From 1e593545e6f99715909ac2efba42a336c7622f82 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 6 Jun 2025 17:12:03 +0200 Subject: [PATCH] feat: initial commit --- .ansible-lint | 23 ++++++++++++++++++ .gitignore | 1 + .gitlab-ci.yml | 16 +++++++++++++ .gitlab/deployment.yaml | 32 +++++++++++++++++++++++++ .gitlab/linting.yaml | 30 +++++++++++++++++++++++ .yamllint | 30 +++++++++++++++++++++++ README.md | 12 ++++++++++ defaults/main.yaml | 4 ++++ meta/main.yaml | 8 +++++++ renovate.json | 7 ++++++ tasks/main.yaml | 23 ++++++++++++++++++ tasks/prerequisites.yaml | 52 ++++++++++++++++++++++++++++++++++++++++ vars/Debian.yaml | 15 ++++++++++++ vars/Suse.yaml | 7 ++++++ 14 files changed, 260 insertions(+) create mode 100644 .ansible-lint create mode 100644 .gitignore create mode 100644 .gitlab-ci.yml create mode 100644 .gitlab/deployment.yaml create mode 100644 .gitlab/linting.yaml create mode 100644 .yamllint create mode 100644 README.md create mode 100644 defaults/main.yaml create mode 100644 meta/main.yaml create mode 100644 renovate.json create mode 100644 tasks/main.yaml create mode 100644 tasks/prerequisites.yaml create mode 100644 vars/Debian.yaml create mode 100644 vars/Suse.yaml diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..9b9b52a --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,23 @@ +--- + +exclude_paths: + - ".gitlab/*" + - ".gitlab-ci.yml" + - "defaults/main.yaml" + - "meta/main.yaml" + - "vars/*" + +kinds: + - playbook: "**/*.{yml,yaml}" + +skip_list: + - "command-shell" + - "experimental" + - "git-latest" + - "no-changed-when" + - "no-handler" + - "name[casing]" + - "name[template]" + - "risky-file-permissions" + - "schema[playbook]" + - "var-naming[no-role-prefix]" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..904cae8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.ansible diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..5d82fc7 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,16 @@ +--- + +# gitLab ci stages +stages: + + # deployment + - "linting" + - "deployment" + + +# include jobs +include: + + # deployment + - local: ".gitlab/linting.yaml" + - local: ".gitlab/deployment.yaml" diff --git a/.gitlab/deployment.yaml b/.gitlab/deployment.yaml new file mode 100644 index 0000000..eab31d5 --- /dev/null +++ b/.gitlab/deployment.yaml @@ -0,0 +1,32 @@ +--- +# deploy ansible/roles/common code +deployment: + stage: "deployment" + image: + name: "cr.simoncor.net/siempie/ssh-client:v25.06.03" + entrypoint: ["/bin/sh", "-c"] + rules: + + # run only on push to default branch + - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + # prepare ssh + before_script: + + # prepare ssh + - | + # prepare ssh + mkdir -p ~/.ssh + chmod 700 ~/.ssh + echo "$SSH_CONFIG" > ~/.ssh/config + echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + # deployment commands + script: + + - | + # install ansible roles dependancies + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER \ + "sudo /usr/local/bin/ansible-galaxy install -r /etc/ansible/roles/requirements.yaml --force" diff --git a/.gitlab/linting.yaml b/.gitlab/linting.yaml new file mode 100644 index 0000000..5361ac6 --- /dev/null +++ b/.gitlab/linting.yaml @@ -0,0 +1,30 @@ +--- + +# linting +ansible-lint: + stage: "linting" + image: "docker.io/pipelinecomponents/ansible-lint:0.79.0" + rules: + + # run only on push to default branch + - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + # start linting + script: + - "ansible-lint -c .ansible-lint ." + +# yamllint +yamllint: + stage: "linting" + image: "registry.gitlab.com/pipeline-components/yamllint:0.35.0" + rules: + + # run only on push to default branch + - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + script: + + # run yamllint + - "yamllint ." diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..f11bd84 --- /dev/null +++ b/.yamllint @@ -0,0 +1,30 @@ +--- +extends: 'default' + +rules: + braces: + max-spaces-inside: 1 + forbid: true + comments: + min-spaces-from-content: 1 + comments-indentation: false + empty-lines: + max: 2 + indentation: + spaces: 2 + check-multi-line-strings: true + line-length: + max: 120 + allow-non-breakable-words: true + allow-non-breakable-inline-mappings: true + new-line-at-end-of-file: 'enable' + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true + truthy: + allowed-values: + - 'true' + - 'false' + quoted-strings: + quote-type: 'any' + required: true diff --git a/README.md b/README.md new file mode 100644 index 0000000..90bd872 --- /dev/null +++ b/README.md @@ -0,0 +1,12 @@ +# Overview + +This role installs the prerequisites for installing Zabbix software. + +## Supported Operating Systems + +| Operating System | Version | +| --- | ----- | +| Debian | 12 | +| SLES | 15 | +| Ubuntu | 22.04 LTS | +| Ubuntu | 24.04 LTS | diff --git a/defaults/main.yaml b/defaults/main.yaml new file mode 100644 index 0000000..19991aa --- /dev/null +++ b/defaults/main.yaml @@ -0,0 +1,4 @@ +--- + +# zabbix_version +zabbix_major_version: "7.2" diff --git a/meta/main.yaml b/meta/main.yaml new file mode 100644 index 0000000..bd365c7 --- /dev/null +++ b/meta/main.yaml @@ -0,0 +1,8 @@ +--- + +galaxy_info: + author: "siempie" + description: "install and configure the prerequisites for Zabbix software" + license: "MIT" + role_name: "zabbix_prereq" +dependencies: [] diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..da8f5e1 --- /dev/null +++ b/renovate.json @@ -0,0 +1,7 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ "local>cicd/renovate" ], + "ansible": { + "fileMatch": [ "(.*).ya?ml$" ] + } +} diff --git a/tasks/main.yaml b/tasks/main.yaml new file mode 100644 index 0000000..9a99baa --- /dev/null +++ b/tasks/main.yaml @@ -0,0 +1,23 @@ +--- + +# load variables and collect version information +- name: "include vars and collect versions" + block: + + # load os specific variables + - name: "include os specific vars" + ansible.builtin.include_vars: "{{ ansible_os_family }}.yaml" + + # collect zabbix-agent2 version information + - name: "collect version information" + ansible.builtin.shell: + cmd: "apt policy | grep 'zabbix/' | head -n 1" + changed_when: false + failed_when: false + ignore_errors: true + register: "zabbix_current_version" + + +# zabbix-agent prerequisites +- name: "zabbix-agent prerequisites" + ansible.builtin.import_tasks: "prerequisites.yaml" diff --git a/tasks/prerequisites.yaml b/tasks/prerequisites.yaml new file mode 100644 index 0000000..00f4cfa --- /dev/null +++ b/tasks/prerequisites.yaml @@ -0,0 +1,52 @@ +--- + +# install repository +- name: "install repository" + when: "zabbix_major_version not in zabbix_current_version.stdout" + block: + + # install repository - debian + - name: "install repository" + when: 'ansible_os_family == "Debian"' + block: + + - name: "remove old zabbix-release" + ansible.builtin.apt: + name: "zabbix-release" + state: "absent" + purge: true + + - name: "install zabbix-release" + ansible.builtin.apt: + deb: "{{ zabbix_repo_url[ansible_distribution][ansible_distribution_major_version | int] }}" + state: "present" + force: true + + - name: "refresh apt cache" + ansible.builtin.apt: + update_cache: true + + + # install repository - suse + - name: "install repository" + when: 'ansible_os_family == "Suse"' + block: + + - name: "remove old zabbix-release" + ansible.builtin.zypper: + name: "zabbix-release" + state: "absent" + + - name: "install zabbix-release" + ansible.builtin.zypper: + name: "{{ zabbix_repo_url[ansible_distribution_major_version | int] }}" + state: "present" + disable_recommends: false + nosignature: true + validate_certs: true + + - name: "import gpg key" + community.general.zypper_repository: + name: "Zabbix Official Repository" + auto_import_keys: true + runrefresh: true diff --git a/vars/Debian.yaml b/vars/Debian.yaml new file mode 100644 index 0000000..13c7e9d --- /dev/null +++ b/vars/Debian.yaml @@ -0,0 +1,15 @@ +--- + +# zabbix repository url +zabbix_repo_url: + Debian: + 12: + "https://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/release/debian/pool/main/z/zabbix-release/\ + zabbix-release_latest_{{ zabbix_major_version }}+debian12_all.deb" + Ubuntu: + 24: + "https://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/release/ubuntu/pool/main/z/zabbix-release/\ + zabbix-release_latest_{{ zabbix_major_version }}+ubuntu24.04_all.deb" + 22: + "https://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/release/ubuntu/pool/main/z/zabbix-release/\ + zabbix-release_latest_{{ zabbix_major_version }}+ubuntu22.04_all.deb" diff --git a/vars/Suse.yaml b/vars/Suse.yaml new file mode 100644 index 0000000..0381f54 --- /dev/null +++ b/vars/Suse.yaml @@ -0,0 +1,7 @@ +--- + +# zabbix repository url +zabbix_repo_url: + 15: + "https://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/release/sles/\ + 15/noarch/zabbix-release-latest-{{ zabbix_major_version }}.sles15.noarch.rpm"