diff --git a/README.md b/README.md index bc9f4d5..fd1a450 100644 --- a/README.md +++ b/README.md @@ -24,11 +24,14 @@ Are LDAP auth supported Only Debian - Stretch 64b supported actually. ## Limitations - +Do not change admin password. ## Additional information -* Other information you would add about this application +* Do not change the default admin user password. The user is disabled juste after the install but used to update templates. +* The Zabbix server port is not opened by default for external monitoring (active agent). +* Install or update apply a template yunohost on the host "Zabbix-server" (127.0.0.1) for basic monitoring for Yunohost. +* If you want more information about Yunohost in the template, please open an issue on git. **More information on the documentation page:** https://yunohost.org/packaging_apps @@ -41,4 +44,4 @@ got to https://framagit.org/Mickael-Martin/zabbix_ynh/blob/master/LICENSE ## Links * Report a bug: https://framagit.org/Mickael-Martin/zabbix_ynh/issues - * YunoHost website: https://yunohost.org/ \ No newline at end of file + * YunoHost website: https://yunohost.org/ diff --git a/manifest.json b/manifest.json index 56ceb13..04cd064 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "YunoHost port for Zabbix", "fr": "Zabbix pour Yunohost" }, - "version": "1.2.1", + "version": "2.0", "url": "https://framagit.org/Mickael-Martin/zabbix_ynh", "license": "free", "maintainer": { @@ -21,6 +21,7 @@ "services": [ "nginx", "mysql", + "php7.0-fpm", "snmpd" ], "arguments": { diff --git a/scripts/backup b/scripts/backup index 0f2ad47..300cbbb 100644 --- a/scripts/backup +++ b/scripts/backup @@ -46,6 +46,9 @@ ynh_backup "/etc/zabbix/zabbix_server.conf" ynh_backup "/etc/zabbix/zabbix_agentd.conf" ynh_backup "/etc/zabbix/zabbix_agentd.d" +#backup sudo file +ynh_backup "/etc/sudoers.d/zabbix" + #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= diff --git a/scripts/install b/scripts/install index 21525bc..f4cac42 100644 --- a/scripts/install +++ b/scripts/install @@ -74,6 +74,9 @@ ynh_app_setting_set $app language $language ### If you're not using these lines: ### - Remove the section "CLOSE A PORT" in the remove script +### Zabbix server is not opened by default for external usage. +### if you want use zabbix server with external agent (in active mode), setup the listen address in server configuration and open port on firewall via the cmd yunohost firewall + # Find a free port #port=$(ynh_find_port 8095) # Open this port @@ -96,7 +99,7 @@ dpkg -i zabbix-release_*.deb rm zabbix-release_*.deb echo "deb http://deb.debian.org/debian stretch non-free" >/etc/apt/sources.list.d/non-free.list ynh_package_update -ynh_install_app_dependencies libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap liblua5.2-0 php7.0 php-bcmath php7.0-bcmath ttf-dejavu-core php7.0-bcmath patch smistrip unzip wget fping libcap2-bin libiksemel3 libopenipmi0 libpam-cap libsnmp-base libsnmp30 snmptrapd snmpd snmp-mibs-downloader libjs-prototype zabbix-server-mysql zabbix-agent +ynh_install_app_dependencies libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap liblua5.2-0 php7.0 php-bcmath php7.0-bcmath ttf-dejavu-core php7.0-bcmath patch smistrip unzip wget fping libcap2-bin libiksemel3 libopenipmi0 libpam-cap libsnmp-base libsnmp30 snmptrapd snmpd snmp-mibs-downloader libjs-prototype zabbix-server-mysql zabbix-agent jq yunohost service add snmpd -d "Management of SNMP Daemon" DEBIAN_FRONTEND=noninteractive apt-get -y download zabbix-frontend-php ar x *.deb @@ -153,7 +156,7 @@ name=$(ynh_user_get_info $admin firstname) mysql -u$db_user -p$db_pwd $db_name -e "INSERT INTO \`users\` (\`userid\`,\`alias\`, \`name\`, \`surname\`, \`passwd\`, \`url\`, \`autologin\`, \`autologout\`, \`lang\`, \`refresh\`, \`type\`, \`theme\`, \`attempt_failed\`, \`attempt_ip\`, \`attempt_clock\`, \`rows_per_page\`) VALUES (3,'"$admin"', '"$admin"', '"$admin"', '5fce1b3e34b520afeffb37ce08c7cd66', '', 0, '0', '"$lang"', '30s', 3, 'default', 0, '', 0, 50);" mysql -u$db_user -p$db_pwd $db_name -e "INSERT INTO \`users_groups\` (\`id\`, \`usrgrpid\`, \`userid\`) VALUES (5, 7, 3);" -#users creation +#users creation in zabbix database i=4 for u in $(ynh_user_list); do @@ -165,11 +168,6 @@ do fi done -#disable default admin -lastid=$(mysql -u$db_user -p$db_pwd $db_name -BN -e "SELECT max(id) from \`users_groups\`") -lastid=$(($lastid + 1 )) -mysql -u$db_user -p$db_pwd $db_name -e "INSERT INTO \`users_groups\` (\`id\` , \`usrgrpid\`, \`userid\`) VALUES ($lastid ,9, 1);" - #disable default guest lastid=$(mysql -u$db_user -p$db_pwd $db_name -BN -e "SELECT max(id) from \`users_groups\`") lastid=$(($lastid + 1 )) @@ -202,6 +200,8 @@ ynh_add_nginx_config # Create a system user #ynh_system_user_create $app +# +### zabbix user created in zabbix server dpkg install #================================================= # PHP-FPM CONFIGURATION @@ -245,6 +245,8 @@ ynh_add_fpm_config # Create a dedicated systemd config #ynh_add_systemd_config +### Systemd service created when dpkg install + #================================================= # SETUP APPLICATION WITH CURL #================================================= @@ -310,6 +312,10 @@ sed -i "126a DBPassword=$db_pwd" /etc/zabbix/zabbix_server.conf systemctl enable zabbix-server && systemctl start zabbix-server +yunohost service add zabbix-server -d "Management of Zabbix Server - Monitoring server" +yunohost service add zabbix-agent -d "Management of Zabbix Agent" + + #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= @@ -376,7 +382,91 @@ then fi #================================================= -# RELOAD NGINX +# RELOAD NGINX AND PHP-FPM #================================================= systemctl reload nginx +systemctl reload php7.0-fpm + +# Reload SSOwat config +yunohost app ssowatconf + +#================================================= +# Import Yunohost template +#================================================= +zabbixFullpath=https://$domain$path_url +localpath=$(find /var/cache/yunohost/ -name "Template_Yunohost.xml") +sudoUserPpath=$(find /var/cache/yunohost/ -name "etc_sudoers.d_zabbix") +confUserPpath=$(find /var/cache/yunohost/ -name "etc_zabbix_zabbix_agentd.d_userP_yunohost.conf") +bashUserPpath=$(find /var/cache/yunohost/ -name "etc_zabbix_zabbix_agentd.d_yunohost.sh") + +cp $sudoUserPpath /etc/sudoers.d/zabbix +cp $confUserPpath /etc/zabbix/zabbix_agentd.d/userP_yunohost.conf +cp $bashUserPpath /etc/zabbix/zabbix_agentd.d/yunohost.sh +chmod a+x /etc/zabbix/zabbix_agentd.d/yunohost.sh + +systemctl restart zabbix-agent + +curl -k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt \ + --form enter=Sign+in \ + --form name=Admin \ + --form password=zabbix \ + "$zabbixFullpath/index.php" + +sid=$(curl -k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt \ + "$zabbixFullpath/conf.import.php?rules_preset=template" \ + | grep -Po 'name="sid" value="\K([a-z0-9]{16})(?=")' ) + +importState=$(curl -k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt \ + --form "config=1" \ + --form "import_file=@$localpath" \ + --form rules[groups][createMissing]=1 \ + --form rules[templates][updateExisting]=1 \ + --form rules[templates][createMissing]=1 \ + --form rules[templateScreens][updateExisting]=1 \ + --form rules[templateScreens][createMissing]=1 \ + --form rules[templateLinkage][createMissing]=1 \ + --form rules[applications][createMissing]=1 \ + --form rules[items][updateExisting]=1 \ + --form rules[items][createMissing]=1 \ + --form rules[discoveryRules][updateExisting]=1 \ + --form rules[discoveryRules][createMissing]=1 \ + --form rules[triggers][updateExisting]=1 \ + --form rules[triggers][createMissing]=1 \ + --form rules[graphs][updateExisting]=1 \ + --form rules[graphs][createMissing]=1 \ + --form rules[httptests][updateExisting]=1 \ + --form rules[httptests][createMissing]=1 \ + --form rules[valueMaps][createMissing]=1 \ + --form "import=Import" \ + --form "backurl=templates.php" \ + --form "form_refresh=1" \ + --form "sid=${sid}" \ \ + "${zabbixFullpath}/conf.import.php?rules_preset=template" \ + | grep -c "Imported successfully") + +if [ "$importState" -eq "1" ];then + ynh_print_info "Template Yunohost imported !" +else + ynh_print_warn "Template Yunohost not imported !" +fi + +#apply template to host +tokenapi=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{ "jsonrpc": "2.0","method": "user.login","params": {"user": "Admin","password": "zabbix"},"id": 1,"auth": null}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result') +zabbixHostID=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"host.get","params":{"filter":{"host":["Zabbix server"]}},"auth":"'$tokenapi'","id":1}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result[0].hostid') +zabbixTemplateID=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"template.get","params":{"filter":{"host":["Template Yunohost"]}},"auth":"'$tokenapi'","id":1}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result[0].templateid') +applyTemplate=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"host.massadd","params":{"hosts":[{"hostid":"'$zabbixHostID'"}],"templates":[{"templateid":"'$zabbixTemplateID'"}]},"auth":"'$tokenapi'","id":1}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result.hostids[]') +if [ "$applyTemplate" -eq "$zabbixHostID" ];then + ynh_print_info "Template Yunohost linked to Zabbix server !" +else + ynh_print_warn "Template Yunohost no linked to Zabbix server !" +fi + + +#================================================= +# disable default admin +#================================================= + +lastid=$(mysql -u$db_user -p$db_pwd $db_name -BN -e "SELECT max(id) from \`users_groups\`") +lastid=$(($lastid + 1 )) +mysql -u$db_user -p$db_pwd $db_name -e "INSERT INTO \`users_groups\` (\`id\` , \`usrgrpid\`, \`userid\`) VALUES ($lastid ,9, 1);" diff --git a/scripts/remove b/scripts/remove index e0b99b8..83a8bcd 100644 --- a/scripts/remove +++ b/scripts/remove @@ -37,11 +37,8 @@ yunohost service remove snmpd #================================================= # Remove a service from the admin panel, added by `yunohost service add` -if yunohost service status | grep -q $app -then - echo "Remove $app service" - yunohost service remove $app -fi +yunohost service remove zabbix-server +yunohost service remove zabbix-agent #================================================= # REMOVE PHP-FPM CONFIGURATION @@ -50,6 +47,8 @@ fi # Remove the dedicated php-fpm config ynh_remove_fpm_config +systemctl reload php7.0-fpm + #================================================= # REMOVE DEPENDENCIES #================================================= @@ -83,6 +82,12 @@ ynh_mysql_remove_db $db_user $db_name # Remove the dedicated nginx config ynh_remove_nginx_config +#================================================= +# RELOAD NGINX +#================================================= + +systemctl reload nginx + #================================================= # REMOVE LOGROTATE CONFIGURATION #================================================= @@ -115,6 +120,9 @@ ynh_secure_remove "/var/log/zabbix" # Remove the pid/socket files ynh_secure_remove "/run/zabbix" +# Remove the sudoers file +ynh_secure_remove "/etc/sudoers.d/zabbix" + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 5bfcb92..2bc111d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -75,6 +75,9 @@ rm $final_path/conf/zabbix.conf.php ynh_app_setting_set $app final_path $final_path +yunohost service add zabbix-server -d "Management of Zabbix Server - Monitoring server" +yunohost service add zabbix-agent -d "Management of Zabbix Agent" + #================================================= # NGINX CONFIGURATION #================================================= @@ -91,6 +94,8 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" +# Restore sudo file +ynh_restore_file "/etc/sudoers.d/zabbix" # Reload SSOwat config yunohost app ssowatconf diff --git a/scripts/upgrade b/scripts/upgrade index 7c1cce4..02173a4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -51,21 +51,113 @@ if [ -z $final_path ]; then ynh_app_setting_set $app final_path $final_path fi +#================================================= +# Enable default admin temporaly +#================================================= +haveDefaultAdminDisabled=$(mysql -BN -u$db_user -p$db_pwd $db_name -BN -e "SELECT count(id) from \`users_groups\` where userid=1 and usrgrpid=9") + +if [ "$haveDefaultAdminDisabled" -eq 1 ] ;then + ynh_print_info "Enable default admin" + #enable default admin temporaly + mysql -u$db_user -p$db_pwd $db_name -e "DELETE FROM users_groups where usrgrpid=9 and userid=1;" +else + ynh_print_info "default admin already enabled" +fi + +#================================================= +# Import Yunohost template +#================================================= +ynh_print_info "Import Yunohost template" +#disable sso temporaly +ynh_app_setting_set $app unprotected_uris "/" +systemctl reload nginx +yunohost app ssowatconf + +zabbixFullpath=https://$domain$path_url +localpath=$(find /var/cache/yunohost/ -name "Template_Yunohost.xml") +sudoUserPpath=$(find /var/cache/yunohost/ -name "etc_sudoers.d_zabbix") +confUserPpath=$(find /var/cache/yunohost/ -name "etc_zabbix_zabbix_agentd.d_userP_yunohost.conf") +bashUserPpath=$(find /var/cache/yunohost/ -name "etc_zabbix_zabbix_agentd.d_yunohost.sh") + +cp $sudoUserPpath /etc/sudoers.d/zabbix +cp $confUserPpath /etc/zabbix/zabbix_agentd.d/userP_yunohost.conf +cp $bashUserPpath /etc/zabbix/zabbix_agentd.d/yunohost.sh +chmod a+x /etc/zabbix/zabbix_agentd.d/yunohost.sh + +systemctl restart zabbix-agent + +curl -k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt \ + --form enter=Sign+in \ + --form name=Admin \ + --form password=zabbix \ + "$zabbixFullpath/index.php" + +sid=$(curl -k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt \ + "$zabbixFullpath/conf.import.php?rules_preset=template" \ + | grep -Po 'name="sid" value="\K([a-z0-9]{16})(?=")' ) + +importState=$(curl -k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt \ + --form "config=1" \ + --form "import_file=@$localpath" \ + --form rules[groups][createMissing]=1 \ + --form rules[templates][updateExisting]=1 \ + --form rules[templates][createMissing]=1 \ + --form rules[templateScreens][updateExisting]=1 \ + --form rules[templateScreens][createMissing]=1 \ + --form rules[templateLinkage][createMissing]=1 \ + --form rules[applications][createMissing]=1 \ + --form rules[items][updateExisting]=1 \ + --form rules[items][createMissing]=1 \ + --form rules[discoveryRules][updateExisting]=1 \ + --form rules[discoveryRules][createMissing]=1 \ + --form rules[triggers][updateExisting]=1 \ + --form rules[triggers][createMissing]=1 \ + --form rules[graphs][updateExisting]=1 \ + --form rules[graphs][createMissing]=1 \ + --form rules[httptests][updateExisting]=1 \ + --form rules[httptests][createMissing]=1 \ + --form rules[valueMaps][createMissing]=1 \ + --form "import=Import" \ + --form "backurl=templates.php" \ + --form "form_refresh=1" \ + --form "sid=${sid}" \ \ + "${zabbixFullpath}/conf.import.php?rules_preset=template" \ + | grep -c "Imported successfully") + +if [ "$importState" -eq "1" ];then + ynh_print_info "Template Yunohost imported !" +else + ynh_print_warn "Template Yunohost not imported !" +fi + +#apply template to host +tokenapi=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{ "jsonrpc": "2.0","method": "user.login","params": {"user": "Admin","password": "zabbix"},"id": 1,"auth": null}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result') +zabbixHostID=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"host.get","params":{"filter":{"host":["Zabbix server"]}},"auth":"'$tokenapi'","id":1}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result[0].hostid') +zabbixTemplateID=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"template.get","params":{"filter":{"host":["Template Yunohost"]}},"auth":"'$tokenapi'","id":1}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result[0].templateid') +applyTemplate=$(curl -k -s --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"host.massadd","params":{"hosts":[{"hostid":"'$zabbixHostID'"}],"templates":[{"templateid":"'$zabbixTemplateID'"}]},"auth":"'$tokenapi'","id":1}' ${zabbixFullpath}/api_jsonrpc.php | jq -r '.result.hostids[]') +if [ "$applyTemplate" -eq "$zabbixHostID" ];then + ynh_print_info "Template Yunohost linked to Zabbix server !" +else + ynh_print_warn "Template Yunohost no linked to Zabbix server !" +fi + + #================================================= # Disable default admin for security issue #================================================= haveDefaultAdminDisabled=$(mysql -BN -u$db_user -p$db_pwd $db_name -BN -e "SELECT count(id) from \`users_groups\` where userid=1 and usrgrpid=9") if [ "$haveDefaultAdminDisabled" -eq 0 ] ;then - echo "Disable default admin" + ynh_print_info "Disable default admin" #disable default admin lastid=$(mysql -u$db_user -p$db_pwd $db_name -BN -e "SELECT max(id) from \`users_groups\`") lastid=$(($lastid + 1 )) mysql -u$db_user -p$db_pwd $db_name -e "INSERT INTO \`users_groups\` (\`id\` , \`usrgrpid\`, \`userid\`) VALUES ($lastid ,9, 1);" else - echo "default admin already disabled" + ynh_print_info "default admin already disabled" fi + #================================================= # Disable default guest for security issue #================================================= @@ -91,7 +183,7 @@ path_url=$(ynh_normalize_url_path $path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= - +ynh_print_info "Check if new zabbix version is available on repo" ynh_package_update #REMOVE DUPLICATE LOG ENTRY IN LOGROTATE PATCH IF NEEDED @@ -144,11 +236,26 @@ then cp -pf /tmp/zabbix.conf.php /usr/share/zabbix/conf/ rm -fr /tmp/zabbix* - - systemctl reload nginx + else - ynh_print_info "Nothing to update ! (Already up to date)" + ynh_print_info "No update from repo ! (Already up to date)" fi else - ynh_print_info "Nothing to update ! (Trusted version)" + ynh_print_info "No update from repo ! (Trusted version)" fi + +#================================================= +# RE-ENABLE SSOWAT +#================================================= +ynh_print_info "re-enable SSOWAT" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set $app unprotected_uris "/" +else + ynh_app_setting_set $app unprotected_uris "" +fi + +systemctl reload nginx +yunohost app ssowatconf diff --git a/sources/extra_files/app/Template_Yunohost.xml b/sources/extra_files/app/Template_Yunohost.xml index f7121a0..ef98bcf 100644 --- a/sources/extra_files/app/Template_Yunohost.xml +++ b/sources/extra_files/app/Template_Yunohost.xml @@ -1,7 +1,7 @@ 4.0 - 2019-01-15T12:48:48Z + 2019-01-31T12:45:57Z Templates/Applications @@ -32,7 +32,6 @@ cat /etc/zabbix/zabbix_agentd.d/yunohost.sh #!/bin/bash yunobin=$(which yunohost) - if [ "$1" == "yunohost.users.discover" ];then users=$($yunobin user list --fields 'uid' | awk -F ': ' '/username: / {print $2}');echo -n "{\"data\":[";for user in $users;do echo -n "{\"{#USERNAME}\":\"$user\"},";done | sed 's/,$//' ;echo "]}" fi @@ -42,37 +41,45 @@ if [ "$1" == "yunohost.user.quota" ] ;then fi if [ "$1" == "yunohost.domains.discover" ] ;then - domains=$($yunobin domain list --plain);echo -n "{\"data\":[";for domain in $domains;do echo -n "{\"{#DOMAIN}\":\"$domain\"},";done | sed 's/,$//' ;echo "]}" + domains=$($yunobin domain list --output-as plain);echo -n "{\"data\":[";for domain in $domains;do echo -n "{\"{#DOMAIN}\":\"$domain\"},";done | sed 's/,$//' ;echo "]}" fi if [ "$1" == "yunohost.domain.cert" ] ;then - $yunobin domain cert-status "$2" --plain | awk '/#/{ next;} {printf "%s;",$0} END {print ""}' + $yunobin domain cert-status "$2" --output-as plain --full| awk '/#/{ next;} {printf "%s;",$0} END {print ""}' fi if [ "$1" == "yunohost.services.discover" ] ;then - services=$($yunobin service status | grep -Po '^([A-Za-z]+)(?=(:))');echo -n "{\"data\":[";for service in $services;do echo -n "{\"{#SERVICE}\":\"$service\"},";done | sed 's/,$//' ;echo "]}" + services=$($yunobin service status 2>/dev/null| grep -Po '^([A-Za-z]+)(?=(:))');echo -n "{\"data\":[";for service in $services;do echo -n "{\"{#SERVICE}\":\"$service\"},";done | sed 's/,$//' ;echo "]}" fi if [ "$1" == "yunohost.service.status" ] ;then - $yunobin service status "$2" --plain | awk '/#/{ next;} {printf "%s;",$0} END {print ""}' + service=$($yunobin service status "$2" --output-as json 2>/dev/null) + if [[ "$(echo $service | jq -r '.description')" == *"doesn't exists for systemd"* ]] ;then + echo "$service" | jq -c '.active = "disabled"' + else + echo "$service" + fi fi if [ "$1" == "yunohost.backups.number" ] ;then - $yunobin backup list --plain | wc -l + $yunobin backup list --output-as plain | wc -l fi if [ "$1" == "yunohost.backups.ageoflastbackup" ] ;then - timestamp=$(date +"%d/%m/%Y %H:%M" -d"$($yunobin backup list -i | tail -n 4 | head -n 1 | grep -Po 'created_at: \K(.*)')") - echo $(( ($(date +%s) - $(date -d"$timestamp" +%s))/(60*60*24) )) + if [ $($yunobin backup list --output-as plain | wc -l) -ne 0 ] ;then + timestamp=$(date +"%d/%m/%Y %H:%M" -d"$($yunobin backup list -i | tail -n 4 | head -n 1 | grep -Po 'created_at: \K(.*)')") + echo $(( ($(date +%s) - $(date -d"$timestamp" +%s))/(60*60*24) )) + else + echo "No backup detected" + fi fi - if [ "$1" == "yunohost.ports.tcp.discovery" ] ;then - ports=$($yunobin firewall list -r --plain | awk '/#ipv4/{flag=1;next}/#uPnP/{flag=0}flag' | awk '/##TCP/{flag=1;next}/##TCP/{flag=0}flag');echo -n "{\"data\":[";for port in $ports;do echo -n "{\"{#PORT}\":\"$port\"},";done | sed 's/,$//' ;echo "]}" + ports=$($yunobin firewall list -r --output-as plain | awk '/#ipv4/{flag=1;next}/#uPnP/{flag=0}flag' | awk '/##TCP/{flag=1;next}/##TCP/{flag=0}flag');echo -n "{\"data\":[";for port in $ports;do echo -n "{\"{#PORT}\":\"$port\"},";done | sed 's/,$//' ;echo "]}" fi if [ "$1" == "yunohost.ports.udp.discovery" ] ;then - ports=$($yunobin firewall list -r --plain | awk '/#ipv4/{flag=1;next}/#uPnP/{flag=0}flag' | awk '/##UDP/{flag=1;next}/##TCP/{flag=0}flag');echo -n "{\"data\":[";for port in $ports;do echo -n "{\"{#PORT}\":\"$port\"},";done | sed 's/,$//' ;echo "]}" + ports=$($yunobin firewall list -r --output-as plain | awk '/#ipv4/{flag=1;next}/#uPnP/{flag=0}flag' | awk '/##UDP/{flag=1;next}/##TCP/{flag=0}flag');echo -n "{\"data\":[";for port in $ports;do echo -n "{\"{#PORT}\":\"$port\"},";done | sed 's/,$//' ;echo "]}" fi if [ "$1" == "yunohost.migrations.lastinstalled" ] ;then @@ -962,10 +969,14 @@ fi + + 12 + $.active + 5 - (.*);(.*);(.*);(.*);(.*);(.*);(.*); -\6:inactive=0:active=1:unknown=2;disabled=3 + (.*) +\1:inactive=0:active=1:unknown=2;disabled=3 5 diff --git a/sources/extra_files/app/etc_sudoers.d_zabbix b/sources/extra_files/app/etc_sudoers.d_zabbix new file mode 100644 index 0000000..ce70ecb --- /dev/null +++ b/sources/extra_files/app/etc_sudoers.d_zabbix @@ -0,0 +1 @@ +zabbix ALL=(ALL) NOPASSWD: /etc/zabbix/zabbix_agentd.d/yunohost.sh diff --git a/sources/extra_files/app/etc_zabbix_zabbix_agentd.d_userP_yunohost.conf b/sources/extra_files/app/etc_zabbix_zabbix_agentd.d_userP_yunohost.conf new file mode 100644 index 0000000..3070897 --- /dev/null +++ b/sources/extra_files/app/etc_zabbix_zabbix_agentd.d_userP_yunohost.conf @@ -0,0 +1,12 @@ +UserParameter=yunohost.users.discover,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.users.discover +UserParameter=yunohost.user.quota[*],sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.user.quota "$1" +UserParameter=yunohost.domains.discover,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.domains.discover +UserParameter=yunohost.domain.cert[*],sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.domain.cert "$1" +UserParameter=yunohost.services.discover,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.services.discover +UserParameter=yunohost.service.status[*],sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.service.status "$1" +UserParameter=yunohost.backups.number,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.backups.number +UserParameter=yunohost.backups.ageoflastbackup,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.backups.ageoflastbackup +UserParameter=yunohost.ports.tcp.discover,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.ports.tcp.discovery +UserParameter=yunohost.ports.udp.discover,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.ports.udp.discovery +UserParameter=yunohost.migrations.lastinstalled,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.migrations.lastinstalled +UserParameter=yunohost.migrations.lastavailable,sudo /etc/zabbix/zabbix_agentd.d/yunohost.sh yunohost.migrations.lastavailable \ No newline at end of file diff --git a/sources/extra_files/app/etc_zabbix_zabbix_agentd.d_yunohost.sh b/sources/extra_files/app/etc_zabbix_zabbix_agentd.d_yunohost.sh new file mode 100644 index 0000000..c6859d3 --- /dev/null +++ b/sources/extra_files/app/etc_zabbix_zabbix_agentd.d_yunohost.sh @@ -0,0 +1,60 @@ +#!/bin/bash +yunobin=$(which yunohost) + +if [ "$1" == "yunohost.users.discover" ];then + users=$($yunobin user list --fields 'uid' | awk -F ': ' '/username: / {print $2}');echo -n "{\"data\":[";for user in $users;do echo -n "{\"{#USERNAME}\":\"$user\"},";done | sed 's/,$//' ;echo "]}" +fi + +if [ "$1" == "yunohost.user.quota" ] ;then + quota=$($yunobin user info "$2" | grep -Po "use:.*\(\K([0-9]{1,3})");if [ -z "$quota" ];then echo 0 ; else echo "$quota" ;fi +fi + +if [ "$1" == "yunohost.domains.discover" ] ;then + domains=$($yunobin domain list --output-as plain);echo -n "{\"data\":[";for domain in $domains;do echo -n "{\"{#DOMAIN}\":\"$domain\"},";done | sed 's/,$//' ;echo "]}" +fi + +if [ "$1" == "yunohost.domain.cert" ] ;then + $yunobin domain cert-status "$2" --output-as plain --full| awk '/#/{ next;} {printf "%s;",$0} END {print ""}' +fi + +if [ "$1" == "yunohost.services.discover" ] ;then + services=$($yunobin service status 2>/dev/null| grep -Po '^([A-Za-z]+)(?=(:))');echo -n "{\"data\":[";for service in $services;do echo -n "{\"{#SERVICE}\":\"$service\"},";done | sed 's/,$//' ;echo "]}" +fi + +if [ "$1" == "yunohost.service.status" ] ;then + service=$($yunobin service status "$2" --output-as json 2>/dev/null) + if [[ "$(echo $service | jq -r '.description')" == *"doesn't exists for systemd"* ]] ;then + echo "$service" | jq -c '.active = "disabled"' + else + echo "$service" + fi +fi + +if [ "$1" == "yunohost.backups.number" ] ;then + $yunobin backup list --output-as plain | wc -l +fi + +if [ "$1" == "yunohost.backups.ageoflastbackup" ] ;then + if [ $($yunobin backup list --output-as plain | wc -l) -ne 0 ] ;then + timestamp=$(date +"%d/%m/%Y %H:%M" -d"$($yunobin backup list -i | tail -n 4 | head -n 1 | grep -Po 'created_at: \K(.*)')") + echo $(( ($(date +%s) - $(date -d"$timestamp" +%s))/(60*60*24) )) + else + echo "No backup detected" + fi +fi + +if [ "$1" == "yunohost.ports.tcp.discovery" ] ;then + ports=$($yunobin firewall list -r --output-as plain | awk '/#ipv4/{flag=1;next}/#uPnP/{flag=0}flag' | awk '/##TCP/{flag=1;next}/##TCP/{flag=0}flag');echo -n "{\"data\":[";for port in $ports;do echo -n "{\"{#PORT}\":\"$port\"},";done | sed 's/,$//' ;echo "]}" +fi + +if [ "$1" == "yunohost.ports.udp.discovery" ] ;then + ports=$($yunobin firewall list -r --output-as plain | awk '/#ipv4/{flag=1;next}/#uPnP/{flag=0}flag' | awk '/##UDP/{flag=1;next}/##TCP/{flag=0}flag');echo -n "{\"data\":[";for port in $ports;do echo -n "{\"{#PORT}\":\"$port\"},";done | sed 's/,$//' ;echo "]}" +fi + +if [ "$1" == "yunohost.migrations.lastinstalled" ] ;then + $yunobin tools migrations state | grep -Po " number: \K(.*)" +fi + +if [ "$1" == "yunohost.migrations.lastavailable" ] ;then + $yunobin tools migrations list | tail -n 1 | grep -Po " number: \K(.*)" +fi \ No newline at end of file