePath +# Full path to location of agent modules. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# LoadModulePath=${libdir}/modules + +### Option: LoadModule +# Module to load at agent startup. Modules are used to extend functionality of the agent. +# Format: LoadModule= +# The modules must be located in directory specified by LoadModulePath. +# It is allowed to include multiple LoadModule parameters. +# +# Mandatory: no +# Default: +# LoadModule= + +####### TLS-RELATED PARAMETERS ####### + +### Option: TLSConnect +# How the agent should connect to server or proxy. Used for active checks. +# Only one value can be specified: +# unencrypted - connect without encryption +# psk - connect using TLS and a pre-shared key +# cert - connect using TLS and a certificate +# +# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection) +# Default: +# TLSConnect=unencrypted + +### Option: TLSAccept +# What incoming connections to accept. +# Multiple values can be specified, separated by comma: +# unencrypted - accept connections without encryption +# psk - accept connections secured with TLS and a pre-shared key +# cert - accept connections secured with TLS and a certificate +# +# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection) +# Default: +# TLSAccept=unencrypted + +### Option: TLSCAFile +# Full pathname of a file containing the top-level CA(s) certificates for +# peer certificate verification. +# +# Mandatory: no +# Default: +# TLSCAFile= + +### Option: TLSCRLFile +# Full pathname of a file containing revoked certificates. +# +# Mandatory: no +# Default: +# TLSCRLFile= + +### Option: TLSServerCertIssuer +# Allowed server certificate issuer. +# +# Mandatory: no +# Default: +# TLSServerCertIssuer= + +### Option: TLSServerCertSubject +# Allowed server certificate subject. +# +# Mandatory: no +# Default: +# TLSServerCertSubject= + +### Option: TLSCertFile +# Full pathname of a file containing the agent certificate or certificate chain. +# +# Mandatory: no +# Default: +# TLSCertFile= + +### Option: TLSKeyFile +# Full pathname of a file containing the agent private key. +# +# Mandatory: no +# Default: +# TLSKeyFile= + +### Option: TLSPSKIdentity +# Unique, case sensitive string used to identify the pre-shared key. +# +# Mandatory: no +# Default: +# TLSPSKIdentity= + +### Option: TLSPSKFile +# Full pathname of a file containing the pre-shared key. +# +# Mandatory: no +# Default: +# TLSPSKFile= diff --git a/templates/zabbix_proxy.conf.j2 b/templates/zabbix_proxy.conf.j2 new file mode 100644 index 0000000..9a31ea3 --- /dev/null +++ b/templates/zabbix_proxy.conf.j2 @@ -0,0 +1,677 @@ +# This is a configuration file for Zabbix proxy daemon +# To get more information about Zabbix, visit http://www.zabbix.com + +############ GENERAL PARAMETERS ################# + +### Option: ProxyMode +# Proxy operating mode. +# 0 - proxy in the active mode +# 1 - proxy in the passive mode +# +# Mandatory: no +# Default: +ProxyMode={{ zabbix_proxy_mode }} + +### Option: Server +# IP address (or hostname) of Zabbix server. +# Active proxy will get configuration data from the server. +# For a proxy in the passive mode this parameter will be ignored. +# +# Mandatory: yes (if ProxyMode is set to 0) +# Default: +# Server= + +Server={{ zabbix_proxy_master_server }} + +### Option: ServerPort +# Port of Zabbix trapper on Zabbix server. +# For a proxy in the passive mode this parameter will be ignored. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# ServerPort=10051 + +### Option: Hostname +# Unique, case sensitive Proxy name. Make sure the Proxy name is known to the server! +# Value is acquired from HostnameItem if undefined. +# +# Mandatory: no +# Default: +Hostname={{ zabbix_proxy_hostname }} + + +### Option: HostnameItem +# Item used for generating Hostname if it is undefined. +# Ignored if Hostname is defined. +# +# Mandatory: no +# Default: +# HostnameItem=system.hostname + +### Option: ListenPort +# Listen port for trapper. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +ListenPort={{ zabbix_proxy_listen_port }} + +### Option: SourceIP +# Source IP address for outgoing connections. +# +# Mandatory: no +# Default: +# SourceIP= + +### Option: LogType +# Specifies where log messages are written to: +# system - syslog +# file - file specified with LogFile parameter +# console - standard output +# +# Mandatory: no +# Default: +# LogType=file + +### Option: LogFile +# Log file name for LogType 'file' parameter. +# +# Mandatory: no +# Default: +# LogFile= + +LogFile=/var/log/zabbix/zabbix_proxy.log + +### Option: LogFileSize +# Maximum size of log file in MB. +# 0 - disable automatic log rotation. +# +# Mandatory: no +# Range: 0-1024 +# Default: +# LogFileSize=1 + +LogFileSize={{ zabbix_proxy_file_size }} + +### Option: DebugLevel +# Specifies debug level: +# 0 - basic information about starting and stopping of Zabbix processes +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# 5 - extended debugging (produces even more information) +# +# Mandatory: no +# Range: 0-5 +# Default: +DebugLevel={{ zabbix_proxy_debug_level }} + +### Option: PidFile +# Name of PID file. +# +# Mandatory: no +# Default: +# PidFile=/tmp/zabbix_proxy.pid + +PidFile=/var/run/zabbix/zabbix_proxy.pid + +### Option: DBHost +# Database host name. +# If set to localhost, socket is used for MySQL. +# If set to empty string, socket is used for PostgreSQL. +# +# Mandatory: no +# Default: +DBHost={{ zabbix_proxy_db_host }} + +### Option: DBName +# Database name. +# For SQLite3 path to database file must be provided. DBUser and DBPassword are ignored. +# Warning: do not attempt to use the same database Zabbix server is using. +# +# Mandatory: yes +# Default: +DBName={{ zabbix_proxy_db_name }} + +### Option: DBSchema +# Schema name. Used for IBM DB2 and PostgreSQL. +# +# Mandatory: no +# Default: +# DBSchema= + +### Option: DBUser +# Database user. Ignored for SQLite. +# +# Default: +DBUser={{ zabbix_proxy_db_user }} + +### Option: DBPassword +# Database password. Ignored for SQLite. +# Comment this line if no password is used. +# +# Mandatory: no +# Default: +DBPassword={{ zabbix_proxy_db_passwd }} + +### Option: DBSocket +# Path to MySQL socket. +# +# Mandatory: no +# Default: +# DBSocket=/tmp/mysql.sock + +# Option: DBPort +# Database port when not using local socket. Ignored for SQLite. +# +# Mandatory: no +# Default (for MySQL): +# DBPort=3306 + +######### PROXY SPECIFIC PARAMETERS ############# + +### Option: ProxyLocalBuffer +# Proxy will keep data locally for N hours, even if the data have already been synced with the server. +# This parameter may be used if local data will be used by third party applications. +# +# Mandatory: no +# Range: 0-720 +# Default: +ProxyLocalBuffer={{ zabbix_proxy_local_buffer }} + +### Option: ProxyOfflineBuffer +# Proxy will keep data for N hours in case if no connectivity with Zabbix Server. +# Older data will be lost. +# +# Mandatory: no +# Range: 1-720 +# Default: +ProxyOfflineBuffer={{ zabbix_proxy_offline_buffer }} + +### Option: HeartbeatFrequency +# Frequency of heartbeat messages in seconds. +# Used for monitoring availability of Proxy on server side. +# 0 - heartbeat messages disabled. +# For a proxy in the passive mode this parameter will be ignored. +# +# Mandatory: no +# Range: 0-3600 +# Default: +HeartbeatFrequency={{ zabbix_proxy_heartbeat_freq }} + +### Option: ConfigFrequency +# How often proxy retrieves configuration data from Zabbix Server in seconds. +# For a proxy in the passive mode this parameter will be ignored. +# +# Mandatory: no +# Range: 1-3600*24*7 +# Default: +ConfigFrequency={{ zabbix_proxy_config_freq }} + +### Option: DataSenderFrequency +# Proxy will send collected data to the Server every N seconds. +# For a proxy in the passive mode this parameter will be ignored. +# +# Mandatory: no +# Range: 1-3600 +# Default: +DataSenderFrequency={{ zabbix_proxy_data_sernder_freq }} + +############ ADVANCED PARAMETERS ################ + +### Option: StartPollers +# Number of pre-forked instances of pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +StartPollers={{ zabbix_proxy_start_pollers }} + +### Option: StartIPMIPollers +# Number of pre-forked instances of IPMI pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +StartIPMIPollers={{ zabbix_proxy_ipmi_pollers }} + +### Option: StartPollersUnreachable +# Number of pre-forked instances of pollers for unreachable hosts (including IPMI and Java). +# At least one poller for unreachable hosts must be running if regular, IPMI or Java pollers +# are started. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollersUnreachable=1 + +### Option: StartTrappers +# Number of pre-forked instances of trappers. +# Trappers accept incoming connections from Zabbix sender and active agents. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartTrappers=5 + +### Option: StartPingers +# Number of pre-forked instances of ICMP pingers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPingers=1 + +### Option: StartDiscoverers +# Number of pre-forked instances of discoverers. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartDiscoverers=1 + +### Option: StartHTTPPollers +# Number of pre-forked instances of HTTP pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartHTTPPollers=1 + +### Option: JavaGateway +# IP address (or hostname) of Zabbix Java gateway. +# Only required if Java pollers are started. +# +# Mandatory: no +# Default: +# JavaGateway= + +### Option: JavaGatewayPort +# Port that Zabbix Java gateway listens on. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# JavaGatewayPort=10052 + +### Option: StartJavaPollers +# Number of pre-forked instances of Java pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartJavaPollers=0 + +### Option: StartVMwareCollectors +# Number of pre-forked vmware collector instances. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartVMwareCollectors=0 + +### Option: VMwareFrequency +# How often Zabbix will connect to VMware service to obtain a new data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwareFrequency=60 + +### Option: VMwarePerfFrequency +# How often Zabbix will connect to VMware service to obtain performance data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwarePerfFrequency=60 + +### Option: VMwareCacheSize +# Size of VMware cache, in bytes. +# Shared memory size for storing VMware data. +# Only used if VMware collectors are started. +# +# Mandatory: no +# Range: 256K-2G +# Default: +# VMwareCacheSize=8M + +### Option: VMwareTimeout +# Specifies how many seconds vmware collector waits for response from VMware service. +# +# Mandatory: no +# Range: 1-300 +# Default: +# VMwareTimeout=10 + +### Option: SNMPTrapperFile +# Temporary file used for passing data from SNMP trap daemon to the proxy. +# Must be the same as in zabbix_trap_receiver.pl or SNMPTT configuration file. +# +# Mandatory: no +# Default: +# SNMPTrapperFile=/tmp/zabbix_traps.tmp + +### Option: StartSNMPTrapper +# If 1, SNMP trapper process is started. +# +# Mandatory: no +# Range: 0-1 +# Default: +# StartSNMPTrapper=0 + +### Option: ListenIP +# List of comma delimited IP addresses that the trapper should listen on. +# Trapper will listen on all network interfaces if this parameter is missing. +# +# Mandatory: no +# Default: +# ListenIP=0.0.0.0 + +### Option: HousekeepingFrequency +# How often Zabbix will perform housekeeping procedure (in hours). +# Housekeeping is removing outdated information from the database. +# To prevent Housekeeper from being overloaded, no more than 4 times HousekeepingFrequency +# hours of outdated information are deleted in one housekeeping cycle. +# To lower load on proxy startup housekeeping is postponed for 30 minutes after proxy start. +# With HousekeepingFrequency=0 the housekeeper can be only executed using the runtime control option. +# In this case the period of outdated information deleted in one housekeeping cycle is 4 times the +# period since the last housekeeping cycle, but not less than 4 hours and not greater than 4 days. +# +# Mandatory: no +# Range: 0-24 +# Default: +# HousekeepingFrequency=1 + +### Option: CacheSize +# Size of configuration cache, in bytes. +# Shared memory size, for storing hosts and items data. +# +# Mandatory: no +# Range: 128K-8G +# Default: +# CacheSize=8M + +### Option: StartDBSyncers +# Number of pre-forked instances of DB Syncers. +# +# Mandatory: no +# Range: 1-100 +# Default: +# StartDBSyncers=4 + +### Option: HistoryCacheSize +# Size of history cache, in bytes. +# Shared memory size for storing history data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryCacheSize=16M + +### Option: HistoryIndexCacheSize +# Size of history index cache, in bytes. +# Shared memory size for indexing history cache. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryIndexCacheSize=4M + +### Option: Timeout +# Specifies how long we wait for agent, SNMP device or external check (in seconds). +# +# Mandatory: no +# Range: 1-30 +# Default: +# Timeout=3 + +Timeout=4 + +### Option: TrapperTimeout +# Specifies how many seconds trapper may spend processing new data. +# +# Mandatory: no +# Range: 1-300 +# Default: +# TrapperTimeout=300 + +### Option: UnreachablePeriod +# After how many seconds of unreachability treat a host as unavailable. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachablePeriod=45 + +### Option: UnavailableDelay +# How often host is checked for availability during the unavailability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnavailableDelay=60 + +### Option: UnreachableDelay +# How often host is checked for availability during the unreachability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachableDelay=15 + +### Option: ExternalScripts +# Full path to location of external scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# ExternalScripts=${datadir}/zabbix/externalscripts + +ExternalScripts=/usr/lib/zabbix/externalscripts + +### Option: FpingLocation +# Location of fping. +# Make sure that fping binary has root ownership and SUID flag set. +# +# Mandatory: no +# Default: +# FpingLocation=/usr/sbin/fping + +FpingLocation=/usr/bin/fping + +### Option: Fping6Location +# Location of fping6. +# Make sure that fping6 binary has root ownership and SUID flag set. +# Make empty if your fping utility is capable to process IPv6 addresses. +# +# Mandatory: no +# Default: +# Fping6Location=/usr/sbin/fping6 + +Fping6Location=/usr/bin/fping6 + +### Option: SSHKeyLocation +# Location of public and private keys for SSH checks and actions. +# +# Mandatory: no +# Default: +# SSHKeyLocation= + +### Option: LogSlowQueries +# How long a database query may take before being logged (in milliseconds). +# Only works if DebugLevel set to 3 or 4. +# 0 - don't log slow queries. +# +# Mandatory: no +# Range: 1-3600000 +# Default: +# LogSlowQueries=0 + +LogSlowQueries=3000 + +### Option: TmpDir +# Temporary directory. +# +# Mandatory: no +# Default: +# TmpDir=/tmp + +### Option: AllowRoot +# Allow the proxy to run as 'root'. If disabled and the proxy is started by 'root', the proxy +# will try to switch to the user specified by the User configuration option instead. +# Has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Default: +# AllowRoot=0 + +### Option: User +# Drop privileges to a specific, existing user on the system. +# Only has effect if run as 'root' and AllowRoot is disabled. +# +# Mandatory: no +# Default: +# User=zabbix + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +# Mandatory: no +# Default: +# Include= + +# Include=/usr/local/etc/zabbix_proxy.general.conf +# Include=/usr/local/etc/zabbix_proxy.conf.d/ +# Include=/usr/local/etc/zabbix_proxy.conf.d/*.conf + +### Option: SSLCertLocation +# Location of SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLCertLocation=${datadir}/zabbix/ssl/certs + +### Option: SSLKeyLocation +# Location of private keys for SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLKeyLocation=${datadir}/zabbix/ssl/keys + +### Option: SSLCALocation +# Location of certificate authority (CA) files for SSL server certificate verification. +# If not set, system-wide directory will be used. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLCALocation= + +####### LOADABLE MODULES ####### + +### Option: LoadModulePath +# Full path to location of proxy modules. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# LoadModulePath=${libdir}/modules + +### Option: LoadModule +# Module to load at proxy startup. Modules are used to extend functionality of the proxy. +# Format: LoadModule= +# The modules must be located in directory specified by LoadModulePath. +# It is allowed to include multiple LoadModule parameters. +# +# Mandatory: no +# Default: +# LoadModule= + +####### TLS-RELATED PARAMETERS ####### + +### Option: TLSConnect +# How the proxy should connect to Zabbix server. Used for an active proxy, ignored on a passive proxy. +# Only one value can be specified: +# unencrypted - connect without encryption +# psk - connect using TLS and a pre-shared key +# cert - connect using TLS and a certificate +# +# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection) +# Default: +# TLSConnect=unencrypted + +### Option: TLSAccept +# What incoming connections to accept from Zabbix server. Used for a passive proxy, ignored on an active proxy. +# Multiple values can be specified, separated by comma: +# unencrypted - accept connections without encryption +# psk - accept connections secured with TLS and a pre-shared key +# cert - accept connections secured with TLS and a certificate +# +# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection) +# Default: +# TLSAccept=unencrypted + +### Option: TLSCAFile +# Full pathname of a file containing the top-level CA(s) certificates for +# peer certificate verification. +# +# Mandatory: no +# Default: +# TLSCAFile= + +### Option: TLSCRLFile +# Full pathname of a file containing revoked certificates. +# +# Mandatory: no +# Default: +# TLSCRLFile= + +### Option: TLSServerCertIssuer +# Allowed server certificate issuer. +# +# Mandatory: no +# Default: +# TLSServerCertIssuer= + +### Option: TLSServerCertSubject +# Allowed server certificate subject. +# +# Mandatory: no +# Default: +# TLSServerCertSubject= + +### Option: TLSCertFile +# Full pathname of a file containing the proxy certificate or certificate chain. +# +# Mandatory: no +# Default: +# TLSCertFile= + +### Option: TLSKeyFile +# Full pathname of a file containing the proxy private key. +# +# Mandatory: no +# Default: +# TLSKeyFile= + +### Option: TLSPSKIdentity +# Unique, case sensitive string used to identify the pre-shared key. +# +# Mandatory: no +# Default: +# TLSPSKIdentity= + +### Option: TLSPSKFile +# Full pathname of a file containing the pre-shared key. +# +# Mandatory: no +# Default: +# TLSPSKFile= diff --git a/templates/zabbix_server.conf.j2 b/templates/zabbix_server.conf.j2 new file mode 100644 index 0000000..3af0819 --- /dev/null +++ b/templates/zabbix_server.conf.j2 @@ -0,0 +1,643 @@ +# This is a configuration file for Zabbix server daemon +# To get more information about Zabbix, visit http://www.zabbix.com + +############ GENERAL PARAMETERS ################# + +### Option: ListenPort +# Listen port for trapper. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +ListenPort={{ zabbix_server_listen_port }} + +### Option: SourceIP +# Source IP address for outgoing connections. +# +# Mandatory: no +# Default: +# SourceIP= + +### Option: LogType +# Specifies where log messages are written to: +# system - syslog +# file - file specified with LogFile parameter +# console - standard output +# +# Mandatory: no +# Default: +# LogType=file + +### Option: LogFile +# Log file name for LogType 'file' parameter. +# +# Mandatory: no +# Default: +# LogFile= + +LogFile={{ zabbix_server_log_path }} + +### Option: LogFileSize +# Maximum size of log file in MB. +# 0 - disable automatic log rotation. +# +# Mandatory: no +# Range: 0-1024 +# Default: +# LogFileSize=1 + +LogFileSize={{ zabbix_server_log_size }} + +### Option: DebugLevel +# Specifies debug level: +# 0 - basic information about starting and stopping of Zabbix processes +# 1 - critical information +# 2 - error information +# 3 - warnings +# 4 - for debugging (produces lots of information) +# 5 - extended debugging (produces even more information) +# +# Mandatory: no +# Range: 0-5 +# Default: +DebugLevel={{ zabbix_debug_level }} + +### Option: PidFile +# Name of PID file. +# +# Mandatory: no +# Default: +# PidFile=/tmp/zabbix_server.pid + +PidFile=/var/run/zabbix/zabbix_server.pid + +### Option: DBHost +# Database host name. +# If set to localhost, socket is used for MySQL. +# If set to empty string, socket is used for PostgreSQL. +# +# Mandatory: no +# Default: +DBHost={{ zabbix_server_db_host }} + +### Option: DBName +# Database name. +# For SQLite3 path to database file must be provided. DBUser and DBPassword are ignored. +# +# Mandatory: yes +# Default: +# DBName= + +DBName={{ zabbix_server_db_name }} + +### Option: DBSchema +# Schema name. Used for IBM DB2 and PostgreSQL. +# +# Mandatory: no +# Default: +# DBSchema= + +### Option: DBUser +# Database user. Ignored for SQLite. +# +# Mandatory: no +# Default: +# DBUser= + +DBUser={{ zabbix_server_db_user }} + +### Option: DBPassword +# Database password. Ignored for SQLite. +# Comment this line if no password is used. +# +# Mandatory: no +# Default: +DBPassword={{ zabbix_server_db_passwd }} + +### Option: DBSocket +# Path to MySQL socket. +# +# Mandatory: no +# Default: +# DBSocket=/tmp/mysql.sock + +### Option: DBPort +# Database port when not using local socket. Ignored for SQLite. +# +# Mandatory: no +# Range: 1024-65535 +# Default (for MySQL): +# DBPort=3306 + +############ ADVANCED PARAMETERS ################ + +### Option: StartPollers +# Number of pre-forked instances of pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +StartPollers={{ zabbix_server_pollers }} + +### Option: StartIPMIPollers +# Number of pre-forked instances of IPMI pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartIPMIPollers={{ zabbix_server_ipmi_pollers }} + +### Option: StartPollersUnreachable +# Number of pre-forked instances of pollers for unreachable hosts (including IPMI and Java). +# At least one poller for unreachable hosts must be running if regular, IPMI or Java pollers +# are started. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPollersUnreachable=1 + +### Option: StartTrappers +# Number of pre-forked instances of trappers. +# Trappers accept incoming connections from Zabbix sender, active agents and active proxies. +# At least one trapper process must be running to display server availability and view queue +# in the frontend. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartTrappers=5 + +### Option: StartPingers +# Number of pre-forked instances of ICMP pingers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartPingers=1 + +### Option: StartDiscoverers +# Number of pre-forked instances of discoverers. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartDiscoverers=1 + +### Option: StartHTTPPollers +# Number of pre-forked instances of HTTP pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartHTTPPollers=1 + +### Option: StartTimers +# Number of pre-forked instances of timers. +# Timers process time-based trigger functions and maintenance periods. +# Only the first timer process handles the maintenance periods. +# +# Mandatory: no +# Range: 1-1000 +# Default: +# StartTimers=1 + +### Option: StartEscalators +# Number of pre-forked instances of escalators. +# +# Mandatory: no +# Range: 0-100 +# Default: +# StartEscalators=1 + +### Option: JavaGateway +# IP address (or hostname) of Zabbix Java gateway. +# Only required if Java pollers are started. +# +# Mandatory: no +# Default: +# JavaGateway= + +### Option: JavaGatewayPort +# Port that Zabbix Java gateway listens on. +# +# Mandatory: no +# Range: 1024-32767 +# Default: +# JavaGatewayPort=10052 + +### Option: StartJavaPollers +# Number of pre-forked instances of Java pollers. +# +# Mandatory: no +# Range: 0-1000 +# Default: +# StartJavaPollers=0 + +### Option: StartVMwareCollectors +# Number of pre-forked vmware collector instances. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartVMwareCollectors=0 + +### Option: VMwareFrequency +# How often Zabbix will connect to VMware service to obtain a new data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwareFrequency=60 + +### Option: VMwarePerfFrequency +# How often Zabbix will connect to VMware service to obtain performance data. +# +# Mandatory: no +# Range: 10-86400 +# Default: +# VMwarePerfFrequency=60 + +### Option: VMwareCacheSize +# Size of VMware cache, in bytes. +# Shared memory size for storing VMware data. +# Only used if VMware collectors are started. +# +# Mandatory: no +# Range: 256K-2G +# Default: +# VMwareCacheSize=8M + +### Option: VMwareTimeout +# Specifies how many seconds vmware collector waits for response from VMware service. +# +# Mandatory: no +# Range: 1-300 +# Default: +# VMwareTimeout=10 + +### Option: SNMPTrapperFile +# Temporary file used for passing data from SNMP trap daemon to the server. +# Must be the same as in zabbix_trap_receiver.pl or SNMPTT configuration file. +# +# Mandatory: no +# Default: +# SNMPTrapperFile=/tmp/zabbix_traps.tmp + +### Option: StartSNMPTrapper +# If 1, SNMP trapper process is started. +# +# Mandatory: no +# Range: 0-1 +# Default: +# StartSNMPTrapper=0 + +### Option: ListenIP +# List of comma delimited IP addresses that the trapper should listen on. +# Trapper will listen on all network interfaces if this parameter is missing. +# +# Mandatory: no +# Default: +# ListenIP=0.0.0.0 + +ListenIP=0.0.0.0 + +### Option: HousekeepingFrequency +# How often Zabbix will perform housekeeping procedure (in hours). +# Housekeeping is removing outdated information from the database. +# To prevent Housekeeper from being overloaded, no more than 4 times HousekeepingFrequency +# hours of outdated information are deleted in one housekeeping cycle, for each item. +# To lower load on server startup housekeeping is postponed for 30 minutes after server start. +# With HousekeepingFrequency=0 the housekeeper can be only executed using the runtime control option. +# In this case the period of outdated information deleted in one housekeeping cycle is 4 times the +# period since the last housekeeping cycle, but not less than 4 hours and not greater than 4 days. +# +# Mandatory: no +# Range: 0-24 +# Default: +# HousekeepingFrequency=1 + +### Option: MaxHousekeeperDelete +# The table "housekeeper" contains "tasks" for housekeeping procedure in the format: +# [housekeeperid], [tablename], [field], [value]. +# No more than 'MaxHousekeeperDelete' rows (corresponding to [tablename], [field], [value]) +# will be deleted per one task in one housekeeping cycle. +# SQLite3 does not use this parameter, deletes all corresponding rows without a limit. +# If set to 0 then no limit is used at all. In this case you must know what you are doing! +# +# Mandatory: no +# Range: 0-1000000 +# Default: +# MaxHousekeeperDelete=5000 + +### Option: SenderFrequency +# How often Zabbix will try to send unsent alerts (in seconds). +# +# Mandatory: no +# Range: 5-3600 +# Default: +# SenderFrequency=30 + +### Option: CacheSize +# Size of configuration cache, in bytes. +# Shared memory size for storing host, item and trigger data. +# +# Mandatory: no +# Range: 128K-8G +# Default: +CacheSize={{ zabbix_cachesize }} + +### Option: CacheUpdateFrequency +# How often Zabbix will perform update of configuration cache, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# CacheUpdateFrequency=60 + +### Option: StartDBSyncers +# Number of pre-forked instances of DB Syncers. +# +# Mandatory: no +# Range: 1-100 +# Default: +# StartDBSyncers=4 + +### Option: HistoryCacheSize +# Size of history cache, in bytes. +# Shared memory size for storing history data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryCacheSize=16M + +### Option: HistoryIndexCacheSize +# Size of history index cache, in bytes. +# Shared memory size for indexing history cache. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# HistoryIndexCacheSize=4M + +### Option: TrendCacheSize +# Size of trend cache, in bytes. +# Shared memory size for storing trends data. +# +# Mandatory: no +# Range: 128K-2G +# Default: +# TrendCacheSize=4M + +### Option: ValueCacheSize +# Size of history value cache, in bytes. +# Shared memory size for caching item history data requests. +# Setting to 0 disables value cache. +# +# Mandatory: no +# Range: 0,128K-64G +# Default: +# ValueCacheSize=8M + +### Option: Timeout +# Specifies how long we wait for agent, SNMP device or external check (in seconds). +# +# Mandatory: no +# Range: 1-30 +# Default: +# Timeout=3 + +Timeout={{ zabbix_server_timeout }} + +### Option: TrapperTimeout +# Specifies how many seconds trapper may spend processing new data. +# +# Mandatory: no +# Range: 1-300 +# Default: +# TrapperTimeout=300 + +### Option: UnreachablePeriod +# After how many seconds of unreachability treat a host as unavailable. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachablePeriod=45 + +### Option: UnavailableDelay +# How often host is checked for availability during the unavailability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnavailableDelay=60 + +### Option: UnreachableDelay +# How often host is checked for availability during the unreachability period, in seconds. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# UnreachableDelay=15 + +### Option: AlertScriptsPath +# Full path to location of custom alert scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# AlertScriptsPath=${datadir}/zabbix/alertscripts + +AlertScriptsPath={{ zabbix_server_alert_scripts }} + +### Option: ExternalScripts +# Full path to location of external scripts. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# ExternalScripts=${datadir}/zabbix/externalscripts + +ExternalScripts={{ zabbix_server_external_scripts }} + +### Option: FpingLocation +# Location of fping. +# Make sure that fping binary has root ownership and SUID flag set. +# +# Mandatory: no +# Default: +# FpingLocation=/usr/sbin/fping + +FpingLocation={{ zabbix_server_fping }} + +### Option: Fping6Location +# Location of fping6. +# Make sure that fping6 binary has root ownership and SUID flag set. +# Make empty if your fping utility is capable to process IPv6 addresses. +# +# Mandatory: no +# Default: +# Fping6Location=/usr/sbin/fping6 + +Fping6Location={{ zabbix_server_fping6 }} + +### Option: SSHKeyLocation +# Location of public and private keys for SSH checks and actions. +# +# Mandatory: no +# Default: +# SSHKeyLocation= + +### Option: LogSlowQueries +# How long a database query may take before being logged (in milliseconds). +# Only works if DebugLevel set to 3, 4 or 5. +# 0 - don't log slow queries. +# +# Mandatory: no +# Range: 1-3600000 +# Default: +# LogSlowQueries=0 + +LogSlowQueries={{ zabbix_server_queries_slow }} + +### Option: TmpDir +# Temporary directory. +# +# Mandatory: no +# Default: +# TmpDir=/tmp + +### Option: StartProxyPollers +# Number of pre-forked instances of pollers for passive proxies. +# +# Mandatory: no +# Range: 0-250 +# Default: +# StartProxyPollers=1 + +### Option: ProxyConfigFrequency +# How often Zabbix Server sends configuration data to a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600*24*7 +# Default: +# ProxyConfigFrequency=3600 + +### Option: ProxyDataFrequency +# How often Zabbix Server requests history data from a Zabbix Proxy in seconds. +# This parameter is used only for proxies in the passive mode. +# +# Mandatory: no +# Range: 1-3600 +# Default: +# ProxyDataFrequency=1 + +### Option: AllowRoot +# Allow the server to run as 'root'. If disabled and the server is started by 'root', the server +# will try to switch to the user specified by the User configuration option instead. +# Has no effect if started under a regular user. +# 0 - do not allow +# 1 - allow +# +# Mandatory: no +# Default: +# AllowRoot=0 + +### Option: User +# Drop privileges to a specific, existing user on the system. +# Only has effect if run as 'root' and AllowRoot is disabled. +# +# Mandatory: no +# Default: +# User=zabbix + +### Option: Include +# You may include individual files or all files in a directory in the configuration file. +# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time. +# +# Mandatory: no +# Default: +# Include= + +# Include=/usr/local/etc/zabbix_server.general.conf +# Include=/usr/local/etc/zabbix_server.conf.d/ +# Include=/usr/local/etc/zabbix_server.conf.d/*.conf + +### Option: SSLCertLocation +# Location of SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLCertLocation=${datadir}/zabbix/ssl/certs + +### Option: SSLKeyLocation +# Location of private keys for SSL client certificates. +# This parameter is used only in web monitoring. +# +# Mandatory: no +# Default: +# SSLKeyLocation=${datadir}/zabbix/ssl/keys + +### Option: SSLCALocation +# Override the location of certificate authority (CA) files for SSL server certificate verification. +# If not set, system-wide directory will be used. +# This parameter is used only in web monitoring and SMTP authentication. +# +# Mandatory: no +# Default: +# SSLCALocation= + +####### LOADABLE MODULES ####### + +### Option: LoadModulePath +# Full path to location of server modules. +# Default depends on compilation options. +# +# Mandatory: no +# Default: +# LoadModulePath=${libdir}/modules + +### Option: LoadModule +# Module to load at server startup. Modules are used to extend functionality of the server. +# Format: LoadModule= +# The modules must be located in directory specified by LoadModulePath. +# It is allowed to include multiple LoadModule parameters. +# +# Mandatory: no +# Default: +# LoadModule= + +####### TLS-RELATED PARAMETERS ####### + +### Option: TLSCAFile +# Full pathname of a file containing the top-level CA(s) certificates for +# peer certificate verification. +# +# Mandatory: no +# Default: +# TLSCAFile= + +### Option: TLSCRLFile +# Full pathname of a file containing revoked certificates. +# +# Mandatory: no +# Default: +# TLSCRLFile= + +### Option: TLSCertFile +# Full pathname of a file containing the server certificate or certificate chain. +# +# Mandatory: no +# Default: +# TLSCertFile= + +### Option: TLSKeyFile +# Full pathname of a file containing the server private key. +# +# Mandatory: no +# Default: +# TLSKeyFile=