appliances/zabbix/appliance/02firstboot.start

#!/bin/bash

# variables
LABEL="DATA"
DATABASE_PASS="Di1sgMySQLPwd."
TLD="example.com"
HOST="zabbix"
ORGNAME="Zabbix example"

# start
set -e

[ -e /01firstboot ] && exit 0
[ -e /02firstboot ] || exit 0

# Database
systemctl stop mariadb
if [ ! -d "/$LABEL/var/lib/mysql/zabbix" ]; then
    echo 'Initialize MariaDB...'
    mkdir -p "/$LABEL/var/lib"
    rm -rf "/$LABEL/var/lib/mysql"
    rm -rf "/$LABEL/var/lib/mysql.orig"
    cp -a "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
    mv "/var/lib/mysql" "/$LABEL/var/lib/mysql"
    ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
    systemctl start mariadb
    sleep 5

    echo 'Create Zabbix database...'
    mysql -u root -e "CREATE USER 'zabbix'@'localhost' IDENTIFIED BY '$DATABASE_PASS'"
    mysql -u root -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
    mysql -u root -e "GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED by '$DATABASE_PASS';"
    mysql -u root -e "FLUSH PRIVILEGES;"

    echo 'Import Zabbix MySQL data'
    mysql -u root zabbix < /usr/share/zabbix/database/mysql/schema.sql
    mysql -u root zabbix < /usr/share/zabbix/database/mysql/images.sql
    mysql -u root zabbix < /usr/share/zabbix/database/mysql/data.sql
else
    echo 'Start MariaDB...'
    if [ ! -L /var/lib/mysql ]; then
        rm -rf "/$LABEL/var/lib/mysql.orig"
        mv "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
        ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
    fi
    systemctl start mariadb
fi
echo 'Enable database...'
systemctl enable mariadb

# Certificates
if [ ! -f "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" ]; then
	echo 'Create certificates...'
	mkdir -p "/$LABEL/CERTS/KEYS/"
	mkdir -p "/$LABEL/CERTS/$HOST.$TLD"
	echo "FQDN = $HOST.$TLD" > "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
	echo "ORGNAME = $ORGNAME" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
	echo "ALTNAMES = DNS:$HOST.$TLD , DNS:$TLD" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
	echo -e "\n[ req ]\ndefault_bits = 4096\ndefault_md = sha256\nprompt = no\nencrypt_key = no\ndistinguished_name = dn\nreq_extensions = req_ext\ndefault_keyfile = ../KEYS/\$FQDN-key.pem\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
	echo -e "\n[ dn ]\nC = DE\nO = \$ORGNAME\nCN = \$FQDN\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
	echo -e "\n[ req_ext ]\nsubjectAltName = \$ALTNAMES" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
	openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"
	cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"
	touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"
fi

# Zabbix
echo 'Start Zabbix...'
if [ ! -f "/$LABEL/etc/zabbix/zabbix_server.conf" ]; then
    mkdir -p "/$LABEL/etc/zabbix"
    chown zabbix:zabbix "/$LABEL/etc/zabbix"
    cp /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf.orig"
    mv /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf"
    sed -i "s:# DBPassword=:DBPassword=${DATABASE_PASS}:" "/$LABEL/etc/zabbix/zabbix_server.conf"
    ln -s "/$LABEL/etc/zabbix/zabbix_server.conf" "/etc/zabbix/zabbix_server.conf"

    mkdir -p "/$LABEL/etc/zabbix"
    chown zabbix:zabbix "/$LABEL/etc/zabbix"
    cp /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf.orig"
    mv /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf"
    sed -i "s:\$DB\['PASSWORD'\].*:\$DB\['PASSWORD'\] = '${DATABASE_PASS}';:" /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
else

fi
systemctl start zabbix-server
systemctl enable zabbix-server
systemctl start zabbix-agentd
systemctl enable zabbix-agentd

rm /firstboot
zabbix: new appliance 2021-04-02 18:20:07 +02:00			`#!/bin/bash`

			`# variables`
			`LABEL="DATA"`
			`DATABASE_PASS="Di1sgMySQLPwd."`
			`TLD="example.com"`
			`HOST="zabbix"`
			`ORGNAME="Zabbix example"`

			`# start`
			`set -e`

			`[ -e /01firstboot ] && exit 0`
			`[ -e /02firstboot ] \|\| exit 0`

			`# Database`
			`systemctl stop mariadb`
			`if [ ! -d "/$LABEL/var/lib/mysql/zabbix" ]; then`
			`echo 'Initialize MariaDB...'`
			`mkdir -p "/$LABEL/var/lib"`
			`rm -rf "/$LABEL/var/lib/mysql"`
			`rm -rf "/$LABEL/var/lib/mysql.orig"`
			`cp -a "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"`
			`mv "/var/lib/mysql" "/$LABEL/var/lib/mysql"`
			`ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"`
			`systemctl start mariadb`
			`sleep 5`

			`echo 'Create Zabbix database...'`
			`mysql -u root -e "CREATE USER 'zabbix'@'localhost' IDENTIFIED BY '$DATABASE_PASS'"`
			`mysql -u root -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"`
			`mysql -u root -e "GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED by '$DATABASE_PASS';"`
			`mysql -u root -e "FLUSH PRIVILEGES;"`

			`echo 'Import Zabbix MySQL data'`
			`mysql -u root zabbix < /usr/share/zabbix/database/mysql/schema.sql`
			`mysql -u root zabbix < /usr/share/zabbix/database/mysql/images.sql`
			`mysql -u root zabbix < /usr/share/zabbix/database/mysql/data.sql`
			`else`
			`echo 'Start MariaDB...'`
			`if [ ! -L /var/lib/mysql ]; then`
			`rm -rf "/$LABEL/var/lib/mysql.orig"`
			`mv "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"`
			`ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"`
			`fi`
			`systemctl start mariadb`
			`fi`
			`echo 'Enable database...'`
			`systemctl enable mariadb`

			`# Certificates`
			`if [ ! -f "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" ]; then`
			`echo 'Create certificates...'`
			`mkdir -p "/$LABEL/CERTS/KEYS/"`
			`mkdir -p "/$LABEL/CERTS/$HOST.$TLD"`
			`echo "FQDN = $HOST.$TLD" > "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"`
			`echo "ORGNAME = $ORGNAME" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"`
			`echo "ALTNAMES = DNS:$HOST.$TLD , DNS:$TLD" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"`
			`echo -e "\n[ req ]\ndefault_bits = 4096\ndefault_md = sha256\nprompt = no\nencrypt_key = no\ndistinguished_name = dn\nreq_extensions = req_ext\ndefault_keyfile = ../KEYS/\$FQDN-key.pem\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"`
			`echo -e "\n[ dn ]\nC = DE\nO = \$ORGNAME\nCN = \$FQDN\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"`
			`echo -e "\n[ req_ext ]\nsubjectAltName = \$ALTNAMES" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"`
			`openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"`
			`cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"`
			`touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"`
			`fi`

			`# Zabbix`
			`echo 'Start Zabbix...'`
			`if [ ! -f "/$LABEL/etc/zabbix/zabbix_server.conf" ]; then`
			`mkdir -p "/$LABEL/etc/zabbix"`
			`chown zabbix:zabbix "/$LABEL/etc/zabbix"`
			`cp /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf.orig"`
			`mv /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf"`
			`sed -i "s:# DBPassword=:DBPassword=${DATABASE_PASS}:" "/$LABEL/etc/zabbix/zabbix_server.conf"`
			`ln -s "/$LABEL/etc/zabbix/zabbix_server.conf" "/etc/zabbix/zabbix_server.conf"`

			`mkdir -p "/$LABEL/etc/zabbix"`
			`chown zabbix:zabbix "/$LABEL/etc/zabbix"`
			`cp /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf.orig"`
			`mv /etc/zabbix/zabbix_server.conf "/$LABEL/etc/zabbix/zabbix_server.conf"`
			`sed -i "s:\$DB\['PASSWORD'\].*:\$DB\['PASSWORD'\] = '${DATABASE_PASS}';:" /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php`
			`else`

			`fi`
			`systemctl start zabbix-server`
			`systemctl enable zabbix-server`
			`systemctl start zabbix-agentd`
			`systemctl enable zabbix-agentd`

			`rm /firstboot`