Commit 6858cc52 authored by Lars Beckers's avatar Lars Beckers
Browse files

lint yaml files

parent f0491031
---
extends: default
rules:
comments-indentation:
level: warning
document-start:
level: error
empty-lines:
max: 1
empty-values:
forbid-in-flow-mappings: true
forbid-in-block-mappings: true
line-length:
level: warning
octal-values:
forbid-implicit-octal: true
level: warning
......@@ -2,4 +2,3 @@
- name: restart zabbix agent
service: name=zabbix-agent state=restarted
---
- name: ensure the agent package is installed
apt: name=zabbix-agent state=latest
apt:
name: zabbix-agent
state: present
notify:
- restart zabbix agent
tags:
- packages
- zabbix
- name: ensure the agent is configured
template: src=zabbix_agentd.conf.j2 dest=/etc/zabbix/zabbix_agentd.conf
template:
src: zabbix_agentd.conf.j2
dest: /etc/zabbix/zabbix_agentd.conf
notify:
- restart zabbix agent
tags:
- zabbix
# TODO
#- name: create directory for external scripts
# file: path=/usr/local/lib/zabbix/externalscripts state=directory owner=root group=root mode=0755
# tags:
# - service
# - zabbix
# - name: create directory for external scripts
# file:
# path: /usr/local/lib/zabbix/externalscripts
# state: directory
# owner: root
# group: root
# mode: '0755'
# tags:
# - zabbix
- name: ensure the server is enabled and running
service: name=zabbix-agent state=started enabled=yes
service:
name: zabbix-agent
state: started
enabled: true
tags:
- service
- zabbix
- name: ensure zabbix-smart-check is installed
......@@ -36,7 +45,7 @@
state: present
when: "'baremetal' in group_names"
tags:
- packages
- zabbix
- hardware-tools
- chr
......
---
zabbix_configure_webserver: yes
zabbix_configure_webserver: true
......@@ -15,4 +15,3 @@
- name: restart nginx
service: name=nginx state=restarted
---
- name: ensure the frontend package is installed
apt: name=zabbix-frontend-php state=latest
apt:
name: zabbix-frontend-php
state: present
notify:
- restart zabbix frontend
tags:
- packages
- zabbix
- name: ensure php5-pgsql is available
apt: name=php5-pgsql state=latest
apt:
name: php5-pgsql
state: present
notify:
- restart zabbix frontend
tags:
- packages
- zabbix
- name: ensure a user executing the app exists
user: name=zabbix system=yes home=/usr/share/zabbix shell=/usr/sbin/nologin createhome=no group=zabbix state=present
user:
name: zabbix
system: true
home: /usr/share/zabbix
shell: /usr/sbin/nologin
createhome: false
group: zabbix
state: present
notify:
- restart zabbix frontend
tags:
- user
- zabbix
- name: ensure the database server listens on the external interface
replace: dest=/etc/postgresql/9.6/main/postgresql.conf regexp="#listen_addresses = 'localhost'" replace="listen_addresses = '*'"
replace:
dest: /etc/postgresql/9.6/main/postgresql.conf
regexp: "#listen_addresses = 'localhost'"
replace: "listen_addresses = '*'"
notify:
- restart postgres
delegate_to: "{{ zabbix_db_host }}"
......@@ -34,7 +45,13 @@
- zabbix
- name: ensure the database server allows connections from the server
lineinfile: dest=/etc/postgresql/9.6/main/pg_hba.conf insertafter="host all all 127.0.0.1/32 md5" line="host {{ zabbix_db_name }} {{ zabbix_db_user }} {{ ansible_fqdn }} md5" state=present
lineinfile:
dest: /etc/postgresql/9.6/main/pg_hba.conf
# yamllint disable-line rule:line-length
insertafter: "host all all 127.0.0.1/32 md5"
# yamllint disable-line rule:line-length
line: "host {{ zabbix_db_name }} {{ zabbix_db_user }} {{ ansible_fqdn }} md5"
state: present
notify:
- restart postgres
delegate_to: "{{ zabbix_db_host }}"
......
---
- name: update apt cache
apt: update_cache=yes
apt: update_cache=true
---
# this essentially does what zabbix-release does, but does not mitigate package signing
# this essentially does what zabbix-release does
# but does not mitigate package signing
- name: ensure apt got the key to verify the zabbix repo
apt_key: data="{{lookup('file', 'zabbix.gpg')}}" state=present
apt_key:
data: "{{lookup('file', 'zabbix.gpg')}}"
state: present
notify:
- update apt cache
tags:
- packages
- repos
- zabbix
- name: ensure apt knows about the zabbix repo
apt_repository: repo={{ item }} state=absent
- name: ensure apt doest not know about old zabbix repos
apt_repository:
repo: "{{ item }}"
state: absent
with_items:
- 'deb http://repo.zabbix.com/zabbix/3.0/debian {{ debian_version }} main'
# yamllint disable-line rule:line-length
- 'deb-src http://repo.zabbix.com/zabbix/3.0/debian {{ debian_version }} main'
notify:
- update apt cache
tags:
- packages
- repos
- zabbix
- name: ensure apt knows about the zabbix repo
apt_repository: repo={{ item }} state=present
- name: ensure apt knows about the current zabbix repo
apt_repository:
repo: "{{ item }}"
state: present
with_items:
- 'deb http://repo.zabbix.com/zabbix/3.4/debian {{ debian_version }} main'
# yamllint disable-line rule:line-length
- 'deb-src http://repo.zabbix.com/zabbix/3.4/debian {{debian_version }} main'
notify:
- update apt cache
tags:
- packages
- repos
- zabbix
- name: ensure chr's key is present
apt_key: data="{{lookup('file', 'chr.gpg')}}" state=present
apt_key:
data: "{{lookup('file', 'chr.gpg')}}"
state: present
notify:
- update apt cache
tags:
- packages
- repos
- repos
- zabbix
- chr
- name: ensure chr's repo is present
apt_repository: repo={{ item }} state=present
apt_repository:
repo: "{{ item }}"
state: present
with_items:
- 'deb http://repository.chr.istoph.de/ubuntu xenial main'
notify:
- update apt cache
tags:
- packages
- repos
- zabbix
- chr
......
......@@ -6,4 +6,3 @@
- name: restart postgres
service: name=postgresql state=restarted
delegate_to: "{{ zabbix_db_host }}"
......@@ -2,7 +2,10 @@
# recommends install postgres database and snmpd services
- name: ensure the server package is installed
apt: name=zabbix-server-pgsql state=latest install_recommends=no
apt:
name: zabbix-server-pgsql
state: present
install_recommends: false
notify:
- restart zabbix server
tags:
......@@ -10,51 +13,70 @@
- zabbix
- name: ensure proper configuration of the server
template: src=zabbix_server.conf.j2 dest=/etc/zabbix/zabbix_server.conf
template:
src: zabbix_server.conf.j2
dest: /etc/zabbix/zabbix_server.conf
notify:
- restart zabbix server
tags:
- config
- zabbix
- name: ensure the zabbix user has a home directory
file: path=/var/lib/zabbix state=directory owner=zabbix group=zabbix
file:
path: /var/lib/zabbix
state: directory
owner: zabbix
group: zabbix
tags:
- config
- zabbix
- name: ensure the zabbix user has a pgpass file
template: src=pgpass.j2 dest=/var/lib/zabbix/.pgpass owner=zabbix group=zabbix mode=0600
template:
src: pgpass.j2
dest: /var/lib/zabbix/.pgpass
owner: zabbix
group: zabbix
mode: '0600'
tags:
- config
- database
- zabbix
- name: ensure there is the parition optimization sql file
copy: src=zabbix-partition.sql dest=/usr/share/doc/zabbix-server-pgsql/zabbix-partition.sql
copy:
src: zabbix-partition.sql
dest: /usr/share/doc/zabbix-server-pgsql/zabbix-partition.sql
tags:
- database
- zabbix
- name: ensure there is the commentcounts sql file
copy: src=commentcounts.sql dest=/usr/share/doc/zabbix-server-pgsql/commentcounts.sql
copy:
src: commentcounts.sql
dest: /usr/share/doc/zabbix-server-pgsql/commentcounts.sql
tags:
- database
- zabbix
- name: ensure we have a user on the database server
postgresql_user: name="{{ zabbix_db_user }}" password="{{ zabbix_db_password }}" state=present role_attr_flags=NOSUPERUSER,NOCREATEDB
become: yes
postgresql_user:
name: "{{ zabbix_db_user }}"
password: "{{ zabbix_db_password }}"
state: present
role_attr_flags: NOSUPERUSER,NOCREATEDB
become: true
become_user: postgres
no_log: True
no_log: true
delegate_to: "{{ zabbix_db_host }}"
tags:
- database
- zabbix
- name: ensure we have a database on the database server
postgresql_db: name="{{ zabbix_db_name }}" owner="{{ zabbix_db_user }}" state=present
become: yes
postgresql_db:
name: "{{ zabbix_db_name }}"
owner: "{{ zabbix_db_user }}"
state: present
become: true
become_user: postgres
delegate_to: "{{ zabbix_db_host }}"
tags:
......@@ -62,8 +84,13 @@
- zabbix
- name: ensure our user has the necessary privileges for the database
postgresql_privs: database="{{ zabbix_db_name }}" roles="{{ zabbix_db_user }}" privs=ALL state=present type=database
become: yes
postgresql_privs:
database: "{{ zabbix_db_name }}"
roles: "{{ zabbix_db_user }}"
privs: ALL
state: present
type: database
become: true
become_user: postgres
delegate_to: "{{ zabbix_db_host }}"
tags:
......@@ -71,7 +98,10 @@
- zabbix
- name: ensure the database server listens on the external interface
replace: dest=/etc/postgresql/9.6/main/postgresql.conf regexp="#listen_addresses = 'localhost'" replace="listen_addresses = '*'"
replace:
dest: /etc/postgresql/9.6/main/postgresql.conf
regexp: "#listen_addresses = 'localhost'"
replace: "listen_addresses = '*'"
notify:
- restart postgres
delegate_to: "{{ zabbix_db_host }}"
......@@ -80,7 +110,13 @@
- zabbix
- name: ensure the database server allows connections from the server
lineinfile: dest=/etc/postgresql/9.6/main/pg_hba.conf insertafter="host all all 127.0.0.1/32 md5" line="host {{ zabbix_db_name }} {{ zabbix_db_user }} {{ ansible_fqdn }} md5" state=present
lineinfile:
dest: /etc/postgresql/9.6/main/pg_hba.conf
# yamllint disable-line rule:line-length
insertafter: "host all all 127.0.0.1/32 md5"
# yamllint disable-line rule:line-length
line: "host {{ zabbix_db_name }} {{ zabbix_db_user }} {{ ansible_fqdn }} md5"
state: present
notify:
- restart postgres
delegate_to: "{{ zabbix_db_host }}"
......@@ -91,10 +127,11 @@
- meta: flush_handlers
- name: apply database schema
# yamllint disable-line rule:line-length
shell: zcat /usr/share/doc/zabbix-server-pgsql/create.sql.gz | psql -h {{ zabbix_db_host }} -U {{ zabbix_db_user }} -w -d {{ zabbix_db_name }} && touch /var/lib/zabbix/.db_schema_created
args:
creates: /var/lib/zabbix/.db_schema_created
become: yes
become: true
become_user: zabbix
notify:
- restart zabbix server
......@@ -103,10 +140,11 @@
- zabbix
- name: apply database schema optimization
# yamllint disable-line rule:line-length
shell: psql -h {{ zabbix_db_host }} -U {{ zabbix_db_user }} -w -d {{ zabbix_db_name }} -f /usr/share/doc/zabbix-server-pgsql/zabbix-partition.sql && touch /var/lib/zabbix/.db_schema_optimized
args:
creates: /var/lib/zabbix/.db_schema_optimized
become: yes
become: true
become_user: zabbix
notify:
- restart zabbix server
......@@ -115,10 +153,11 @@
- zabbix
- name: apply database commentcounts function
# yamllint disable-line rule:line-length
shell: psql -h {{ zabbix_db_host }} -U {{ zabbix_db_user }} -w -d {{ zabbix_db_name }} -f /usr/share/doc/zabbix-server-pgsql/commentcounts.sql && touch /var/lib/zabbix/.db_schema_countfunc
args:
creates: /var/lib/zabbix/.db_schema_countfunc
become: yes
become: true
become_user: zabbix
notify:
- restart zabbix server
......@@ -127,7 +166,7 @@
- zabbix
- name: ensure rows are counted regularily and saved in comment
cron:
cron:
name: "count rows"
special_time: monthly
job: psql zabbix -c "select * from zbx_update_partition_table_comments();"
......@@ -144,7 +183,7 @@
dest: /usr/local/bin/
owner: root
group: root
mode: 0755
mode: '0755'
delegate_to: "{{ zabbix_db_host }}"
tags:
- database
......@@ -154,30 +193,31 @@
cron:
name: "clean zabbix-db {{item.table}} partition"
special_time: monthly
# yamllint disable-line rule:line-length
job: "/usr/local/bin/partition-cleanup.py public.{{item.table}} --months {{item.months}}"
state: present
user: postgres
delegate_to: "{{ zabbix_db_host }}"
with_items:
- { table: "history", months: 4 }
- { table: "history_str", months: 4 }
- { table: "history_text", months: 4 }
- { table: "history_uint", months: 4 }
- { table: "trends", months: 13 }
- { table: "trends_uint", months: 13 }
- {table: "history", months: 4}
- {table: "history_str", months: 4}
- {table: "history_text", months: 4}
- {table: "history_uint", months: 4}
- {table: "trends", months: 13}
- {table: "trends_uint", months: 13}
tags:
- database
- zabbix
- name: include snmp-features
include: snmp.yml
import_tasks: snmp.yml
- name: ensure the server is enabled and running
service: name=zabbix-server state=started enabled=yes
service:
name: zabbix-server
state: started
enabled: true
tags:
- service
- zabbix
- meta: flush_handlers
---
- name: ensure snmp software is installed
apt:
name:
......@@ -7,17 +8,15 @@
state: present
tags:
- snmp
- software
- name: ensure the correct snmp.conf is present
copy: src=snmp.conf dest=/etc/snmp/snmp.conf
tags:
copy:
src: snmp.conf
dest: /etc/snmp/snmp.conf
tags:
- snmp
- config
- name: ensure the snmp MIB libs are present
command: download-mibs
tags:
- snmp
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment