├── .github
└── workflows
│ └── commitlint.yml
├── .gitignore
├── .gitlab-ci.yml
├── .pre-commit-config.yaml
├── .rstcheck.cfg
├── .rubocop.yml
├── .salt-lint
├── .travis.yml
├── .yamllint
├── AUTHORS.md
├── CHANGELOG.md
├── CHANGELOG.rst
├── CODEOWNERS
├── FORMULA
├── Gemfile
├── Gemfile.lock
├── LICENSE
├── bin
├── install-hooks
└── kitchen
├── commitlint.config.js
├── docs
├── AUTHORS.rst
├── CHANGELOG.rst
├── README.rst
└── TOFS_pattern.rst
├── kitchen.yml
├── pillar.example
├── pre-commit_semantic-release.sh
├── release-rules.js
├── release.config.js
├── test
├── integration
│ ├── default
│ │ ├── README.md
│ │ ├── controls
│ │ │ ├── config_spec.rb
│ │ │ ├── packages_spec.rb
│ │ │ └── services_spec.rb
│ │ └── inspec.yml
│ └── share
│ │ ├── README.md
│ │ ├── inspec.yml
│ │ └── libraries
│ │ └── system.rb
└── salt
│ └── pillar
│ └── default.sls
└── zabbix
├── _mapdata
├── _mapdata.jinja
└── init.sls
├── agent
├── conf.sls
├── init.sls
└── repo.sls
├── debconf.sls
├── defaults.yaml
├── files
└── default
│ ├── etc
│ └── zabbix
│ │ ├── web
│ │ └── zabbix.conf.php.jinja
│ │ ├── zabbix_agentd.conf.jinja
│ │ ├── zabbix_proxy.conf.jinja
│ │ ├── zabbix_server.conf.jinja
│ │ └── zabbix_server_22.conf.jinja
│ ├── tmp
│ ├── zabbix_agent.te
│ ├── zabbix_server.te
│ └── zabbix_server_34.te
│ └── usr
│ └── share
│ └── zabbix-server-mysql
│ ├── salt-provided-create-22.sql
│ ├── salt-provided-create-30.sql
│ └── salt-provided-create-34.sql
├── frontend
├── conf.sls
├── init.sls
└── repo.sls
├── libtofs.jinja
├── map.jinja
├── mysql
├── conf.sls
└── schema.sls
├── osfamilymap.yaml
├── osfingermap.yaml
├── osmap.yaml
├── pgsql
├── conf.sls
├── pkgs.sls
└── schema.sls
├── proxy
├── conf.sls
├── init.sls
└── repo.sls
├── repo.sls
├── server
├── conf.sls
├── init.sls
└── repo.sls
└── users.sls
/.github/workflows/commitlint.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: Commitlint
5 | 'on': [pull_request]
6 |
7 | jobs:
8 | lint:
9 | runs-on: ubuntu-latest
10 | env:
11 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
12 | steps:
13 | - uses: actions/checkout@v2
14 | with:
15 | fetch-depth: 0
16 | - uses: wagoid/commitlint-github-action@v1
17 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | env/
12 | build/
13 | develop-eggs/
14 | dist/
15 | downloads/
16 | eggs/
17 | .eggs/
18 | lib/
19 | lib64/
20 | parts/
21 | sdist/
22 | var/
23 | wheels/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 |
28 | # PyInstaller
29 | # Usually these files are written by a python script from a packager
30 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
31 | *.manifest
32 | *.spec
33 |
34 | # Installer logs
35 | pip-log.txt
36 | pip-delete-this-directory.txt
37 |
38 | # Unit test / coverage reports
39 | htmlcov/
40 | .tox/
41 | .coverage
42 | .coverage.*
43 | .cache
44 | nosetests.xml
45 | coverage.xml
46 | *.cover
47 | .hypothesis/
48 | .kitchen
49 | .kitchen.local.yml
50 | kitchen.local.yml
51 | junit-*.xml
52 |
53 | # Translations
54 | *.mo
55 | *.pot
56 |
57 | # Django stuff:
58 | *.log
59 | local_settings.py
60 |
61 | # Flask stuff:
62 | instance/
63 | .webassets-cache
64 |
65 | # Scrapy stuff:
66 | .scrapy
67 |
68 | # Sphinx documentation
69 | docs/_build/
70 |
71 | # PyBuilder
72 | target/
73 |
74 | # Jupyter Notebook
75 | .ipynb_checkpoints
76 |
77 | # pyenv
78 | .python-version
79 |
80 | # celery beat schedule file
81 | celerybeat-schedule
82 |
83 | # SageMath parsed files
84 | *.sage.py
85 |
86 | # dotenv
87 | .env
88 |
89 | # virtualenv
90 | .venv
91 | venv/
92 | ENV/
93 |
94 | # visual studio
95 | .vs/
96 |
97 | # Spyder project settings
98 | .spyderproject
99 | .spyproject
100 |
101 | # Rope project settings
102 | .ropeproject
103 |
104 | # mkdocs documentation
105 | /site
106 |
107 | # mypy
108 | .mypy_cache/
109 |
110 | # Bundler
111 | .bundle/
112 |
113 | # copied `.md` files used for conversion to `.rst` using `m2r`
114 | docs/*.md
115 |
116 | # Vim
117 | *.sw?
118 |
119 | ## Collected when centralising formulas (check and sort)
120 | # `collectd-formula`
121 | .pytest_cache/
122 | /.idea/
123 | Dockerfile.*_*
124 | ignore/
125 | tmp/
126 |
127 | # `salt-formula` -- Vagrant Specific files
128 | .vagrant
129 | top.sls
130 | !test/salt/pillar/top.sls
131 |
132 | # `suricata-formula` -- Platform binaries
133 | *.rpm
134 | *.deb
135 |
--------------------------------------------------------------------------------
/.gitlab-ci.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | ###############################################################################
5 | # Define all YAML node anchors
6 | ###############################################################################
7 | .node_anchors:
8 | # `only` (also used for `except` where applicable)
9 | only_branch_master_parent_repo: &only_branch_master_parent_repo
10 | - 'master@saltstack-formulas/zabbix-formula'
11 | # `stage`
12 | stage_lint: &stage_lint 'lint'
13 | stage_release: &stage_release 'release'
14 | stage_test: &stage_test 'test'
15 | # `image`
16 | image_commitlint: &image_commitlint 'myii/ssf-commitlint:11'
17 | image_dindruby: &image_dindruby 'myii/ssf-dind-ruby:2.7.1-r3'
18 | image_precommit: &image_precommit
19 | name: 'myii/ssf-pre-commit:2.9.2'
20 | entrypoint: ['/bin/bash', '-c']
21 | image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest'
22 | image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14'
23 | # `services`
24 | services_docker_dind: &services_docker_dind
25 | - 'docker:dind'
26 | # `variables`
27 | # https://forum.gitlab.com/t/gitlab-com-ci-caching-rubygems/5627/3
28 | # https://bundler.io/v1.16/bundle_config.html
29 | variables_bundler: &variables_bundler
30 | BUNDLE_CACHE_PATH: '${CI_PROJECT_DIR}/.cache/bundler'
31 | BUNDLE_WITHOUT: 'production'
32 | # `cache`
33 | cache_bundler: &cache_bundler
34 | key: '${CI_JOB_STAGE}'
35 | paths:
36 | - '${BUNDLE_CACHE_PATH}'
37 |
38 | ###############################################################################
39 | # Define stages and global variables
40 | ###############################################################################
41 | stages:
42 | - *stage_lint
43 | - *stage_test
44 | - *stage_release
45 | variables:
46 | DOCKER_DRIVER: 'overlay2'
47 |
48 | ###############################################################################
49 | # `lint` stage: `commitlint`, `pre-commit` & `rubocop` (latest, failure allowed)
50 | ###############################################################################
51 | commitlint:
52 | stage: *stage_lint
53 | image: *image_commitlint
54 | script:
55 | # Add `upstream` remote to get access to `upstream/master`
56 | - 'git remote add upstream
57 | https://gitlab.com/saltstack-formulas/zabbix-formula.git'
58 | - 'git fetch --all'
59 | # Set default commit hashes for `--from` and `--to`
60 | - 'export COMMITLINT_FROM="$(git merge-base upstream/master HEAD)"'
61 | - 'export COMMITLINT_TO="${CI_COMMIT_SHA}"'
62 | # `coqbot` adds a merge commit to test PRs on top of the latest commit in
63 | # the repo; amend this merge commit message to avoid failure
64 | - |
65 | if [ "${GITLAB_USER_LOGIN}" = "coqbot" ] \
66 | && [ "${CI_COMMIT_BRANCH}" != "master" ]; then
67 | git commit --amend -m \
68 | 'chore: reword coqbot merge commit message for commitlint'
69 | export COMMITLINT_TO=HEAD
70 | fi
71 | # Run `commitlint`
72 | - 'commitlint --from "${COMMITLINT_FROM}"
73 | --to "${COMMITLINT_TO}"
74 | --verbose'
75 |
76 | pre-commit:
77 | stage: *stage_lint
78 | image: *image_precommit
79 | # https://pre-commit.com/#gitlab-ci-example
80 | variables:
81 | PRE_COMMIT_HOME: '${CI_PROJECT_DIR}/.cache/pre-commit'
82 | cache:
83 | key: '${CI_JOB_NAME}'
84 | paths:
85 | - '${PRE_COMMIT_HOME}'
86 | script:
87 | - 'pre-commit run --all-files --color always --verbose'
88 |
89 | # Use a separate job for `rubocop` other than the one potentially run by `pre-commit`
90 | # - The `pre-commit` check will only be available for formulas that pass the default
91 | # `rubocop` check -- and must continue to do so
92 | # - This job is allowed to fail, so can be used for all formulas
93 | # - Furthermore, this job uses all of the latest `rubocop` features & cops,
94 | # which will help when upgrading the `rubocop` linter used in `pre-commit`
95 | rubocop:
96 | allow_failure: true
97 | stage: *stage_lint
98 | image: *image_rubocop
99 | script:
100 | - 'rubocop -d -P -S --enable-pending-cops'
101 |
102 | ###############################################################################
103 | # Define `test` template
104 | ###############################################################################
105 | .test_instance: &test_instance
106 | stage: *stage_test
107 | image: *image_dindruby
108 | services: *services_docker_dind
109 | variables: *variables_bundler
110 | cache: *cache_bundler
111 | before_script:
112 | # TODO: This should work from the env vars above automatically
113 | - 'bundle config set path "${BUNDLE_CACHE_PATH}"'
114 | - 'bundle config set without "${BUNDLE_WITHOUT}"'
115 | - 'bundle install'
116 | script:
117 | # Alternative value to consider: `${CI_JOB_NAME}`
118 | - 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"'
119 |
120 | ###############################################################################
121 | # Define `test` template (`allow_failure: true`)
122 | ###############################################################################
123 | .test_instance_failure_permitted:
124 | <<: *test_instance
125 | allow_failure: true
126 |
127 | ###############################################################################
128 | # `test` stage: each instance below uses the `test` template above
129 | ###############################################################################
130 | ## Define the rest of the matrix based on Kitchen testing
131 | # Make sure the instances listed below match up with
132 | # the `platforms` defined in `kitchen.yml`
133 | # yamllint disable rule:line-length
134 | # default-debian-11-tiamat-py3: {extends: '.test_instance'}
135 | # default-debian-10-tiamat-py3: {extends: '.test_instance'}
136 | # default-debian-9-tiamat-py3: {extends: '.test_instance'}
137 | # default-ubuntu-2204-tiamat-py3: {extends: '.test_instance_failure_permitted'}
138 | # default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'}
139 | # default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'}
140 | # default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'}
141 | # default-centos-7-tiamat-py3: {extends: '.test_instance'}
142 | # default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'}
143 | # default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'}
144 | # default-oraclelinux-7-tiamat-py3: {extends: '.test_instance'}
145 | # default-almalinux-8-tiamat-py3: {extends: '.test_instance'}
146 | # default-rockylinux-8-tiamat-py3: {extends: '.test_instance'}
147 | default-debian-11-master-py3: {extends: '.test_instance_failure_permitted'}
148 | default-debian-10-master-py3: {extends: '.test_instance'}
149 | default-debian-9-master-py3: {extends: '.test_instance'}
150 | default-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
151 | default-ubuntu-2004-master-py3: {extends: '.test_instance'}
152 | default-ubuntu-1804-master-py3: {extends: '.test_instance'}
153 | # default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
154 | # default-centos-7-master-py3: {extends: '.test_instance'}
155 | # default-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
156 | # default-fedora-35-master-py3: {extends: '.test_instance'}
157 | default-opensuse-leap-153-master-py3: {extends: '.test_instance'}
158 | # default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
159 | # default-amazonlinux-2-master-py3: {extends: '.test_instance'}
160 | # default-oraclelinux-8-master-py3: {extends: '.test_instance'}
161 | # default-oraclelinux-7-master-py3: {extends: '.test_instance'}
162 | # default-arch-base-latest-master-py3: {extends: '.test_instance'}
163 | # default-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
164 | # default-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
165 | # default-almalinux-8-master-py3: {extends: '.test_instance'}
166 | # default-rockylinux-8-master-py3: {extends: '.test_instance'}
167 | # default-debian-11-3004-1-py3: {extends: '.test_instance'}
168 | # default-debian-10-3004-1-py3: {extends: '.test_instance'}
169 | # default-debian-9-3004-1-py3: {extends: '.test_instance'}
170 | # default-ubuntu-2204-3004-1-py3: {extends: '.test_instance_failure_permitted'}
171 | # default-ubuntu-2004-3004-1-py3: {extends: '.test_instance'}
172 | # default-ubuntu-1804-3004-1-py3: {extends: '.test_instance'}
173 | # default-centos-stream8-3004-1-py3: {extends: '.test_instance_failure_permitted'}
174 | # default-centos-7-3004-1-py3: {extends: '.test_instance'}
175 | # default-fedora-36-3004-1-py3: {extends: '.test_instance_failure_permitted'}
176 | # default-fedora-35-3004-1-py3: {extends: '.test_instance'}
177 | # default-amazonlinux-2-3004-1-py3: {extends: '.test_instance'}
178 | # default-oraclelinux-8-3004-1-py3: {extends: '.test_instance'}
179 | # default-oraclelinux-7-3004-1-py3: {extends: '.test_instance'}
180 | # default-arch-base-latest-3004-1-py3: {extends: '.test_instance'}
181 | # default-gentoo-stage3-latest-3004-1-py3: {extends: '.test_instance'}
182 | # default-gentoo-stage3-systemd-3004-1-py3: {extends: '.test_instance'}
183 | # default-almalinux-8-3004-1-py3: {extends: '.test_instance'}
184 | # default-rockylinux-8-3004-1-py3: {extends: '.test_instance'}
185 | # default-opensuse-leap-153-3004-0-py3: {extends: '.test_instance'}
186 | # default-opensuse-tmbl-latest-3004-0-py3: {extends: '.test_instance_failure_permitted'}
187 | # default-debian-10-3003-4-py3: {extends: '.test_instance'}
188 | # default-debian-9-3003-4-py3: {extends: '.test_instance'}
189 | # default-ubuntu-2004-3003-4-py3: {extends: '.test_instance'}
190 | # default-ubuntu-1804-3003-4-py3: {extends: '.test_instance'}
191 | # default-centos-stream8-3003-4-py3: {extends: '.test_instance_failure_permitted'}
192 | # default-centos-7-3003-4-py3: {extends: '.test_instance'}
193 | # default-amazonlinux-2-3003-4-py3: {extends: '.test_instance'}
194 | # default-oraclelinux-8-3003-4-py3: {extends: '.test_instance'}
195 | # default-oraclelinux-7-3003-4-py3: {extends: '.test_instance'}
196 | # default-almalinux-8-3003-4-py3: {extends: '.test_instance'}
197 | # yamllint enable rule:line-length
198 |
199 | ###############################################################################
200 | # `release` stage: `semantic-release`
201 | ###############################################################################
202 | semantic-release:
203 | only: *only_branch_master_parent_repo
204 | stage: *stage_release
205 | image: *image_semanticrelease
206 | variables:
207 | MAINTAINER_TOKEN: '${GH_TOKEN}'
208 | script:
209 | # Update `AUTHORS.md`
210 | - '${HOME}/go/bin/maintainer contributor'
211 | # Run `semantic-release`
212 | - 'semantic-release'
213 |
--------------------------------------------------------------------------------
/.pre-commit-config.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # See https://pre-commit.com for more information
5 | # See https://pre-commit.com/hooks.html for more hooks
6 | ci:
7 | autofix_commit_msg: |
8 | ci(pre-commit.ci): apply auto fixes from pre-commit.com hooks
9 |
10 | For more information, see https://pre-commit.ci
11 | autofix_prs: true
12 | autoupdate_branch: ''
13 | autoupdate_commit_msg: |
14 | ci(pre-commit.ci): perform `pre-commit` autoupdate
15 | autoupdate_schedule: quarterly
16 | skip: []
17 | submodules: false
18 | default_stages: [commit]
19 | repos:
20 | - repo: https://github.com/dafyddj/commitlint-pre-commit-hook
21 | rev: v2.3.0
22 | hooks:
23 | - id: commitlint
24 | name: Check commit message using commitlint
25 | description: Lint commit message against @commitlint/config-conventional rules
26 | stages: [commit-msg]
27 | additional_dependencies: ['@commitlint/config-conventional@8.3.4']
28 | - id: commitlint-travis
29 | stages: [manual]
30 | additional_dependencies: ['@commitlint/config-conventional@8.3.4']
31 | always_run: true
32 | - repo: https://github.com/rubocop-hq/rubocop
33 | rev: v1.30.1
34 | hooks:
35 | - id: rubocop
36 | name: Check Ruby files with rubocop
37 | args: [--debug]
38 | always_run: true
39 | pass_filenames: false
40 | - repo: https://github.com/shellcheck-py/shellcheck-py
41 | rev: v0.8.0.4
42 | hooks:
43 | - id: shellcheck
44 | name: Check shell scripts with shellcheck
45 | files: ^.*\.(sh|bash|ksh)$
46 | types: []
47 | - repo: https://github.com/adrienverge/yamllint
48 | rev: v1.26.3
49 | hooks:
50 | - id: yamllint
51 | name: Check YAML syntax with yamllint
52 | args: [--strict, '.']
53 | always_run: true
54 | pass_filenames: false
55 | - repo: https://github.com/warpnet/salt-lint
56 | rev: v0.8.0
57 | hooks:
58 | - id: salt-lint
59 | name: Check Salt files using salt-lint
60 | files: ^.*\.(sls|jinja|j2|tmpl|tst)$
61 | - repo: https://github.com/myint/rstcheck
62 | rev: 3f929574
63 | hooks:
64 | - id: rstcheck
65 | name: Check reST files using rstcheck
66 | exclude: 'docs/CHANGELOG.rst'
67 | - repo: https://github.com/saltstack-formulas/mirrors-rst-lint
68 | rev: v1.3.2
69 | hooks:
70 | - id: rst-lint
71 | name: Check reST files using rst-lint
72 | exclude: |
73 | (?x)^(
74 | docs/CHANGELOG.rst|
75 | docs/TOFS_pattern.rst|
76 | )$
77 | additional_dependencies: [pygments==2.9.0]
78 |
--------------------------------------------------------------------------------
/.rstcheck.cfg:
--------------------------------------------------------------------------------
1 | [rstcheck]
2 | report=info
3 | ignore_language=rst
4 | ignore_messages=(Duplicate (ex|im)plicit target.*|Hyperlink target ".*" is not referenced\.$)
5 |
--------------------------------------------------------------------------------
/.rubocop.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # General overrides used across formulas in the org
5 | Layout/LineLength:
6 | # Increase from default of `80`
7 | # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
8 | Max: 88
9 | Metrics/BlockLength:
10 | IgnoredMethods:
11 | - control
12 | - describe
13 | # Increase from default of `25`
14 | Max: 30
15 | Security/YAMLLoad:
16 | Exclude:
17 | - test/integration/**/_mapdata.rb
18 |
19 | # General settings across all cops in this formula
20 | AllCops:
21 | NewCops: enable
22 |
23 | # Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`
24 |
--------------------------------------------------------------------------------
/.salt-lint:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | exclude_paths: []
5 | rules:
6 | # https://github.com/saltstack-formulas/zabbix-formula/issues/129
7 | 203: # Most files should not contain tabs
8 | ignore: |
9 | zabbix/files/default/etc/zabbix/web/zabbix.conf.php.jinja
10 | 204: # Lines should be no longer that 160 chars
11 | ignore: |
12 | zabbix/files/default/etc/zabbix/zabbix_proxy.conf.jinja
13 | skip_list:
14 | # Using `salt-lint` for linting other files as well, such as Jinja macros/templates
15 | - 205 # Use ".sls" as a Salt State file extension
16 | # Skipping `207` and `208` because `210` is sufficient, at least for the time-being
17 | # I.e. Allows 3-digit unquoted codes to still be used, such as `644` and `755`
18 | - 207 # File modes should always be encapsulated in quotation marks
19 | - 208 # File modes should always contain a leading zero
20 | tags: []
21 | verbosity: 1
22 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | ################################################################################
5 | # NOTE: This file is UNMAINTAINED; it is provided for references purposes only.
6 | # No guarantees are tendered that this structure will work after 2020.
7 | ################################################################################
8 | # * https://en.wikipedia.org/wiki/Travis_CI:
9 | # - "... free open-source plans were removed in [sic] the end of 2020"
10 | # - https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing
11 | # - https://ropensci.org/technotes/2020/11/19/moving-away-travis/
12 | ################################################################################
13 | ## Machine config
14 | os: 'linux'
15 | arch: 'amd64'
16 | dist: 'bionic'
17 | version: '~> 1.0'
18 |
19 | ## Language and cache config
20 | language: 'ruby'
21 | cache: 'bundler'
22 |
23 | ## Services config
24 | services:
25 | - docker
26 |
27 | ## Script to run for the test stage
28 | script:
29 | - bin/kitchen verify "${INSTANCE}"
30 |
31 | ## Stages and jobs matrix
32 | stages:
33 | - test
34 | # # As part of the switch away from Travis CI, ensure that the `release` stage
35 | # # is not run inadvertently
36 | # - name: 'release'
37 | # if: 'branch = master AND type != pull_request'
38 | jobs:
39 | include:
40 | ## Define the test stage that runs the linters (and testing matrix, if applicable)
41 |
42 | # Run all of the linters in a single job
43 | - language: 'node_js'
44 | node_js: 'lts/*'
45 | env: 'Lint'
46 | name: 'Lint: salt-lint, yamllint, rubocop, shellcheck & commitlint'
47 | before_install: 'skip'
48 | script:
49 | # Install and run `salt-lint`
50 | - pip install --user salt-lint
51 | - git ls-files -- '*.sls' '*.jinja' '*.j2' '*.tmpl' '*.tst'
52 | | xargs salt-lint
53 | # Install and run `yamllint`
54 | # Need at least `v1.17.0` for the `yaml-files` setting
55 | - pip install --user yamllint>=1.17.0
56 | - yamllint -s .
57 | # Install and run `rubocop`
58 | - gem install rubocop
59 | - rubocop -d
60 | # Run `shellcheck` (already pre-installed in Travis)
61 | - shellcheck --version
62 | - git ls-files -- '*.sh' '*.bash' '*.ksh'
63 | | xargs shellcheck
64 | # Install and run `commitlint`
65 | - npm i -D @commitlint/config-conventional
66 | @commitlint/travis-cli
67 | - commitlint-travis
68 |
69 | # Run `pre-commit` linters in a single job
70 | - language: 'python'
71 | env: 'Lint_pre-commit'
72 | name: 'Lint: pre-commit'
73 | before_install: 'skip'
74 | cache:
75 | directories:
76 | - $HOME/.cache/pre-commit
77 | script:
78 | # Install and run `pre-commit`
79 | - pip install pre-commit==2.7.1
80 | - pre-commit run --all-files --color always --verbose
81 | - pre-commit run --color always --hook-stage manual --verbose commitlint-travis
82 |
83 | ## Define the rest of the matrix based on Kitchen testing
84 | # Make sure the instances listed below match up with
85 | # the `platforms` defined in `kitchen.yml`
86 | # - env: INSTANCE=default-debian-11-tiamat-py3
87 | # - env: INSTANCE=default-debian-10-tiamat-py3
88 | # - env: INSTANCE=default-debian-9-tiamat-py3
89 | # - env: INSTANCE=default-ubuntu-2204-tiamat-py3
90 | # - env: INSTANCE=default-ubuntu-2004-tiamat-py3
91 | # - env: INSTANCE=default-ubuntu-1804-tiamat-py3
92 | # - env: INSTANCE=default-centos-stream8-tiamat-py3
93 | # - env: INSTANCE=default-centos-7-tiamat-py3
94 | # - env: INSTANCE=default-amazonlinux-2-tiamat-py3
95 | # - env: INSTANCE=default-oraclelinux-8-tiamat-py3
96 | # - env: INSTANCE=default-oraclelinux-7-tiamat-py3
97 | # - env: INSTANCE=default-almalinux-8-tiamat-py3
98 | # - env: INSTANCE=default-rockylinux-8-tiamat-py3
99 | - env: INSTANCE=default-debian-11-master-py3
100 | - env: INSTANCE=default-debian-10-master-py3
101 | - env: INSTANCE=default-debian-9-master-py3
102 | - env: INSTANCE=default-ubuntu-2204-master-py3
103 | - env: INSTANCE=default-ubuntu-2004-master-py3
104 | - env: INSTANCE=default-ubuntu-1804-master-py3
105 | # - env: INSTANCE=default-centos-stream8-master-py3
106 | # - env: INSTANCE=default-centos-7-master-py3
107 | # - env: INSTANCE=default-fedora-36-master-py3
108 | # - env: INSTANCE=default-fedora-35-master-py3
109 | - env: INSTANCE=default-opensuse-leap-153-master-py3
110 | # - env: INSTANCE=default-opensuse-tmbl-latest-master-py3
111 | # - env: INSTANCE=default-amazonlinux-2-master-py3
112 | # - env: INSTANCE=default-oraclelinux-8-master-py3
113 | # - env: INSTANCE=default-oraclelinux-7-master-py3
114 | # - env: INSTANCE=default-arch-base-latest-master-py3
115 | # - env: INSTANCE=default-gentoo-stage3-latest-master-py3
116 | # - env: INSTANCE=default-gentoo-stage3-systemd-master-py3
117 | # - env: INSTANCE=default-almalinux-8-master-py3
118 | # - env: INSTANCE=default-rockylinux-8-master-py3
119 | # - env: INSTANCE=default-debian-11-3004-1-py3
120 | # - env: INSTANCE=default-debian-10-3004-1-py3
121 | # - env: INSTANCE=default-debian-9-3004-1-py3
122 | # - env: INSTANCE=default-ubuntu-2204-3004-1-py3
123 | # - env: INSTANCE=default-ubuntu-2004-3004-1-py3
124 | # - env: INSTANCE=default-ubuntu-1804-3004-1-py3
125 | # - env: INSTANCE=default-centos-stream8-3004-1-py3
126 | # - env: INSTANCE=default-centos-7-3004-1-py3
127 | # - env: INSTANCE=default-fedora-36-3004-1-py3
128 | # - env: INSTANCE=default-fedora-35-3004-1-py3
129 | # - env: INSTANCE=default-amazonlinux-2-3004-1-py3
130 | # - env: INSTANCE=default-oraclelinux-8-3004-1-py3
131 | # - env: INSTANCE=default-oraclelinux-7-3004-1-py3
132 | # - env: INSTANCE=default-arch-base-latest-3004-1-py3
133 | # - env: INSTANCE=default-gentoo-stage3-latest-3004-1-py3
134 | # - env: INSTANCE=default-gentoo-stage3-systemd-3004-1-py3
135 | # - env: INSTANCE=default-almalinux-8-3004-1-py3
136 | # - env: INSTANCE=default-rockylinux-8-3004-1-py3
137 | # - env: INSTANCE=default-opensuse-leap-153-3004-0-py3
138 | # - env: INSTANCE=default-opensuse-tmbl-latest-3004-0-py3
139 | # - env: INSTANCE=default-debian-10-3003-4-py3
140 | # - env: INSTANCE=default-debian-9-3003-4-py3
141 | # - env: INSTANCE=default-ubuntu-2004-3003-4-py3
142 | # - env: INSTANCE=default-ubuntu-1804-3003-4-py3
143 | # - env: INSTANCE=default-centos-stream8-3003-4-py3
144 | # - env: INSTANCE=default-centos-7-3003-4-py3
145 | # - env: INSTANCE=default-amazonlinux-2-3003-4-py3
146 | # - env: INSTANCE=default-oraclelinux-8-3003-4-py3
147 | # - env: INSTANCE=default-oraclelinux-7-3003-4-py3
148 | # - env: INSTANCE=default-almalinux-8-3003-4-py3
149 |
150 | ## Define the release stage that runs `semantic-release`
151 | - stage: 'release'
152 | language: 'node_js'
153 | node_js: 'lts/*'
154 | env: 'Release'
155 | name: 'Run semantic-release inc. file updates to AUTHORS, CHANGELOG & FORMULA'
156 | before_install: 'skip'
157 | script:
158 | # Update `AUTHORS.md`
159 | - export MAINTAINER_TOKEN=${GH_TOKEN}
160 | - go get github.com/myii/maintainer
161 | - maintainer contributor
162 |
163 | # Install all dependencies required for `semantic-release`
164 | - npm i -D @semantic-release/changelog@3
165 | @semantic-release/exec@3
166 | @semantic-release/git@7
167 | deploy:
168 | provider: 'script'
169 | # Opt-in to `dpl v2` to complete the Travis build config validation (beta)
170 | # * https://docs.travis-ci.com/user/build-config-validation
171 | # Deprecated `skip_cleanup` can now be avoided, `cleanup: false` is by default
172 | edge: true
173 | # Run `semantic-release`
174 | script: 'npx semantic-release@15.14'
175 |
176 | # Notification options: `always`, `never` or `change`
177 | notifications:
178 | webhooks:
179 | if: 'repo = saltstack-formulas/zabbix-formula'
180 | urls:
181 | - https://saltstack-formulas.zulipchat.com/api/v1/external/travis?api_key=HsIq3o5QmLxdnVCKF9is0FUIpkpAY79P&stream=CI&topic=saltstack-formulas%2Fzabbix-formula&ignore_pull_requests=true
182 | on_success: always # default: always
183 | on_failure: always # default: always
184 | on_start: always # default: never
185 | on_cancel: always # default: always
186 | on_error: always # default: always
187 |
--------------------------------------------------------------------------------
/.yamllint:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # Extend the `default` configuration provided by `yamllint`
5 | extends: 'default'
6 |
7 | # Files to ignore completely
8 | # 1. All YAML files under directory `.bundle/`, introduced if gems are installed locally
9 | # 2. All YAML files under directory `.cache/`, introduced during the CI run
10 | # 3. All YAML files under directory `.git/`
11 | # 4. All YAML files under directory `node_modules/`, introduced during the CI run
12 | # 5. Any SLS files under directory `test/`, which are actually state files
13 | # 6. Any YAML files under directory `.kitchen/`, introduced during local testing
14 | # 7. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax
15 | ignore: |
16 | .bundle/
17 | .cache/
18 | .git/
19 | node_modules/
20 | test/**/states/**/*.sls
21 | .kitchen/
22 | kitchen.vagrant.yml
23 |
24 | yaml-files:
25 | # Default settings
26 | - '*.yaml'
27 | - '*.yml'
28 | - .salt-lint
29 | - .yamllint
30 | # SaltStack Formulas additional settings
31 | - '*.example'
32 | - test/**/*.sls
33 |
34 | rules:
35 | empty-values:
36 | forbid-in-block-mappings: true
37 | forbid-in-flow-mappings: true
38 | key-duplicates:
39 | ignore: |
40 | pillar.example
41 | line-length:
42 | # Increase from default of `80`
43 | # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
44 | max: 88
45 | octal-values:
46 | forbid-implicit-octal: true
47 | forbid-explicit-octal: true
48 |
--------------------------------------------------------------------------------
/AUTHORS.md:
--------------------------------------------------------------------------------
1 | # Authors
2 |
3 | This list is sorted by the number of commits per contributor in _descending_ order.
4 |
5 | Avatar|Contributor|Contributions
6 | :-:|---|:-:
7 | 
|[@myii](https://github.com/myii)|152
8 | 
|[@moreda](https://github.com/moreda)|52
9 | 
|[@xenadmin](https://github.com/xenadmin)|34
10 | 
|[@landergate](https://github.com/landergate)|27
11 | 
|[@hatifnatt](https://github.com/hatifnatt)|24
12 | 
|[@aboe76](https://github.com/aboe76)|22
13 | 
|[@absmith82](https://github.com/absmith82)|6
14 | 
|[@noelmcloughlin](https://github.com/noelmcloughlin)|5
15 | 
|[@bkmit](https://github.com/bkmit)|4
16 | 
|[@ninjix](https://github.com/ninjix)|4
17 | 
|[@ghormoon](https://github.com/ghormoon)|4
18 | 
|[@unsupo](https://github.com/unsupo)|4
19 | 
|[@nmadhok](https://github.com/nmadhok)|4
20 | 
|[@0xf10e](https://github.com/0xf10e)|4
21 | 
|[@dafyddj](https://github.com/dafyddj)|3
22 | 
|[@whiteinge](https://github.com/whiteinge)|3
23 | 
|[@xfxian](https://github.com/xfxian)|3
24 | 
|[@asenci](https://github.com/asenci)|2
25 | 
|[@syphernl](https://github.com/syphernl)|2
26 | 
|[@jzandbergen](https://github.com/jzandbergen)|2
27 | 
|[@timwsuqld](https://github.com/timwsuqld)|2
28 | 
|[@goir](https://github.com/goir)|2
29 | 
|[@waynegemmell](https://github.com/waynegemmell)|2
30 | 
|[@1exx](https://github.com/1exx)|1
31 | 
|[@iggy](https://github.com/iggy)|1
32 | 
|[@mchugh19](https://github.com/mchugh19)|1
33 | 
|[@baby-gnu](https://github.com/baby-gnu)|1
34 | 
|[@filicivi](https://github.com/filicivi)|1
35 | 
|[@gravyboat](https://github.com/gravyboat)|1
36 | 
|[@t0fik](https://github.com/t0fik)|1
37 | 
|[@techhat](https://github.com/techhat)|1
38 | 
|[@lmf-mx](https://github.com/lmf-mx)|1
39 | 
|[@DocMarten](https://github.com/DocMarten)|1
40 | 
|[@mikemol](https://github.com/mikemol)|1
41 | 
|[@pauldalewilliams](https://github.com/pauldalewilliams)|1
42 | 
|[@tomduijf](https://github.com/tomduijf)|1
43 | 
|[@wwentland](https://github.com/wwentland)|1
44 | 
|[@edusperoni](https://github.com/edusperoni)|1
45 | 
|[@puneetk](https://github.com/puneetk)|1
46 | 
|[@manens](https://github.com/manens)|1
47 | 
|[@stuartgh](https://github.com/stuartgh)|1
48 |
49 | ---
50 |
51 | Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2022-11-09.
52 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | ## [1.3.2](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.3.1...v1.3.2) (2022-11-09)
4 |
5 |
6 | ### Bug Fixes
7 |
8 | * **repo:** update repo config for keyring ([5a12da9](https://github.com/saltstack-formulas/zabbix-formula/commit/5a12da962a48be903201f7ddf886e6090e69533d))
9 |
10 | ## [1.3.1](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.3.0...v1.3.1) (2022-07-19)
11 |
12 |
13 | ### Bug Fixes
14 |
15 | * **agent:** don't set Hostname when HostnameItem is set ([e832b6d](https://github.com/saltstack-formulas/zabbix-formula/commit/e832b6d61ca63950c77b07ebda4a4bc789a2bea6))
16 |
17 |
18 | ### Continuous Integration
19 |
20 | * update `pre-commit` configuration inc. for pre-commit.ci [skip ci] ([8a8dee9](https://github.com/saltstack-formulas/zabbix-formula/commit/8a8dee91da94c61eb167c05c2c73100afe05080d))
21 | * **kitchen+gitlab:** update for new pre-salted images [skip ci] ([443a9f0](https://github.com/saltstack-formulas/zabbix-formula/commit/443a9f027b242d49f397e64bfcec513301bd03e2))
22 | * update linters to latest versions [skip ci] ([2f0819d](https://github.com/saltstack-formulas/zabbix-formula/commit/2f0819dc70484bc2f088ddf5b2c371b98e5a9e00))
23 | * **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] ([58c978b](https://github.com/saltstack-formulas/zabbix-formula/commit/58c978bd8acf3a476f5e454844f1948de55ba618))
24 | * **kitchen+ci:** update with `3004` pre-salted images/boxes [skip ci] ([d058299](https://github.com/saltstack-formulas/zabbix-formula/commit/d058299a86936ae0a0b76d31bf0cce21d9433574))
25 | * **kitchen+gitlab:** update for new pre-salted images [skip ci] ([0e9a50a](https://github.com/saltstack-formulas/zabbix-formula/commit/0e9a50a8456511ea3cb28e033c9755450fe8a6df))
26 |
27 |
28 | ### Tests
29 |
30 | * **system:** add `build_platform_codename` [skip ci] ([67eba9c](https://github.com/saltstack-formulas/zabbix-formula/commit/67eba9ccae6ef196c62c1fda91fec309f850a78e))
31 | * **system.rb:** add support for `mac_os_x` [skip ci] ([68e9f94](https://github.com/saltstack-formulas/zabbix-formula/commit/68e9f94289ad7961e611e04a273e1bbefbcad33a))
32 |
33 | # [1.3.0](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.2.1...v1.3.0) (2021-10-19)
34 |
35 |
36 | ### Continuous Integration
37 |
38 | * **3003.1:** update inc. AlmaLinux, Rocky & `rst-lint` [skip ci] ([e6eb6c8](https://github.com/saltstack-formulas/zabbix-formula/commit/e6eb6c826ed1e954a3a91a967e8400762fb298f1))
39 | * **gemfile+lock:** use `ssf` customised `inspec` repo [skip ci] ([d063638](https://github.com/saltstack-formulas/zabbix-formula/commit/d06363882716b53beb472d1abe50aa543dc0ce55))
40 | * **kitchen:** move `provisioner` block & update `run_command` [skip ci] ([11bc40c](https://github.com/saltstack-formulas/zabbix-formula/commit/11bc40c773e7f0f420715da55c49c73e0014b448))
41 | * **kitchen+ci:** update with latest `3003.2` pre-salted images [skip ci] ([b50c265](https://github.com/saltstack-formulas/zabbix-formula/commit/b50c265f1563336cb922d832d2d2b88d74ca046b))
42 | * **kitchen+ci:** update with latest CVE pre-salted images [skip ci] ([ee1212e](https://github.com/saltstack-formulas/zabbix-formula/commit/ee1212e847de902c31f97cf94373ead804910350))
43 | * add Debian 11 Bullseye & update `yamllint` configuration [skip ci] ([5ca6072](https://github.com/saltstack-formulas/zabbix-formula/commit/5ca6072008830c263bc55c79ab7549586990b4b4))
44 | * **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] ([5e743a8](https://github.com/saltstack-formulas/zabbix-formula/commit/5e743a8559cd30b61c77477f34a7071f89d172c0))
45 |
46 |
47 | ### Features
48 |
49 | * **agent:** add HostInterface and HostInterfaceItem to config ([e7fbb96](https://github.com/saltstack-formulas/zabbix-formula/commit/e7fbb96fe0011f604a7c5498a6ae3f5767880df8))
50 |
51 | ## [1.2.1](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.2.0...v1.2.1) (2021-05-11)
52 |
53 |
54 | ### Bug Fixes
55 |
56 | * **pgsql:** do not try to create db and user with schema ([058a800](https://github.com/saltstack-formulas/zabbix-formula/commit/058a800be2a9f1cc1aad58c4dae6b82474bdf188))
57 |
58 | # [1.2.0](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.1.0...v1.2.0) (2021-05-11)
59 |
60 |
61 | ### Continuous Integration
62 |
63 | * add `arch-master` to matrix and update `.travis.yml` [skip ci] ([95523a9](https://github.com/saltstack-formulas/zabbix-formula/commit/95523a9df12d511e69f00faecdd55d478540a7cd))
64 | * **kitchen+gitlab:** adjust matrix to add `3003` [skip ci] ([1d237e8](https://github.com/saltstack-formulas/zabbix-formula/commit/1d237e8fcf14bd81126c5ab7cf38d0a5fd701cc9))
65 | * **travis:** maintain sync with GitLab CI [skip ci] ([5c81ca1](https://github.com/saltstack-formulas/zabbix-formula/commit/5c81ca16808d3541690be282a1f96e410d68d848)), closes [#146](https://github.com/saltstack-formulas/zabbix-formula/issues/146)
66 |
67 |
68 | ### Features
69 |
70 | * **agent:** allow use of string Server and ServerActive ([59dff0a](https://github.com/saltstack-formulas/zabbix-formula/commit/59dff0ace5ff83fd6996845e554dfbce7c9d1a75))
71 |
72 | # [1.1.0](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.0.5...v1.1.0) (2021-04-16)
73 |
74 |
75 | ### Features
76 |
77 | * add suse support (applied suggestions from hatifnatt and myii) ([a245ec4](https://github.com/saltstack-formulas/zabbix-formula/commit/a245ec44954b3e782787fb09cd84655597cfac01))
78 |
79 | ## [1.0.5](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.0.4...v1.0.5) (2021-04-16)
80 |
81 |
82 | ### Bug Fixes
83 |
84 | * **agent:** fix include dirname ([b36c1a7](https://github.com/saltstack-formulas/zabbix-formula/commit/b36c1a7541c7cbe27fc108a3fd82d78d9cd1f758))
85 |
86 |
87 | ### Continuous Integration
88 |
89 | * **commitlint:** ensure `upstream/master` uses main repo URL [skip ci] ([f562f9f](https://github.com/saltstack-formulas/zabbix-formula/commit/f562f9f3e4f757d10ac024cba7fa67649ddda799))
90 | * **gemfile+lock:** use `ssf` customised `kitchen-docker` repo [skip ci] ([1fed266](https://github.com/saltstack-formulas/zabbix-formula/commit/1fed2667ba186102036d0efb74394ccd54a759ec))
91 | * **gitlab-ci:** add `rubocop` linter (with `allow_failure`) [skip ci] ([4799292](https://github.com/saltstack-formulas/zabbix-formula/commit/479929200b96994c1dcd20e844c201489646ebb2))
92 | * **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] ([aaf82de](https://github.com/saltstack-formulas/zabbix-formula/commit/aaf82ded69295e62dd871e5be600b1aa1a2d05e5))
93 | * **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] ([1701026](https://github.com/saltstack-formulas/zabbix-formula/commit/1701026b0dd547af8a1b0c765865910d0fd2616c))
94 | * **pre-commit:** update hook for `rubocop` [skip ci] ([751e966](https://github.com/saltstack-formulas/zabbix-formula/commit/751e966a788ed7716219a20bf549d07b2bdf3ad0))
95 |
96 |
97 | ### Tests
98 |
99 | * standardise use of `share` suite & `_mapdata` state [skip ci] ([05eae71](https://github.com/saltstack-formulas/zabbix-formula/commit/05eae71461c0ee2f3c99108c884de9f64d09a896))
100 | * **config_spec:** fix `rubocop` violations [skip ci] ([fb270d2](https://github.com/saltstack-formulas/zabbix-formula/commit/fb270d2ffbde0386121a87523adf3ca1bbf85cee))
101 |
102 | ## [1.0.4](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.0.3...v1.0.4) (2020-12-16)
103 |
104 |
105 | ### Continuous Integration
106 |
107 | * **gitlab-ci:** use GitLab CI as Travis CI replacement ([44ec1b3](https://github.com/saltstack-formulas/zabbix-formula/commit/44ec1b3d71de71efab27a2f2ccb58c90018cedbe))
108 | * **pre-commit:** add to formula [skip ci] ([c9aeb37](https://github.com/saltstack-formulas/zabbix-formula/commit/c9aeb377d070cae54aa82f15904ab799b5994980))
109 | * **pre-commit:** enable/disable `rstcheck` as relevant [skip ci] ([8990e81](https://github.com/saltstack-formulas/zabbix-formula/commit/8990e81dc256d53249bf2732e5b8af1346133e76))
110 | * **pre-commit:** finalise `rstcheck` configuration [skip ci] ([c7dff99](https://github.com/saltstack-formulas/zabbix-formula/commit/c7dff99d06e25572fc9ee74ec1655fdd8e41cd8a))
111 |
112 |
113 | ### Styles
114 |
115 | * **libtofs.jinja:** use Black-inspired Jinja formatting [skip ci] ([497406a](https://github.com/saltstack-formulas/zabbix-formula/commit/497406a77a3431d2e708e2eeadca9221a1833ebf))
116 |
117 | ## [1.0.3](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.0.2...v1.0.3) (2020-07-10)
118 |
119 |
120 | ### Code Refactoring
121 |
122 | * **variable names:** use dbpassword consistently across formula ([5b4b787](https://github.com/saltstack-formulas/zabbix-formula/commit/5b4b78795ef4396b4a94b68af9e04c374b631194))
123 |
124 |
125 | ### Continuous Integration
126 |
127 | * **kitchen:** use `saltimages` Docker Hub where available [skip ci] ([aa92ed5](https://github.com/saltstack-formulas/zabbix-formula/commit/aa92ed55e14526a8882a36b151216a2da408ad51))
128 |
129 |
130 | ### Tests
131 |
132 | * **packages_spec:** generalise version number verification [skip ci] ([e4952f0](https://github.com/saltstack-formulas/zabbix-formula/commit/e4952f06f3e2c131a2beb2e30b56f6c3e7b4581a))
133 |
134 | ## [1.0.2](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.0.1...v1.0.2) (2020-05-28)
135 |
136 |
137 | ### Continuous Integration
138 |
139 | * **kitchen+travis:** add new platforms [skip ci] ([e7ff4ee](https://github.com/saltstack-formulas/zabbix-formula/commit/e7ff4eeb77198628d75cd3f2b01b6f8f6ce55438))
140 | * **kitchen+travis:** adjust matrix to add `3000.3` [skip ci] ([02926f0](https://github.com/saltstack-formulas/zabbix-formula/commit/02926f08e1220baa5c92c0b5f1ef130195b3b50e))
141 | * **travis:** add notifications => zulip [skip ci] ([473db1c](https://github.com/saltstack-formulas/zabbix-formula/commit/473db1cc7689d3f1ed42d02873f4208f5cf4fea9))
142 | * **travis:** use new platforms (`ubuntu-20.04` & `fedora-32`) ([938aac4](https://github.com/saltstack-formulas/zabbix-formula/commit/938aac4f93472350bcd0fdfc387938494e898541))
143 | * **workflows/commitlint:** add to repo [skip ci] ([ac271fe](https://github.com/saltstack-formulas/zabbix-formula/commit/ac271fe041199e71c0186fc83916c325ad22c91b))
144 |
145 |
146 | ### Tests
147 |
148 | * **packages_spec:** add versions for new platforms ([5eb7bd8](https://github.com/saltstack-formulas/zabbix-formula/commit/5eb7bd8d6a74bc0f49ab7703f205ac59ccf49bf8))
149 | * **packages_spec:** update for `4.4.9` ([d30ae38](https://github.com/saltstack-formulas/zabbix-formula/commit/d30ae38e1ec551be3bd456f64091e95692cf30ac))
150 |
151 | ## [1.0.1](https://github.com/saltstack-formulas/zabbix-formula/compare/v1.0.0...v1.0.1) (2020-05-02)
152 |
153 |
154 | ### Continuous Integration
155 |
156 | * **gemfile.lock:** add to repo with updated `Gemfile` [skip ci] ([6f153fa](https://github.com/saltstack-formulas/zabbix-formula/commit/6f153fa8c3609470cbaa93a38f886c089866a74d))
157 | * **kitchen+travis:** adjust matrix to add `3000.2` & remove `2018.3` ([fc6c741](https://github.com/saltstack-formulas/zabbix-formula/commit/fc6c741fbbc50f4569e2218ef62b2a79e710c5c2))
158 | * **kitchen+travis:** remove `master-py2-arch-base-latest` [skip ci] ([92ac6c7](https://github.com/saltstack-formulas/zabbix-formula/commit/92ac6c762061bb45e1f02bc6b40a5887355f3462))
159 |
160 |
161 | ### Tests
162 |
163 | * **packages_spec:** update for `4.4.8` ([773e522](https://github.com/saltstack-formulas/zabbix-formula/commit/773e522a26dbf391c844182c26a1bef058b9e4b9))
164 |
165 | # [1.0.0](https://github.com/saltstack-formulas/zabbix-formula/compare/v0.21.4...v1.0.0) (2020-04-04)
166 |
167 |
168 | ### Bug Fixes
169 |
170 | * **fedora:** get all `fedora` instances working (`2018.3`+) ([32ef0e6](https://github.com/saltstack-formulas/zabbix-formula/commit/32ef0e61fa25d45dbd9ad3f62eaf5166b96d1298))
171 |
172 |
173 | ### Continuous Integration
174 |
175 | * **kitchen+travis:** adjust matrix to add `3000` & remove `2017.7` [skip ci] ([74bb032](https://github.com/saltstack-formulas/zabbix-formula/commit/74bb0322724aa5adb728f194372ff10464d433bd))
176 | * **kitchen+travis:** adjust matrix to update `3000` to `3000.1` [skip ci] ([e74bfed](https://github.com/saltstack-formulas/zabbix-formula/commit/e74bfed5e97ec03037b9dc560a113597f2a295d2))
177 |
178 |
179 | ### BREAKING CHANGES
180 |
181 | * **fedora:** Minimum Salt version support is now `2018.3` in line
182 | with official upstream support; also use of the `traverse` Jinja filter.
183 |
184 | ## [0.21.4](https://github.com/saltstack-formulas/zabbix-formula/compare/v0.21.3...v0.21.4) (2020-03-31)
185 |
186 |
187 | ### Tests
188 |
189 | * **packages_spec:** update version numbers ([3242c14](https://github.com/saltstack-formulas/zabbix-formula/commit/3242c1469662ffc14368446df5eb11a140ebd2ea))
190 |
191 | ## [0.21.3](https://github.com/saltstack-formulas/zabbix-formula/compare/v0.21.2...v0.21.3) (2020-03-22)
192 |
193 |
194 | ### Code Refactoring
195 |
196 | * **map and defaults:** update the map.jinja file and add yaml maps ([badd17e](https://github.com/saltstack-formulas/zabbix-formula/commit/badd17edecff8119fe25d73329c0445a3ac58769))
197 |
198 | ## [0.21.2](https://github.com/saltstack-formulas/zabbix-formula/compare/v0.21.1...v0.21.2) (2020-03-12)
199 |
200 |
201 | ### Bug Fixes
202 |
203 | * **libtofs:** “files_switch” mess up the variable exported by “map.jinja” [skip ci] ([9d6b5d7](https://github.com/saltstack-formulas/zabbix-formula/commit/9d6b5d7af2fdce59c104d4580d17880f4a5bf8d3))
204 | * **release.config.js:** use full commit hash in commit link [skip ci] ([2072e06](https://github.com/saltstack-formulas/zabbix-formula/commit/2072e06d91fdc74781bf88c33f90ec408b241abd))
205 |
206 |
207 | ### Continuous Integration
208 |
209 | * **gemfile:** restrict `train` gem version until upstream fix [skip ci] ([95d4c15](https://github.com/saltstack-formulas/zabbix-formula/commit/95d4c151327987fc287dc682868a7e962e898dfb))
210 | * **kitchen:** avoid using bootstrap for `master` instances [skip ci] ([2c04d93](https://github.com/saltstack-formulas/zabbix-formula/commit/2c04d9311de15b56613a51b95b12bde536ea413e))
211 | * **kitchen:** use `debian-10-master-py3` instead of `develop` [skip ci] ([8645a8e](https://github.com/saltstack-formulas/zabbix-formula/commit/8645a8ee6ea8e1b77c62801929d175cf3d683169))
212 | * **kitchen:** use `develop` image until `master` is ready (`amazonlinux`) [skip ci] ([678b048](https://github.com/saltstack-formulas/zabbix-formula/commit/678b048c34a8483f6bca79796a4e39f07760e5e4))
213 | * **kitchen+travis:** upgrade matrix after `2019.2.2` release [skip ci] ([495f811](https://github.com/saltstack-formulas/zabbix-formula/commit/495f811341907cccf831970cc9da9fff3999f456))
214 | * **travis:** adjust to new working matrix ([41cd6ab](https://github.com/saltstack-formulas/zabbix-formula/commit/41cd6abb624617b8d78b572d0e75ecf42a1f9787))
215 | * **travis:** apply changes from build config validation [skip ci] ([0824612](https://github.com/saltstack-formulas/zabbix-formula/commit/082461270d6286709d2405aaa310f51431290df9))
216 | * **travis:** opt-in to `dpl v2` to complete build config validation [skip ci] ([6e8da04](https://github.com/saltstack-formulas/zabbix-formula/commit/6e8da049ea0089bb0fd60f74c3e1c9956cf8ff54))
217 | * **travis:** quote pathspecs used with `git ls-files` [skip ci] ([0c33ab0](https://github.com/saltstack-formulas/zabbix-formula/commit/0c33ab0eb88beebb422e76effa2262bba4310a6b))
218 | * **travis:** run `shellcheck` during lint job [skip ci] ([33b018d](https://github.com/saltstack-formulas/zabbix-formula/commit/33b018d8013cf5e895c2ba20c0a82c04e5cfb1c7))
219 | * **travis:** update `salt-lint` config for `v0.0.10` [skip ci] ([ecc08c4](https://github.com/saltstack-formulas/zabbix-formula/commit/ecc08c40c2c21ca7ffa197fd376ab61a92d3d4a3))
220 | * **travis:** use `major.minor` for `semantic-release` version [skip ci] ([ece1158](https://github.com/saltstack-formulas/zabbix-formula/commit/ece1158ec2138fd111684e3af9606df8b5d0776d))
221 | * **travis:** use build config validation (beta) [skip ci] ([f4f8626](https://github.com/saltstack-formulas/zabbix-formula/commit/f4f8626d822539deb2f353612f3cfa725530b163))
222 |
223 |
224 | ### Documentation
225 |
226 | * **contributing:** remove to use org-level file instead [skip ci] ([889a49b](https://github.com/saltstack-formulas/zabbix-formula/commit/889a49bab69e51efb70be6185adf2f57553c71c0))
227 | * **readme:** update link to `CONTRIBUTING` [skip ci] ([249b89f](https://github.com/saltstack-formulas/zabbix-formula/commit/249b89fb4af4cdbaa29220fd8eee8520a42f67ed))
228 |
229 |
230 | ### Performance Improvements
231 |
232 | * **travis:** improve `salt-lint` invocation [skip ci] ([a5b7afb](https://github.com/saltstack-formulas/zabbix-formula/commit/a5b7afb8842bf5744080bef8d49464e914923f2b))
233 |
234 |
235 | ### Tests
236 |
237 | * **packages_spec:** update for `4.4.1` release ([c5cc431](https://github.com/saltstack-formulas/zabbix-formula/commit/c5cc431f9489da2139c7ca14ff28797ce859262b))
238 | * **packages_spec:** update version numbers ([0ebd417](https://github.com/saltstack-formulas/zabbix-formula/commit/0ebd417860f157b3d6a31c2b1522db380ece6673))
239 |
240 | ## [0.21.1](https://github.com/saltstack-formulas/zabbix-formula/compare/v0.21.0...v0.21.1) (2019-10-13)
241 |
242 |
243 | ### Code Refactoring
244 |
245 | * **repo:** remove unused `files_switch` import ([](https://github.com/saltstack-formulas/zabbix-formula/commit/e60e111))
246 | * **tofs:** upgrade for all file.managed ([](https://github.com/saltstack-formulas/zabbix-formula/commit/d5c747c))
247 |
248 |
249 | ### Continuous Integration
250 |
251 | * **travis:** use `fedora-29` instead of `fedora-30` (for reliability) ([](https://github.com/saltstack-formulas/zabbix-formula/commit/7de7782))
252 |
253 | # [0.21.0](https://github.com/saltstack-formulas/zabbix-formula/compare/v0.20.5...v0.21.0) (2019-10-12)
254 |
255 |
256 | ### Bug Fixes
257 |
258 | * **init.sls:** fix `salt-lint` errors ([](https://github.com/saltstack-formulas/zabbix-formula/commit/ff28364))
259 | * **pillar.example:** fix `yamllint` violations ([](https://github.com/saltstack-formulas/zabbix-formula/commit/b51907d))
260 | * **repo:** ensure `debconf-utils` is installed for Debian-based OSes ([](https://github.com/saltstack-formulas/zabbix-formula/commit/4980350))
261 |
262 |
263 | ### Continuous Integration
264 |
265 | * **inspec:** add pillar to use for testing the `default` suite ([](https://github.com/saltstack-formulas/zabbix-formula/commit/581a748))
266 |
267 |
268 | ### Documentation
269 |
270 | * **readme:** move to `docs/` directory and apply common structure ([](https://github.com/saltstack-formulas/zabbix-formula/commit/f0f1563))
271 |
272 |
273 | ### Features
274 |
275 | * **semantic-release:** implement for this formula ([](https://github.com/saltstack-formulas/zabbix-formula/commit/40e78a2)), closes [#129](https://github.com/saltstack-formulas/zabbix-formula/issues/129)
276 |
277 |
278 | ### Tests
279 |
280 | * **inspec:** add tests for packages, config files & services ([](https://github.com/saltstack-formulas/zabbix-formula/commit/4facac6))
281 |
--------------------------------------------------------------------------------
/CHANGELOG.rst:
--------------------------------------------------------------------------------
1 | zabbix formula
2 | ================
3 |
4 | 1.2 (2014-12-29)
5 |
6 | - More compact and simplified Zabbix configuration files
7 | - Support for repo versions in RedHat
8 | - Eliminated requirement of a mysql service in the minion
9 |
10 | 1.1 (2014-08-30)
11 |
12 | - General improvements: added new pillars, better support for os_family, ...
13 | - Added macro.jinja with files_switch macro.
14 |
15 | 1.0 (2014-06-23)
16 |
17 | - Changed structure of the map.jinja to separate between agent, server and
18 | frontend
19 |
20 | 0.3 (2014-05-05)
21 |
22 | - Added suport for all Zabbix components
23 | - Added support for multiple files subdirectories (see README.rst)
24 |
25 | 0.2 (2014-04-25)
26 |
27 | - Added support for zabbix-server
28 |
29 | 0.1 (2014-04-04)
30 |
31 | - Initial version with support just for Debian os_family and zabbix-agent
32 |
--------------------------------------------------------------------------------
/CODEOWNERS:
--------------------------------------------------------------------------------
1 | # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
2 |
3 | # SECTION: Owner(s) for everything in the repo, unless a later match takes precedence
4 | # FILE PATTERN OWNER(S)
5 | * @hatifnatt
6 |
7 | # SECTION: Owner(s) for specific directories
8 | # FILE PATTERN OWNER(S)
9 | /test/ @myii
10 |
11 | # SECTION: Owner(s) for files/directories related to `semantic-release`
12 | # FILE PATTERN OWNER(S)
13 | /.github/workflows/ @saltstack-formulas/ssf
14 | /bin/install-hooks @saltstack-formulas/ssf
15 | /bin/kitchen @saltstack-formulas/ssf
16 | /docs/AUTHORS.rst @saltstack-formulas/ssf
17 | /docs/CHANGELOG.rst @saltstack-formulas/ssf
18 | /docs/TOFS_pattern.rst @saltstack-formulas/ssf
19 | /*/_mapdata/ @saltstack-formulas/ssf
20 | /*/libsaltcli.jinja @saltstack-formulas/ssf
21 | /*/libtofs.jinja @saltstack-formulas/ssf
22 | /test/integration/**/_mapdata.rb @saltstack-formulas/ssf
23 | /test/integration/**/libraries/system.rb @saltstack-formulas/ssf
24 | /test/integration/**/inspec.yml @saltstack-formulas/ssf
25 | /test/integration/**/README.md @saltstack-formulas/ssf
26 | /test/salt/pillar/top.sls @saltstack-formulas/ssf
27 | /.gitignore @saltstack-formulas/ssf
28 | /.cirrus.yml @saltstack-formulas/ssf
29 | /.gitlab-ci.yml @saltstack-formulas/ssf
30 | /.pre-commit-config.yaml @saltstack-formulas/ssf
31 | /.rstcheck.cfg @saltstack-formulas/ssf
32 | /.rubocop.yml @saltstack-formulas/ssf
33 | /.salt-lint @saltstack-formulas/ssf
34 | /.travis.yml @saltstack-formulas/ssf
35 | /.yamllint @saltstack-formulas/ssf
36 | /AUTHORS.md @saltstack-formulas/ssf
37 | /CHANGELOG.md @saltstack-formulas/ssf
38 | /CODEOWNERS @saltstack-formulas/ssf
39 | /commitlint.config.js @saltstack-formulas/ssf
40 | /FORMULA @saltstack-formulas/ssf
41 | /Gemfile @saltstack-formulas/ssf
42 | /Gemfile.lock @saltstack-formulas/ssf
43 | /kitchen.yml @saltstack-formulas/ssf
44 | /kitchen.vagrant.yml @saltstack-formulas/ssf
45 | /kitchen.windows.yml @saltstack-formulas/ssf
46 | /pre-commit_semantic-release.sh @saltstack-formulas/ssf
47 | /release-rules.js @saltstack-formulas/ssf
48 | /release.config.js @saltstack-formulas/ssf
49 |
50 | # SECTION: Owner(s) for specific files
51 | # FILE PATTERN OWNER(S)
52 |
--------------------------------------------------------------------------------
/FORMULA:
--------------------------------------------------------------------------------
1 | name: zabbix
2 | os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, FreeBSD, Windows
3 | os_family: Debian, RedHat, FreeBSD, Windows
4 | version: 1.3.2
5 | release: 1
6 | minimum_version: 2018.3
7 | summary: Formula for installing Zabbix
8 | description: Formula for installing Zabbix
9 | top_level_dir: zabbix
10 |
--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | source ENV.fetch('PROXY_RUBYGEMSORG', 'https://rubygems.org')
4 |
5 | # Install the `inspec` gem using `git` because versions after `4.22.22`
6 | # suppress diff output; this version fixes this for our uses.
7 | # rubocop:disable Layout/LineLength
8 | gem 'inspec', git: 'https://gitlab.com/saltstack-formulas/infrastructure/inspec', branch: 'ssf'
9 | # rubocop:enable Layout/LineLength
10 |
11 | # Install the `kitchen-docker` gem using `git` in order to gain a performance
12 | # improvement: avoid package installations which are already covered by the
13 | # `salt-image-builder` (i.e. the pre-salted images that we're using)
14 | # rubocop:disable Layout/LineLength
15 | gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf'
16 | # rubocop:enable Layout/LineLength
17 |
18 | gem 'kitchen-inspec', '>= 2.5.0'
19 | gem 'kitchen-salt', '>= 0.7.2'
20 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Copyright (c) 2014 Allenta Consulting
2 |
3 | Licensed under the Apache License, Version 2.0 (the "License");
4 | you may not use this file except in compliance with the License.
5 | You may obtain a copy of the License at
6 |
7 | http://www.apache.org/licenses/LICENSE-2.0
8 |
9 | Unless required by applicable law or agreed to in writing, software
10 | distributed under the License is distributed on an "AS IS" BASIS,
11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | See the License for the specific language governing permissions and
13 | limitations under the License.
14 |
--------------------------------------------------------------------------------
/bin/install-hooks:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env sh
2 | set -o nounset # Treat unset variables as an error and immediately exit
3 | set -o errexit # If a command fails exit the whole script
4 |
5 | if [ "${DEBUG:-false}" = "true" ]; then
6 | set -x # Run the entire script in debug mode
7 | fi
8 |
9 | if ! command -v pre-commit >/dev/null 2>&1; then
10 | echo "pre-commit not found: please install or check your PATH" >&2
11 | echo "See https://pre-commit.com/#installation" >&2
12 | exit 1
13 | fi
14 |
15 | pre-commit install --install-hooks
16 | pre-commit install --hook-type commit-msg --install-hooks
17 |
--------------------------------------------------------------------------------
/bin/kitchen:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'kitchen' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | require 'pathname'
12 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
13 | Pathname.new(__FILE__).realpath)
14 |
15 | bundle_binstub = File.expand_path('bundle', __dir__)
16 |
17 | if File.file?(bundle_binstub)
18 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
19 | load(bundle_binstub)
20 | else
21 | abort(
22 | 'Your `bin/bundle` was not generated by Bundler, ' \
23 | 'so this binstub cannot run. Replace `bin/bundle` by running ' \
24 | '`bundle binstubs bundler --force`, then run this command again.'
25 | )
26 | end
27 | end
28 |
29 | require 'rubygems'
30 | require 'bundler/setup'
31 |
32 | load Gem.bin_path('test-kitchen', 'kitchen')
33 |
--------------------------------------------------------------------------------
/commitlint.config.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | extends: ['@commitlint/config-conventional'],
3 | rules: {
4 | 'body-max-line-length': [2, 'always', 120],
5 | 'footer-max-line-length': [2, 'always', 120],
6 | 'header-max-length': [2, 'always', 72],
7 | },
8 | };
9 |
--------------------------------------------------------------------------------
/docs/AUTHORS.rst:
--------------------------------------------------------------------------------
1 | .. role:: raw-html-m2r(raw)
2 | :format: html
3 |
4 |
5 | Authors
6 | =======
7 |
8 | This list is sorted by the number of commits per contributor in *descending* order.
9 |
10 | .. list-table::
11 | :header-rows: 1
12 |
13 | * - Avatar
14 | - Contributor
15 | - Contributions
16 | * - :raw-html-m2r:``
17 | - `@myii `_
18 | - 152
19 | * - :raw-html-m2r:``
20 | - `@moreda `_
21 | - 52
22 | * - :raw-html-m2r:``
23 | - `@xenadmin `_
24 | - 34
25 | * - :raw-html-m2r:``
26 | - `@landergate `_
27 | - 27
28 | * - :raw-html-m2r:``
29 | - `@hatifnatt `_
30 | - 24
31 | * - :raw-html-m2r:``
32 | - `@aboe76 `_
33 | - 22
34 | * - :raw-html-m2r:``
35 | - `@absmith82 `_
36 | - 6
37 | * - :raw-html-m2r:``
38 | - `@noelmcloughlin `_
39 | - 5
40 | * - :raw-html-m2r:``
41 | - `@bkmit `_
42 | - 4
43 | * - :raw-html-m2r:``
44 | - `@ninjix `_
45 | - 4
46 | * - :raw-html-m2r:``
47 | - `@ghormoon `_
48 | - 4
49 | * - :raw-html-m2r:``
50 | - `@unsupo `_
51 | - 4
52 | * - :raw-html-m2r:``
53 | - `@nmadhok `_
54 | - 4
55 | * - :raw-html-m2r:``
56 | - `@0xf10e `_
57 | - 4
58 | * - :raw-html-m2r:``
59 | - `@dafyddj `_
60 | - 3
61 | * - :raw-html-m2r:``
62 | - `@whiteinge `_
63 | - 3
64 | * - :raw-html-m2r:``
65 | - `@xfxian `_
66 | - 3
67 | * - :raw-html-m2r:``
68 | - `@asenci `_
69 | - 2
70 | * - :raw-html-m2r:``
71 | - `@syphernl `_
72 | - 2
73 | * - :raw-html-m2r:``
74 | - `@jzandbergen `_
75 | - 2
76 | * - :raw-html-m2r:``
77 | - `@timwsuqld `_
78 | - 2
79 | * - :raw-html-m2r:``
80 | - `@goir `_
81 | - 2
82 | * - :raw-html-m2r:``
83 | - `@waynegemmell `_
84 | - 2
85 | * - :raw-html-m2r:``
86 | - `@1exx `_
87 | - 1
88 | * - :raw-html-m2r:``
89 | - `@iggy `_
90 | - 1
91 | * - :raw-html-m2r:``
92 | - `@mchugh19 `_
93 | - 1
94 | * - :raw-html-m2r:``
95 | - `@baby-gnu `_
96 | - 1
97 | * - :raw-html-m2r:``
98 | - `@filicivi `_
99 | - 1
100 | * - :raw-html-m2r:``
101 | - `@gravyboat `_
102 | - 1
103 | * - :raw-html-m2r:``
104 | - `@t0fik `_
105 | - 1
106 | * - :raw-html-m2r:``
107 | - `@techhat `_
108 | - 1
109 | * - :raw-html-m2r:``
110 | - `@lmf-mx `_
111 | - 1
112 | * - :raw-html-m2r:``
113 | - `@DocMarten `_
114 | - 1
115 | * - :raw-html-m2r:``
116 | - `@mikemol `_
117 | - 1
118 | * - :raw-html-m2r:``
119 | - `@pauldalewilliams `_
120 | - 1
121 | * - :raw-html-m2r:``
122 | - `@tomduijf `_
123 | - 1
124 | * - :raw-html-m2r:``
125 | - `@wwentland `_
126 | - 1
127 | * - :raw-html-m2r:``
128 | - `@edusperoni `_
129 | - 1
130 | * - :raw-html-m2r:``
131 | - `@puneetk `_
132 | - 1
133 | * - :raw-html-m2r:``
134 | - `@manens `_
135 | - 1
136 | * - :raw-html-m2r:``
137 | - `@stuartgh `_
138 | - 1
139 |
140 |
141 | ----
142 |
143 | Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2022-11-09.
144 |
--------------------------------------------------------------------------------
/docs/README.rst:
--------------------------------------------------------------------------------
1 | .. _readme:
2 |
3 | zabbix-formula
4 | ==============
5 |
6 | |img_travis| |img_sr|
7 |
8 | .. |img_travis| image:: https://travis-ci.com/saltstack-formulas/zabbix-formula.svg?branch=master
9 | :alt: Travis CI Build Status
10 | :scale: 100%
11 | :target: https://travis-ci.com/saltstack-formulas/zabbix-formula
12 | .. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg
13 | :alt: Semantic Release
14 | :scale: 100%
15 | :target: https://github.com/semantic-release/semantic-release
16 |
17 | A SaltStack formula to manage Zabbix.
18 |
19 | .. contents:: **Table of Contents**
20 |
21 | General notes
22 | -------------
23 |
24 | See the full `SaltStack Formulas installation and usage instructions
25 | `_.
26 |
27 | If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section
28 | `_.
29 |
30 | If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``,
31 | which contains the currently released version. This formula is versioned according to `Semantic Versioning `_.
32 |
33 | See `Formula Versioning Section `_ for more details.
34 |
35 | Contributing to this repo
36 | -------------------------
37 |
38 | **Commit message formatting is significant!!**
39 |
40 | Please see `How to contribute `_ for more details.
41 |
42 | Overview
43 | --------
44 |
45 | This formula has been developed distributing declarations in different files to
46 | make it usable in most situations. It should be useful in scenarios ranging from
47 | a simple install of the packages (without any special configuration) to a more
48 | complex set-up with different nodes for agent, server, database and frontend.
49 |
50 | Customization
51 | ^^^^^^^^^^^^^
52 |
53 | First, **see if providing pillar data is enough for your customization needs**.
54 | That's the recommended way and should be enough for most cases. See that
55 | sometimes there's a key named ``extra_conf`` that's used to add arbitrary
56 | configuration lines in the templates provided.
57 |
58 | When providing pillar data is not enough for your needs, you can apply the
59 | Template Override and Files Switch (TOFS) pattern as described in the
60 | documentation file ``TOFS_pattern.md``.
61 |
62 | The formula is designed to be independent from other formulas so you could use
63 | this in a non-100% salted environment (i.e. it's not required –although
64 | recommended– to use other formulas to provision other parts of a complete
65 | system).
66 |
67 | Using RedHat EPEL repo Zabbix packages
68 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
69 |
70 | If you want to use the EPEL repo packages, as the naming conventions are
71 | different, you need to tweak the default values of ``map.jinja`` to obtain the
72 | desired results. In short:
73 |
74 | * Don't use the ``zabbix.agent.repo`` sls assuming that EPEL repos are already
75 | configured
76 |
77 | * Override the ``map.jinja`` definitions using pillar values like this
78 |
79 | .. code:: yaml
80 |
81 | zabbix:
82 | lookup:
83 | agent:
84 | pkg: zabbix22-agent
85 | server:
86 | pkg: zabbix22-server-mysql
87 |
88 |
89 | Now you just have to use ``zabbix.agent.conf`` sls file and that's it.
90 |
91 | Example of usage
92 | ^^^^^^^^^^^^^^^^
93 |
94 | Just as an example, this is a ``top.sls`` file to install a complete modular
95 | self-contained Zabbix system:
96 |
97 | .. code:: yaml
98 |
99 | base:
100 | '*':
101 | - zabbix.agent.repo
102 | - zabbix.agent.conf
103 |
104 | - mysql.server.conf
105 | - mysql.client.conf
106 | - zabbix.mysql.conf
107 | - zabbix.mysql.schema
108 |
109 | - zabbix.server.repo
110 | - zabbix.server.conf
111 |
112 | - nginx.conf
113 |
114 | - php.fpm.repo
115 | - php.fpm.conf
116 | - php.fpm.mysql
117 | - php.fpm.bcmath
118 | - php.fpm.mbstring
119 | - php.fpm.gd
120 | - php.fpm.xml
121 | - php.fpm.opcache
122 |
123 | - zabbix.frontend.repo
124 | - zabbix.frontend.conf
125 |
126 | You need the appropriate mysql, nginx and php formulas to complete the
127 | installation with this ``top.sls`` file.
128 |
129 | If you are installing the zabbix agent for windows you will want to separate the
130 | pillar for windows from other linux and unix agents
131 | This is a pillar ``top.sls`` file example to separate windows and Ubuntu Zabbix agent
132 | pillar files
133 |
134 | .. code:: yaml
135 |
136 | base:
137 | 'os:Ubuntu':
138 | - match: grain
139 | - zabbix-agent-ubuntu
140 |
141 | 'os:Windows':
142 | - match: grain
143 | - zabbix-agent-windows
144 |
145 | .. note::
146 |
147 | See the full `Salt Formulas
148 | `_ doc.
149 |
150 | Available states
151 | ----------------
152 |
153 | .. contents::
154 | :local:
155 |
156 | ``zabbix.agent``
157 | ^^^^^^^^^^^^^^^^
158 |
159 | Installs the zabbix-agent package and starts the associated zabbix-
160 | agent service.
161 |
162 | ``zabbix.agent.conf``
163 | ^^^^^^^^^^^^^^^^^^^^^
164 |
165 | Configures the zabbix-agent package.
166 |
167 | ``zabbix.agent.repo``
168 | ^^^^^^^^^^^^^^^^^^^^^
169 |
170 | Configures official Zabbix repo specifically for the agent. Actually it just
171 | includes zabbix.repo and adds a requisite for the pkg state declaration
172 |
173 | ``zabbix.frontend``
174 | ^^^^^^^^^^^^^^^^^^^
175 |
176 | Installs Zabbix frontend.
177 |
178 | ``zabbix.frontend.conf``
179 | ^^^^^^^^^^^^^^^^^^^^^^^^
180 |
181 | Configures the zabbix-frontend package. Actually you need to use other formulas
182 | for apache/nginx and php5-fpm to complete a working setup.
183 |
184 | ``zabbix.frontend.repo``
185 | ^^^^^^^^^^^^^^^^^^^^^^^^
186 |
187 | Configures official Zabbix repo specifically for the frontend. Actually it just
188 | includes zabbix.repo and adds a requisite for the pkg state declaration.
189 |
190 | ``zabbix.mysql.conf``
191 | ^^^^^^^^^^^^^^^^^^^^^
192 |
193 | Creates database and mysql user for Zabbix.
194 |
195 | ``zabbix.mysql.schema``
196 | ^^^^^^^^^^^^^^^^^^^^^^^
197 |
198 | Creates mysql schema for Zabbix.
199 |
200 | ``zabbix.pgsql.pkgs``
201 | ^^^^^^^^^^^^^^^^^^^^^^^
202 |
203 | Install required psql packages.
204 |
205 | ``zabbix.pgsql.conf``
206 | ^^^^^^^^^^^^^^^^^^^^^
207 |
208 | Creates database and PostgreSQL user for Zabbix. Includes zabbix.pgsql.pkgs.
209 |
210 | ``zabbix.pgsql.schema``
211 | ^^^^^^^^^^^^^^^^^^^^^^^
212 |
213 | Creates PostgreSQL schema for Zabbix. Includes zabbix.pgsql.pkgs.
214 |
215 | ``zabbix.proxy``
216 | ^^^^^^^^^^^^^^^^
217 |
218 | Installs the zabbix-proxy package and starts the associated zabbix-proxy service.
219 |
220 | ``zabbix.proxy.conf``
221 | ^^^^^^^^^^^^^^^^^^^^^
222 |
223 | Configures the zabbix-proxy package.
224 |
225 | ``zabbix.proxy.repo``
226 | ^^^^^^^^^^^^^^^^^^^^^
227 |
228 | Configures official Zabbix repo specifically for the proxy. Actually it just
229 | includes zabbix.repo and adds a requisite for the pkg state declaration
230 |
231 | ``zabbix.repo``
232 | ^^^^^^^^^^^^^^^
233 |
234 | Configures official Zabbix repo.
235 |
236 | ``zabbix.server``
237 | ^^^^^^^^^^^^^^^^^
238 |
239 | Installs the zabbix-server package and starts the associated zabbix-
240 | server service.
241 |
242 | ``zabbix.server.conf``
243 | ^^^^^^^^^^^^^^^^^^^^^^
244 |
245 | Configures the zabbix-server package.
246 |
247 | ``zabbix.server.repo``
248 | ^^^^^^^^^^^^^^^^^^^^^^
249 |
250 | Configures official Zabbix repo specifically for the server. Actually it just
251 | includes zabbix.repo and adds a requisite for the pkg state declaration
252 |
253 | ``zabbix.users``
254 | ^^^^^^^^^^^^^^^^
255 |
256 | Declares users and groups that could be needed in other formulas (e.g. in the
257 | users formula to make an user pertain to the service group).
258 |
259 |
260 | Testing
261 | -------
262 |
263 | Linux testing is done with ``kitchen-salt``.
264 |
265 | Requirements
266 | ^^^^^^^^^^^^
267 |
268 | * Ruby
269 | * Docker
270 |
271 | .. code-block:: bash
272 |
273 | $ gem install bundler
274 | $ bundle install
275 | $ bin/kitchen test [platform]
276 |
277 | Where ``[platform]`` is the platform name defined in ``kitchen.yml``,
278 | e.g. ``debian-9-2019-2-py3``.
279 |
280 | ``bin/kitchen converge``
281 | ^^^^^^^^^^^^^^^^^^^^^^^^
282 |
283 | Creates the docker instance and runs the ``template`` main state, ready for testing.
284 |
285 | ``bin/kitchen verify``
286 | ^^^^^^^^^^^^^^^^^^^^^^
287 |
288 | Runs the ``inspec`` tests on the actual instance.
289 |
290 | ``bin/kitchen destroy``
291 | ^^^^^^^^^^^^^^^^^^^^^^^
292 |
293 | Removes the docker instance.
294 |
295 | ``bin/kitchen test``
296 | ^^^^^^^^^^^^^^^^^^^^
297 |
298 | Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.
299 |
300 | ``bin/kitchen login``
301 | ^^^^^^^^^^^^^^^^^^^^^
302 |
303 | Gives you SSH access to the instance for manual testing.
304 |
--------------------------------------------------------------------------------
/docs/TOFS_pattern.rst:
--------------------------------------------------------------------------------
1 | .. _tofs_pattern:
2 |
3 | TOFS: A pattern for using SaltStack
4 | ===================================
5 |
6 | .. list-table::
7 | :name: tofs-authors
8 | :header-rows: 1
9 | :stub-columns: 1
10 | :widths: 2,2,3,2
11 |
12 | * -
13 | - Person
14 | - Contact
15 | - Date
16 | * - Authored by
17 | - Roberto Moreda
18 | - moreda@allenta.com
19 | - 29/12/2014
20 | * - Modified by
21 | - Daniel Dehennin
22 | - daniel.dehennin@baby-gnu.org
23 | - 07/02/2019
24 | * - Modified by
25 | - Imran Iqbal
26 | - https://github.com/myii
27 | - 23/02/2019
28 |
29 | All that follows is a proposal based on my experience with `SaltStack `_. The good thing of a piece of software like this is that you can "bend it" to suit your needs in many possible ways, and this is one of them. All the recommendations and thoughts are given "as it is" with no warranty of any type.
30 |
31 | .. contents:: **Table of Contents**
32 |
33 | Usage of values in pillar vs templates in ``file_roots``
34 | --------------------------------------------------------
35 |
36 | Among other functions, the *master* (or *salt-master*) serves files to the *minions* (or *salt-minions*). The `file_roots `_ is the list of directories used in sequence to find a file when a minion requires it: the first match is served to the minion. Those files could be `state files `_ or configuration templates, among others.
37 |
38 | Using SaltStack is a simple and effective way to implement configuration management, but even in a `non-multitenant `_ scenario, it is not a good idea to generally access some data (e.g. the database password in our `Zabbix `_ server configuration file or the private key of our `Nginx `_ TLS certificate).
39 |
40 | To avoid this situation we can use the `pillar mechanism `_, which is designed to provide controlled access to data from the minions based on some selection rules. As pillar data could be easily integrated in the `Jinja `_ templates, it is a good mechanism to store values to be used in the final rendering of state files and templates.
41 |
42 | There are a variety of approaches on the usage of pillar and templates as seen in the `saltstack-formulas `_' repositories. `Some `_ `developments `_ stress the initial purpose of pillar data into a storage for most of the possible variables for a determined system configuration. This, in my opinion, is shifting too much load from the original template files approach. Adding up some `non-trivial Jinja `_ code as essential part of composing the state file definitely makes SaltStack state files (hence formulas) more difficult to read. The extreme of this approach is that we could end up with a new render mechanism, implemented in Jinja, storing everything needed in pillar data to compose configurations. Additionally, we are establishing a strong dependency with the Jinja renderer.
43 |
44 | In opposition to the *put the code in file_roots and the data in pillars* approach, there is the *pillar as a store for a set of key-values* approach. A full-blown configuration file abstracted in pillar and jinja is complicated to develop, understand and maintain. I think a better and simpler approach is to keep a configuration file templated using just a basic (non-extensive but extensible) set of pillar values.
45 |
46 | On the reusability of SaltStack state files
47 | -------------------------------------------
48 |
49 | There is a brilliant initiative of the SaltStack community called `salt-formulas `_. Their goal is to provide state files, pillar examples and configuration templates ready to be used for provisioning. I am a contributor for two small ones: `zabbix-formula `_ and `varnish-formula `_.
50 |
51 | The `design guidelines `_ for formulas are clear in many aspects and it is a recommended reading for anyone willing to write state files, even non-formulaic ones.
52 |
53 | In the next section, I am going to describe my proposal to extend further the reusability of formulas, suggesting some patterns of usage.
54 |
55 | The Template Override and Files Switch (TOFS) pattern
56 | -----------------------------------------------------
57 |
58 | I understand a formula as a **complete, independent set of SaltStack state and configuration template files sufficient to configure a system**. A system could be something as simple as an NTP server or some other much more complex service that requires many state and configuration template files.
59 |
60 | The customization of a formula should be done mainly by providing pillar data used later to render either the state or the configuration template files.
61 |
62 | Example: NTP before applying TOFS
63 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
64 |
65 | Let's work with the NTP example. A basic formula that follows the `design guidelines `_ has the following files and directories tree:
66 |
67 | .. code-block:: console
68 |
69 | /srv/saltstack/salt-formulas/ntp-saltstack-formula/
70 | ntp/
71 | map.jinja
72 | init.sls
73 | conf.sls
74 | files/
75 | default/
76 | etc/
77 | ntp.conf.jinja
78 |
79 | In order to use it, let's assume a `masterless configuration `_ and this relevant section of ``/etc/salt/minion``:
80 |
81 | .. code-block:: yaml
82 |
83 | pillar_roots:
84 | base:
85 | - /srv/saltstack/pillar
86 | file_client: local
87 | file_roots:
88 | base:
89 | - /srv/saltstack/salt
90 | - /srv/saltstack/salt-formulas/ntp-saltstack-formula
91 |
92 | .. code-block:: jinja
93 |
94 | {#- /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/map.jinja #}
95 | {%- set ntp = salt['grains.filter_by']({
96 | 'default': {
97 | 'pkg': 'ntp',
98 | 'service': 'ntp',
99 | 'config': '/etc/ntp.conf',
100 | },
101 | }, merge=salt['pillar.get']('ntp:lookup')) %}
102 |
103 | In ``init.sls`` we have the minimal states required to have NTP configured. In many cases ``init.sls`` is almost equivalent to an ``apt-get install`` or a ``yum install`` of the package.
104 |
105 | .. code-block:: sls
106 |
107 | ## /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/init.sls
108 | {%- from 'ntp/map.jinja' import ntp with context %}
109 |
110 | Install NTP:
111 | pkg.installed:
112 | - name: {{ ntp.pkg }}
113 |
114 | Enable and start NTP:
115 | service.running:
116 | - name: {{ ntp.service }}
117 | - enabled: True
118 | - require:
119 | - pkg: Install NTP package
120 |
121 | In ``conf.sls`` we have the configuration states. In most cases, that is just managing configuration file templates and making them to be watched by the service.
122 |
123 | .. code-block:: sls
124 |
125 | ## /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/conf.sls
126 | include:
127 | - ntp
128 |
129 | {%- from 'ntp/map.jinja' import ntp with context %}
130 |
131 | Configure NTP:
132 | file.managed:
133 | - name: {{ ntp.config }}
134 | - template: jinja
135 | - source: salt://ntp/files/default/etc/ntp.conf.jinja
136 | - watch_in:
137 | - service: Enable and start NTP service
138 | - require:
139 | - pkg: Install NTP package
140 |
141 | Under ``files/default``, there is a structure that mimics the one in the minion in order to avoid clashes and confusion on where to put the needed templates. There you can find a mostly standard template for the configuration file.
142 |
143 | .. code-block:: jinja
144 |
145 | {#- /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/files/default/etc/ntp.conf.jinja #}
146 | {#- Managed by saltstack #}
147 | {#- Edit pillars or override this template in saltstack if you need customization #}
148 | {%- set settings = salt['pillar.get']('ntp', {}) %}
149 | {%- set default_servers = ['0.ubuntu.pool.ntp.org',
150 | '1.ubuntu.pool.ntp.org',
151 | '2.ubuntu.pool.ntp.org',
152 | '3.ubuntu.pool.ntp.org'] %}
153 |
154 | driftfile /var/lib/ntp/ntp.drift
155 | statistics loopstats peerstats clockstats
156 | filegen loopstats file loopstats type day enable
157 | filegen peerstats file peerstats type day enable
158 | filegen clockstats file clockstats type day enable
159 |
160 | {%- for server in settings.get('servers', default_servers) %}
161 | server {{ server }}
162 | {%- endfor %}
163 |
164 | restrict -4 default kod notrap nomodify nopeer noquery
165 | restrict -6 default kod notrap nomodify nopeer noquery
166 |
167 | restrict 127.0.0.1
168 | restrict ::1
169 |
170 | With all this, it is easy to install and configure a simple NTP server by just running ``salt-call state.sls ntp.conf``: the package will be installed, the service will be running and the configuration should be correct for most of cases, even without pillar data.
171 |
172 | Alternatively, you can define a highstate in ``/srv/saltstack/salt/top.sls`` and run ``salt-call state.highstate``.
173 |
174 | .. code-block:: sls
175 |
176 | ## /srv/saltstack/salt/top.sls
177 | base:
178 | '*':
179 | - ntp.conf
180 |
181 | **Customizing the formula just with pillar data**, we have the option to define the NTP servers.
182 |
183 | .. code-block:: sls
184 |
185 | ## /srv/saltstack/pillar/top.sls
186 | base:
187 | '*':
188 | - ntp
189 |
190 | .. code-block:: sls
191 |
192 | ## /srv/saltstack/pillar/ntp.sls
193 | ntp:
194 | servers:
195 | - 0.ch.pool.ntp.org
196 | - 1.ch.pool.ntp.org
197 | - 2.ch.pool.ntp.org
198 | - 3.ch.pool.ntp.org
199 |
200 | Template Override
201 | ^^^^^^^^^^^^^^^^^
202 |
203 | If the customization based on pillar data is not enough, we can override the template by creating a new one in ``/srv/saltstack/salt/ntp/files/default/etc/ntp.conf.jinja``
204 |
205 | .. code-block:: jinja
206 |
207 | {#- /srv/saltstack/salt/ntp/files/default/etc/ntp.conf.jinja #}
208 | {#- Managed by saltstack #}
209 | {#- Edit pillars or override this template in saltstack if you need customization #}
210 |
211 | {#- Some bizarre configurations here #}
212 | {#- ... #}
213 |
214 | {%- for server in settings.get('servers', default_servers) %}
215 | server {{ server }}
216 | {%- endfor %}
217 |
218 | This way we are locally **overriding the template files** offered by the formula in order to make a more complex adaptation. Of course, this could be applied as well to any of the files, including the state files.
219 |
220 | Files Switch
221 | ^^^^^^^^^^^^
222 |
223 | To bring some order into the set of template files included in a formula, as we commented, we suggest having a similar structure to a normal final file system under ``files/default``.
224 |
225 | We can make different templates coexist for different minions, classified by any `grain `_ value, by simply creating new directories under ``files``. This mechanism is based on **using values of some grains as a switch for the directories under** ``files/``.
226 |
227 | If we decide that we want ``os_family`` as switch, then we could provide the formula template variants for both the ``RedHat`` and ``Debian`` families.
228 |
229 | .. code-block:: console
230 |
231 | /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/files/
232 | default/
233 | etc/
234 | ntp.conf.jinja
235 | RedHat/
236 | etc/
237 | ntp.conf.jinja
238 | Debian/
239 | etc/
240 | ntp.conf.jinja
241 |
242 | To make this work we need a ``conf.sls`` state file that takes a list of possible files as the configuration template.
243 |
244 | .. code-block:: sls
245 |
246 | ## /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/conf.sls
247 | include:
248 | - ntp
249 |
250 | {%- from 'ntp/map.jinja' import ntp with context %}
251 |
252 | Configure NTP:
253 | file.managed:
254 | - name: {{ ntp.config }}
255 | - template: jinja
256 | - source:
257 | - salt://ntp/files/{{ grains.get('os_family', 'default') }}/etc/ntp.conf.jinja
258 | - salt://ntp/files/default/etc/ntp.conf.jinja
259 | - watch_in:
260 | - service: Enable and start NTP service
261 | - require:
262 | - pkg: Install NTP package
263 |
264 | If we want to cover the possibility of a special template for a minion identified by ``node01`` then we could have a specific template in ``/srv/saltstack/salt/ntp/files/node01/etc/ntp.conf.jinja``.
265 |
266 | .. code-block:: jinja
267 |
268 | {#- /srv/saltstack/salt/ntp/files/node01/etc/ntp.conf.jinja #}
269 | {#- Managed by saltstack #}
270 | {#- Edit pillars or override this template in saltstack if you need customization #}
271 |
272 | {#- Some crazy configurations here for node01 #}
273 | {#- ... #}
274 |
275 | To make this work we could write a specially crafted ``conf.sls``.
276 |
277 | .. code-block:: sls
278 |
279 | ## /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/conf.sls
280 | include:
281 | - ntp
282 |
283 | {%- from 'ntp/map.jinja' import ntp with context %}
284 |
285 | Configure NTP:
286 | file.managed:
287 | - name: {{ ntp.config }}
288 | - template: jinja
289 | - source:
290 | - salt://ntp/files/{{ grains.get('id') }}/etc/ntp.conf.jinja
291 | - salt://ntp/files/{{ grains.get('os_family') }}/etc/ntp.conf.jinja
292 | - salt://ntp/files/default/etc/ntp.conf.jinja
293 | - watch_in:
294 | - service: Enable and start NTP service
295 | - require:
296 | - pkg: Install NTP package
297 |
298 | Using the ``files_switch`` macro
299 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
300 |
301 | We can simplify the ``conf.sls`` with the new ``files_switch`` macro to use in the ``source`` parameter for the ``file.managed`` state.
302 |
303 | .. code-block:: sls
304 |
305 | ## /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/conf.sls
306 | include:
307 | - ntp
308 |
309 | {%- set tplroot = tpldir.split('/')[0] %}
310 | {%- from 'ntp/map.jinja' import ntp with context %}
311 | {%- from 'ntp/libtofs.jinja' import files_switch %}
312 |
313 | Configure NTP:
314 | file.managed:
315 | - name: {{ ntp.config }}
316 | - template: jinja
317 | - source: {{ files_switch(['/etc/ntp.conf.jinja'],
318 | lookup='Configure NTP'
319 | )
320 | }}
321 | - watch_in:
322 | - service: Enable and start NTP service
323 | - require:
324 | - pkg: Install NTP package
325 |
326 |
327 | * This uses ``config.get``, searching for ``ntp:tofs:source_files:Configure NTP`` to determine the list of template files to use.
328 | * If this returns a result, the default of ``['/etc/ntp.conf.jinja']`` will be appended to it.
329 | * If this does not yield any results, the default of ``['/etc/ntp.conf.jinja']`` will be used.
330 |
331 | In ``libtofs.jinja``, we define this new macro ``files_switch``.
332 |
333 | .. literalinclude:: ../template/libtofs.jinja
334 | :caption: /srv/saltstack/salt-formulas/ntp-saltstack-formula/ntp/libtofs.jinja
335 | :language: jinja
336 |
337 | How to customise the ``source`` further
338 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
339 |
340 | The examples below are based on an ``Ubuntu`` minion called ``theminion`` being configured via. pillar.
341 |
342 | Using the default settings of the ``files_switch`` macro above,
343 | the ``source`` will be:
344 |
345 | .. code-block:: sls
346 |
347 | - source:
348 | - salt://ntp/files/theminion/etc/ntp.conf.jinja
349 | - salt://ntp/files/Debian/etc/ntp.conf.jinja
350 | - salt://ntp/files/default/etc/ntp.conf.jinja
351 |
352 | Customise ``files``
353 | ~~~~~~~~~~~~~~~~~~~
354 |
355 | The ``files`` portion can be customised:
356 |
357 | .. code-block:: sls
358 |
359 | ntp:
360 | tofs:
361 | dirs:
362 | files: files_alt
363 |
364 | Resulting in:
365 |
366 | .. code-block:: sls
367 |
368 | - source:
369 | - salt://ntp/files_alt/theminion/etc/ntp.conf.jinja
370 | - salt://ntp/files_alt/Debian/etc/ntp.conf.jinja
371 | - salt://ntp/files_alt/default/etc/ntp.conf.jinja
372 |
373 | Customise the use of grains
374 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~
375 |
376 | Grains can be customised and even arbitrary paths can be supplied:
377 |
378 | .. code-block:: sls
379 |
380 | ntp:
381 | tofs:
382 | files_switch:
383 | - any/path/can/be/used/here
384 | - id
385 | - os
386 | - os_family
387 |
388 | Resulting in:
389 |
390 | .. code-block:: sls
391 |
392 | - source:
393 | - salt://ntp/files/any/path/can/be/used/here/etc/ntp.conf.jinja
394 | - salt://ntp/files/theminion/etc/ntp.conf.jinja
395 | - salt://ntp/files/Ubuntu/etc/ntp.conf.jinja
396 | - salt://ntp/files/Debian/etc/ntp.conf.jinja
397 | - salt://ntp/files/default/etc/ntp.conf.jinja
398 |
399 | Customise the ``default`` path
400 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
401 |
402 | The ``default`` portion of the path can be customised:
403 |
404 | .. code-block:: sls
405 |
406 | ntp:
407 | tofs:
408 | dirs:
409 | default: default_alt
410 |
411 | Resulting in:
412 |
413 | .. code-block:: sls
414 |
415 | - source:
416 | ...
417 | - salt://ntp/files/default_alt/etc/ntp.conf.jinja
418 |
419 | Customise the list of ``source_files``
420 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
421 |
422 | The list of ``source_files`` can be given:
423 |
424 | .. code-block:: sls
425 |
426 | ntp:
427 | tofs:
428 | source_files:
429 | Configure NTP:
430 | - '/etc/ntp.conf_alt.jinja'
431 |
432 | Resulting in:
433 |
434 | .. code-block:: sls
435 |
436 | - source:
437 | - salt://ntp/files/theminion/etc/ntp.conf_alt.jinja
438 | - salt://ntp/files/theminion/etc/ntp.conf.jinja
439 | - salt://ntp/files/Debian/etc/ntp.conf_alt.jinja
440 | - salt://ntp/files/Debian/etc/ntp.conf.jinja
441 | - salt://ntp/files/default/etc/ntp.conf_alt.jinja
442 | - salt://ntp/files/default/etc/ntp.conf.jinja
443 |
444 | Note: This does *not* override the default value.
445 | Rather, the value from the pillar/config is prepended to the default.
446 |
447 | Using sub-directories for ``components``
448 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
449 |
450 | If your formula is composed of several components, you may prefer to provides files under sub-directories, like in the `systemd-formula `_.
451 |
452 | .. code-block:: console
453 |
454 | /srv/saltstack/systemd-formula/
455 | systemd/
456 | init.sls
457 | libtofs.jinja
458 | map.jinja
459 | networkd/
460 | init.sls
461 | files/
462 | default/
463 | network/
464 | 99-default.link
465 | resolved/
466 | init.sls
467 | files/
468 | default/
469 | resolved.conf
470 | timesyncd/
471 | init.sls
472 | files/
473 | Arch/
474 | resolved.conf
475 | Debian/
476 | resolved.conf
477 | default/
478 | resolved.conf
479 | Ubuntu/
480 | resolved.conf
481 |
482 | For example, the following ``formula.component.config`` SLS:
483 |
484 | .. code-block:: sls
485 |
486 | {%- from "formula/libtofs.jinja" import files_switch with context %}
487 |
488 | formula configuration file:
489 | file.managed:
490 | - name: /etc/formula.conf
491 | - user: root
492 | - group: root
493 | - mode: 644
494 | - template: jinja
495 | - source: {{ files_switch(['formula.conf'],
496 | lookup='formula',
497 | use_subpath=True
498 | )
499 | }}
500 |
501 | will be rendered on a ``Debian`` minion named ``salt-formula.ci.local`` as:
502 |
503 | .. code-block:: sls
504 |
505 | formula configuration file:
506 | file.managed:
507 | - name: /etc/formula.conf
508 | - user: root
509 | - group: root
510 | - mode: 644
511 | - template: jinja
512 | - source:
513 | - salt://formula/component/files/salt-formula.ci.local/formula.conf
514 | - salt://formula/component/files/Debian/formula.conf
515 | - salt://formula/component/files/default/formula.conf
516 | - salt://formula/files/salt-formula.ci.local/formula.conf
517 | - salt://formula/files/Debian/formula.conf
518 | - salt://formula/files/default/formula.conf
519 |
--------------------------------------------------------------------------------
/kitchen.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # For help on this file's format, see https://kitchen.ci/
5 | driver:
6 | name: docker
7 | use_sudo: false
8 | privileged: true
9 | run_command: /usr/lib/systemd/systemd
10 |
11 | provisioner:
12 | name: salt_solo
13 | log_level: debug
14 | salt_install: none
15 | require_chef: false
16 | formula: zabbix
17 | salt_copy_filter:
18 | - .kitchen
19 | - .git
20 |
21 | platforms:
22 | ## SALT `tiamat`
23 | - name: debian-11-tiamat-py3
24 | driver:
25 | image: saltimages/salt-tiamat-py3:debian-11
26 | run_command: /lib/systemd/systemd
27 | - name: debian-10-tiamat-py3
28 | driver:
29 | image: saltimages/salt-tiamat-py3:debian-10
30 | run_command: /lib/systemd/systemd
31 | - name: debian-9-tiamat-py3
32 | driver:
33 | image: saltimages/salt-tiamat-py3:debian-9
34 | run_command: /lib/systemd/systemd
35 | - name: ubuntu-2204-tiamat-py3
36 | driver:
37 | image: saltimages/salt-tiamat-py3:ubuntu-22.04
38 | run_command: /lib/systemd/systemd
39 | - name: ubuntu-2004-tiamat-py3
40 | driver:
41 | image: saltimages/salt-tiamat-py3:ubuntu-20.04
42 | run_command: /lib/systemd/systemd
43 | - name: ubuntu-1804-tiamat-py3
44 | driver:
45 | image: saltimages/salt-tiamat-py3:ubuntu-18.04
46 | run_command: /lib/systemd/systemd
47 | - name: centos-stream8-tiamat-py3
48 | driver:
49 | image: saltimages/salt-tiamat-py3:centos-stream8
50 | - name: centos-7-tiamat-py3
51 | driver:
52 | image: saltimages/salt-tiamat-py3:centos-7
53 | - name: amazonlinux-2-tiamat-py3
54 | driver:
55 | image: saltimages/salt-tiamat-py3:amazonlinux-2
56 | - name: oraclelinux-8-tiamat-py3
57 | driver:
58 | image: saltimages/salt-tiamat-py3:oraclelinux-8
59 | - name: oraclelinux-7-tiamat-py3
60 | driver:
61 | image: saltimages/salt-tiamat-py3:oraclelinux-7
62 | - name: almalinux-8-tiamat-py3
63 | driver:
64 | image: saltimages/salt-tiamat-py3:almalinux-8
65 | - name: rockylinux-8-tiamat-py3
66 | driver:
67 | image: saltimages/salt-tiamat-py3:rockylinux-8
68 |
69 | ## SALT `master`
70 | - name: debian-11-master-py3
71 | driver:
72 | image: saltimages/salt-master-py3:debian-11
73 | run_command: /lib/systemd/systemd
74 | - name: debian-10-master-py3
75 | driver:
76 | image: saltimages/salt-master-py3:debian-10
77 | run_command: /lib/systemd/systemd
78 | - name: debian-9-master-py3
79 | driver:
80 | image: saltimages/salt-master-py3:debian-9
81 | run_command: /lib/systemd/systemd
82 | - name: ubuntu-2204-master-py3
83 | driver:
84 | image: saltimages/salt-master-py3:ubuntu-22.04
85 | run_command: /lib/systemd/systemd
86 | - name: ubuntu-2004-master-py3
87 | driver:
88 | image: saltimages/salt-master-py3:ubuntu-20.04
89 | run_command: /lib/systemd/systemd
90 | - name: ubuntu-1804-master-py3
91 | driver:
92 | image: saltimages/salt-master-py3:ubuntu-18.04
93 | run_command: /lib/systemd/systemd
94 | - name: centos-stream8-master-py3
95 | driver:
96 | image: saltimages/salt-master-py3:centos-stream8
97 | - name: centos-7-master-py3
98 | driver:
99 | image: saltimages/salt-master-py3:centos-7
100 | - name: fedora-36-master-py3
101 | driver:
102 | image: saltimages/salt-master-py3:fedora-36
103 | - name: fedora-35-master-py3
104 | driver:
105 | image: saltimages/salt-master-py3:fedora-35
106 | - name: opensuse-leap-153-master-py3
107 | driver:
108 | image: saltimages/salt-master-py3:opensuse-leap-15.3
109 | # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
110 | # => SCP did not finish successfully (255): (Net::SCP::Error)
111 | transport:
112 | max_ssh_sessions: 1
113 | - name: opensuse-tmbl-latest-master-py3
114 | driver:
115 | image: saltimages/salt-master-py3:opensuse-tumbleweed-latest
116 | # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
117 | # => SCP did not finish successfully (255): (Net::SCP::Error)
118 | transport:
119 | max_ssh_sessions: 1
120 | - name: amazonlinux-2-master-py3
121 | driver:
122 | image: saltimages/salt-master-py3:amazonlinux-2
123 | - name: oraclelinux-8-master-py3
124 | driver:
125 | image: saltimages/salt-master-py3:oraclelinux-8
126 | - name: oraclelinux-7-master-py3
127 | driver:
128 | image: saltimages/salt-master-py3:oraclelinux-7
129 | - name: arch-base-latest-master-py3
130 | driver:
131 | image: saltimages/salt-master-py3:arch-base-latest
132 | - name: gentoo-stage3-latest-master-py3
133 | driver:
134 | image: saltimages/salt-master-py3:gentoo-stage3-latest
135 | run_command: /sbin/init
136 | - name: gentoo-stage3-systemd-master-py3
137 | driver:
138 | image: saltimages/salt-master-py3:gentoo-stage3-systemd
139 | - name: almalinux-8-master-py3
140 | driver:
141 | image: saltimages/salt-master-py3:almalinux-8
142 | - name: rockylinux-8-master-py3
143 | driver:
144 | image: saltimages/salt-master-py3:rockylinux-8
145 |
146 | ## SALT `3004.1`
147 | - name: debian-11-3004-1-py3
148 | driver:
149 | image: saltimages/salt-3004.1-py3:debian-11
150 | run_command: /lib/systemd/systemd
151 | - name: debian-10-3004-1-py3
152 | driver:
153 | image: saltimages/salt-3004.1-py3:debian-10
154 | run_command: /lib/systemd/systemd
155 | - name: debian-9-3004-1-py3
156 | driver:
157 | image: saltimages/salt-3004.1-py3:debian-9
158 | run_command: /lib/systemd/systemd
159 | - name: ubuntu-2204-3004-1-py3
160 | driver:
161 | image: saltimages/salt-3004.1-py3:ubuntu-22.04
162 | run_command: /lib/systemd/systemd
163 | - name: ubuntu-2004-3004-1-py3
164 | driver:
165 | image: saltimages/salt-3004.1-py3:ubuntu-20.04
166 | run_command: /lib/systemd/systemd
167 | - name: ubuntu-1804-3004-1-py3
168 | driver:
169 | image: saltimages/salt-3004.1-py3:ubuntu-18.04
170 | run_command: /lib/systemd/systemd
171 | - name: centos-stream8-3004-1-py3
172 | driver:
173 | image: saltimages/salt-3004.1-py3:centos-stream8
174 | - name: centos-7-3004-1-py3
175 | driver:
176 | image: saltimages/salt-3004.1-py3:centos-7
177 | - name: fedora-36-3004-1-py3
178 | driver:
179 | image: saltimages/salt-3004.1-py3:fedora-36
180 | - name: fedora-35-3004-1-py3
181 | driver:
182 | image: saltimages/salt-3004.1-py3:fedora-35
183 | - name: amazonlinux-2-3004-1-py3
184 | driver:
185 | image: saltimages/salt-3004.1-py3:amazonlinux-2
186 | - name: oraclelinux-8-3004-1-py3
187 | driver:
188 | image: saltimages/salt-3004.1-py3:oraclelinux-8
189 | - name: oraclelinux-7-3004-1-py3
190 | driver:
191 | image: saltimages/salt-3004.1-py3:oraclelinux-7
192 | - name: arch-base-latest-3004-1-py3
193 | driver:
194 | image: saltimages/salt-3004.1-py3:arch-base-latest
195 | - name: gentoo-stage3-latest-3004-1-py3
196 | driver:
197 | image: saltimages/salt-3004.1-py3:gentoo-stage3-latest
198 | run_command: /sbin/init
199 | - name: gentoo-stage3-systemd-3004-1-py3
200 | driver:
201 | image: saltimages/salt-3004.1-py3:gentoo-stage3-systemd
202 | - name: almalinux-8-3004-1-py3
203 | driver:
204 | image: saltimages/salt-3004.1-py3:almalinux-8
205 | - name: rockylinux-8-3004-1-py3
206 | driver:
207 | image: saltimages/salt-3004.1-py3:rockylinux-8
208 |
209 | ## SALT `3004.0`
210 | - name: opensuse-leap-153-3004-0-py3
211 | driver:
212 | image: saltimages/salt-3004.0-py3:opensuse-leap-15.3
213 | # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
214 | # => SCP did not finish successfully (255): (Net::SCP::Error)
215 | transport:
216 | max_ssh_sessions: 1
217 | - name: opensuse-tmbl-latest-3004-0-py3
218 | driver:
219 | image: saltimages/salt-3004.0-py3:opensuse-tumbleweed-latest
220 | # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
221 | # => SCP did not finish successfully (255): (Net::SCP::Error)
222 | transport:
223 | max_ssh_sessions: 1
224 |
225 | ## SALT `3003.4`
226 | - name: debian-10-3003-4-py3
227 | driver:
228 | image: saltimages/salt-3003.4-py3:debian-10
229 | run_command: /lib/systemd/systemd
230 | - name: debian-9-3003-4-py3
231 | driver:
232 | image: saltimages/salt-3003.4-py3:debian-9
233 | run_command: /lib/systemd/systemd
234 | - name: ubuntu-2004-3003-4-py3
235 | driver:
236 | image: saltimages/salt-3003.4-py3:ubuntu-20.04
237 | run_command: /lib/systemd/systemd
238 | - name: ubuntu-1804-3003-4-py3
239 | driver:
240 | image: saltimages/salt-3003.4-py3:ubuntu-18.04
241 | run_command: /lib/systemd/systemd
242 | - name: centos-stream8-3003-4-py3
243 | driver:
244 | image: saltimages/salt-3003.4-py3:centos-stream8
245 | - name: centos-7-3003-4-py3
246 | driver:
247 | image: saltimages/salt-3003.4-py3:centos-7
248 | - name: amazonlinux-2-3003-4-py3
249 | driver:
250 | image: saltimages/salt-3003.4-py3:amazonlinux-2
251 | - name: oraclelinux-8-3003-4-py3
252 | driver:
253 | image: saltimages/salt-3003.4-py3:oraclelinux-8
254 | - name: oraclelinux-7-3003-4-py3
255 | driver:
256 | image: saltimages/salt-3003.4-py3:oraclelinux-7
257 | - name: almalinux-8-3003-4-py3
258 | driver:
259 | image: saltimages/salt-3003.4-py3:almalinux-8
260 |
261 | verifier:
262 | # https://www.inspec.io/
263 | name: inspec
264 | sudo: true
265 | reporter:
266 | # cli, documentation, html, progress, json, json-min, json-rspec, junit
267 | - cli
268 |
269 | suites:
270 | - name: default
271 | provisioner:
272 | state_top:
273 | base:
274 | '*':
275 | - zabbix._mapdata
276 | - zabbix.agent.repo
277 | - zabbix.agent.conf
278 | - zabbix.server.repo
279 | - zabbix.server.conf
280 | - zabbix.frontend.repo
281 | - zabbix.frontend.conf
282 | pillars:
283 | top.sls:
284 | base:
285 | '*':
286 | - zabbix
287 | pillars_from_files:
288 | zabbix.sls: test/salt/pillar/default.sls
289 | verifier:
290 | inspec_tests:
291 | - path: test/integration/default
292 |
--------------------------------------------------------------------------------
/pillar.example:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | zabbix:
5 | # Overrides map.jinja
6 | # lookup:
7 | # agent:
8 | # version: xxx
9 | # frontend:
10 | # version: xxx
11 | # server:
12 | # version: xxx
13 |
14 | tofs:
15 | # The files_switch key serves as a selector for alternative
16 | # directories under the formula files directory. See TOFS pattern
17 | # doc for more info.
18 | # Note: Any value not evaluated by `config.get` will be used literally.
19 | # This can be used to set custom paths, as many levels deep as required.
20 | # files_switch:
21 | # - any/path/can/be/used/here
22 | # - id
23 | # - roles
24 | # - osfinger
25 | # - os
26 | # - os_family
27 | # All aspects of path/file resolution are customisable using the options below.
28 | # This is unnecessary in most cases; there are sensible defaults.
29 | # Default path: salt://< path_prefix >/< dirs.files >/< dirs.default >
30 | # I.e.: salt://template/files/default
31 | # path_prefix: template_alt
32 | # dirs:
33 | # files: files_alt
34 | # default: default_alt
35 | # The entries under `source_files` are prepended to the default source files
36 | # given for the state
37 | source_files:
38 | zabbix-agent-config:
39 | - '/etc/zabbix/alt_zabbix_agentd.conf'
40 | zabbix-frontend-config:
41 | - '/etc/zabbix/web/alt_zabbix.conf.php'
42 | zabbix-server-mysql:
43 | - '/usr/share/zabbix-server-mysql/alt_salt-provided-create-34.sql'
44 | zabbix-server-pgsql:
45 | - '/usr/share/doc/zabbix-server-pgsql/alt_custom.sql.gz'
46 | zabbix-proxy-config:
47 | - '/etc/zabbix/alt_zabbix_proxy.conf'
48 | zabbix-server-config:
49 | - '/etc/zabbix/alt_zabbix_server.conf'
50 |
51 | # Zabbix user has to be member of some groups in order to have permissions to
52 | # execute or read some things
53 | user_groups:
54 | - adm
55 |
56 | zabbix-agent:
57 | server:
58 | - localhost
59 | serveractive:
60 | - localhost
61 | listenip: 0.0.0.0
62 | listenport: 10050
63 | hostmetadata: c9767034-22c6-4d3d-a886-5fcaf1386b77
64 | logfile: /var/log/zabbix/zabbix_agentd.log
65 | logfilesize: 0
66 | include: /etc/zabbix/zabbix_agentd.d/
67 | # Or multiple "Include" options
68 | includes:
69 | - /etc/zabbix/zabbix_agentd.d/
70 | - /some/custom/location/
71 | userparameters:
72 | - net.ping[*],/usr/bin/fping -q -c3 $1 2>&1 | sed 's,.*/\([0-9.]*\)/.*,\1,'
73 | - custom.vfs.dev.discovery,/usr/local/bin/dev-discovery.sh
74 | extra_conf: |
75 | # Here we can set extra agent configuration lines
76 |
77 | # Alternative server and serveractive as strings (the rest is used the same as above)
78 | zabbix-agent:
79 | server: localhost
80 | serveractive: localhost
81 |
82 | ## Zabbix Agent for Windows ##
83 | zabbix-agent:
84 | server:
85 | - zabbix.example.com
86 | serveractive:
87 | - localhost
88 | listenip: 0.0.0.0
89 | listenport: 10050
90 | hostmetadata: c9767034-22c6-4d3d-a886-5fcaf1386b77
91 | # For zabbix-agent below version 3 if you want to use syslog instead of file specify
92 | # logfile: syslog
93 | logfile: 'C:\program files\zabbix agent\zabbix_agentd.log'
94 | logfilesize: 5
95 | include: 'C:\program files\zabbix agent\zabbix_agentd.d\'
96 | # Or multiple "Include" options
97 | includes:
98 | - 'C:\program files\zabbix agent\zabbix_agentd.d\'
99 | - 'C:\some\custom\location\'
100 | # Pidfiles will break the windows agent so please don't add them.
101 |
102 | ## lookup config for windows agent ##
103 | zabbix:
104 | lookup:
105 | agent:
106 | version: '3.0.28.2400'
107 | ## Because of the way winrepo-ng works you have to have the FULL agent version
108 | ## Check the zabbix-agent in winrepo-ng for current versions,
109 | ## or create your own pkg file
110 |
111 | zabbix-server:
112 | listenip: 0.0.0.0
113 | listenport: 10051
114 | dbhost: localhost
115 | dbname: zabbix
116 | dbuser: zabbixuser
117 | dbpassword: zabbixpass
118 | extra_conf: |
119 | # Here we can set extra server configuration lines
120 |
121 | zabbix-mysql:
122 | dbhost: localhost
123 | dbname: zabbix
124 | dbuser: zabbixuser
125 | dbpassword: zabbixpass
126 | dbuser_host: '%'
127 | # Optionally specify this for a non-local dbhost
128 | # dbroot_user: 'root'
129 | # dbroot_pass: 'rootpass'
130 |
131 | zabbix-frontend:
132 | dbtype: MYSQL
133 | dbhost: localhost
134 | dbname: zabbix
135 | dbuser: zabbixuser
136 | dbpassword: zabbixpass
137 | zbxserver: localhost
138 | zbxserverport: 10051
139 | zbxservername: 'Zabbix installed with saltstack'
140 |
141 | zabbix-proxy:
142 | proxymode: 0
143 | server: localhost
144 | serverport: 10051
145 | hostname: localhost
146 | hostnameitem: system.hostname
147 | listenport: 10051
148 | sourceip: 127.0.0.1
149 | logfile: syslog
150 | logfilesize: 0
151 | debugelevel: 3
152 | pidfile: /tmp/zabbix_proxy.pid
153 | dbhost: localhost
154 | dbname: /var/lib/zabbix/zabbix_proxy.db
155 | dbuser: zabbix
156 | include: /etc/zabbix/zabbix_proxy.d/
157 |
158 | # Example with PostgreSQL on Debian 9
159 | # Installation with PostgreSQL will likely not work with Zabbix version below 3.0
160 | zabbix:
161 | lookup:
162 | version_repo: 3.4
163 | agent:
164 | version: '1:3.4.*'
165 | frontend:
166 | version: '1:3.4.*'
167 | dbtype: POSTGRESQL
168 | # you need to override default package list
169 | server:
170 | version: '1:3.4.*'
171 | pkgs:
172 | - zabbix-server-pgsql
173 | - zabbix-get
174 | # unset dbsocket, it's not used with PostgreSQL
175 | dbsocket: ""
176 |
177 | # Example with DB upgraded for >=5.0
178 | zabbix:
179 | lookup:
180 | version_repo: 5.4
181 | frontend:
182 | historyupgraded: true
183 |
184 | zabbix-pgsql:
185 | # By default SQL dump provided by Zabbix package will be used, but you can
186 | # put your own dump in corresponding directory (consult with TOFS_pattern.md)
187 | # and specify path in sql_file param
188 | sql_file: /usr/share/doc/zabbix-server-pgsql/custom.sql.gz
189 |
--------------------------------------------------------------------------------
/pre-commit_semantic-release.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | ###############################################################################
4 | # (A) Update `FORMULA` with `${nextRelease.version}`
5 | ###############################################################################
6 | sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA
7 |
8 |
9 | ###############################################################################
10 | # (B) Use `m2r2` to convert automatically produced `.md` docs to `.rst`
11 | ###############################################################################
12 |
13 | # Install `m2r2`
14 | pip3 install m2r2
15 |
16 | # Copy and then convert the `.md` docs
17 | cp ./*.md docs/
18 | cd docs/ || exit
19 | m2r2 --overwrite ./*.md
20 |
21 | # Change excess `H1` headings to `H2` in converted `CHANGELOG.rst`
22 | sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst
23 | sed -i -e '1,4s/-/=/g' CHANGELOG.rst
24 |
25 | # Use for debugging output, when required
26 | # cat AUTHORS.rst
27 | # cat CHANGELOG.rst
28 |
29 | # Return back to the main directory
30 | cd ..
31 |
--------------------------------------------------------------------------------
/release-rules.js:
--------------------------------------------------------------------------------
1 | // No release is triggered for the types commented out below.
2 | // Commits using these types will be incorporated into the next release.
3 | //
4 | // NOTE: Any changes here must be reflected in `CONTRIBUTING.md`.
5 | module.exports = [
6 | {breaking: true, release: 'major'},
7 | // {type: 'build', release: 'patch'},
8 | // {type: 'chore', release: 'patch'},
9 | // {type: 'ci', release: 'patch'},
10 | {type: 'docs', release: 'patch'},
11 | {type: 'feat', release: 'minor'},
12 | {type: 'fix', release: 'patch'},
13 | {type: 'perf', release: 'patch'},
14 | {type: 'refactor', release: 'patch'},
15 | {type: 'revert', release: 'patch'},
16 | {type: 'style', release: 'patch'},
17 | {type: 'test', release: 'patch'},
18 | ];
19 |
--------------------------------------------------------------------------------
/release.config.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | branch: 'master',
3 | repositoryUrl: 'https://github.com/saltstack-formulas/zabbix-formula',
4 | plugins: [
5 | ['@semantic-release/commit-analyzer', {
6 | preset: 'angular',
7 | releaseRules: './release-rules.js',
8 | }],
9 | '@semantic-release/release-notes-generator',
10 | ['@semantic-release/changelog', {
11 | changelogFile: 'CHANGELOG.md',
12 | changelogTitle: '# Changelog',
13 | }],
14 | ['@semantic-release/exec', {
15 | prepareCmd: 'sh ./pre-commit_semantic-release.sh ${nextRelease.version}',
16 | }],
17 | ['@semantic-release/git', {
18 | assets: ['*.md', 'docs/*.rst', 'FORMULA'],
19 | }],
20 | '@semantic-release/github',
21 | ],
22 | generateNotes: {
23 | preset: 'angular',
24 | writerOpts: {
25 | // Required due to upstream bug preventing all types being displayed.
26 | // Bug: https://github.com/conventional-changelog/conventional-changelog/issues/317
27 | // Fix: https://github.com/conventional-changelog/conventional-changelog/pull/410
28 | transform: (commit, context) => {
29 | const issues = []
30 |
31 | commit.notes.forEach(note => {
32 | note.title = `BREAKING CHANGES`
33 | })
34 |
35 | // NOTE: Any changes here must be reflected in `CONTRIBUTING.md`.
36 | if (commit.type === `feat`) {
37 | commit.type = `Features`
38 | } else if (commit.type === `fix`) {
39 | commit.type = `Bug Fixes`
40 | } else if (commit.type === `perf`) {
41 | commit.type = `Performance Improvements`
42 | } else if (commit.type === `revert`) {
43 | commit.type = `Reverts`
44 | } else if (commit.type === `docs`) {
45 | commit.type = `Documentation`
46 | } else if (commit.type === `style`) {
47 | commit.type = `Styles`
48 | } else if (commit.type === `refactor`) {
49 | commit.type = `Code Refactoring`
50 | } else if (commit.type === `test`) {
51 | commit.type = `Tests`
52 | } else if (commit.type === `build`) {
53 | commit.type = `Build System`
54 | // } else if (commit.type === `chore`) {
55 | // commit.type = `Maintenance`
56 | } else if (commit.type === `ci`) {
57 | commit.type = `Continuous Integration`
58 | } else {
59 | return
60 | }
61 |
62 | if (commit.scope === `*`) {
63 | commit.scope = ``
64 | }
65 |
66 | if (typeof commit.hash === `string`) {
67 | commit.shortHash = commit.hash.substring(0, 7)
68 | }
69 |
70 | if (typeof commit.subject === `string`) {
71 | let url = context.repository
72 | ? `${context.host}/${context.owner}/${context.repository}`
73 | : context.repoUrl
74 | if (url) {
75 | url = `${url}/issues/`
76 | // Issue URLs.
77 | commit.subject = commit.subject.replace(/#([0-9]+)/g, (_, issue) => {
78 | issues.push(issue)
79 | return `[#${issue}](${url}${issue})`
80 | })
81 | }
82 | if (context.host) {
83 | // User URLs.
84 | commit.subject = commit.subject.replace(/\B@([a-z0-9](?:-?[a-z0-9/]){0,38})/g, (_, username) => {
85 | if (username.includes('/')) {
86 | return `@${username}`
87 | }
88 |
89 | return `[@${username}](${context.host}/${username})`
90 | })
91 | }
92 | }
93 |
94 | // remove references that already appear in the subject
95 | commit.references = commit.references.filter(reference => {
96 | if (issues.indexOf(reference.issue) === -1) {
97 | return true
98 | }
99 |
100 | return false
101 | })
102 |
103 | return commit
104 | },
105 | },
106 | },
107 | };
108 |
--------------------------------------------------------------------------------
/test/integration/default/README.md:
--------------------------------------------------------------------------------
1 | # InSpec Profile: `default`
2 |
3 | This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
4 |
5 | ## Verify a profile
6 |
7 | InSpec ships with built-in features to verify a profile structure.
8 |
9 | ```bash
10 | $ inspec check default
11 | Summary
12 | -------
13 | Location: default
14 | Profile: profile
15 | Controls: 4
16 | Timestamp: 2019-06-24T23:09:01+00:00
17 | Valid: true
18 |
19 | Errors
20 | ------
21 |
22 | Warnings
23 | --------
24 | ```
25 |
26 | ## Execute a profile
27 |
28 | To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
29 |
30 | ```bash
31 | $ inspec exec default
32 | ..
33 |
34 | Finished in 0.0025 seconds (files took 0.12449 seconds to load)
35 | 8 examples, 0 failures
36 | ```
37 |
38 | ## Execute a specific control from a profile
39 |
40 | To run one control from the profile use `inspec exec /path/to/profile --controls name`.
41 |
42 | ```bash
43 | $ inspec exec default --controls package
44 | .
45 |
46 | Finished in 0.0025 seconds (files took 0.12449 seconds to load)
47 | 1 examples, 0 failures
48 | ```
49 |
50 | See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
51 |
--------------------------------------------------------------------------------
/test/integration/default/controls/config_spec.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | control 'zabbix agent configuration' do
4 | title 'should match desired lines'
5 |
6 | describe file('/etc/zabbix/zabbix_agentd.conf') do
7 | it { should be_file }
8 | it { should be_owned_by 'root' }
9 | it { should be_grouped_into 'root' }
10 | its('mode') { should cmp '0644' }
11 | its('content') { should include 'Server=localhost' }
12 | its('content') { should include 'ListenPort=10050' }
13 | its('content') { should include 'ListenIP=0.0.0.0' }
14 | its('content') { should include 'ServerActive=localhost' }
15 | its('content') do
16 | should include(
17 | 'HostMetadata=c9767034-22c6-4d3d-a886-5fcaf1386b77'
18 | )
19 | end
20 | its('content') { should include 'Include=/etc/zabbix/zabbix_agentd.d/' }
21 | its('content') do
22 | should include(
23 | 'UserParameter=net.ping[*],/usr/bin/fping -q -c3 $1 2>&1 | '\
24 | 'sed \'s,.*/\([0-9.]*\)/.*,\1,\''
25 | )
26 | end
27 | its('content') do
28 | should include(
29 | 'UserParameter=custom.vfs.dev.discovery,/usr/local/bin/dev-discovery.sh'
30 | )
31 | end
32 | end
33 | end
34 |
35 | control 'zabbix server configuration' do
36 | title 'should match desired lines'
37 |
38 | server_file_group = 'zabbix'
39 | server_file_mode = '0640'
40 | setting_dbsocket = '/var/lib/mysql/mysql.sock'
41 | case platform[:family]
42 | when 'debian'
43 | server_file_group = 'root'
44 | server_file_mode = '0644'
45 | setting_dbsocket = '/var/run/mysqld/mysqld.sock'
46 | when 'fedora'
47 | server_file_group = 'zabbixsrv'
48 | when 'suse'
49 | setting_dbsocket = '/run/mysql/mysql.sock'
50 | end
51 |
52 | # TODO: Conditional content to consider for inclusion below
53 | # 'ExternalScripts=/usr/lib/zabbix/externalscripts' (fedora only)
54 | # 'FpingLocation=/usr/sbin/fping' (not debian)
55 | # 'Fping6Location=/usr/sbin/fping6' (not debian)
56 |
57 | # NOTE: The file below is a symlink to `/etc/zabbix_server.conf` on Fedora
58 | describe file('/etc/zabbix/zabbix_server.conf') do
59 | it { should be_file }
60 | it { should be_owned_by 'root' }
61 | it { should be_grouped_into server_file_group }
62 | its('mode') { should cmp server_file_mode }
63 | its('content') { should include 'ListenPort=10051' }
64 | its('content') { should include '# Mandatory: no' }
65 | its('content') { should include 'DBHost=localhost' }
66 | its('content') { should include '# Database user. Ignored for SQLite.' }
67 | its('content') { should include 'DBUser=zabbixuser' }
68 | its('content') { should include 'DBPassword=zabbixpass' }
69 | its('content') { should include setting_dbsocket }
70 | its('content') { should include 'ListenIP=0.0.0.0' }
71 | end
72 | end
73 |
74 | control 'zabbix web configuration' do
75 | title 'should match desired lines'
76 |
77 | describe file('/etc/zabbix/web/zabbix.conf.php') do
78 | it { should be_file }
79 | it { should be_owned_by 'root' }
80 | it { should be_grouped_into 'root' }
81 | its('mode') { should cmp '0644' }
82 | its('content') { should include 'global $DB;' }
83 | its('content') { should match(/\$DB\["TYPE"\].*=.*'MYSQL';/) }
84 | its('content') { should match(/\$DB\["SERVER"\].*=.*'localhost';/) }
85 | its('content') { should match(/\$DB\["PORT"\].*=.*'0';/) }
86 | its('content') { should match(/\$DB\["DATABASE"\].*=.*'zabbix';/) }
87 | its('content') { should match(/\$DB\["USER"\].*=.*'zabbixuser';/) }
88 | its('content') { should match(/\$DB\["PASSWORD"\].*=.*'zabbixpass';/) }
89 | its('content') { should match(/\$DB\["SCHEMA"\].*=.*'';/) }
90 | its('content') { should match(/\$ZBX_SERVER.*=.*'localhost';/) }
91 | its('content') { should match(/\$ZBX_SERVER_PORT.*=.*'10051';/) }
92 | its('content') do
93 | should match(/\$ZBX_SERVER_NAME.*=.*'Zabbix installed with saltstack';/)
94 | end
95 | its('content') { should match(/\$IMAGE_FORMAT_DEFAULT.*=.*IMAGE_FORMAT_PNG;/) }
96 | end
97 | end
98 |
--------------------------------------------------------------------------------
/test/integration/default/controls/packages_spec.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | pkg_agent = 'zabbix-agent'
4 | pkg_server = 'zabbix-server-mysql'
5 | pkg_web =
6 | case platform[:family]
7 | when 'debian'
8 | 'zabbix-frontend-php'
9 | else
10 | 'zabbix-web-mysql'
11 | end
12 | version =
13 | case platform[:name]
14 | when 'debian', 'ubuntu'
15 | '1:4.4'
16 | when 'centos'
17 | '4.4'
18 | when 'fedora'
19 | '4.0'
20 | end
21 |
22 | control 'zabbix packages' do
23 | title 'should be installed'
24 |
25 | [
26 | pkg_agent,
27 | pkg_server,
28 | pkg_web
29 | ].each do |p|
30 | describe package(p) do
31 | it { should be_installed }
32 | its('version') { should match(/^#{version}/) }
33 | end
34 | end
35 | end
36 |
--------------------------------------------------------------------------------
/test/integration/default/controls/services_spec.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | control 'zabbix service' do
4 | impact 0.5
5 | title 'should be running and enabled'
6 |
7 | services =
8 | case platform[:name]
9 | when 'fedora'
10 | %w[zabbix-agent zabbix-server-mysql]
11 | else
12 | %w[zabbix-agent zabbix-server]
13 | end
14 |
15 | services.each do |s|
16 | describe service(s) do
17 | it { should be_enabled }
18 | it { should be_running }
19 | end
20 | end
21 | end
22 |
--------------------------------------------------------------------------------
/test/integration/default/inspec.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: default
5 | title: zabbix formula
6 | maintainer: SaltStack Formulas
7 | license: Apache-2.0
8 | summary: Verify that the zabbix formula is setup and configured correctly
9 | depends:
10 | - name: share
11 | path: test/integration/share
12 | supports:
13 | - platform-name: debian
14 | - platform-name: ubuntu
15 | - platform-name: centos
16 | - platform-name: fedora
17 | - platform-name: opensuse
18 | - platform-name: suse
19 | - platform-name: freebsd
20 | - platform-name: openbsd
21 | - platform-name: amazon
22 | - platform-name: oracle
23 | - platform-name: arch
24 | - platform-name: gentoo
25 | - platform-name: almalinux
26 | - platform-name: rocky
27 | - platform-name: mac_os_x
28 | - platform: windows
29 |
--------------------------------------------------------------------------------
/test/integration/share/README.md:
--------------------------------------------------------------------------------
1 | # InSpec Profile: `share`
2 |
3 | This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
4 |
5 | Its goal is to share the libraries between all profiles.
6 |
7 | ## Libraries
8 |
9 | ### `system`
10 |
11 | The `system` library provides easy access to system dependent information:
12 |
13 | - `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
14 | - `system.platform[:family]` provide a family name for Arch and Gentoo
15 | - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
16 | - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows:
17 | - `Arch` is always `base-latest`
18 | - `Amazon Linux` release `2018` is resolved as `1`
19 | - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
20 | - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format
21 | - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
22 | - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)
23 |
--------------------------------------------------------------------------------
/test/integration/share/inspec.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: share
5 | title: InSpec shared resources
6 | maintainer: SaltStack Formulas
7 | license: Apache-2.0
8 | summary: shared resources
9 | supports:
10 | - platform-name: debian
11 | - platform-name: ubuntu
12 | - platform-name: centos
13 | - platform-name: fedora
14 | - platform-name: opensuse
15 | - platform-name: suse
16 | - platform-name: freebsd
17 | - platform-name: openbsd
18 | - platform-name: amazon
19 | - platform-name: oracle
20 | - platform-name: arch
21 | - platform-name: gentoo
22 | - platform-name: almalinux
23 | - platform-name: rocky
24 | - platform-name: mac_os_x
25 | - platform: windows
26 |
--------------------------------------------------------------------------------
/test/integration/share/libraries/system.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # system.rb -- InSpec resources for system values
4 | # Author: Daniel Dehennin
5 | # Copyright (C) 2020 Daniel Dehennin
6 |
7 | # rubocop:disable Metrics/ClassLength
8 | class SystemResource < Inspec.resource(1)
9 | name 'system'
10 |
11 | attr_reader :platform
12 |
13 | def initialize
14 | super
15 | @platform = build_platform
16 | end
17 |
18 | private
19 |
20 | def build_platform
21 | {
22 | family: build_platform_family,
23 | name: build_platform_name,
24 | release: build_platform_release,
25 | finger: build_platform_finger,
26 | codename: build_platform_codename
27 | }
28 | end
29 |
30 | def build_platform_family
31 | case inspec.platform[:name]
32 | when 'arch', 'gentoo'
33 | inspec.platform[:name]
34 | else
35 | inspec.platform[:family]
36 | end
37 | end
38 |
39 | def build_platform_name
40 | case inspec.platform[:name]
41 | when 'amazon', 'oracle', 'rocky'
42 | "#{inspec.platform[:name]}linux"
43 | when /^windows_/
44 | inspec.platform[:family]
45 | else
46 | inspec.platform[:name]
47 | end
48 | end
49 |
50 | # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
51 | def build_platform_release
52 | case inspec.platform[:name]
53 | when 'amazon'
54 | # `2018` relase is named `1` in `kitchen.yml`
55 | inspec.platform[:release].gsub(/2018.*/, '1')
56 | when 'arch'
57 | 'base-latest'
58 | when 'gentoo'
59 | "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
60 | when 'mac_os_x'
61 | inspec.command('sw_vers -productVersion').stdout.to_s
62 | when 'opensuse'
63 | # rubocop:disable Style/NumericLiterals,Layout/LineLength
64 | inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release]
65 | # rubocop:enable Style/NumericLiterals,Layout/LineLength
66 | when 'windows_8.1_pro'
67 | '8.1'
68 | when 'windows_server_2022_datacenter'
69 | '2022-server'
70 | when 'windows_server_2019_datacenter'
71 | '2019-server'
72 | when 'windows_server_2016_datacenter'
73 | '2016-server'
74 | else
75 | inspec.platform[:release]
76 | end
77 | end
78 | # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
79 |
80 | def derive_gentoo_init_system
81 | inspec.command('systemctl').exist? ? 'sysd' : 'sysv'
82 | end
83 |
84 | def build_platform_finger
85 | "#{build_platform_name}-#{build_finger_release}"
86 | end
87 |
88 | def build_finger_release
89 | case inspec.platform[:name]
90 | when 'ubuntu'
91 | build_platform_release.split('.').slice(0, 2).join('.')
92 | else
93 | build_platform_release.split('.')[0]
94 | end
95 | end
96 |
97 | # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity
98 | def build_platform_codename
99 | case build_platform_finger
100 | when 'ubuntu-22.04'
101 | 'jammy'
102 | when 'ubuntu-20.04'
103 | 'focal'
104 | when 'ubuntu-18.04'
105 | 'bionic'
106 | when 'debian-11'
107 | 'bullseye'
108 | when 'debian-10'
109 | 'buster'
110 | when 'debian-9'
111 | 'stretch'
112 | when 'almalinux-8'
113 | "AlmaLinux #{build_platform_release} (Arctic Sphynx)"
114 | when 'amazonlinux-2'
115 | 'Amazon Linux 2'
116 | when 'arch-base-latest'
117 | 'Arch Linux'
118 | when 'centos-7'
119 | 'CentOS Linux 7 (Core)'
120 | when 'centos-8'
121 | 'CentOS Stream 8'
122 | when 'opensuse-tumbleweed'
123 | 'openSUSE Tumbleweed'
124 | when 'opensuse-15'
125 | "openSUSE Leap #{build_platform_release}"
126 | when 'oraclelinux-8', 'oraclelinux-7'
127 | "Oracle Linux Server #{build_platform_release}"
128 | when 'gentoo-2-sysd', 'gentoo-2-sysv'
129 | 'Gentoo/Linux'
130 | when 'rockylinux-8'
131 | "Rocky Linux #{build_platform_release} (Green Obsidian)"
132 | else
133 | ''
134 | end
135 | end
136 | # rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity
137 | end
138 | # rubocop:enable Metrics/ClassLength
139 |
--------------------------------------------------------------------------------
/test/salt/pillar/default.sls:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | zabbix:
5 | # Overrides map.jinja
6 | lookup:
7 | version_repo: '4.4'
8 | # agent:
9 | # version: xxx
10 | # frontend:
11 | # version: xxx
12 | # server:
13 | # version: xxx
14 |
15 | tofs:
16 | # The files_switch key serves as a selector for alternative
17 | # directories under the formula files directory. See TOFS pattern
18 | # doc for more info.
19 | # Note: Any value not evaluated by `config.get` will be used literally.
20 | # This can be used to set custom paths, as many levels deep as required.
21 | # files_switch:
22 | # - any/path/can/be/used/here
23 | # - id
24 | # - roles
25 | # - osfinger
26 | # - os
27 | # - os_family
28 | # All aspects of path/file resolution are customisable using the options below.
29 | # This is unnecessary in most cases; there are sensible defaults.
30 | # Default path: salt://< path_prefix >/< dirs.files >/< dirs.default >
31 | # I.e.: salt://template/files/default
32 | # path_prefix: template_alt
33 | # dirs:
34 | # files: files_alt
35 | # default: default_alt
36 | # The entries under `source_files` are prepended to the default source files
37 | # given for the state
38 | source_files:
39 | zabbix-agent-config:
40 | - '/etc/zabbix/alt_zabbix_agentd.conf'
41 | zabbix-frontend-config:
42 | - '/etc/zabbix/web/alt_zabbix.conf.php'
43 | zabbix-server-mysql:
44 | - '/usr/share/zabbix-server-mysql/alt_salt-provided-create-34.sql'
45 | zabbix-server-pgsql:
46 | - '/usr/share/doc/zabbix-server-pgsql/alt_custom.sql.gz'
47 | zabbix-proxy-config:
48 | - '/etc/zabbix/alt_zabbix_proxy.conf'
49 | zabbix-server-config:
50 | - '/etc/zabbix/alt_zabbix_server.conf'
51 |
52 | # Zabbix user has to be member of some groups in order to have permissions to
53 | # execute or read some things
54 | user_groups:
55 | - adm
56 |
57 | zabbix-agent:
58 | server:
59 | - localhost
60 | serveractive:
61 | - localhost
62 | listenip: 0.0.0.0
63 | listenport: 10050
64 | hostmetadata: c9767034-22c6-4d3d-a886-5fcaf1386b77
65 | logfile: /var/log/zabbix/zabbix_agentd.log
66 | logfilesize: 0
67 | # include: /etc/zabbix/zabbix_agentd.d/
68 | # Or multiple "Include" options
69 | includes:
70 | - /etc/zabbix/zabbix_agentd.d/
71 | userparameters:
72 | - net.ping[*],/usr/bin/fping -q -c3 $1 2>&1 | sed 's,.*/\([0-9.]*\)/.*,\1,'
73 | - custom.vfs.dev.discovery,/usr/local/bin/dev-discovery.sh
74 | extra_conf: |
75 | # Here we can set extra agent configuration lines
76 |
77 | zabbix-server:
78 | listenip: 0.0.0.0
79 | listenport: 10051
80 | dbhost: localhost
81 | dbname: zabbix
82 | dbuser: zabbixuser
83 | dbpassword: zabbixpass
84 | extra_conf: |
85 | # Here we can set extra server configuration lines
86 |
87 | zabbix-mysql:
88 | dbhost: localhost
89 | dbname: zabbix
90 | dbuser: zabbixuser
91 | dbpassword: zabbixpass
92 | dbuser_host: '%'
93 | # Optionally specify this for a non-local dbhost
94 | # dbroot_user: 'root'
95 | # dbroot_pass: 'rootpass'
96 |
97 | zabbix-frontend:
98 | dbtype: MYSQL
99 | dbhost: localhost
100 | dbname: zabbix
101 | dbuser: zabbixuser
102 | dbpassword: zabbixpass
103 | zbxserver: localhost
104 | zbxserverport: 10051
105 | zbxservername: 'Zabbix installed with saltstack'
106 |
107 | zabbix-proxy:
108 | proxymode: 0
109 | server: localhost
110 | serverport: 10051
111 | hostname: localhost
112 | hostnameitem: system.hostname
113 | listenport: 10051
114 | sourceip: 127.0.0.1
115 | logfile: syslog
116 | logfilesize: 0
117 | debugelevel: 3
118 | pidfile: /tmp/zabbix_proxy.pid
119 | dbhost: localhost
120 | dbname: /var/lib/zabbix/zabbix_proxy.db
121 | dbuser: zabbix
122 | include: /etc/zabbix/zabbix_proxy.d/
123 |
--------------------------------------------------------------------------------
/zabbix/_mapdata/_mapdata.jinja:
--------------------------------------------------------------------------------
1 | # yamllint disable rule:indentation rule:line-length
2 | # {{ grains.get("osfinger", grains.os) }}
3 | ---
4 | {#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
5 | {{ salt["slsutil.serialize"](
6 | "yaml",
7 | map,
8 | default_flow_style=False,
9 | allow_unicode=True,
10 | )
11 | | regex_replace("^\s+'$", "'", multiline=True)
12 | | trim
13 | }}
14 |
--------------------------------------------------------------------------------
/zabbix/_mapdata/init.sls:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=sls
3 | ---
4 | {#- Get the `tplroot` from `tpldir` #}
5 | {%- set tplroot = tpldir.split("/")[0] %}
6 | {%- from tplroot ~ "/map.jinja" import zabbix with context %}
7 |
8 | {%- set _mapdata = {
9 | "values": zabbix,
10 | } %}
11 | {%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %}
12 |
13 | {%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %}
14 | {%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %}
15 |
16 | {{ tplroot }}-mapdata-dump:
17 | file.managed:
18 | - name: {{ output_file }}
19 | - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
20 | - template: jinja
21 | - context:
22 | map: {{ _mapdata | yaml }}
23 |
--------------------------------------------------------------------------------
/zabbix/agent/conf.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% from "zabbix/libtofs.jinja" import files_switch with context -%}
3 |
4 |
5 | include:
6 | - zabbix.agent
7 |
8 |
9 | {{ zabbix.agent.config }}:
10 | file.managed:
11 | - source: {{ files_switch(['/etc/zabbix/zabbix_agentd.conf',
12 | '/etc/zabbix/zabbix_agentd.conf.jinja'],
13 | lookup='zabbix-agent-config'
14 | )
15 | }}
16 | - template: jinja
17 | - require:
18 | - pkg: zabbix-agent
19 | - watch_in:
20 | - module: zabbix-agent-restart
21 |
--------------------------------------------------------------------------------
/zabbix/agent/init.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-agent', {}) -%}
3 | {% set defaults = zabbix.get('agent', {}) -%}
4 |
5 | {% if salt['grains.get']('os') != 'Windows' %}
6 | include:
7 | - zabbix.users
8 | {% endif %}
9 |
10 | zabbix-agent:
11 | pkg.installed:
12 | - pkgs:
13 | {%- for name in zabbix.agent.pkgs %}
14 | - {{ name }}{% if zabbix.agent.version is defined and 'zabbix' in name %}: '{{ zabbix.agent.version }}'{% endif %}
15 | {%- endfor %}
16 | {% if salt['grains.get']('os') != 'Windows' %}
17 | - require_in:
18 | - user: zabbix-formula_zabbix_user
19 | - group: zabbix-formula_zabbix_group
20 | {% endif %}
21 | service.running:
22 | - name: {{ zabbix.agent.service }}
23 | - enable: True
24 | - require:
25 | - pkg: zabbix-agent
26 | - file: zabbix-agent-logdir
27 | {% if salt['grains.get']('os') != 'Windows' %}
28 | - file: zabbix-agent-piddir
29 | {% endif %}
30 |
31 | zabbix-agent-restart:
32 | module.wait:
33 | - name: service.restart
34 | - m_name: {{ zabbix.agent.service }}
35 |
36 | zabbix-agent-logdir:
37 | file.directory:
38 | - name: {{ salt['file.dirname'](zabbix.agent.logfile) }}
39 | - user: {{ zabbix.user }}
40 | - group: {{ zabbix.group }}
41 | - dirmode: 755
42 | - require:
43 | - pkg: zabbix-agent
44 |
45 | {% if salt['grains.get']('os') != 'Windows' %}
46 | zabbix-agent-piddir:
47 | file.directory:
48 | - name: {{ salt['file.dirname'](zabbix.agent.pidfile) }}
49 | - user: {{ zabbix.user }}
50 | - group: {{ zabbix.group }}
51 | - dirmode: 750
52 | - require:
53 | - pkg: zabbix-agent
54 | {% endif %}
55 |
56 | {% for include in settings.get('includes', defaults.get('includes', [])) %}
57 | {{ include }}:
58 | file.directory:
59 | - name: {{ salt['file.dirname'](include) }}
60 | - user: {{ zabbix.user }}
61 | - group: {{ zabbix.group }}
62 | - dirmode: 750
63 | - require:
64 | - pkg: zabbix-agent
65 | {%- endfor %}
66 |
67 | {% if salt['grains.get']('selinux:enforced', False) == 'Enforcing' %}
68 | /root/zabbix_agent.te:
69 | file.managed:
70 | - source: salt://zabbix/files/default/tmp/zabbix_agent.te
71 |
72 | generate_agent_mod:
73 | cmd.run:
74 | - name: checkmodule -M -m -o zabbix_agent.mod zabbix_agent.te
75 | - cwd: /root
76 | - onchanges:
77 | - file: /root/zabbix_agent.te
78 |
79 | generate_agent_pp:
80 | cmd.run:
81 | - name: semodule_package -o zabbix_agent.pp -m zabbix_agent.mod
82 | - cwd: /root
83 | - onchanges:
84 | - cmd: generate_agent_mod
85 |
86 | set_agent_policy:
87 | cmd.run:
88 | - name: semodule -i zabbix_agent.pp
89 | - cwd: /root
90 | - onchanges:
91 | - cmd: generate_agent_pp
92 |
93 | enable_selinux_agent:
94 | selinux.module:
95 | - name: zabbix_agent
96 | - module_state: enabled
97 | {% endif %}
98 |
--------------------------------------------------------------------------------
/zabbix/agent/repo.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 |
3 |
4 | include:
5 | - zabbix.agent
6 |
7 |
8 | {# We have a common template for the official Zabbix repo #}
9 | {% include "zabbix/repo.sls" %}
10 |
11 |
12 | # Here we just add a requisite declaration to ensure correct order
13 | extend:
14 | zabbix_agent_repo:
15 | {% if salt['grains.get']('os_family') in ['Debian', 'Suse'] -%}
16 | pkgrepo:
17 | - require_in:
18 | - pkg: zabbix-agent
19 | {% elif salt['grains.get']('os_family') == 'RedHat' -%}
20 | pkgrepo:
21 | - require_in:
22 | - pkg: zabbix-agent
23 | zabbix_agent_non_supported_repo:
24 | pkgrepo:
25 | - require_in:
26 | - pkg: zabbix-agent
27 | {%- else %} {}
28 | {%- endif %}
29 |
--------------------------------------------------------------------------------
/zabbix/debconf.sls:
--------------------------------------------------------------------------------
1 | {%- from "zabbix/map.jinja" import zabbix with context %}
2 |
3 | {%- if grains.os_family == 'Debian' %}
4 | zabbix_debconf-utils:
5 | pkg.installed:
6 | - name: debconf-utils
7 | {%- endif %}
8 |
--------------------------------------------------------------------------------
/zabbix/defaults.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | zabbix:
5 | version_repo: 2.2
6 | user: zabbix
7 | group: zabbix
8 | home: /var/lib/zabbix
9 | shell: /sbin/nologin
10 | agent:
11 | pkgs:
12 | - zabbix-agent
13 | - zabbix-sender
14 | service: zabbix-agent
15 | config: /etc/zabbix/zabbix_agentd.conf
16 | pidfile: /var/run/zabbix/zabbix_agentd.pid
17 | logfile: /var/log/zabbix/zabbix_agentd.log
18 | logfilesize: '0'
19 | server:
20 | - 127.0.0.1
21 | serveractive:
22 | - 127.0.0.1
23 | includes:
24 | - /etc/zabbix/zabbix_agentd.d/
25 | server:
26 | pkgs:
27 | - zabbix-server-mysql
28 | - zabbix-get
29 | service: zabbix-server
30 | config: /etc/zabbix/zabbix_server.conf
31 | pidfile: /var/run/zabbix/zabbix_server.pid
32 | socketdir: /var/run/zabbix
33 | logfile: /var/log/zabbix/zabbix_server.log
34 | logfilesize: '0'
35 | dbhost: localhost
36 | dbname: zabbix
37 | dbuser: zabbix
38 | dbpassword: zabbix
39 | dbsocket: /var/run/mysqld/mysqld.sock
40 | timeout: '4'
41 | alertscriptspath: /usr/lib/zabbix/alertscripts
42 | externalscripts: /usr/lib/zabbix/externalscripts
43 | fpinglocation: /usr/bin/fping
44 | fping6location: /usr/bin/fping6
45 | logslowqueries: '3000'
46 | frontend:
47 | pkgs:
48 | - zabbix-web-mysql
49 | config: /etc/zabbix/web/zabbix.conf.php
50 | dbtype: MYSQL
51 | dbhost: localhost
52 | dbname: zabbix
53 | dbuser: zabbix
54 | dbpassword: zabbix
55 | zbxserver: localhost
56 | zbxserverport: '10051'
57 | zbxservername: Zabbix installed with SaltStack
58 | historyupgraded: false
59 | proxy:
60 | pkgs:
61 | - zabbix-proxy-sqlite3
62 | - zabbix-get
63 | service: zabbix-proxy
64 | config: /etc/zabbix/zabbix_proxy.conf
65 | dbname: /var/lib/zabbix/zabbix_proxy.db
66 | pidfile: /var/run/zabbix/zabbix_proxy.pid
67 | logfile: /var/log/zabbix/zabbix_proxy.log
68 | mysql:
69 | skip_pkgs: false
70 | dbhost: localhost
71 | dbname: zabbix
72 | dbuser: zabbix
73 | dbpassword: zabbix
74 | dbuser_host: localhost
75 | pgsql:
76 | skip_pkgs: false
77 | dbhost: localhost
78 | dbname: zabbix
79 | dbuser: zabbix
80 | dbpassword: zabbix
81 |
--------------------------------------------------------------------------------
/zabbix/files/default/etc/zabbix/web/zabbix.conf.php.jinja:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-frontend', {}) -%}
3 | {% set defaults = zabbix.get('frontend', {}) -%}
4 | {# This required for backward compatibility -#}
5 | {% if 'dbpass' in settings -%}
6 | {% do settings.update({'dbpassword': settings['dbpass']}) -%}
7 | {% endif -%}
8 |
30 |
--------------------------------------------------------------------------------
/zabbix/files/default/etc/zabbix/zabbix_agentd.conf.jinja:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-agent', {}) -%}
3 | {% set defaults = zabbix.get('agent', {}) -%}
4 | # Managed by saltstack. Do not edit this file.
5 | # This is a configuration file for Zabbix agent daemon (Unix)
6 | # To get more information about Zabbix, visit http://www.zabbix.com
7 |
8 | ############ GENERAL PARAMETERS #################
9 |
10 | ### Option: PidFile
11 | # Name of PID file.
12 | #
13 | # Mandatory: no
14 | # Default:
15 | # PidFile=/tmp/zabbix_agentd.pid
16 | {% if settings.get('pidfile', defaults.get('pidfile', False)) %}
17 | PidFile={{ settings.get('pidfile', defaults.pidfile) }}
18 | {% endif %}
19 | {% if zabbix.version_repo|float >= 3.0 -%}
20 | ### Option: LogType
21 | # Specifies where log messages are written to:
22 | # system - syslog
23 | # file - file specified with LogFile parameter
24 | # console - standard output
25 | #
26 | # Mandatory: no
27 | # Default:
28 | # LogType=file
29 | {% if settings.get('logtype', defaults.get('logtype', 'file')) != 'file' -%}
30 | LogType={{ settings['logtype'] }}
31 | {% endif %}
32 | ### Option: LogFile
33 | # Log file name for LogType 'file' parameter.
34 | #
35 | # Mandatory: yes, if LogType is set to file, otherwise no
36 | # Default:
37 | # LogFile=
38 | {% if settings.get('logtype', defaults.get('logtype', 'file')) == 'file' %}
39 | LogFile={{ settings.get('logfile', defaults.logfile) }}
40 | {% endif %}
41 | {% else -%}
42 | ### Option: LogFile
43 | # Name of log file.
44 | # If not set, syslog is used.
45 | #
46 | # Mandatory: no
47 | # Default:
48 | # LogFile=
49 | {% if settings.get('logfile', defaults.get('logfile', 'file')) != 'syslog' %}
50 | LogFile={{ settings.get('logfile', defaults.logfile) }}
51 | {% endif %}
52 | {% endif -%}
53 | ### Option: LogFileSize
54 | # Maximum size of log file in MB.
55 | # 0 - disable automatic log rotation.
56 | #
57 | # Mandatory: no
58 | # Range: 0-1024
59 | # Default:
60 | # LogFileSize=1
61 | {% if settings.get('logfilesize', defaults.get('logfilesize', False)) %}
62 | LogFileSize={{ settings.get('logfilesize', defaults.logfilesize)|int }}
63 | {% endif %}
64 | ### Option: DebugLevel
65 | # Specifies debug level:
66 | # 0 - basic information about starting and stopping of Zabbix processes
67 | # 1 - critical information
68 | # 2 - error information
69 | # 3 - warnings
70 | # 4 - for debugging (produces lots of information)
71 | {% if zabbix.version_repo|float >= 3.0 -%}
72 | # 5 - extended debugging (produces even more information)
73 | {% endif -%}
74 | #
75 | # Mandatory: no
76 | {% if zabbix.version_repo|float >= 3.0 -%}
77 | # Range: 0-5
78 | {% else %}
79 | # Range: 0-4
80 | {% endif %}
81 | # Default:
82 | # DebugLevel=3
83 | {% if settings.get('debuglevel', defaults.get('debuglevel', False)) -%}
84 | DebugLevel={{ settings.get('debuglevel', defaults.debuglevel) }}
85 | {% endif %}
86 | ### Option: SourceIP
87 | # Source IP address for outgoing connections.
88 | #
89 | # Mandatory: no
90 | # Default:
91 | # SourceIP=
92 | {% if settings.get('sourceip', defaults.get('sourceip', False)) -%}
93 | SourceIP={{ settings.get('sourceip', defaults.sourceip) }}
94 | {% endif %}
95 | ### Option: EnableRemoteCommands
96 | # Whether remote commands from Zabbix server are allowed.
97 | # 0 - not allowed
98 | # 1 - allowed
99 | #
100 | # Mandatory: no
101 | # Default:
102 | # EnableRemoteCommands=0
103 | {% if settings.get('enableremotecommands', defaults.get('enableremotecommands', False)) -%}
104 | EnableRemoteCommands={{ settings.get('enableremotecommands', defaults.enableremotecommands) }}
105 | {% endif %}
106 | ### Option: LogRemoteCommands
107 | # Enable logging of executed shell commands as warnings.
108 | # 0 - disabled
109 | # 1 - enabled
110 | #
111 | # Mandatory: no
112 | # Default:
113 | # LogRemoteCommands=0
114 | {% if settings.get('logremotecommands', defaults.get('logremotecommands', False)) -%}
115 | LogRemoteCommands={{ settings.get('logremotecommands', defaults.logremotecommands) }}
116 | {% endif %}
117 | ##### Passive checks related
118 |
119 | ### Option: Server
120 | # List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
121 | # Incoming connections will be accepted only from the hosts listed here.
122 | # If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally
123 | # and '::/0' will allow any IPv4 or IPv6 address.
124 | # '0.0.0.0/0' can be used to allow any IPv4 address.
125 | # Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
126 | #
127 | # Mandatory: yes, if StartAgents is not explicitly set to 0
128 | # Default:
129 | # Server=
130 | {% if settings.get('server', defaults.get('server', False)) | is_list %}
131 | Server={{ settings.get('server', defaults.server)|join(',') }}
132 | {% elif settings.get('server', defaults.get('server', False)) %}
133 | Server={{ settings.get('server', defaults.server) }}
134 | {% endif %}
135 | ### Option: ListenPort
136 | # Agent will listen on this port for connections from the server.
137 | #
138 | # Mandatory: no
139 | # Range: 1024-32767
140 | # Default:
141 | # ListenPort=10050
142 | {% if settings.get('listenport', defaults.get('listenport', False)) -%}
143 | ListenPort={{ settings.get('listenport', defaults.listenport) }}
144 | {% endif %}
145 | ### Option: ListenIP
146 | # List of comma delimited IP addresses that the agent should listen on.
147 | # First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
148 | #
149 | # Mandatory: no
150 | # Default:
151 | # ListenIP=0.0.0.0
152 | {% if settings.get('listenip', defaults.get('listenip', False)) -%}
153 | ListenIP={{ settings.get('listenip', defaults.listenip) }}
154 | {% endif %}
155 | ### Option: StartAgents
156 | # Number of pre-forked instances of zabbix_agentd that process passive checks.
157 | # If set to 0, disables passive checks and the agent will not listen on any TCP port.
158 | #
159 | # Mandatory: no
160 | # Range: 0-100
161 | # Default:
162 | # StartAgents=3
163 | {% if settings.get('startagents', defaults.get('startagents', False)) -%}
164 | StartAgents={{ settings.get('startagents', defaults.startagents) }}
165 | {% endif %}
166 | ##### Active checks related
167 |
168 | ### Option: ServerActive
169 | # List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.
170 | # If port is not specified, default port is used.
171 | # IPv6 addresses must be enclosed in square brackets if port for that host is specified.
172 | # If port is not specified, square brackets for IPv6 addresses are optional.
173 | # If this parameter is not specified, active checks are disabled.
174 | # Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
175 | #
176 | # Mandatory: no
177 | # Default:
178 | # ServerActive=
179 | {% if settings.get('serveractive', defaults.get('serveractive', False)) | is_list %}
180 | ServerActive={{ settings.get('serveractive', defaults.serveractive)|join(',') }}
181 | {% elif settings.get('serveractive', defaults.get('serveractive', False)) %}
182 | ServerActive={{ settings.get('serveractive', defaults.serveractive) }}
183 | {% endif %}
184 | ### Option: Hostname
185 | # Unique, case sensitive hostname.
186 | # Required for active checks and must match hostname as configured on the server.
187 | # Value is acquired from HostnameItem if undefined.
188 | #
189 | # Mandatory: no
190 | # Default:
191 | # Hostname=
192 | {% if not settings.get('hostnameitem', defaults.get('hostnameitem', False)) %}
193 | Hostname={{ settings.get('hostname', defaults.get('hostname', salt['grains.get']('id'))) }}
194 | {% endif %}
195 | ### Option: HostnameItem
196 | # Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
197 | # Does not support UserParameters or aliases.
198 | #
199 | # Mandatory: no
200 | # Default:
201 | # HostnameItem=system.hostname
202 | {% if settings.get('hostnameitem', defaults.get('hostnameitem', False)) -%}
203 | HostnameItem={{ settings.get('hostnameitem', defaults.hostnameitem) }}
204 | {% endif %}
205 | ### Option: HostMetadata
206 | # Optional parameter that defines host metadata.
207 | # Host metadata is used at host auto-registration process.
208 | # An agent will issue an error and not start if the value is over limit of 255 characters.
209 | # If not defined, value will be acquired from HostMetadataItem.
210 | #
211 | # Mandatory: no
212 | # Range: 0-255 characters
213 | # Default:
214 | # HostMetadata=
215 | {% if settings.get('hostmetadata', defaults.get('hostmetadata', False)) -%}
216 | HostMetadata={{ settings.get('hostmetadata', defaults.hostmetadata) }}
217 | {% endif %}
218 | ### Option: HostMetadataItem
219 | # Optional parameter that defines an item used for getting host metadata.
220 | # Host metadata is used at host auto-registration process.
221 | # During an auto-registration request an agent will log a warning message if
222 | # the value returned by specified item is over limit of 255 characters.
223 | # This option is only used when HostMetadata is not defined.
224 | #
225 | # Mandatory: no
226 | # Default:
227 | # HostMetadataItem=
228 | {% if settings.get('hostmetadataitem', defaults.get('hostmetadataitem', False)) -%}
229 | HostMetadataItem={{ settings.get('hostmetadataitem', defaults.hostmetadataitem) }}
230 | {% endif %}
231 | {% if zabbix.version_repo|float >= 4.4 -%}
232 | ### Option: HostInterface
233 | # Optional parameter that defines host interface.
234 | # Host interface is used at host auto-registration process.
235 | # An agent will issue an error and not start if the value is over limit of 255 characters.
236 | # If not defined, value will be acquired from HostInterfaceItem.
237 | #
238 | # Mandatory: no
239 | # Range: 0-255 characters
240 | # Default:
241 | # HostInterface=
242 | {% if settings.get('hostinterface', defaults.get('hostinterface', False)) -%}
243 | HostInterface={{ settings.get('hostinterface', defaults.hostinterface) }}
244 | {% endif %}
245 | ### Option: HostInterfaceItem
246 | # Optional parameter that defines an item used for getting host interface.
247 | # Host interface is used at host auto-registration process.
248 | # During an auto-registration request an agent will log a warning message if
249 | # the value returned by specified item is over limit of 255 characters.
250 | # This option is only used when HostInterface is not defined.
251 | #
252 | # Mandatory: no
253 | # Default:
254 | # HostInterfaceItem=
255 | {% if settings.get('hostinterfaceitem', defaults.get('hostinterfaceitem', False)) -%}
256 | HostInterfaceItem={{ settings.get('hostinterfaceitem', defaults.hostinterfaceitem) }}
257 | {% endif %}
258 | {% endif -%}
259 | ### Option: RefreshActiveChecks
260 | # How often list of active checks is refreshed, in seconds.
261 | #
262 | # Mandatory: no
263 | # Range: 60-3600
264 | # Default:
265 | # RefreshActiveChecks=120
266 | {% if settings.get('refreshactivechecks', defaults.get('refreshactivechecks', False)) -%}
267 | RefreshActiveChecks={{ settings.get('refreshactivechecks', defaults.refreshactivechecks) }}
268 | {% endif %}
269 | ### Option: BufferSend
270 | # Do not keep data longer than N seconds in buffer.
271 | #
272 | # Mandatory: no
273 | # Range: 1-3600
274 | # Default:
275 | # BufferSend=5
276 | {% if settings.get('buffersend', defaults.get('buffersend', False)) -%}
277 | BufferSend={{ settings.get('buffersend', defaults.buffersend) }}
278 | {% endif %}
279 | ### Option: BufferSize
280 | # Maximum number of values in a memory buffer. The agent will send
281 | # all collected data to Zabbix Server or Proxy if the buffer is full.
282 | #
283 | # Mandatory: no
284 | # Range: 2-65535
285 | # Default:
286 | # BufferSize=100
287 | {% if settings.get('buffersize', defaults.get('buffersize', False)) -%}
288 | BufferSize={{ settings.get('buffersize', defaults.buffersize) }}
289 | {% endif %}
290 | ### Option: MaxLinesPerSecond
291 | # Maximum number of new lines the agent will send per second to Zabbix Server
292 | # or Proxy processing 'log' and 'logrt' active checks.
293 | # The provided value will be overridden by the parameter 'maxlines',
294 | # provided in 'log' or 'logrt' item keys.
295 | #
296 | # Mandatory: no
297 | # Range: 1-1000
298 | # Default:
299 | # MaxLinesPerSecond=20
300 | {% if settings.get('maxlinespersecond', defaults.get('maxlinespersecond', False)) -%}
301 | MaxLinesPerSecond={{ settings.get('maxlinespersecond', defaults.maxlinespersecond) }}
302 | {% endif %}
303 | ############ ADVANCED PARAMETERS #################
304 |
305 | ### Option: Alias
306 | # Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
307 | # Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
308 | # Different Alias keys may reference the same item key.
309 | # For example, to retrieve the ID of user 'zabbix':
310 | # Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]
311 | # Now shorthand key zabbix.userid may be used to retrieve data.
312 | # Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
313 | #
314 | # Mandatory: no
315 | # Range:
316 | # Default:
317 | {% if settings.get('zabbix_alias', defaults.get('zabbix_alias', False)) -%}
318 | Alias={{ settings.get('zabbix_alias', defaults.zabbix_alias) }}
319 | {% endif %}
320 | ### Option: Timeout
321 | # Spend no more than Timeout seconds on processing
322 | #
323 | # Mandatory: no
324 | # Range: 1-30
325 | # Default:
326 | # Timeout=3
327 | {% if settings.get('timeout', defaults.get('timeout', False)) -%}
328 | Timeout={{ settings.get('timeout', defaults.timeout) }}
329 | {% endif %}
330 | ### Option: AllowRoot
331 | # Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent
332 | # will try to switch to the user specified by the User configuration option instead.
333 | # Has no effect if started under a regular user.
334 | # 0 - do not allow
335 | # 1 - allow
336 | #
337 | # Mandatory: no
338 | # Default:
339 | # AllowRoot=0
340 | {% if settings.get('allowroot', defaults.get('allowroot', False)) -%}
341 | AllowRoot={{ settings.get('allowroot', defaults.allowroot) }}
342 | {% endif %}
343 | {% if zabbix.version_repo|float >= 2.4 -%}
344 | ### Option: User
345 | # Drop privileges to a specific, existing user on the system.
346 | # Only has effect if run as 'root' and AllowRoot is disabled.
347 | #
348 | # Mandatory: no
349 | # Default:
350 | # User=zabbix
351 | {% if 'zabbix_user' in settings -%}
352 | {% do settings.update({'user': settings['zabbix_user']}) -%}
353 | {% endif -%}
354 | {% if settings.get('user', defaults.get('user', zabbix.user )) != zabbix.user -%}
355 | User={{ settings.get('user', defaults.user) }}
356 | {% endif %}
357 | {% endif -%}
358 | ### Option: Include
359 | # You may include individual files or all files in a directory in the configuration file.
360 | # Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
361 | #
362 | # Mandatory: no
363 | # Default:
364 | # Include=
365 | {% if 'include' in settings and settings['include'] is string -%}
366 | {% do settings.update({'includes': [settings['include']]}) -%}
367 | {% endif -%}
368 | {% for include in settings.get('includes', defaults.get('includes', [])) %}
369 | Include={{ include }}
370 | {%- endfor %}
371 | ####### USER-DEFINED MONITORED PARAMETERS #######
372 |
373 | ### Option: UnsafeUserParameters
374 | # Allow all characters to be passed in arguments to user-defined parameters.
375 | # The following characters are not allowed:
376 | # \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
377 | # Additionally, newline characters are not allowed.
378 | # 0 - do not allow
379 | # 1 - allow
380 | #
381 | # Mandatory: no
382 | # Range: 0-1
383 | # Default:
384 | # UnsafeUserParameters=0
385 | {% if settings.get('unsafeuserparameters', defaults.get('unsafeuserparameters', False)) -%}
386 | UnsafeUserParameters={{ settings.get('unsafeuserparameters', defaults.unsafeuserparameters) }}
387 | {% endif %}
388 | ### Option: UserParameter
389 | # User-defined parameter to monitor. There can be several user-defined parameters.
390 | # Format: UserParameter=,
391 | # See 'zabbix_agentd' directory for examples.
392 | #
393 | # Mandatory: no
394 | # Default:
395 | # UserParameter=
396 | {% for userparameter in settings.get('userparameters', []) -%}
397 | UserParameter={{ userparameter }}
398 | {% endfor %}
399 | ####### LOADABLE MODULES #######
400 |
401 | ### Option: LoadModulePath
402 | # Full path to location of agent modules.
403 | # Default depends on compilation options.
404 | # To see the default path run command "zabbix_agentd --help".
405 | #
406 | # Mandatory: no
407 | # Default:
408 | # LoadModulePath=${libdir}/modules
409 | {% if settings.get('loadmodulepath', defaults.get('loadmodulepath', False)) -%}
410 | LoadModulePath={{ settings.get('loadmodulepath', defaults.loadmodulepath) }}
411 | {% endif %}
412 | ### Option: LoadModule
413 | # Module to load at agent startup. Modules are used to extend functionality of the agent.
414 | # Format: LoadModule=
415 | # The modules must be located in directory specified by LoadModulePath.
416 | # It is allowed to include multiple LoadModule parameters.
417 | #
418 | # Mandatory: no
419 | # Default:
420 | # LoadModule=
421 | {% for loadmodule in settings.get('loadmodules', []) -%}
422 | LoadModule={{ loadmodule }}
423 | {% endfor %}
424 | {% if zabbix.version_repo|float >= 3.0 -%}
425 | ####### TLS-RELATED PARAMETERS #######
426 |
427 | ### Option: TLSConnect
428 | # How the agent should connect to server or proxy. Used for active checks.
429 | # Only one value can be specified:
430 | # unencrypted - connect without encryption
431 | # psk - connect using TLS and a pre-shared key
432 | # cert - connect using TLS and a certificate
433 | #
434 | # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
435 | # Default:
436 | # TLSConnect=unencrypted
437 | {% if settings.get('tlsconnect', defaults.get('tlsconnect', False)) -%}
438 | TLSConnect={{ settings.get('tlsconnect', defaults.tlsconnect) }}
439 | {% endif %}
440 | ### Option: TLSAccept
441 | # What incoming connections to accept.
442 | # Multiple values can be specified, separated by comma:
443 | # unencrypted - accept connections without encryption
444 | # psk - accept connections secured with TLS and a pre-shared key
445 | # cert - accept connections secured with TLS and a certificate
446 | #
447 | # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
448 | # Default:
449 | # TLSAccept=unencrypted
450 | {% if settings.get('tlsaccept', defaults.get('tlsaccept', False)) -%}
451 | TLSAccept={{ settings.get('tlsaccept', defaults.tlsaccept) }}
452 | {% endif %}
453 | ### Option: TLSCAFile
454 | # Full pathname of a file containing the top-level CA(s) certificates for
455 | # peer certificate verification.
456 | #
457 | # Mandatory: no
458 | # Default:
459 | # TLSCAFile=
460 | {% if settings.get('tlscafile', defaults.get('tlscafile', False)) -%}
461 | TLSCAFile={{ settings.get('tlscafile', defaults.tlscafile) }}
462 | {% endif %}
463 | ### Option: TLSCRLFile
464 | # Full pathname of a file containing revoked certificates.
465 | #
466 | # Mandatory: no
467 | # Default:
468 | # TLSCRLFile=
469 | {% if settings.get('tlscrlfile', defaults.get('tlscrlfile', False)) -%}
470 | TLSCRLFile={{ settings.get('tlscrlfile', defaults.tlscrlfile) }}
471 | {% endif %}
472 | ### Option: TLSServerCertIssuer
473 | # Allowed server certificate issuer.
474 | #
475 | # Mandatory: no
476 | # Default:
477 | # TLSServerCertIssuer=
478 | {% if settings.get('tlsservercertissuer', defaults.get('tlsservercertissuer', False)) -%}
479 | TLSServerCertIssuer={{ settings.get('tlsservercertissuer', defaults.tlsservercertissuer) }}
480 | {% endif %}
481 | ### Option: TLSServerCertSubject
482 | # Allowed server certificate subject.
483 | #
484 | # Mandatory: no
485 | # Default:
486 | # TLSServerCertSubject=
487 | {% if settings.get('tlsservercertsubject', defaults.get('tlsservercertsubject', False)) -%}
488 | TLSServerCertSubject={{ settings.get('tlsservercertsubject', defaults.tlsservercertsubject) }}
489 | {% endif %}
490 | ### Option: TLSCertFile
491 | # Full pathname of a file containing the agent certificate or certificate chain.
492 | #
493 | # Mandatory: no
494 | # Default:
495 | # TLSCertFile=
496 | {% if settings.get('tlscertfile', defaults.get('tlscertfile', False)) -%}
497 | TLSCertFile={{ settings.get('tlscertfile', defaults.tlscertfile) }}
498 | {% endif %}
499 | ### Option: TLSKeyFile
500 | # Full pathname of a file containing the agent private key.
501 | #
502 | # Mandatory: no
503 | # Default:
504 | # TLSKeyFile=
505 | {% if settings.get('tlskeyfile', defaults.get('tlskeyfile', False)) -%}
506 | TLSKeyFile={{ settings.get('tlskeyfile', defaults.tlskeyfile) }}
507 | {% endif %}
508 | ### Option: TLSPSKIdentity
509 | # Unique, case sensitive string used to identify the pre-shared key.
510 | #
511 | # Mandatory: no
512 | # Default:
513 | # TLSPSKIdentity=
514 | {% if settings.get('tlspskidentity', defaults.get('tlspskidentity', False)) -%}
515 | TLSPSKIdentity={{ settings.get('tlspskidentity', defaults.tlspskidentity) }}
516 | {% endif %}
517 | ### Option: TLSPSKFile
518 | # Full pathname of a file containing the pre-shared key.
519 | #
520 | # Mandatory: no
521 | # Default:
522 | # TLSPSKFile=
523 | {% if settings.get('tlspskfile', defaults.get('tlspskfile', False)) -%}
524 | TLSPSKFile={{ settings.get('tlspskfile', defaults.tlspskfile) }}
525 | {% endif %}
526 | {% endif -%}
527 | {{ settings.get('extra_conf','') }}
528 |
--------------------------------------------------------------------------------
/zabbix/files/default/tmp/zabbix_agent.te:
--------------------------------------------------------------------------------
1 |
2 | module zabbix_agent 1.0;
3 |
4 | require {
5 | type zabbix_agent_t;
6 | class process setrlimit;
7 | }
8 |
9 | #============= zabbix_agent_t ==============
10 | allow zabbix_agent_t self:process setrlimit;
11 |
--------------------------------------------------------------------------------
/zabbix/files/default/tmp/zabbix_server.te:
--------------------------------------------------------------------------------
1 |
2 | module zabbix_server 1.0;
3 |
4 | require {
5 | type zabbix_t;
6 | class process setrlimit;
7 | }
8 |
9 | #============= zabbix_t ==============
10 | allow zabbix_t self:process setrlimit;
11 |
--------------------------------------------------------------------------------
/zabbix/files/default/tmp/zabbix_server_34.te:
--------------------------------------------------------------------------------
1 |
2 | module zabbix_server_34 1.1;
3 |
4 | require {
5 | type zabbix_var_run_t;
6 | type tmp_t;
7 | type zabbix_t;
8 | class sock_file { create unlink write };
9 | class unix_stream_socket connectto;
10 | class process setrlimit;
11 | }
12 |
13 | #============= zabbix_t ==============
14 |
15 | #!!!! This avc is allowed in the current policy
16 | allow zabbix_t self:process setrlimit;
17 |
18 | #!!!! This avc is allowed in the current policy
19 | allow zabbix_t self:unix_stream_socket connectto;
20 |
21 | #!!!! This avc is allowed in the current policy
22 | allow zabbix_t tmp_t:sock_file { create unlink write };
23 |
24 | #!!!! This avc is allowed in the current policy
25 | allow zabbix_t zabbix_var_run_t:sock_file { create unlink write };
26 |
--------------------------------------------------------------------------------
/zabbix/frontend/conf.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% from "zabbix/libtofs.jinja" import files_switch with context -%}
3 | {% set config_file = salt.file.basename(zabbix.frontend.config) -%}
4 | {% set config_file_dir = salt.file.dirname(zabbix.frontend.config) -%}
5 |
6 |
7 | include:
8 | - zabbix.frontend
9 | {%- if grains.os_family == 'Debian' %}
10 | - zabbix.debconf
11 | {%- endif %}
12 |
13 |
14 | {{ zabbix.frontend.config }}:
15 | file.managed:
16 | - source: {{ files_switch([zabbix.frontend.config,
17 | zabbix.frontend.config ~ '.jinja',
18 | '/etc/zabbix/web/' ~ config_file,
19 | '/etc/zabbix/web/' ~ config_file ~ '.jinja'],
20 | lookup='zabbix-frontend-config'
21 | )
22 | }}
23 | - template: jinja
24 | - require:
25 | - pkg: zabbix-frontend-php
26 | - file: {{ config_file_dir }}
27 |
28 |
29 | # Fix permissions to allow to php-fpm include zabbix frontend config file which is usually located under /etc/zabbix
30 | {{ config_file_dir }}:
31 | file.directory:
32 | - mode: 755
33 | - require:
34 | - pkg: zabbix-frontend-php
35 |
36 |
37 | {% if salt['grains.get']('os_family') == 'Debian' -%}
38 | # We don't want the package to mess with apache
39 | zabbix-frontend_debconf:
40 | debconf.set:
41 | - name: zabbix-frontend-php
42 | - data:
43 | 'zabbix-frontend-php/configure-apache': {'type': 'boolean', 'value': False}
44 | 'zabbix-frontend-php/restart-webserver': {'type': 'boolean', 'value': False}
45 | - prereq:
46 | - pkg: zabbix-frontend-php
47 | - require:
48 | - sls: zabbix.debconf
49 | {%- endif %}
50 |
--------------------------------------------------------------------------------
/zabbix/frontend/init.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 |
3 | zabbix-frontend-php:
4 | pkg.installed:
5 | - pkgs:
6 | {%- for name in zabbix.frontend.pkgs %}
7 | - {{ name }}{% if zabbix.frontend.version is defined and 'zabbix' in name %}: '{{ zabbix.frontend.version }}'{% endif %}
8 | {%- endfor %}
9 |
10 | {% if salt['grains.get']('selinux:enforced', False) == 'Enforcing' %}
11 | httpd_can_connect_zabbix:
12 | selinux.boolean:
13 | - value: True
14 | - persist: True
15 |
16 | httpd_can_network_connect:
17 | selinux.boolean:
18 | - value: True
19 | - persist: True
20 | {% endif %}
21 |
--------------------------------------------------------------------------------
/zabbix/frontend/repo.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 |
3 |
4 | include:
5 | - zabbix.frontend
6 |
7 |
8 | # We have a common template for the official Zabbix repo
9 | {% include "zabbix/repo.sls" %}
10 |
11 |
12 | # Here we just add a requisite declaration to ensure correct order
13 | extend:
14 | zabbix_frontend_repo:
15 | {% if salt['grains.get']('os_family') in ['Debian', 'Suse'] -%}
16 | pkgrepo:
17 | - require_in:
18 | - pkg: zabbix-frontend-php
19 | {% elif salt['grains.get']('os_family') == 'RedHat' -%}
20 | pkgrepo:
21 | - require_in:
22 | - pkg: zabbix-frontend-php
23 | zabbix_frontend_non_supported_repo:
24 | pkgrepo:
25 | - require_in:
26 | - pkg: zabbix-frontend-php
27 | {%- else %} {}
28 | {%- endif %}
29 |
--------------------------------------------------------------------------------
/zabbix/libtofs.jinja:
--------------------------------------------------------------------------------
1 | {%- macro files_switch(
2 | source_files,
3 | lookup=None,
4 | default_files_switch=["id", "os_family"],
5 | indent_width=6,
6 | use_subpath=False
7 | ) %}
8 | {#-
9 | Returns a valid value for the "source" parameter of a "file.managed"
10 | state function. This makes easier the usage of the Template Override and
11 | Files Switch (TOFS) pattern.
12 | Params:
13 | * source_files: ordered list of files to look for
14 | * lookup: key under ":tofs:source_files" to prepend to the
15 | list of source files
16 | * default_files_switch: if there's no config (e.g. pillar)
17 | ":tofs:files_switch" this is the ordered list of grains to
18 | use as selector switch of the directories under
19 | "/files"
20 | * indent_width: indentation of the result value to conform to YAML
21 | * use_subpath: defaults to `False` but if set, lookup the source file
22 | recursively from the current state directory up to `tplroot`
23 | Example (based on a `tplroot` of `xxx`):
24 | If we have a state:
25 | Deploy configuration:
26 | file.managed:
27 | - name: /etc/yyy/zzz.conf
28 | - source: {{ files_switch(
29 | ["/etc/yyy/zzz.conf", "/etc/yyy/zzz.conf.jinja"],
30 | lookup="Deploy configuration",
31 | ) }}
32 | - template: jinja
33 | In a minion with id=theminion and os_family=RedHat, it's going to be
34 | rendered as:
35 | Deploy configuration:
36 | file.managed:
37 | - name: /etc/yyy/zzz.conf
38 | - source:
39 | - salt://xxx/files/theminion/etc/yyy/zzz.conf
40 | - salt://xxx/files/theminion/etc/yyy/zzz.conf.jinja
41 | - salt://xxx/files/RedHat/etc/yyy/zzz.conf
42 | - salt://xxx/files/RedHat/etc/yyy/zzz.conf.jinja
43 | - salt://xxx/files/default/etc/yyy/zzz.conf
44 | - salt://xxx/files/default/etc/yyy/zzz.conf.jinja
45 | - template: jinja
46 | #}
47 | {#- Get the `tplroot` from `tpldir` #}
48 | {%- set tplroot = tpldir.split("/")[0] %}
49 | {%- set path_prefix = salt["config.get"](tplroot ~ ":tofs:path_prefix", tplroot) %}
50 | {%- set files_dir = salt["config.get"](tplroot ~ ":tofs:dirs:files", "files") %}
51 | {%- set files_switch_list = salt["config.get"](
52 | tplroot ~ ":tofs:files_switch", default_files_switch
53 | ) %}
54 | {#- Lookup source_files (v2), files (v1), or fallback to an empty list #}
55 | {%- set src_files = salt["config.get"](
56 | tplroot ~ ":tofs:source_files:" ~ lookup,
57 | salt["config.get"](tplroot ~ ":tofs:files:" ~ lookup, []),
58 | ) %}
59 | {#- Append the default source_files #}
60 | {%- set src_files = src_files + source_files %}
61 | {#- Only add to [""] when supporting older TOFS implementations #}
62 | {%- set path_prefix_exts = [""] %}
63 | {%- if use_subpath and tplroot != tpldir %}
64 | {#- Walk directory tree to find {{ files_dir }} #}
65 | {%- set subpath_parts = tpldir.lstrip(tplroot).lstrip("/").split("/") %}
66 | {%- for path in subpath_parts %}
67 | {%- set subpath = subpath_parts[0 : loop.index] | join("/") %}
68 | {%- do path_prefix_exts.append("/" ~ subpath) %}
69 | {%- endfor %}
70 | {%- endif %}
71 | {%- for path_prefix_ext in path_prefix_exts | reverse %}
72 | {%- set path_prefix_inc_ext = path_prefix ~ path_prefix_ext %}
73 | {#- For older TOFS implementation, use `files_switch` from the config #}
74 | {#- Use the default, new method otherwise #}
75 | {%- set fsl = salt["config.get"](
76 | tplroot ~ path_prefix_ext | replace("/", ":") ~ ":files_switch",
77 | files_switch_list,
78 | ) %}
79 | {#- Append an empty value to evaluate as `default` in the loop below #}
80 | {%- if "" not in fsl %}
81 | {%- set fsl = fsl + [""] %}
82 | {%- endif %}
83 | {%- for fs in fsl %}
84 | {%- for src_file in src_files %}
85 | {%- if fs %}
86 | {%- set fs_dirs = salt["config.get"](fs, fs) %}
87 | {%- else %}
88 | {%- set fs_dirs = salt["config.get"](
89 | tplroot ~ ":tofs:dirs:default", "default"
90 | ) %}
91 | {%- endif %}
92 | {#- Force the `config.get` lookup result as a list where necessary #}
93 | {#- since we need to also handle grains that are lists #}
94 | {%- if fs_dirs is string %}
95 | {%- set fs_dirs = [fs_dirs] %}
96 | {%- endif %}
97 | {%- for fs_dir in fs_dirs %}
98 | {#- strip empty elements by using a select #}
99 | {%- set url = (
100 | [
101 | "- salt:/",
102 | path_prefix_inc_ext.strip("/"),
103 | files_dir.strip("/"),
104 | fs_dir.strip("/"),
105 | src_file.strip("/"),
106 | ]
107 | | select
108 | | join("/")
109 | ) %}
110 | {{ url | indent(indent_width, true) }}
111 | {%- endfor %}
112 | {%- endfor %}
113 | {%- endfor %}
114 | {%- endfor %}
115 | {%- endmacro %}
116 |
--------------------------------------------------------------------------------
/zabbix/map.jinja:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=jinja
3 |
4 | {#- Start imports as #}
5 | {%- import_yaml "zabbix/defaults.yaml" as default_settings %}
6 | {%- import_yaml "zabbix/osfamilymap.yaml" as osfamilymap %}
7 | {%- import_yaml "zabbix/osmap.yaml" as osmap %}
8 | {%- import_yaml "zabbix/osfingermap.yaml" as osfingermap %}
9 |
10 | {#- Retrieve the config dict only once #}
11 | {%- set _config = salt['config.get']('zabbix', default={}) %}
12 |
13 | {%- set config = salt['grains.filter_by'](
14 | default_settings,
15 | default='zabbix',
16 | merge=salt['grains.filter_by'](
17 | osfamilymap,
18 | grain='os_family',
19 | merge=salt['grains.filter_by'](
20 | osmap,
21 | grain='os',
22 | merge=salt['grains.filter_by'](
23 | osfingermap,
24 | grain='osfinger',
25 | merge=salt['grains.filter_by'](
26 | _config,
27 | default='lookup'
28 | )
29 | )
30 | )
31 | )
32 | )
33 | %}
34 |
35 | {%- set zabbix = config %}
36 |
--------------------------------------------------------------------------------
/zabbix/mysql/conf.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-mysql', {}) -%}
3 | {% set defaults = zabbix.get('mysql', {}) -%}
4 | # This required for backward compatibility
5 | {% if 'dbpass' in settings -%}
6 | {% do settings.update({'dbpassword': settings['dbpass']}) -%}
7 | {% endif -%}
8 |
9 | {% set dbhost = settings.get('dbhost', defaults.dbhost) -%}
10 | {% set dbname = settings.get('dbname', defaults.dbname) -%}
11 | {% set dbuser = settings.get('dbuser', defaults.dbuser) -%}
12 | {% set dbpassword = settings.get('dbpassword', defaults.dbpassword) -%}
13 |
14 | {% set dbuser_host = settings.get('dbuser_host', defaults.dbuser_host) -%}
15 | {% set dbroot_user = settings.get('dbroot_user') -%}
16 | {% set dbroot_pass = settings.get('dbroot_pass') -%}
17 |
18 | # Install Python to MySQL interface packages.
19 | {% if settings.get('pkgs', defaults.get('pkgs', False))
20 | and not settings.get('skip_pkgs', defaults.skip_pkgs) -%}
21 | mysql_packages:
22 | pkg.installed:
23 | - pkgs: {{ settings.get('pkgs', defaults.pkgs)|json }}
24 | {% elif settings.get('skip_pkgs', defaults.skip_pkgs) -%}
25 | mysql_packages:
26 | test.configurable_test_state:
27 | - name: You skipped installation of packages with Python interface to MySQL.
28 | - changes: False
29 | - result: True
30 | {% else -%}
31 | mysql_packages:
32 | test.configurable_test_state:
33 | - name: MySQL prerequired packages are not defined
34 | - changes: False
35 | - result: False
36 | - comment: |
37 | Packages with Python interface to MySQL are required.
38 | Please specify them in pillar as list.
39 | zabbix-mysql:
40 | pkgs:
41 | - python-to-mysql-package
42 | Or you can skip installing them.
43 | zabbix-mysql:
44 | skip_pkgs: True
45 | {% endif -%}
46 |
47 | zabbix_db:
48 | mysql_database.present:
49 | - name: {{ dbname }}
50 | - host: {{ dbhost }}
51 | {%- if dbroot_user and dbroot_pass %}
52 | - connection_host: {{ dbhost }}
53 | - connection_user: {{ dbroot_user }}
54 | - connection_pass: {{ dbroot_pass }}
55 | {%- endif %}
56 | - character_set: utf8
57 | - collate: utf8_bin
58 | - require:
59 | - mysql_packages
60 | mysql_user.present:
61 | - name: {{ dbuser }}
62 | - host: '{{ dbuser_host }}'
63 | - password: {{ dbpassword }}
64 | {%- if dbroot_user and dbroot_pass %}
65 | - connection_host: {{ dbhost }}
66 | - connection_user: {{ dbroot_user }}
67 | - connection_pass: {{ dbroot_pass }}
68 | {%- endif %}
69 | - require:
70 | - mysql_packages
71 | mysql_grants.present:
72 | - grant: all privileges
73 | - database: {{ dbname }}.*
74 | - user: {{ dbuser }}
75 | - host: '{{ dbuser_host }}'
76 | {%- if dbroot_user and dbroot_pass %}
77 | - connection_host: {{ dbhost }}
78 | - connection_user: {{ dbroot_user }}
79 | - connection_pass: {{ dbroot_pass }}
80 | {%- endif %}
81 | - require:
82 | - mysql_packages
83 | - mysql_database: zabbix_db
84 | - mysql_user: zabbix_db
85 |
--------------------------------------------------------------------------------
/zabbix/mysql/schema.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% from "zabbix/libtofs.jinja" import files_switch with context -%}
3 | {% set settings = salt['pillar.get']('zabbix-mysql', {}) -%}
4 | {% set defaults = zabbix.get('mysql', {}) -%}
5 | # This required for backward compatibility
6 | {% if 'dbpass' in settings -%}
7 | {% do settings.update({'dbpassword': settings['dbpass']}) -%}
8 | {% endif -%}
9 |
10 | {% set dbhost = settings.get('dbhost', defaults.dbhost) -%}
11 | {% set dbname = settings.get('dbname', defaults.dbname) -%}
12 | {% set dbuser = settings.get('dbuser', defaults.dbuser) -%}
13 | {% set dbpassword = settings.get('dbpassword', defaults.dbpassword) -%}
14 |
15 | {% set dbroot_user = settings.get('dbroot_user') -%}
16 | {% set dbroot_pass = settings.get('dbroot_pass') -%}
17 |
18 | {% if zabbix.version_repo|float < 3 -%}
19 | {% set db_version = '22' -%}
20 | {% elif zabbix.version_repo|float < 3.4 -%}
21 | {% set db_version = '30' -%}
22 | {% else -%}
23 | {% set db_version = '34' -%}
24 | {% endif -%}
25 | {% set sql_file = settings.get('sql_file', '/usr/share/zabbix-server-mysql/salt-provided-create-' ~ db_version ~ '.sql') -%}
26 |
27 | # Connection args required only if dbroot_user and dbroot_pass defined.
28 | {% set connection_args = {} -%}
29 | {% if dbroot_user and dbroot_pass -%}
30 | {% set connection_args = {'connection_host': dbhost, 'connection_user': dbroot_user, 'connection_pass': dbroot_pass} -%}
31 | {% endif -%}
32 |
33 | # Check is there any tables in database.
34 | # salt.mysql.db_tables(dbname) return 'False' if there is no tables or any other error i.e. failed auth.
35 | {% set is_db_empty = True -%}
36 | {% if salt.mysql.db_tables(dbname, **connection_args) -%}
37 | {% set is_db_empty = False -%}
38 | {% endif -%}
39 |
40 | include:
41 | - zabbix.mysql.conf
42 |
43 | check_db:
44 | test.configurable_test_state:
45 | - name: Is there any tables in '{{ dbname }}' database?
46 | - changes: {{ is_db_empty }}
47 | - result: True
48 | - comment: If changes is 'True' data import required.
49 |
50 | {{ sql_file }}:
51 | file.managed:
52 | - makedirs: True
53 | - source: {{ files_switch([sql_file],
54 | lookup='zabbix-server-mysql'
55 | )
56 | }}
57 | mysql_query.run_file:
58 | - database: {{ dbname }}
59 | {%- if dbroot_user and dbroot_pass %}
60 | - connection_host: {{ dbhost }}
61 | - connection_user: {{ dbroot_user }}
62 | - connection_pass: {{ dbroot_pass }}
63 | {%- endif %}
64 | - connection_charset: utf8
65 | - query_file: {{ sql_file }}
66 | - require:
67 | - mysql_packages
68 | - mysql_database: zabbix_db
69 | - file: {{ sql_file }}
70 | - onchanges:
71 | - test: check_db
72 |
--------------------------------------------------------------------------------
/zabbix/osfamilymap.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | #
4 | # Setup variables using grains['os_family'] based logic.
5 | # You just need to add the key:values for an `os_family` that differ
6 | # from `defaults.yaml` + `osarch.yaml`.
7 | # Only add an `os_family` which is/will be supported by the formula.
8 | #
9 | # If you do not need to provide defaults via the `os_family` grain,
10 | # you will need to provide at least an empty dict in this file, e.g.
11 | # osfamilymap: {}
12 | ---
13 | Debian:
14 | version_repo: 2.2
15 | user: zabbix
16 | group: zabbix
17 | home: /var/lib/zabbix
18 | shell: /bin/false
19 | agent:
20 | pkgs:
21 | - zabbix-agent
22 | - zabbix-sender
23 | service: zabbix-agent
24 | config: /etc/zabbix/zabbix_agentd.conf
25 | pidfile: /var/run/zabbix/zabbix_agentd.pid
26 | logfile: /var/log/zabbix/zabbix_agentd.log
27 | logfilesize: '0'
28 | server:
29 | - 127.0.0.1
30 | serveractive:
31 | - 127.0.0.1
32 | includes:
33 | - /etc/zabbix/zabbix_agentd.d/
34 | server:
35 | pkgs:
36 | - zabbix-server-mysql
37 | - zabbix-get
38 | service: zabbix-server
39 | config: /etc/zabbix/zabbix_server.conf
40 | pidfile: /var/run/zabbix/zabbix_server.pid
41 | socketdir: /var/run/zabbix
42 | logfile: /var/log/zabbix/zabbix_server.log
43 | logfilesize: '0'
44 | dbhost: localhost
45 | dbname: zabbix
46 | dbuser: zabbix
47 | dbpassword: zabbix
48 | dbsocket: /var/run/mysqld/mysqld.sock
49 | snmptrapperfile: /var/log/snmptrap/snmptrap.log
50 | timeout: '4'
51 | alertscriptspath: /usr/lib/zabbix/alertscripts
52 | externalscripts: /usr/lib/zabbix/externalscripts
53 | fpinglocation: /usr/bin/fping
54 | fping6location: /usr/bin/fping6
55 | logslowqueries: '3000'
56 | frontend:
57 | pkgs:
58 | - zabbix-frontend-php
59 | config: /etc/zabbix/web/zabbix.conf.php
60 | proxy:
61 | pkgs:
62 | - zabbix-proxy-sqlite3
63 | - zabbix-get
64 | service: zabbix-proxy
65 | config: /etc/zabbix/zabbix_proxy.conf
66 | dbname: /var/lib/zabbix/zabbix_proxy.db
67 | pidfile: /var/run/zabbix/zabbix_proxy.pid
68 | logfile: /var/log/zabbix/zabbix_proxy.log
69 | logfilesize: '0'
70 | socketdir: /var/run/zabbix
71 | startpreprocessors: '3'
72 | externalscripts: /usr/lib/zabbix/externalscripts
73 | fpinglocation: /usr/bin/fping
74 | fping6location: /usr/bin/fping6
75 | statsallowedip: 127.0.0.1
76 | includes:
77 | - /etc/zabbix/zabbix_proxy.d/
78 | mysql:
79 | pkgs:
80 | - python-mysqldb
81 | pgsql:
82 | pkgs:
83 | - postgresql-client-common
84 | - postgresql-client
85 |
86 | RedHat:
87 | version_repo: 2.2
88 | user: zabbix
89 | group: zabbix
90 | shell: /sbin/nologin
91 | agent:
92 | pkgs:
93 | - zabbix-agent
94 | service: zabbix-agent
95 | config: /etc/zabbix/zabbix_agentd.conf
96 | pidfile: /var/run/zabbix/zabbix_agentd.pid
97 | logfile: /var/log/zabbix/zabbix_agentd.log
98 | includes:
99 | - /etc/zabbix/zabbix_agentd.d/*.conf
100 | server:
101 | pkgs:
102 | - zabbix-server-mysql
103 | service: zabbix-server
104 | config: /etc/zabbix/zabbix_server.conf
105 | dbsocket: /var/lib/mysql/mysql.sock
106 | pidfile: /var/run/zabbix/zabbix_server.pid
107 | logfile: /var/log/zabbix/zabbix_server.log
108 | snmptrapperfile: /var/log/snmptrap/snmptrap.log
109 | fpinglocation: /usr/sbin/fping
110 | fping6location: /usr/sbin/fping6
111 | frontend:
112 | pkgs:
113 | - zabbix-web-mysql
114 | config: /etc/zabbix/web/zabbix.conf.php
115 | proxy:
116 | pkgs:
117 | - zabbix-proxy-sqlite3
118 | service: zabbix-proxy
119 | config: /etc/zabbix/zabbix_proxy.conf
120 | dbname: /var/lib/zabbix/zabbix_proxy.db
121 | pidfile: /var/run/zabbix/zabbix_proxy.pid
122 | logfile: /var/log/zabbix/zabbix_proxy.log
123 | mysql:
124 | pkgs:
125 | - MySQL-python
126 |
127 | Suse:
128 | version_repo: 5.0
129 | user: zabbix
130 | group: zabbix
131 | shell: /sbin/nologin
132 | agent:
133 | pkgs:
134 | - zabbix-agent
135 | service: zabbix-agent
136 | config: /etc/zabbix/zabbix_agentd.conf
137 | pidfile: /run/zabbix/zabbix_agentd.pid
138 | logfile: /var/log/zabbix/zabbix_agentd.log
139 | includes:
140 | - /etc/zabbix/zabbix_agentd.d/*.conf
141 | server:
142 | pkgs:
143 | - zabbix-server-mysql
144 | service: zabbix-server
145 | config: /etc/zabbix/zabbix_server.conf
146 | dbsocket: /run/mysql/mysql.sock
147 | pidfile: /run/zabbix/zabbix_server.pid
148 | logfile: /var/log/zabbix/zabbix_server.log
149 | snmptrapperfile: /var/log/snmptrap/snmptrap.log
150 | fpinglocation: /usr/sbin/fping
151 | fping6location: /usr/sbin/fping
152 | frontend:
153 | pkgs:
154 | - zabbix-web-mysql
155 | config: /etc/zabbix/web/zabbix.conf.php
156 | proxy:
157 | pkgs:
158 | - zabbix-proxy-sqlite3
159 | service: zabbix-proxy
160 | config: /etc/zabbix/zabbix_proxy.conf
161 | dbname: /var/lib/zabbix/zabbix_proxy.db
162 | pidfile: /run/zabbix/zabbix_proxy.pid
163 | logfile: /var/log/zabbix/zabbix_proxy.log
164 | mysql:
165 | pkgs:
166 | - MySQL-python
167 | pgsql:
168 | pkgs:
169 | - postgresql
170 | sql_file: /usr/share/doc/packages/zabbix-server-pgsql/create.sql.gz
171 |
172 |
173 | FreeBSD:
174 | version_repo: 2.2
175 | user: zabbix
176 | group: zabbix
177 | home: /var/lib/zabbix
178 | shell: /sbin/nologin
179 | agent:
180 | pkgs:
181 | - zabbix22-agent
182 | service: zabbix_agentd
183 | config: /usr/local/etc/zabbix22/zabbix_agentd.conf
184 | pidfile: /var/run/zabbix/zabbix_agentd.pid
185 | logfile: /var/log/zabbix/zabbix_agentd.log
186 | server:
187 | pkgs:
188 | - zabbix22-server
189 | service: zabbix
190 | config: /usr/local/etc/zabbix22/zabbix_server.conf
191 | dbsocket: /var/run/mysqld/mysqld.sock
192 | pidfile: /var/run/zabbix/zabbix_server.pid
193 | logfile: /var/log/zabbix/zabbix_server.log
194 | proxy:
195 | pkgs:
196 | - zabbix22-proxy
197 | service: zabbix_proxy
198 | config: /usr/local/etc/zabbix22/zabbix_proxy.conf
199 | dbname: /var/lib/zabbix/zabbix_proxy.db
200 | pidfile: /var/run/zabbix/zabbix_proxy.pid
201 | logfile: /var/log/zabbix/zabbix_proxy.log
202 |
203 | OpenBSD:
204 | version_repo: 2.4
205 | user: _zabbix
206 | group: _zabbix
207 | shell: /sbin/nologin
208 | agent:
209 | pkgs:
210 | - zabbix-agent
211 | service: zabbix_agentd
212 | config: /etc/zabbix/zabbix_agentd.conf
213 | pidfile: /var/run/zabbix/zabbix_agentd.pid
214 | logfile: /var/log/zabbix/zabbix_agentd.log
215 |
216 | Windows:
217 | user: Administrator
218 | group: Administrators
219 | agent:
220 | version: 3.0
221 | pkgs:
222 | - zabbix-agent
223 | service: Zabbix Agent
224 | config: C:\\Program Files\\Zabbix Agent\\zabbix_agentd.conf
225 | logfile: C:\\Program Files\\Zabbix Agent\\zabbix_agentd.log
226 | logfilesize: '5'
227 | pidfile: ''
228 | includes: []
229 |
--------------------------------------------------------------------------------
/zabbix/osfingermap.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | #
4 | # Setup variables using grains['osfinger'] based logic.
5 | # You just need to add the key:values for an `osfinger` that differ
6 | # from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`.
7 | # Only add an `osfinger` which is/will be supported by the formula.
8 | #
9 | # If you do not need to provide defaults via the `os_finger` grain,
10 | # you will need to provide at least an empty dict in this file, e.g.
11 | # osfingermap: {}
12 | ---
13 | # os: Debian
14 | Debian-12:
15 | repo_signedby: signedby=/etc/apt/keyrings/zabbix.gpg
16 | repo_aptkey: false
17 | Debian-11:
18 | repo_signedby: ""
19 | repo_aptkey: true
20 | Debian-10:
21 | repo_signedby: ""
22 | repo_aptkey: true
23 | Debian-9:
24 | repo_signedby: ""
25 | repo_aptkey: true
26 | Debian-8:
27 | repo_signedby: ""
28 | repo_aptkey: true
29 |
30 | # os: Ubuntu
31 | Ubuntu-24.04:
32 | repo_signedby: signedby=/etc/apt/keyrings/zabbix.gpg
33 | repo_aptkey: false
34 | Ubuntu-22.04:
35 | repo_signedby: signedby=/etc/apt/keyrings/zabbix.gpg
36 | repo_aptkey: false
37 | Ubuntu-20.04:
38 | repo_signedby: ""
39 | repo_aptkey: true
40 | Ubuntu-18.04:
41 | repo_signedby: ""
42 | repo_aptkey: true
43 | Ubuntu-16.04:
44 | repo_signedby: ""
45 | repo_aptkey: true
46 |
47 | # os: Fedora
48 | Fedora-31: {}
49 | Fedora-30: {}
50 |
51 | # os: CentOS
52 | CentOS Linux-8: {}
53 | CentOS Linux-7: {}
54 | CentOS-6: {}
55 |
56 | # os: Amazon
57 | Amazon Linux-2: {}
58 | Amazon Linux AMI-2018: {}
59 |
60 | # os: SUSE
61 | Leap-15: {}
62 | SLES-15: {}
63 | SLES-12: {}
64 |
65 | # os: FreeBSD
66 | FreeBSD-12: {}
67 |
68 | # os: Windows
69 | Windows-8.1: {}
70 |
71 | # os: Gentoo
72 | Gentoo-2: {}
73 |
--------------------------------------------------------------------------------
/zabbix/osmap.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | #
4 | # Setup variables using grains['os'] based logic.
5 | # You just need to add the key:values for an `os` that differ
6 | # from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`.
7 | # Only add an `os` which is/will be supported by the formula.
8 | #
9 | # If you do not need to provide defaults via the `os` grain,
10 | # you will need to provide at least an empty dict in this file, e.g.
11 | # osmap: {}
12 | ---
13 | # os_family: Debian
14 | Ubuntu: {}
15 | Raspbian: {}
16 |
17 | # os_family: RedHat
18 | Fedora:
19 | server:
20 | service: zabbix-server-mysql
21 | srv_user: 'zabbixsrv'
22 | srv_group: 'zabbixsrv'
23 | pidfile: /var/run/zabbixsrv/zabbix_server.pid
24 | socketdir: /var/run/zabbixsrv
25 | logfile: /var/log/zabbixsrv/zabbix_server.log
26 | alertscriptspath: /usr/share/zabbix/alertscripts
27 | externalscripts: /usr/share/zabbix/externalscripts
28 | CentOS: {}
29 | Amazon: {}
30 |
31 | # os_family: Suse
32 | SUSE: {}
33 | openSUSE: {}
34 |
35 | # os_family: Gentoo
36 | Funtoo: {}
37 |
38 | # os_family: Arch
39 | Manjaro: {}
40 |
41 | # os_family: Solaris
42 | SmartOS: {}
43 |
--------------------------------------------------------------------------------
/zabbix/pgsql/conf.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-pgsql', {}) -%}
3 | {% set defaults = zabbix.get('pgsql', {}) -%}
4 |
5 | {% set dbhost = settings.get('dbhost', defaults.dbhost) -%}
6 | {% set dbname = settings.get('dbname', defaults.dbname) -%}
7 | {% set dbuser = settings.get('dbuser', defaults.dbuser) -%}
8 | {% set dbpassword = settings.get('dbpassword', defaults.dbpassword) -%}
9 |
10 | {% set dbroot_user = settings.get('dbroot_user') -%}
11 | {% set dbroot_pass = settings.get('dbroot_pass') -%}
12 |
13 | include:
14 | - zabbix.pgsql.pkgs
15 |
16 | zabbix_pgsql_user:
17 | postgres_user.present:
18 | - name: {{ dbuser }}
19 | - password: {{ dbpassword }}
20 | - encrypted: True
21 | - login: True
22 | {%- if dbroot_user and dbroot_pass %}
23 | - db_host: {{ dbhost }}
24 | - db_user: {{ dbroot_user }}
25 | - db_password: {{ dbroot_pass }}
26 | {%- endif %}
27 | - require:
28 | - pgsql_packages
29 |
30 | zabbix_pgsql_db:
31 | postgres_database.present:
32 | - name: {{ dbname }}
33 | - owner: {{ dbuser }}
34 | {%- if dbroot_user and dbroot_pass %}
35 | - db_host: {{ dbhost }}
36 | - db_user: {{ dbroot_user }}
37 | - db_password: {{ dbroot_pass }}
38 | {%- endif %}
39 | - require:
40 | - pgsql_packages
41 | - postgres_user: zabbix_pgsql_user
42 |
--------------------------------------------------------------------------------
/zabbix/pgsql/pkgs.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-pgsql', {}) -%}
3 | {% set defaults = zabbix.get('pgsql', {}) -%}
4 |
5 | # Install packages required for Salt postgres module
6 | {% if settings.get('pkgs', defaults.get('pkgs', False))
7 | and not settings.get('skip_pkgs', defaults.skip_pkgs) -%}
8 | pgsql_packages:
9 | pkg.installed:
10 | - pkgs: {{ settings.get('pkgs', defaults.pkgs)|json }}
11 | {% elif settings.get('skip_pkgs', defaults.skip_pkgs) -%}
12 | pgsql_packages:
13 | test.configurable_test_state:
14 | - name: You skipped installation of packages required for Salt postgres module.
15 | - changes: False
16 | - result: True
17 | {% else -%}
18 | pgsql_packages:
19 | test.configurable_test_state:
20 | - name: Packages required for Salt postgres module are not defined
21 | - changes: False
22 | - result: False
23 | - comment: |
24 | Additional packages are required to manage the PostgreSQL database.
25 | Please specify them in pillar as list.
26 | Tip: you need postgresql-client packages, like:
27 | zabbix-pgsql:
28 | pkgs:
29 | - postgresql-client-common
30 | - postgresql-client
31 | Or you can skip installing them, but formula likely fail without them.
32 | zabbix-pgsql:
33 | skip_pkgs: True
34 | {% endif -%}
35 |
--------------------------------------------------------------------------------
/zabbix/pgsql/schema.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% from "zabbix/libtofs.jinja" import files_switch with context -%}
3 | {% set settings = salt['pillar.get']('zabbix-pgsql', {}) -%}
4 | {% set defaults = zabbix.get('pgsql', {}) -%}
5 |
6 | {% set dbhost = settings.get('dbhost', defaults.dbhost) -%}
7 | {% set dbname = settings.get('dbname', defaults.dbname) -%}
8 | {% set dbuser = settings.get('dbuser', defaults.dbuser) -%}
9 | {% set dbpassword = settings.get('dbpassword', defaults.dbpassword) -%}
10 |
11 | {% set dbroot_user = settings.get('dbroot_user') -%}
12 | {% set dbroot_pass = settings.get('dbroot_pass') -%}
13 |
14 | {% set sql_file = settings.get('sql_file', '/usr/share/doc/zabbix-server-pgsql/create.sql.gz') -%}
15 |
16 | # Connection args required only if dbroot_user and dbroot_pass defined.
17 | {% set connection_args = {} -%}
18 | {% if dbroot_user and dbroot_pass -%}
19 | {% set connection_args = {'runas': 'nobody', 'host': dbhost, 'user': dbroot_user, 'password': dbroot_pass} -%}
20 | {% endif -%}
21 |
22 | # Check is there any tables in database.
23 | # salt.postgres.psql_query return empty result if there is no tables or 'False' on any error i.e. failed auth.
24 | {% set list_tables = "SELECT tablename FROM pg_catalog.pg_tables WHERE schemaname != 'pg_catalog' AND schemaname != 'information_schema' LIMIT 1;" %}
25 | {% set is_db_empty = True -%}
26 | {% if salt.postgres.psql_query(query=list_tables, maintenance_db=dbname, **connection_args) -%}
27 | {% set is_db_empty = False -%}
28 | {% endif -%}
29 |
30 | include:
31 | - zabbix.pgsql.pkgs
32 |
33 | check_db_pgsql:
34 | test.configurable_test_state:
35 | - name: Is there any tables in '{{ dbname }}' database?
36 | - changes: {{ is_db_empty }}
37 | - result: True
38 | - comment: If changes is 'True' data import required.
39 |
40 | {% if 'sql_file' in settings -%}
41 | upload_sql_dump:
42 | file.managed:
43 | - makedirs: True
44 | - source: {{ files_switch([sql_file],
45 | lookup='zabbix-server-pgsql'
46 | )
47 | }}
48 | - require_in:
49 | - import_sql
50 | {% endif -%}
51 |
52 | import_sql:
53 | cmd.run:
54 | - name: zcat {{ sql_file }} | psql | head -5
55 | - runas: {{ zabbix.user }}
56 | - env:
57 | - PGUSER: {{ dbuser }}
58 | - PGPASSWORD: {{ dbpassword }}
59 | - PGDATABASE: {{ dbname }}
60 | - PGHOST: {{ dbhost }}
61 | - require:
62 | - pkg: zabbix-server
63 | - onchanges:
64 | - test: check_db_pgsql
65 |
--------------------------------------------------------------------------------
/zabbix/proxy/conf.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% from "zabbix/libtofs.jinja" import files_switch with context -%}
3 |
4 |
5 | include:
6 | - zabbix.proxy
7 |
8 |
9 | {{ zabbix.proxy.config }}:
10 | file.managed:
11 | - source: {{ files_switch(['/etc/zabbix/zabbix_proxy.conf',
12 | '/etc/zabbix/zabbix_proxy.conf.jinja'],
13 | lookup='zabbix-proxy-config'
14 | )
15 | }}
16 | - template: jinja
17 | - require:
18 | - pkg: zabbix-proxy
19 | - watch_in:
20 | - service: zabbix-proxy
21 |
--------------------------------------------------------------------------------
/zabbix/proxy/init.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix-proxy', {}) -%}
3 | {% set defaults = zabbix.get('proxy', {}) -%}
4 |
5 | include:
6 | - zabbix.users
7 |
8 | zabbix-proxy:
9 | pkg.installed:
10 | - pkgs:
11 | {%- for name in zabbix.proxy.pkgs %}
12 | - {{ name }}{% if zabbix.proxy.version is defined and 'zabbix' in name %}: '{{ zabbix.proxy.version }}'{% endif %}
13 | {%- endfor %}
14 | - require_in:
15 | - user: zabbix-formula_zabbix_user
16 | - group: zabbix-formula_zabbix_group
17 | service.running:
18 | - name: {{ zabbix.proxy.service }}
19 | - enable: True
20 | - require:
21 | - pkg: zabbix-proxy
22 | - file: zabbix-proxy-logdir
23 | - file: zabbix-proxy-piddir
24 | {% for include in settings.get('includes', defaults.get('includes', [])) %}
25 | - file: {{ include }}
26 | {%- endfor %}
27 |
28 | zabbix-proxy-logdir:
29 | file.directory:
30 | - name: {{ salt['file.dirname'](zabbix.proxy.logfile) }}
31 | - user: {{ zabbix.user }}
32 | - group: {{ zabbix.group }}
33 | - dirmode: 755
34 | - require:
35 | - pkg: zabbix-proxy
36 |
37 | zabbix-proxy-piddir:
38 | file.directory:
39 | - name: {{ salt['file.dirname'](zabbix.proxy.pidfile) }}
40 | - user: {{ zabbix.user }}
41 | - group: {{ zabbix.group }}
42 | - dirmode: 750
43 | - require:
44 | - pkg: zabbix-proxy
45 |
46 | # basic check does 'dbname' looks like a file path
47 | {% if zabbix.proxy.dbname.startswith('/') -%}
48 | zabbix-proxy-sqlitedir:
49 | file.directory:
50 | - name: {{ salt['file.dirname'](zabbix.proxy.dbname) }}
51 | - user: {{ zabbix.user }}
52 | - group: {{ zabbix.group }}
53 | - dirmode: 750
54 | - require:
55 | - pkg: zabbix-proxy
56 | - watch_in:
57 | - service: zabbix-proxy
58 | {%- endif %}
59 |
60 | {% for include in settings.get('includes', defaults.get('includes', [])) %}
61 | {{ include }}:
62 | file.directory:
63 | - user: {{ zabbix.user }}
64 | - group: {{ zabbix.group }}
65 | - dirmode: 750
66 | - require:
67 | - pkg: zabbix-proxy
68 | {%- endfor %}
69 |
--------------------------------------------------------------------------------
/zabbix/proxy/repo.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context %}
2 |
3 |
4 | include:
5 | - zabbix.proxy
6 |
7 |
8 | # We have a common template for the official Zabbix repo
9 | {% include "zabbix/repo.sls" %}
10 |
11 |
12 | # Here we just add a requisite declaration to ensure correct order
13 | extend:
14 | zabbix_proxy_repo:
15 | {% if salt['grains.get']('os_family') in ['Debian', 'Suse'] -%}
16 | pkgrepo:
17 | - require_in:
18 | - pkg: zabbix-proxy
19 | {% elif salt['grains.get']('os_family') == 'RedHat' -%}
20 | pkgrepo:
21 | - require_in:
22 | - pkg: zabbix-proxy
23 | zabbix_proxy_non_supported_repo:
24 | pkgrepo:
25 | - require_in:
26 | - pkg: zabbix-proxy
27 | {%- else %} {}
28 | {%- endif %}
29 |
--------------------------------------------------------------------------------
/zabbix/repo.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 |
3 | # Zabbix official repo releases a deb package that sets a zabbix.list apt
4 | # sources. Here we do the same as that package does, including the PGP key for
5 | # the repo.
6 |
7 |
8 | # In order to share this state file among the different parts of Zabbix (agent,
9 | # server, frontend, proxy) we have to name the states accordingly. See
10 | # https://github.com/moreda/zabbix-saltstack-formula/issues/2 if you're curious.
11 |
12 |
13 | {% if sls == "zabbix.agent.repo" %}{% set id_prefix = "zabbix_agent" -%}
14 | {% elif sls == "zabbix.server.repo" %}{% set id_prefix = "zabbix_server" -%}
15 | {% elif sls == "zabbix.frontend.repo" %}{% set id_prefix = "zabbix_frontend" -%}
16 | {% elif sls == "zabbix.proxy.repo" %}{% set id_prefix = "zabbix_proxy" -%}
17 | {% else %}{% set id_prefix = "zabbix" -%}
18 | {% endif -%}
19 |
20 |
21 | {% if salt['grains.get']('os_family') == 'Debian' -%}
22 | {{ id_prefix }}_apt-transport-https:
23 | pkg.installed:
24 | - name: apt-transport-https
25 | {{ id_prefix }}_repo:
26 | pkgrepo.managed:
27 | - name: deb [ arch={{ salt['grains.get']('osarch')|lower }} {{ zabbix.repo_signedby }} ]
28 | https://repo.zabbix.com/zabbix/{{ zabbix.version_repo }}/{{ salt['grains.get']('os')|lower }} {{ salt['grains.get']('oscodename') }} main
29 | - file: /etc/apt/sources.list.d/zabbix.list
30 | - key_url: https://repo.zabbix.com/zabbix-official-repo.key
31 | - clean_file: True
32 | - aptkey: {{ zabbix.repo_aptkey }}
33 |
34 | {%- elif salt['grains.get']('os_family') == 'RedHat' and
35 | salt['grains.get']('osmajorrelease')|int >= 6 %}
36 | {%- if zabbix.version_repo|float > 3.0 %}
37 | {%- set gpgkey = 'https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591' %}
38 | {%- else %}
39 | {%- set gpgkey = 'https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-79EA5ED4' %}
40 | {%- endif %}
41 |
42 | {{ id_prefix }}_repo:
43 | pkgrepo.managed:
44 | - name: zabbix
45 | - humanname: Zabbix Official Repository - $basearch
46 | - baseurl: http://repo.zabbix.com/zabbix/{{ zabbix.version_repo }}/rhel/{{ grains['osmajorrelease']|int }}/$basearch/
47 | - gpgcheck: 1
48 | - gpgkey: {{ gpgkey }}
49 |
50 | {{ id_prefix }}_non_supported_repo:
51 | pkgrepo.managed:
52 | - name: zabbix-non-supported
53 | - humanname: Zabbix Official Repository non-supported - $basearch
54 | - baseurl: http://repo.zabbix.com/non-supported/rhel/{{ grains['osmajorrelease']|int }}/$basearch/
55 | - gpgcheck: 1
56 | - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-79EA5ED4
57 |
58 | {%- elif salt['grains.get']('os_family') == 'Suse' %}
59 | {{ id_prefix }}_repo:
60 | pkgrepo.managed:
61 | - name: zabbix
62 | - humanname: "Zabbix Official Repository"
63 | - baseurl: https://repo.zabbix.com/zabbix/{{ zabbix.version_repo }}/sles/{{ grains['osmajorrelease'] }}/x86_64/
64 | - gpgcheck: 1
65 | - gpgkey: https://repo.zabbix.com/zabbix/{{ zabbix.version_repo }}/sles/{{ grains['osmajorrelease'] }}/x86_64/repodata/repomd.xml.key
66 | - gpgautoimport: True
67 |
68 | {%- else %}
69 | {{ id_prefix }}_repo: {}
70 | {%- endif %}
71 |
--------------------------------------------------------------------------------
/zabbix/server/conf.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% from "zabbix/libtofs.jinja" import files_switch with context -%}
3 |
4 |
5 | include:
6 | - zabbix.server
7 | {%- if grains.os_family == 'Debian' %}
8 | - zabbix.debconf
9 | {%- endif %}
10 |
11 |
12 | {{ zabbix.server.config }}:
13 | file.managed:
14 | {% if zabbix.version_repo|float < 3 -%}
15 | - source: {{ files_switch(['/etc/zabbix/zabbix_server_22.conf',
16 | '/etc/zabbix/zabbix_server_22.conf.jinja'],
17 | lookup='zabbix-server-config'
18 | )
19 | }}
20 | {% else %}
21 | - source: {{ files_switch(['/etc/zabbix/zabbix_server.conf',
22 | '/etc/zabbix/zabbix_server.conf.jinja'],
23 | lookup='zabbix-server-config'
24 | )
25 | }}
26 | {% endif %}
27 | - template: jinja
28 | - require:
29 | - pkg: zabbix-server
30 | - watch_in:
31 | - service: zabbix-server
32 |
33 |
34 | {% if salt['grains.get']('os_family') == 'Debian' and 'zabbix-server-mysql' in zabbix.server.pkgs -%}
35 | # We don't want to manage the db through dbconfig
36 | zabbix-server_debconf:
37 | debconf.set:
38 | - name: zabbix-server-mysql
39 | - data:
40 | 'zabbix-server-mysql/internal/skip-preseed': {'type': 'boolean', 'value': True}
41 | 'zabbix-server-mysql/dbconfig-install': {'type': 'boolean', 'value': False}
42 | 'zabbix-server-mysql/dbconfig-upgrade': {'type': 'boolean', 'value': False}
43 | - prereq:
44 | - pkg: zabbix-server
45 | - require:
46 | - sls: zabbix.debconf
47 | {%- endif %}
48 |
--------------------------------------------------------------------------------
/zabbix/server/init.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 |
3 | include:
4 | - zabbix.users
5 |
6 | {%- set srv_user = zabbix | traverse('server:srv_user', zabbix.user) %}
7 | {%- set srv_group = zabbix | traverse('server:srv_group', zabbix.group) %}
8 |
9 | zabbix-server:
10 | pkg.installed:
11 | - pkgs:
12 | {%- for name in zabbix.server.pkgs %}
13 | - {{ name }}{% if zabbix.server.version is defined and 'zabbix' in name %}: '{{ zabbix.server.version }}'{% endif %}
14 | {%- endfor %}
15 | {% if salt['grains.get']('os_family') == 'Debian' -%}
16 | - install_recommends: False
17 | {% endif %}
18 | - require_in:
19 | - user: zabbix-formula_zabbix_user
20 | - group: zabbix-formula_zabbix_group
21 | service.running:
22 | - name: {{ zabbix.server.service }}
23 | - enable: True
24 | - require:
25 | - pkg: zabbix-server
26 | - file: zabbix-server-logdir
27 | - file: zabbix-server-piddir
28 |
29 | zabbix-server-logdir:
30 | file.directory:
31 | - name: {{ salt['file.dirname'](zabbix.server.logfile) }}
32 | - user: {{ srv_user }}
33 | - group: {{ srv_group }}
34 | - dirmode: 755
35 | - require:
36 | - pkg: zabbix-server
37 |
38 | zabbix-server-piddir:
39 | file.directory:
40 | - name: {{ salt['file.dirname'](zabbix.server.pidfile) }}
41 | - user: {{ srv_user }}
42 | - group: {{ srv_group }}
43 | - dirmode: 755
44 | - require:
45 | - pkg: zabbix-server
46 |
47 | {% if salt['grains.get']('selinux:enforced', False) == 'Enforcing' %}
48 | /root/zabbix_server.te:
49 | file.managed:
50 | - source: salt://zabbix/files/default/tmp/zabbix_server.te
51 |
52 | generate_server_mod:
53 | cmd.run:
54 | - name: checkmodule -M -m -o zabbix_server.mod zabbix_server.te
55 | - cwd: /root
56 | - onchanges:
57 | - file: /root/zabbix_server.te
58 |
59 | generate_server_pp:
60 | cmd.run:
61 | - name: semodule_package -o zabbix_server.pp -m zabbix_server.mod
62 | - cwd: /root
63 | - onchanges:
64 | - cmd: generate_server_mod
65 |
66 | set_server_policy:
67 | cmd.run:
68 | - name: semodule -i zabbix_server.pp
69 | - cwd: /root
70 | - onchanges:
71 | - cmd: generate_server_pp
72 |
73 | enable_selinux_server:
74 | selinux.module:
75 | - name: zabbix_server
76 | - module_state: enabled
77 |
78 | {% if zabbix.version_repo|float >= 3.4 -%}
79 | /root/zabbix_server_34.te:
80 | file.managed:
81 | - source: salt://zabbix/files/default/tmp/zabbix_server_34.te
82 |
83 | generate_server_34_mod:
84 | cmd.run:
85 | - name: checkmodule -M -m -o zabbix_server_34.mod zabbix_server_34.te
86 | - cwd: /root
87 | - onchanges:
88 | - file: /root/zabbix_server_34.te
89 |
90 | generate_server_34_pp:
91 | cmd.run:
92 | - name: semodule_package -o zabbix_server_34.pp -m zabbix_server_34.mod
93 | - cwd: /root
94 | - onchanges:
95 | - cmd: generate_server_mod
96 |
97 | set_server_policy_34:
98 | cmd.run:
99 | - name: semodule -i zabbix_server_34.pp
100 | - cwd: /root
101 | - onchanges:
102 | - cmd: generate_server_pp
103 |
104 | enable_selinux_server_34:
105 | selinux.module:
106 | - name: zabbix_server_34
107 | - module_state: enabled
108 | {% endif -%}
109 |
110 | {% endif %}
111 |
--------------------------------------------------------------------------------
/zabbix/server/repo.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context %}
2 |
3 |
4 | include:
5 | - zabbix.server
6 |
7 |
8 | # We have a common template for the official Zabbix repo
9 | {% include "zabbix/repo.sls" %}
10 |
11 |
12 | # Here we just add a requisite declaration to ensure correct order
13 | extend:
14 | zabbix_server_repo:
15 | {% if salt['grains.get']('os_family') in ['Debian', 'Suse'] -%}
16 | pkgrepo:
17 | - require_in:
18 | - pkg: zabbix-server
19 | {% elif salt['grains.get']('os_family') == 'RedHat' -%}
20 | pkgrepo:
21 | - require_in:
22 | - pkg: zabbix-server
23 | zabbix_server_non_supported_repo:
24 | pkgrepo:
25 | - require_in:
26 | - pkg: zabbix-server
27 | {%- else %} {}
28 | {%- endif %}
29 |
--------------------------------------------------------------------------------
/zabbix/users.sls:
--------------------------------------------------------------------------------
1 | {% from "zabbix/map.jinja" import zabbix with context -%}
2 | {% set settings = salt['pillar.get']('zabbix', {}) -%}
3 |
4 |
5 | zabbix-formula_zabbix_user:
6 | user.present:
7 | - name: {{ zabbix.user }}
8 | - gid: {{ zabbix.group }}
9 | - optional_groups: {{ settings.get('user_groups', []) }}
10 | # Home directory should be created by pkg scripts
11 | - createhome: False
12 | - shell: {{ zabbix.shell }}
13 | - system: True
14 | - require:
15 | - group: zabbix-formula_zabbix_group
16 |
17 |
18 | zabbix-formula_zabbix_group:
19 | group.present:
20 | - name: {{ zabbix.group }}
21 | - system: True
22 |
--------------------------------------------------------------------------------