zabbix: add sendxmpp, better firstboot
This commit is contained in:
parent
fe12d020be
commit
cc7abedd23
|
@ -1,13 +1,14 @@
|
||||||
02firstboot = $(CHROOT)/etc/local.d/02firstboot.start
|
02firstboot = $(CHROOT)/usr/local/bin/02firstboot.start
|
||||||
cert-renew.sh = $(CHROOT)/etc/ssl/cert-renew.sh
|
cert-renew.sh = $(CHROOT)/etc/ssl/cert-renew.sh
|
||||||
zabbix-userparameter = $(CHROOT)/var/lib/zabbix/userparameter_mysql.conf
|
zabbix-userparameter = $(CHROOT)/var/lib/zabbix/userparameter_mysql.conf
|
||||||
|
|
||||||
systemd-units: appliance/MySQL-Backup.sh appliance/backup.service appliance/backup.timer appliance/cert-renew.service appliance/cert-renew.timer
|
systemd-units: appliance/MySQL-Backup.sh appliance/backup.service appliance/backup.timer appliance/cert-renew.service appliance/cert-renew.timer
|
||||||
|
mkdir -p $(CHROOT)/usr/local/bin
|
||||||
cp appliance/MySQL-Backup.sh $(CHROOT)/usr/local/bin/
|
cp appliance/MySQL-Backup.sh $(CHROOT)/usr/local/bin/
|
||||||
cp appliance/backup.service appliance/backup.timer appliance/cert-renew.service appliance/cert-renew.timer $(CHROOT)/etc/systemd/system/
|
cp appliance/backup.service appliance/backup.timer appliance/cert-renew.service appliance/cert-renew.timer $(CHROOT)/etc/systemd/system/
|
||||||
|
|
||||||
$(02firstboot): appliance/02firstboot.start
|
$(02firstboot): appliance/02firstboot.start
|
||||||
mkdir -p $(CHROOT)/etc/local.d
|
mkdir -p $(CHROOT)/usr/local/bin
|
||||||
cp $< $@
|
cp $< $@
|
||||||
touch $(CHROOT)/02firstboot
|
touch $(CHROOT)/02firstboot
|
||||||
|
|
||||||
|
|
|
@ -13,59 +13,98 @@ set -e
|
||||||
[ -e /01firstboot ] && exit 0
|
[ -e /01firstboot ] && exit 0
|
||||||
[ -e /02firstboot ] || exit 0
|
[ -e /02firstboot ] || exit 0
|
||||||
|
|
||||||
|
# Select type
|
||||||
|
if [ -f "/$LABEL/etc/zabbix/zabbix_server.conf" ]; then
|
||||||
|
zabbixtype="server"
|
||||||
|
elif [ -f "/$LABEL/etc/zabbix/zabbix_proxy.conf" ]; then
|
||||||
|
zabbixtype="proxy"
|
||||||
|
else
|
||||||
|
echo
|
||||||
|
echo "Should the new appliance be configured as a server or a proxy?"
|
||||||
|
while read -n1 -r -p "choose [s]erver|[p]roxy: "; do
|
||||||
|
case $REPLY in
|
||||||
|
s|S) zabbixtype="server"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
p|P) zabbixtype="proxy"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
*) echo " (Invalid option, choose again...)"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
# Zabbix configuration
|
# Zabbix configuration
|
||||||
if [ ! -d "/$LABEL/etc/zabbix" ]; then
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
|
if [ ! -L /etc/zabbix/zabbix_server.conf ]; then
|
||||||
|
if [ ! -f "/$LABEL/etc/zabbix/zabbix_server.conf" ]; then
|
||||||
echo 'Create Zabbix Server config...'
|
echo 'Create Zabbix Server config...'
|
||||||
mkdir -p /$LABEL/etc/zabbix
|
mkdir -p /$LABEL/etc/zabbix
|
||||||
chown zabbix:zabbix /$LABEL/etc/zabbix
|
cp /etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf
|
||||||
cp /etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf.orig
|
mv /etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf.orig
|
||||||
mv /etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf
|
chown -R zabbix:zabbix /$LABEL/etc/zabbix
|
||||||
ln -s /$LABEL/etc/zabbix/zabbix_server.conf /etc/zabbix/zabbix_server.conf
|
ln -s /$LABEL/etc/zabbix/zabbix_server.conf /etc/zabbix/zabbix_server.conf
|
||||||
sed -i "s:# DBPassword=:DBPassword=${DATABASE_PASS}:" /$LABEL/etc/zabbix/zabbix_server.conf
|
else
|
||||||
|
echo 'Linking Zabbix Server config...'
|
||||||
|
cp /$LABEL/etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf.alt
|
||||||
|
rm -f /$LABEL/etc/zabbix/zabbix_server.conf.orig
|
||||||
|
mv /etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf.orig
|
||||||
|
chown -R zabbix:zabbix /$LABEL/etc/zabbix
|
||||||
|
ln -s /$LABEL/etc/zabbix/zabbix_server.conf /etc/zabbix/zabbix_server.conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
if [ ! -L /etc/zabbix/zabbix_proxy.conf ]; then
|
||||||
|
if [ ! -f "/$LABEL/etc/zabbix/zabbix_proxy.conf" ]; then
|
||||||
|
echo 'Create Zabbix Proxy config...'
|
||||||
|
mkdir -p /$LABEL/etc/zabbix
|
||||||
|
chown zabbix:zabbix /$LABEL/etc/zabbix
|
||||||
|
cp /etc/zabbix/zabbix_proxy.conf /$LABEL/etc/zabbix/zabbix_proxy.conf
|
||||||
|
mv /etc/zabbix/zabbix_proxy.conf /$LABEL/etc/zabbix/zabbix_proxy.conf.orig
|
||||||
|
sed -i "s:^DBName=.*:DBName=zabbix:" /$LABEL/etc/zabbix/zabbix_proxy.conf
|
||||||
|
chown -R zabbix:zabbix /$LABEL/etc/zabbix
|
||||||
|
ln -s /$LABEL/etc/zabbix/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf
|
||||||
|
else
|
||||||
|
echo 'Linking Zabbix Proxy config...'
|
||||||
|
cp /$LABEL/etc/zabbix/zabbix_proxy.conf /$LABEL/etc/zabbix/zabbix_proxy.conf.alt
|
||||||
|
rm -f /$LABEL/etc/zabbix/zabbix_proxy.conf.orig
|
||||||
|
mv /etc/zabbix/zabbix_proxy.conf /$LABEL/etc/zabbix/zabbix_proxy.conf.orig
|
||||||
|
chown -R zabbix:zabbix /$LABEL/etc/zabbix
|
||||||
|
ln -s /$LABEL/etc/zabbix/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
|
if [ ! -L /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php ]; then
|
||||||
|
if [ ! -f "/$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php" ]; then
|
||||||
echo 'Create Zabbix Frontend config...'
|
echo 'Create Zabbix Frontend config...'
|
||||||
mkdir -p /$LABEL/var/www/localhost/htdocs/zabbix/conf
|
mkdir -p /$LABEL/var/www/localhost/htdocs/zabbix/conf
|
||||||
cp /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php.orig
|
cp /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
||||||
mv /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
mv /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php.orig
|
||||||
ln -s /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
ln -s /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
||||||
sed -i "s:\$DB\['PASSWORD'\].*:\$DB\['PASSWORD'\] = '${DATABASE_PASS}';:" /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
|
||||||
else
|
|
||||||
if [ ! -L /etc/zabbix/zabbix_server.conf ]; then
|
|
||||||
rm -rf /$LABEL/etc/zabbix/zabbix_server.conf.orig
|
|
||||||
mv /etc/zabbix/zabbix_server.conf /$LABEL/etc/zabbix/zabbix_server.conf.orig
|
|
||||||
else
|
else
|
||||||
rm -rf /etc/zabbix/zabbix_server.conf
|
echo 'Linking Zabbix Frontend config...'
|
||||||
|
cp /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php.alt
|
||||||
|
rm -f /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php.orig
|
||||||
|
mv /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php.orig
|
||||||
|
ln -s /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php /var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
||||||
fi
|
fi
|
||||||
ln -s /$LABEL/etc/zabbix/zabbix_server.conf /etc/zabbix/zabbix_server.conf
|
|
||||||
|
|
||||||
if [ ! -L /var/www/localhost/htdocs/zabbix/conf ]; then
|
|
||||||
rm -rf /$LABEL/var/www/localhost/htdocs/zabbix/conf.orig
|
|
||||||
mv /var/www/localhost/htdocs/zabbix/conf /$LABEL/var/www/localhost/htdocs/zabbix/conf.orig
|
|
||||||
else
|
|
||||||
rm -rf /var/www/localhost/htdocs/zabbix/conf
|
|
||||||
fi
|
fi
|
||||||
ln -s /$LABEL/var/www/localhost/htdocs/zabbix/conf /var/www/localhost/htdocs/zabbix/conf
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Database
|
# Database
|
||||||
systemctl stop mariadb
|
if [ ! -L /var/lib/mysql ]; then
|
||||||
if [ ! -d "/$LABEL/var/lib/mysql/zabbix" ]; then
|
systemctl stop mariadb
|
||||||
|
if [ ! -d "/$LABEL/var/lib/mysql/zabbix" ]; then
|
||||||
echo 'Initialize MariaDB...'
|
echo 'Initialize MariaDB...'
|
||||||
mkdir -p "/$LABEL/var/lib"
|
mkdir -p "/$LABEL/var/lib"
|
||||||
rm -rf "/$LABEL/var/lib/mysql"
|
rm -rf "/$LABEL/var/lib/mysql"
|
||||||
if [ ! -L /var/lib/mysql ]; then
|
cp -a "/var/lib/mysql" "/$LABEL/var/lib/mysql"
|
||||||
rm -rf "/$LABEL/var/lib/mysql.orig"
|
mv "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
|
||||||
cp -a "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
|
|
||||||
mv "/var/lib/mysql" "/$LABEL/var/lib/mysql"
|
|
||||||
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
||||||
elif [ -d "/$LABEL/var/lib/mysql.orig" ]; then
|
|
||||||
cp -a "/$LABEL/var/lib/mysql.orig" "/$LABEL/var/lib/mysql"
|
|
||||||
rm -rf "/var/lib/mysql"
|
|
||||||
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
|
||||||
else
|
|
||||||
echo '### ERROR initialize database !!! ###'
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
systemctl start mariadb
|
systemctl start mariadb
|
||||||
sleep 5
|
sleep 5
|
||||||
|
|
||||||
|
@ -77,21 +116,36 @@ if [ ! -d "/$LABEL/var/lib/mysql/zabbix" ]; then
|
||||||
|
|
||||||
echo 'Import Zabbix MySQL data'
|
echo 'Import Zabbix MySQL data'
|
||||||
mysql -u root zabbix < /usr/share/zabbix/database/mysql/schema.sql
|
mysql -u root zabbix < /usr/share/zabbix/database/mysql/schema.sql
|
||||||
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
mysql -u root zabbix < /usr/share/zabbix/database/mysql/images.sql
|
mysql -u root zabbix < /usr/share/zabbix/database/mysql/images.sql
|
||||||
mysql -u root zabbix < /usr/share/zabbix/database/mysql/data.sql
|
mysql -u root zabbix < /usr/share/zabbix/database/mysql/data.sql
|
||||||
else
|
fi
|
||||||
|
else
|
||||||
echo 'Start MariaDB...'
|
echo 'Start MariaDB...'
|
||||||
if [ ! -L /var/lib/mysql ]; then
|
|
||||||
rm -rf "/$LABEL/var/lib/mysql.orig"
|
rm -rf "/$LABEL/var/lib/mysql.orig"
|
||||||
mv "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
|
mv "/var/lib/mysql" "/$LABEL/var/lib/mysql.orig"
|
||||||
else
|
|
||||||
rm -f "/var/lib/mysql"
|
|
||||||
fi
|
|
||||||
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
||||||
systemctl start mariadb
|
systemctl start mariadb
|
||||||
|
sleep 5
|
||||||
|
mysql -u root -e "GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED by '$DATABASE_PASS';"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo 'Set new database password...'
|
||||||
|
systemctl restart mariadb
|
||||||
|
sleep 5
|
||||||
|
mysql -u root -e "GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED by '$DATABASE_PASS';"
|
||||||
|
fi
|
||||||
|
# update config with new database password
|
||||||
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
|
sed -i "s:.*DBPassword=.*:DBPassword=${DATABASE_PASS}:" /$LABEL/etc/zabbix/zabbix_server.conf
|
||||||
|
sed -i "s:\$DB\['PASSWORD'\].*:\$DB\['PASSWORD'\] = '${DATABASE_PASS}';:" /$LABEL/var/www/localhost/htdocs/zabbix/conf/zabbix.conf.php
|
||||||
|
else
|
||||||
|
sed -i "s:.*DBPassword=.*:DBPassword=${DATABASE_PASS}:" /$LABEL/etc/zabbix/zabbix_proxy.conf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -x "/$LABEL/etc/ssl/cert-renew.sh" ]; then
|
# Certificate
|
||||||
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
|
if [ -x "/$LABEL/etc/ssl/cert-renew.sh" ]; then
|
||||||
# angepaßtes Zertifikat vorhanden (kein example)
|
# angepaßtes Zertifikat vorhanden (kein example)
|
||||||
if [ ! -L /etc/ssl/cert-renew.sh ]; then
|
if [ ! -L /etc/ssl/cert-renew.sh ]; then
|
||||||
rm -f "/$LABEL/etc/ssl/cert-renew.sh.orig"
|
rm -f "/$LABEL/etc/ssl/cert-renew.sh.orig"
|
||||||
|
@ -100,7 +154,7 @@ if [ -x "/$LABEL/etc/ssl/cert-renew.sh" ]; then
|
||||||
rm -f "/etc/ssl/cert-renew.sh"
|
rm -f "/etc/ssl/cert-renew.sh"
|
||||||
fi
|
fi
|
||||||
ln -s "/$LABEL/etc/ssl/cert-renew.sh" "/etc/ssl/cert-renew.sh"
|
ln -s "/$LABEL/etc/ssl/cert-renew.sh" "/etc/ssl/cert-renew.sh"
|
||||||
else
|
else
|
||||||
echo 'Create example certificate...'
|
echo 'Create example certificate...'
|
||||||
mkdir -p "/$LABEL/CERTS/KEYS/"
|
mkdir -p "/$LABEL/CERTS/KEYS/"
|
||||||
mkdir -p "/$LABEL/CERTS/$HOST.$TLD"
|
mkdir -p "/$LABEL/CERTS/$HOST.$TLD"
|
||||||
|
@ -113,22 +167,30 @@ else
|
||||||
openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"
|
openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"
|
||||||
cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"
|
cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"
|
||||||
touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"
|
touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -rf /etc/ssl/apache2
|
||||||
|
mkdir -p /etc/ssl
|
||||||
|
ln -sf "/$LABEL/etc/ssl/apache2" "/etc/ssl/apache2"
|
||||||
|
|
||||||
|
/etc/ssl/cert-renew.sh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
rm -rf /etc/ssl/apache2
|
|
||||||
mkdir -p /etc/ssl
|
|
||||||
ln -sf "/$LABEL/etc/ssl/apache2" "/etc/ssl/apache2"
|
|
||||||
|
|
||||||
/etc/ssl/cert-renew.sh
|
|
||||||
|
|
||||||
systemctl enable mariadb
|
systemctl enable mariadb
|
||||||
systemctl enable zabbix-server
|
|
||||||
systemctl enable zabbix-agentd
|
systemctl enable zabbix-agentd
|
||||||
systemctl enable apache2
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
|
systemctl enable zabbix-server
|
||||||
|
systemctl enable apache2
|
||||||
|
else
|
||||||
|
systemctl enable zabbix-proxy
|
||||||
|
fi
|
||||||
|
|
||||||
systemctl restart zabbix-server
|
|
||||||
systemctl restart zabbix-agentd
|
systemctl restart zabbix-agentd
|
||||||
systemctl restart apache2
|
if [ "$zabbixtype" == "server" ]; then
|
||||||
|
systemctl restart zabbix-server
|
||||||
|
systemctl restart apache2
|
||||||
|
else
|
||||||
|
systemctl restart zabbix-proxy
|
||||||
|
fi
|
||||||
|
|
||||||
rm /02firstboot
|
rm /02firstboot
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@ net-analyzer/net-snmp
|
||||||
net-analyzer/nmap
|
net-analyzer/nmap
|
||||||
net-analyzer/snmptt
|
net-analyzer/snmptt
|
||||||
net-dns/bind-tools
|
net-dns/bind-tools
|
||||||
|
net-im/sendxmpp
|
||||||
net-misc/netkit-telnetd
|
net-misc/netkit-telnetd
|
||||||
sys-apps/ipmitool
|
sys-apps/ipmitool
|
||||||
sys-libs/openipmi
|
sys-libs/openipmi
|
||||||
|
|
Loading…
Reference in New Issue