initial commit of file from CVS for smeserver-zabbix-proxy on Sat Sep 7 21:18:29 AEST 2024

2024-09-07 21:18:29 +10:00
parent 58fbe68965
commit 8d98403b11
38 changed files with 626 additions and 2 deletions
--- a/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/DbName
+++ b/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/DbName
@@ -0,0 +1 @@
+zabbixproxydb
--- a/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/DbUser
+++ b/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/DbUser
@@ -0,0 +1 @@
+zabbixuser
--- a/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/TCPPort
+++ b/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/TCPPort
@@ -0,0 +1 @@
+10051
--- a/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/access
+++ b/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/access
@@ -0,0 +1 @@
+private
--- a/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/status
+++ b/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/status
@@ -0,0 +1 @@
+enabled
--- a/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/type
+++ b/root/etc/e-smith/db/configuration/defaults/zabbix-proxy/type
@@ -0,0 +1 @@
+service
--- a/root/etc/e-smith/db/configuration/migrate/zabbix-proxy-database
+++ b/root/etc/e-smith/db/configuration/migrate/zabbix-proxy-database
@@ -0,0 +1,33 @@
+{
+    my $rec = $DB->get('zabbix-proxy')
+        || $DB->new_record('zabbix-proxy', {type => 'service'});
+    my $pw = $rec->prop('DbPassword');
+    if (not $pw or length($pw) < 57)
+    {   
+        use MIME::Base64 qw(encode_base64);
+
+        $pw = "not set due to error";
+        if ( open( RANDOM, "/dev/urandom" ) )
+        {   
+            my $buf;
+            # 57 bytes is a full line of Base64 coding, and contains
+            # 456 bits of randomness - given a perfectly random /dev/random
+            if ( read( RANDOM, $buf, 57 ) != 57 )
+            {   
+                warn("Short read from /dev/random: $!");
+            }
+            else
+            {   
+                $pw = encode_base64($buf);
+                chomp $pw;
+            }
+            close RANDOM;
+        }
+        else
+        {   
+            warn "Could not open /dev/urandom: $!";
+        }
+        $rec->set_prop('DbPassword', $pw);
+    }
+}     
+
--- a/root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/80zabbix-proxy
+++ b/root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/80zabbix-proxy
@@ -0,0 +1 @@
+PERMS=0750
--- a/root/etc/e-smith/templates.metadata/var/lib/zabbix/bin/sendxmpp
+++ b/root/etc/e-smith/templates.metadata/var/lib/zabbix/bin/sendxmpp
@@ -0,0 +1,3 @@
+PERMS=0750
+UID="root"
+GID="zabbix"
--- a/root/etc/e-smith/templates/etc/e-smith/sql/init/80zabbix-proxy
+++ b/root/etc/e-smith/templates/etc/e-smith/sql/init/80zabbix-proxy
@@ -0,0 +1,48 @@
+{
+my $db = ${'zabbix-proxy'}{'DbName'} || 'zabbix';
+my $user = ${'zabbix-proxy'}{'DbUser'} || 'zabbix';
+my $pass = ${'zabbix-proxy'}{'DbPassword'} || 'secret';
+
+my $schema = `rpm -qd zabbix-proxy-mysql | grep schema | grep mysql`;
+
+
+$OUT .= <<"END";
+#! /bin/sh
+if [ \! -d /var/lib/mysql/$db ]; then
+	/usr/bin/mysqladmin create $db
+	gzip -dc $schema | /usr/bin/mysql $db
+fi
+
+/usr/bin/mysql <<EOF
+USE mysql;
+
+REPLACE INTO user (
+                     host,
+                     user,
+                     password)
+            VALUES (
+                     'localhost',
+                     '${'zabbix-proxy'}{DbUser}',
+                     PASSWORD ('${'zabbix-proxy'}{DbPassword}'));
+
+
+REPLACE INTO db (
+                   host,
+                   db,
+                   user,
+                   select_priv, insert_priv, update_priv, delete_priv,
+                   create_priv, alter_priv, index_priv, drop_priv, create_tmp_table_priv,
+                   grant_priv, lock_tables_priv, references_priv) 
+          VALUES (
+                   'localhost',
+                   '${'zabbix-proxy'}{DbName}',
+                   '${'zabbix-proxy'}{DbUser}',
+                   'Y', 'Y', 'Y', 'Y',
+                   'Y', 'Y', 'Y', 'Y', 'Y',
+                   'N', 'Y', 'Y');
+
+FLUSH PRIVILEGES;
+
+EOF
+END
+}
--- a/root/etc/e-smith/templates/etc/sudoers/00zabbixAlias
+++ b/root/etc/e-smith/templates/etc/sudoers/00zabbixAlias
@@ -0,0 +1 @@
+Cmnd_Alias      ZABBIX = /usr/sbin/fping,/usr/sbin/fping6
--- a/root/etc/e-smith/templates/etc/sudoers/30zabbix
+++ b/root/etc/e-smith/templates/etc/sudoers/30zabbix
@@ -0,0 +1 @@
+zabbix  ALL=(root) NOPASSWD: ZABBIX
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/00header
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/00header
@@ -0,0 +1,4 @@
+# This is config file for ZABBIX server process
+# To get more information about ZABBIX, 
+# go http://www.zabbix.com
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/10zabbixServers
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/10zabbixServers
@@ -0,0 +1,10 @@
+############ GENERAL PARAMETERS #################
+
+# IP address (or hostname) of ZABBIX servers. 
+
+Server={ (${'zabbix-proxy'}{'Servers'} || '127.0.0.1'); }
+
+# Server port for sending active checks
+
+ServerPort={ (${'zabbix-proxy'}{'ServerPort'} || '10051'); }
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/15hostname
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/15hostname
@@ -0,0 +1,7 @@
+{
+
+my $host = (${'zabbix-proxy'}{'Hostname'} || $SystemName.".".$DomainName);
+$OUT = "Hostname=$host\n";
+
+}
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/20instances
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/20instances
@@ -0,0 +1,35 @@
+# Number of pre-forked instances of pollers
+# Default value is 5
+# This parameter must be between 0 and 255
+StartPollers=5
+
+# Number of pre-forked instances of IPMI pollers
+# Default value is 0
+# This parameter must be between 0 and 255
+#StartIPMIPollers=0
+
+# Number of pre-forked instances of pollers for unreachable hosts
+# Default value is 1
+# This parameter must be between 0 and 255
+#StartPollersUnreachable=1
+
+# Number of pre-forked instances of trappers
+# Default value is 5
+# This parameter must be between 0 and 255
+StartTrappers=5
+
+# Number of pre-forked instances of ICMP pingers
+# Default value is 1
+# This parameter must be between 0 and 255
+StartPingers=1
+
+# Number of pre-forked instances of discoverers
+# Default value is 1
+# This parameter must be between 0 and 255
+StartDiscoverers=1
+
+# Number of pre-forked instances of HTTP pollers
+# Default value is 1
+# This parameter must be between 0 and 255
+#StartHTTPPollers=1
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/30listen
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/30listen
@@ -0,0 +1,16 @@
+# Listen port for trapper. Default port number is 10051. This parameter 
+# must be between 1024 and 32767
+{
+my $port = ${'zabbix-proxy'}{'TCPPort'} || '10051';
+$OUT .= "ListenPort=$port\n";
+}
+
+# Source IP address for outgouing connections
+#SourceIP=
+
+# Listen interface for trapper. Trapper will listen all network interfaces
+# if this parameter is missing.
+
+#ListenIP=127.0.0.1
+
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/40freq
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/40freq
@@ -0,0 +1,34 @@
+# How often ZABBIX will perform sending hearbeat message
+# (in seconds)
+# Default value is 60 seconds
+# Set to 0 to disable heartbeat messages
+# This parameter must be between 0 and 3600
+#HeartbeatFrequency=60
+
+# How often ZABBIX will perform sync configuration data
+# (in seconds)
+# Default value is 3600 seconds (1h)
+# This parameter must be between 1 and 604800 (1 week)
+ConfigFrequency=600
+
+
+# How often ZABBIX will perform housekeeping procedure
+# (in hours)
+# Default value is 1 hour
+# Housekeeping is removing unnecessary information from
+# tables history, alert, and alarms
+# This parameter must be between 1 and 24
+
+#HousekeepingFrequency=1
+
+# How often ZABBIX will try to send unsent alerts
+# (in seconds)
+# Default value is 30 seconds
+DataSenderFrequency=30
+
+# Uncomment this line to disable housekeeping procedure
+#DisableHousekeeping=1
+
+# Frequency of ICMP pings (item keys 'icmpping' and 'icmppingsec'). Defauls is 60 seconds.
+#PingerFrequency=60
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/45proxybuffers
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/45proxybuffers
@@ -0,0 +1,9 @@
+# Local bufer size in hours. Proxy will keep collected data N hours.
+# Default value is 0 hours
+#ProxyLocalBuffer=0
+
+# Offline buffer size in hours. It is used when server is not available.
+# Older data is removed.
+# Default value is 1 hours
+ProxyOfflineBuffer=24
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/50debug
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/50debug
@@ -0,0 +1,9 @@
+# Specifies debug level
+# 0 - debug is not created
+# 1 - critical information
+# 2 - error information
+# 3 - warnings (default)
+# 4 - for debugging (produces lots of information)
+
+DebugLevel=3
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/55timeout
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/55timeout
@@ -0,0 +1,17 @@
+# Specifies how long we wait for agent response (in sec)
+# Must be between 1 and 30 
+Timeout=5
+
+# Specifies how many seconds trapper may spend processing new data
+# Must be between 1 and 30 
+#TrapperTimeout=5
+
+# After how many seconds of unreachability treat a host as unavailable
+#UnreachablePeriod=45
+
+# How ofter check host for availability during the unreachability period
+#UnavailableDelay=15
+
+# How ofter check host for availability during the unavailability period
+#UnavailableDelay=60
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/60pidAndLog
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/60pidAndLog
@@ -0,0 +1,13 @@
+# Name of PID file
+
+PidFile=/var/run/zabbix/zabbix_proxy.pid
+
+# Name of log file
+# If not set, syslog is used
+
+LogFile=/var/log/zabbix/zabbix_proxy.log
+
+# Maximum size of log file in MB. Set to 0 to disable automatic log rotation.
+LogFileSize=10
+
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/70location
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/70location
@@ -0,0 +1,14 @@
+# Location of external scripts
+ExternalScripts=/var/lib/zabbix/bin
+
+# Location of fping. Default is /usr/sbin/fping
+# Make sure that fping binary has root permissions and SUID flag set
+FpingLocation=/var/lib/zabbix/bin/fping
+
+# Location of fping6. Default is /usr/sbin/fping6
+# Make sure that fping binary has root permissions and SUID flag set
+Fping6Location=/var/lib/zabbix/bin/fping6
+
+# Temporary directory. Default is /tmp
+TmpDir=/var/lib/zabbix/tmp
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/80database
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/80database
@@ -0,0 +1,32 @@
+# Database host name
+# Default is localhost
+
+DBHost=localhost
+
+# Database name
+# SQLite3 note: path to database file must be provided. DBUser and DBPassword are ignored.
+{
+my $dbname = ${'zabbix-proxy'}{'DbName'} || 'zabbix';
+my $dbuser = ${'zabbix-proxy'}{'DbUser'} || 'zabbix';
+my $dbpass = ${'zabbix-proxy'}{'DbPassword'} || 'secret';
+
+$OUT .=<<"HERE";
+
+DBName=$dbname
+
+# Database user
+
+DBUser=$dbuser
+
+# Database password
+# Comment this line if no password used
+
+DBPassword=$dbpass
+HERE
+
+}
+
+# Connect to MySQL using Unix socket?
+
+DBSocket=/var/lib/mysql/mysql.sock
+
--- a/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/85TLS
+++ b/root/etc/e-smith/templates/etc/zabbix/zabbix_proxy.conf/85TLS
@@ -0,0 +1,33 @@
+{
+  my @encryptions = ();
+  my $psk_file = ${'zabbix-proxy'}{'TLSPSKFile'} || '/etc/zabbix/zabbix_proxy.psk';
+  my $psk_id   = ${'zabbix-proxy'}{'TLSPSKIdentity'} || $SystemName . '.' . $DomainName . '-proxy';
+  if (-s $psk_file){
+    push @encryptions, 'psk';
+    $OUT .=<<_EOF;
+TLSPSKFile=$psk_file
+TLSPSKIdentity=$psk_id
+_EOF
+  }
+
+  my $cert = ${'zabbix-proxy'}{'TLSCertFile'} || '/etc/zabbix/zabbix_proxy.crt';
+  my $key  = ${'zabbix-proxy'}{'TLSKeyFile'}  || '/etc/zabbix/zabbix_proxy.key';
+  my $ca   = ${'zabbix-proxy'}{'TLSCAFile'}   || '/etc/zabbix/zabbix_proxy.ca';
+  if (-s $cert && -s $key && -s $ca){
+    push @encryptions, 'cert';
+    $OUT .=<<_EOF;
+TLSCertFile=$cert
+TLSKeyFile=$key
+TLSCAFile=$ca
+_EOF
+    my $issuer  = ${'zabbix-proxy'}{'TLSServerCertIssuer'} || '';
+    my $subject = ${'zabbix-proxy'}{'TLSServerCertSubject'} || '';
+    $OUT .= "TLSServerCertIssuer=$issuer\n"   if ($issuer ne '');
+    $OUT .= "TLSServerCertSubject=$subject\n" if ($subject ne '');
+  }
+  my $encryptions = (scalar @encryptions > 0) ? join(',', @encryptions) : '';
+  $OUT .=<<_EOF if ($encryptions ne '');
+TLSConnect=$encryptions
+TLSAccept=$encryptions
+_EOF
+}
--- a/root/var/lib/zabbix/bin/fping
+++ b/root/var/lib/zabbix/bin/fping
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/sudo /usr/sbin/fping "$@"
--- a/root/var/lib/zabbix/bin/fping6
+++ b/root/var/lib/zabbix/bin/fping6
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/sudo /usr/sbin/fping6 "$@"
				`@@ -0,0 +1 @@`
				`Cmnd_Alias ZABBIX = /usr/sbin/fping,/usr/sbin/fping6`