91 lines
3.7 KiB
Plaintext
91 lines
3.7 KiB
Plaintext
|
#!/bin/bash
|
||
|
|
||
|
# variables
|
||
|
LABEL="DATA"
|
||
|
DATABASE_PASS="Di1sgMySQLPwd."
|
||
|
TLD="example.com"
|
||
|
HOST="zabbix"
|
||
|
ORGNAME="Zabbix example"
|
||
|
|
||
|
# start
|
||
|
set -e
|
||
|
|
||
|
[ -e /01firstboot ] && exit 0
|
||
|
[ -e /02firstboot ] || exit 0
|
||
|
|
||
|
# Database
|
||
|
systemctl stop mariadb
|
||
|
if [ ! -d "/$LABEL/var/lib/mysql/zabbix" ]; then
|
||
|
echo 'Initialize MariaDB...'
|
||
|
mkdir -p "/$LABEL/var/lib"
|
||
|
rm -rf "/$LABEL/var/lib/mysql"
|
||
|
rm -rf "/$LABEL/var/lib/mysql.orig"
|
||
|
cp -a "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
|
||
|
mv "/var/lib/mysql" "/$LABEL/var/lib/mysql"
|
||
|
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
||
|
systemctl start mariadb
|
||
|
sleep 5
|
||
|
|
||
|
echo 'Create Zabbix database...'
|
||
|
mysql -u root -e "CREATE USER 'zabbix'@'localhost' IDENTIFIED BY '$DATABASE_PASS'"
|
||
|
mysql -u root -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
|
||
|
mysql -u root -e "GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED by '$DATABASE_PASS';"
|
||
|
mysql -u root -e "FLUSH PRIVILEGES;"
|
||
|
|
||
|
echo 'Import Zabbix MySQL data'
|
||
|
mysql -u root zabbix < /usr/share/zabbix/database/mysql/schema.sql
|
||
|
mysql -u root zabbix < /usr/share/zabbix/database/mysql/images.sql
|
||
|
mysql -u root zabbix < /usr/share/zabbix/database/mysql/data.sql
|
||
|
else
|
||
|
echo 'Start MariaDB...'
|
||
|
if [ ! -L /var/lib/mysql ]; then
|
||
|
rm -rf "/$LABEL/var/lib/mysql.orig"
|
||
|
mv "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
|
||
|
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
||
|
fi
|
||
|
systemctl start mariadb
|
||
|
fi
|
||
|
echo 'Enable database...'
|
||
|
systemctl enable mariadb
|
||
|
|
||
|
# Certificates
|
||
|
if [ ! -f "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" ]; then
|
||
|
echo 'Create certificates...'
|
||
|
mkdir -p "/$LABEL/CERTS/KEYS/"
|
||
|
mkdir -p "/$LABEL/CERTS/$HOST.$TLD"
|
||
|
echo "FQDN = $HOST.$TLD" > "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
|
||
|
echo "ORGNAME = $ORGNAME" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
|
||
|
echo "ALTNAMES = DNS:$HOST.$TLD , DNS:$TLD" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
|
||
|
echo -e "\n[ req ]\ndefault_bits = 4096\ndefault_md = sha256\nprompt = no\nencrypt_key = no\ndistinguished_name = dn\nreq_extensions = req_ext\ndefault_keyfile = ../KEYS/\$FQDN-key.pem\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
|
||
|
echo -e "\n[ dn ]\nC = DE\nO = \$ORGNAME\nCN = \$FQDN\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
|
||
|
echo -e "\n[ req_ext ]\nsubjectAltName = \$ALTNAMES" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
|
||
|
openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"
|
||
|
cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"
|
||
|
touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"
|
||
|
fi
|
||
|
|
||
|
# Zabbix
|
||
|
echo 'Start Zabbix...'
|
||
|
if [ ! -f "/$LABEL/etc/zabbix/zabbix_server.conf" ]; then
|
||
|
mkdir -p "/$LABEL/etc/zabbix"
|
||
|
chown zabbix:zabbix "/$LABEL/etc/zabbix"
|
||
|
cp /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf.orig"
|
||
|
mv /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf"
|
||
|
sed -i "s:# DBPassword=:DBPassword=${DATABASE_PASS}:" "/$LABEL/etc/zabbix/zabbix_server.conf"
|
||
|
ln -s "/$LABEL/etc/zabbix/zabbix_server.conf" "/etc/zabbix/zabbix_server.conf"
|
||
|
|
||
|
mkdir -p "/$LABEL/etc/zabbix"
|
||
|
chown zabbix:zabbix "/$LABEL/etc/zabbix"
|
||
|
cp /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf.orig"
|
||
|
mv /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf"
|
||
|
sed -i "s:\$DB\['PASSWORD'\].*:\$DB\['PASSWORD'\] = '${DATABASE_PASS}';:" /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
||
|
else
|
||
|
|
||
|
fi
|
||
|
systemctl start zabbix-server
|
||
|
systemctl enable zabbix-server
|
||
|
systemctl start zabbix-agentd
|
||
|
systemctl enable zabbix-agentd
|
||
|
|
||
|
rm /firstboot
|