--- - name: "Install Zabbix agent using yum/dnf/apt" hosts: all gather_facts: True become: true tasks: - name: "msg print to stdout: Debug ansible_facts" debug: msg: - ansible_facts.distribution "{{ ansible_facts.distribution }}" - ansible_facts.distribution_major_version "{{ ansible_facts.distribution_major_version }}" - ansible_facts.distribution_file_variety "{{ ansible_facts.distribution_file_variety }}" - name: Populate systemd service_facts service_facts: - debug: msg: - ansible_facts.services['firewalld.service'] "{{ ansible_facts.services['firewalld.service'] }}" when: "'firewalld.service' in services" - debug: msg: - ansible_facts.services['iptables.service'] "{{ ansible_facts.services['iptables.service'] }}" when: "'iptables.service' in services" - debug: msg: - ansible_facts.services['iptables.service'] "{{ ansible_facts.services['iptables.service'] }}" when: "'ufw.service' in services" #RHEL-6 Like: - name: Install Zabbix rpm key if distro RHEL-6 like rpm_key: key: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD state: present when: ansible_facts['distribution_file_variety'] == 'RedHat' - name: Install zabbix-agent2 from specified rpm if distro is RH6-like yum: name: https://repo.zabbix.com/zabbix/6.4/rhel/6/x86_64/zabbix-agent2-6.4.8-release2.el6.x86_64.rpm state: installed when: (ansible_facts['distribution_file_variety'] == 'RedHat') and (ansible_facts['distribution_major_version'] == '6') #RHEL-7 like: - name: Install Official Zabbix repo for RHEL-7 like, incl. Fedora 19 - 27 yum_repository: name: zabbix description: Install Zabbix official repo for RHEL-7 like baseurl: https://repo.zabbix.com/zabbix/6.4/rhel/$releasever/x86_64/ enabled: yes when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '7' or ansible_facts['distribution_major_version'] == '19' or ansible_facts['distribution_major_version'] == '20' or ansible_facts['distribution_major_version'] == '21' or ansible_facts['distribution_major_version'] == '22' or ansible_facts['distribution_major_version'] == '23' or ansible_facts['distribution_major_version'] == '24' or ansible_facts['distribution_major_version'] == '25' or ansible_facts['distribution_major_version'] == '26' or ansible_facts['distribution_major_version'] == '27' - name: yum-clean-metadata for RHEL-7 like, incl. Fedora 19 - 27 ansible.builtin.command: yum clean metadata when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '7' or ansible_facts['distribution_major_version'] == '19' or ansible_facts['distribution_major_version'] == '20' or ansible_facts['distribution_major_version'] == '21' or ansible_facts['distribution_major_version'] == '22' or ansible_facts['distribution_major_version'] == '23' or ansible_facts['distribution_major_version'] == '24' or ansible_facts['distribution_major_version'] == '25' or ansible_facts['distribution_major_version'] == '26' or ansible_facts['distribution_major_version'] == '27' - name: Install zabbix-agent2 + plugins for RHEL-7 like yum: name: - zabbix-agent2, zabbix-agent2-plugin-* disablerepo: "epel" state: present when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '7' or ansible_facts['distribution_major_version'] == '19' or ansible_facts['distribution_major_version'] == '20' or ansible_facts['distribution_major_version'] == '21' or ansible_facts['distribution_major_version'] == '22' or ansible_facts['distribution_major_version'] == '23' or ansible_facts['distribution_major_version'] == '24' or ansible_facts['distribution_major_version'] == '25' or ansible_facts['distribution_major_version'] == '26' or ansible_facts['distribution_major_version'] == '27' #RHEL-8 like: - name: Install Zabbix repo GPG key for ALL RHEL like, incl. Fedora 28 - 33 rpm_key: state: present key: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-08EFA7DD when: ansible_facts['distribution_file_variety'] == 'RedHat' - name: Install Official Zabbix repo for RHEL-8 like incl. Fedora 28 - 33 yum_repository: name: zabbix description: Install Zabbix official repo for RHEL-8 like incl. Fedora 28 - 33 baseurl: https://repo.zabbix.com/zabbix/6.4/rhel/8/x86_64/ enabled: yes when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '8' or ansible_facts['distribution_major_version'] == '28' or ansible_facts['distribution_major_version'] == '29' or ansible_facts['distribution_major_version'] == '30' or ansible_facts['distribution_major_version'] == '31' or ansible_facts['distribution_major_version'] == '32' or ansible_facts['distribution_major_version'] == '33' - name: yum-clean-metadata for RHEL-8 like incl. Fedora 28 - 33 ansible.builtin.command: yum clean metadata when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '8' or ansible_facts['distribution_major_version'] == '28' or ansible_facts['distribution_major_version'] == '29' or ansible_facts['distribution_major_version'] == '30' or ansible_facts['distribution_major_version'] == '31' or ansible_facts['distribution_major_version'] == '32' or ansible_facts['distribution_major_version'] == '33' - name: Install Official Zabbix repo for RHEL-9 like, incl. Fedora 34-40 yum_repository: name: zabbix description: Install Zabbix official repo for RHEL-9 like, incl. Fedora 34-40 baseurl: https://repo.zabbix.com/zabbix/6.4/rhel/9/x86_64/ enabled: yes when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '9' or ansible_facts['distribution_major_version'] == '34' or ansible_facts['distribution_major_version'] == '35' or ansible_facts['distribution_major_version'] == '36' or ansible_facts['distribution_major_version'] == '37' or ansible_facts['distribution_major_version'] == '38' or ansible_facts['distribution_major_version'] == '39' or ansible_facts['distribution_major_version'] == '40' - name: yum-clean-metadata for RHEL-9 like, incl. Fedora 34-40 ansible.builtin.command: yum clean metadata when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '9' or ansible_facts['distribution_major_version'] == '34' or ansible_facts['distribution_major_version'] == '35' or ansible_facts['distribution_major_version'] == '36' or ansible_facts['distribution_major_version'] == '37' or ansible_facts['distribution_major_version'] == '38' or ansible_facts['distribution_major_version'] == '39' or ansible_facts['distribution_major_version'] == '40' - name: Install zabbix-agent2 + plugins for RHEL-9 like, incl. Fedora 34-40 yum: name: - zabbix-agent2, zabbix-agent2-plugin-* disablerepo: "epel" state: present disable_gpg_check: true when: - ansible_facts['distribution_file_variety'] == 'RedHat' - ansible_facts['distribution_major_version'] == '9' or ansible_facts['distribution_major_version'] == '34' or ansible_facts['distribution_major_version'] == '35' or ansible_facts['distribution_major_version'] == '36' or ansible_facts['distribution_major_version'] == '37' or ansible_facts['distribution_major_version'] == '38' or ansible_facts['distribution_major_version'] == '39' or ansible_facts['distribution_major_version'] == '40' ############################################### Debian section ################################################################################################# - name: Install zabbix-agent2 from specified deb file if distro is Deb12, "Bookworm" apt: deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bdebian12_amd64.deb state: present when: (ansible_facts['distribution'] == 'Debian') and (ansible_facts['distribution_major_version'] == '12') - name: Install zabbix-agent2 from specified deb file if distro is Deb11, "Bullseye" apt: deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bdebian11_amd64.deb state: present when: (ansible_facts['distribution'] == 'Debian') and (ansible_facts['distribution_major_version'] == '11') - name: Install zabbix-agent2 from specified deb file if distro is Deb10, "Buster" apt: deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bdebian10_amd64.deb state: present when: (ansible_facts['distribution'] == 'Debian') and (ansible_facts['distribution_major_version'] == '10') - name: Install zabbix-agent2 from specified deb file if distro is Deb9, "Stretch" apt: deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bdebian9_amd64.deb state: present when: (ansible_facts['distribution'] == 'Debian') and (ansible_facts['distribution_major_version'] == '9') ############################################## Begin Ubuntu section ################################################### - name: Install zabbix-agent2 from specified deb file if distro is Ubuntu 22.xx, "Jammy Jellyfish" apt: deb: https://repo.zabbix.com/zabbix/6.4/ubuntu/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bubuntu22.04_amd64.deb state: present when: (ansible_facts['distribution'] == 'Ubuntu') and (ansible_facts['distribution_major_version'] == '22') - name: Install zabbix-agent2 from specified deb file if distro is Ubuntu 20.xx, "Focal Fossa" apt: deb: https://repo.zabbix.com/zabbix/6.4/ubuntu/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bubuntu20.04_amd64.deb state: present when: (ansible_facts['distribution'] == 'Ubuntu') and (ansible_facts['distribution_major_version'] == '20') - name: Install zabbix-agent2 from specified deb file if distro is Ubuntu 18.xx, "Bionic Bever" apt: deb: https://repo.zabbix.com/zabbix/6.4/ubuntu/pool/main/z/zabbix/zabbix-agent2_6.4.8-2%2Bubuntu18.04_amd64.deb state: present when: (ansible_facts['distribution'] == 'Ubuntu') and (ansible_facts['distribution_major_version'] == '18') - name: Create /etc/zabbix w/ appropriate permissinos file: path: /etc/zabbix owner: zabbix group: root mode: '0755' state: directory # Copy Zabbix agent config file to host - name: perform copy of zabbix agent config copy: src: ~/install_packages/zabbix/zabbix_agent2.conf dest: /etc/zabbix/zabbix_agent2.conf owner: zabbix group: root mode: '0640' # Create /etc/zabbix w/ appropriate permissinos - name: Create /etc/zabbix/certs w/ appropriate permissions file: path: /etc/zabbix/certs owner: zabbix group: root mode: '0750' state: directory # Copy Zabbix ca.cert to host - name: perform copy ca.cert copy: src: ~/install_packages/zabbix/certs/ca.cert dest: /etc/zabbix/certs/ca.cert owner: zabbix group: root mode: '0640' # Copy Zabbix client.cert to host - name: perform copy client.cert copy: src: ~/install_packages/zabbix/certs/client.cert dest: /etc/zabbix/certs/client.cert owner: zabbix group: root mode: '0640' # Copy Zabbix client_private.key to host - name: perform copy ca.cert copy: src: ~/install_packages/zabbix/certs/client_private.key dest: /etc/zabbix/certs/client_private.key owner: zabbix group: root mode: '0640' - name : remove /etc/zabbix_agentd.conf file if present file: path: /etc/zabbix_agentd.conf state: absent # Copy Zabbix agent PSK - name: perform copy of Zabbix agent PSK copy: src: ~/install_packages/zabbix/psk.key dest: /etc/zabbix/psk.key owner: zabbix group: root mode: '0440' # Ensure /var/log/zabbix/ exists w/ correct permissions - name: Create /var/log/zabbix if needed file: path: /var/log/zabbix state: directory owner: zabbix group: zabbix mode: '0775' # Ensure /var/log/zabbix/zabbix_agentd.log exists - name: Touch /var/log/zabbix/zabbix_agent2.log file: path: /var/log/zabbix/zabbix_agent2.log state: touch owner: zabbix group: zabbix mode: '0664' # Allow connections to :10050 on systems using firewalld: - name: allow :10050/tcp incoming, firewalld firewalld: port: - 10050/tcp - 10051/tcp permanent: True state: enabled immediate: True when: ansible_facts.services['firewalld.service']['status'] == 'enabled' ignore_errors: yes # Allow connections to :10050 on systems using iptables.service: - name: Open 10050/tcp if iptables.service is running iptables: chain: INPUT src_range: "***CONTENTS REDACTED***" protocol: tcp destination_ports: - "10050" - "10051" jump: ACCEPT when: ansible_facts.services['iptables.service']['status'] == 'enabled' ignore_errors: yes # Allow connections to :10050 on systems using UFW: - name: allow :10050/tcp incoming, ufw ufw: rule: allow port: '10050' proto: tcp comment: Zabbix agent on 10050 when: - "'ufw' in services" - ansible_facts.services['ufw.service']['status'] == 'enabled' ignore_errors: yes # Enable zabbix-agent on systemd-enabled systems: - name: enable zabbix-agent2 service systemd: name: zabbix-agent2 enabled: True masked: no state: started ignore_errors: False #when: ansible_facts.services['source'].source == systemd when: ansible_facts.service_mgr == "systemd" # Restart systemd service - name: restart zabbix-agent2.service, systemd systemd: name: zabbix-agent2 enabled: True masked: no state: restarted ignore_errors: False when: ansible_facts.service_mgr == "systemd"