Version: 1.1.8
This role installs and configures the Zabbix server on a Linux system.
| Platform | Versions |
|---|---|
| Debian |
|
| EL |
|
| Ubuntu |
|
| Role |
|---|
| trippsc2.zabbix.repo |
| Collection |
|---|
| ansible.posix |
| community.general |
| community.hashi_vault |
| community.zabbix |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| vault_url | The URL for accessing HashiCorp Vault. Alternatively, this can be configured through ansible.cfg or environment variables. |
str | no | ||
| vault_token | The token for accessing HashiCorp Vault. Alternatively, this (or any other authentication method) can be configured through ansible.cfg or environment variables. |
str | no | ||
| zabbix_host | The hostname or IP address of the Zabbix server for API requests. |
str | yes | ||
| zabbix_port | The port on which to connect to Zabbix server for API requests. |
int | yes | ||
| zabbix_ssl | Whether to use SSL for API requests. |
bool | no | False | |
| zabbix_validate_certs | Whether to validate SSL certificates for API requests. If not specified, the default behavior is to validate certificates. |
bool | no | ||
| zabbix_url_path | The URL path for the Zabbix API. If using Apache for web frontend, this should be set to If using NGINX for web frontend, this should be set to an empty string unless configured otherwise. |
str | no | ||
| zabbix_username | The username to use for API requests. |
str | yes | ||
| zabbix_password | The password to use for API requests. |
str | yes | ||
| zbxserver_major_version | The major version of Zabbix to install. This defaults to the latest supported version for the OS. |
str | yes |
|
|
| zbxserver_configure_selinux | Whether to manage SELinux settings for the Zabbix server. For EL systems, this defaults to true. For other systems, this defaults to false. |
bool | no | ||
| zbxserver_configure_firewall | Whether to manage the host firewall for use with Zabbix server. |
bool | no | True | |
| zbxserver_configure_logrotate | Whether to manage logrotate settings for the Zabbix server. |
bool | no | True | |
| zbxserver_configure_vault | Whether to configure the Zabbix server to use HashiCorp Vault for database credentials and storing user credentials. |
bool | no | True | |
| zbxserver_user | The Linux user as which the Zabbix server will run. If zbxserver_configure_vault is set to false, this user will be used to connect to a PostgreSQL database. This user will be created, if it does not already exist. |
str | no | zabbix | |
| zbxserver_group | The primary Linux group of the zbxserver_user user. This group will be created, if it does not already exist. |
str | no | zabbix | |
| zbxserver_additional_groups | A list of additional Linux groups to which the zbxserver_user user will belong. On Debian-based systems, this defaults to On EL systems, this will not be defined. |
list of 'str' | no | ||
| zbxserver_firewall_type | The type of host firewall to configure for use with Zabbix server. For Debian and EL systems, this defaults to For Ubuntu systems, this defaults to |
str | no |
|
|
| zbxserver_database_type | The database type of the Zabbix server. |
str | no |
|
postgresql |
| zbxserver_database_name | The name of the database of the Zabbix server. |
str | no | zabbix-server | |
| zbxserver_allow_root | Whether the Zabbix server daemon should run as the root user. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#allowroot |
bool | no | False | |
| zbxserver_allow_software_update_check | Whether the Zabbix server should check for software updates. |
bool | no | True | |
| zbxserver_enable_global_scripts | Whether to enable global scripts for the Zabbix server. |
bool | no | True | |
| zbxserver_listen_port | The port on which the Zabbix server will listen for agent connections. Valid values are between 1024 and 32767. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#listenport |
int | no | 10051 | |
| zbxserver_listen_ip | The IP addresses on which the Zabbix server will listen for incoming connections. If not specified, the server will listen on all available IP addresses. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#listenip |
list of 'str' | no | ||
| zbxserver_source_ip | The IP address to use as the source address for outgoing connections. If not specified, the OS TCP/IP stack will decide which address to use. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#sourceip |
list of 'str' | no | ||
| zbxserver_stats_allowed_ip | The IP addresses from which Zabbix server statistics can be retrieved. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#statsallowedip |
list of 'str' | no | ['127.0.0.1'] | |
| zbxserver_listen_backlog | The maximum length of the queue of pending connections. If not specified, the OS default will be used. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#listenbacklog |
int | no | ||
| zbxserver_service_manager_sync_frequency | The frequency at which the Zabbix server will synchronize with the service manager. Valid values are between 1 and 3600. |
int | no | 30 | |
| zbxserver_web_service_url | The URL of the Zabbix web service. If not specified, the server will not use the web service. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#webservicesurl |
str | no | ||
| zbxserver_web_driver_url | The URL of the Zabbix web driver. If not specified, the server will not use the web driver. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#webdriverurl |
str | no | ||
| zbxserver_tls_ca_file | The path to the CA certificate file used for validating the server certificate and any client certificate authentication attempts. If not specified, certificates will not be validated. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscacertfile |
path | no | ||
| zbxserver_tls_crl_file | The path to the certificate revocation list file. If not specified, certificate revocation lists will not be checked. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscrlfile |
path | no | ||
| zbxserver_tls_cert_file | The path to the server certificate file. If not specified, the server will not use TLS encryption. If specified, the zbxserver_tls_key_file option must also be specified. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscertfile |
path | no | ||
| zbxserver_tls_key_file | The path to the server private key file. If not specified, the server will not use TLS encryption. If specified, the zbxserver_tls_cert_file option must also be specified. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlskeyfile |
path | no | ||
| zbxserver_tls_cipher_cert_13 | The list of ciphers in OpenSSL format that the server will accept for TLS 1.3 connections with a certificate. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlsciphercert13 |
str | no | ||
| zbxserver_tls_cipher_cert | The list of ciphers in OpenSSL format that the server will accept for TLS connections with a certificate. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlsciphercert |
str | no | ||
| zbxserver_tls_cipher_psk_13 | The list of ciphers in OpenSSL format that the server will accept for TLS 1.3 connections with a pre-shared key. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscipherpsk13 |
str | no | ||
| zbxserver_tls_cipher_psk | The list of ciphers in OpenSSL format that the server will accept for TLS connections with a pre-shared key. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscipherpsk |
str | no | ||
| zbxserver_tls_cipher_all_13 | The list of ciphers in OpenSSL format that the server will accept for all TLS 1.3 connections. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscipherall13 |
str | no | ||
| zbxserver_tls_cipher_all | The list of ciphers in OpenSSL format that the server will accept for all TLS connections. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tlscipherall |
str | no | ||
| zbxserver_ha_node_name | The name of the Zabbix server node in a high-availability cluster. This name must be unique within the cluster. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#hanodename |
str | no | ||
| zbxserver_node_address | The URL segment of the Zabbix server node in a high-availability cluster. This should be in a format that can be used to construct a URL (e.g. :).Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#nodeaddress |
str | no | ||
| zbxserver_log_type | The type of logging to use for the Zabbix server. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#logtype |
str | no |
|
file |
| zbxserver_log_file | The path to the log file for the Zabbix server. This option is only used if zbxserver_log_type is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#logfile |
path | no | /var/log/zabbix/zabbix_server.log | |
| zbxserver_log_file_size | The maximum size of the log file in megabytes. Valid values are between 0 and 1024. If set to 0, the log file will not be rotated. This option is only used if zbxserver_log_type is set to If zbxserver_manage_logrotate is set to If zbxserver_manage_logrotate is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#logfilesize |
int | no | ||
| zbxserver_pid_file | The path to the PID file for the Zabbix server. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#pidfile |
path | no | /run/zabbix/zabbix_server.pid | |
| zbxserver_socket_dir | The directory in which the Zabbix server will create its socket file. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#socketdir |
path | no | /run/zabbix | |
| zbxserver_database_host | The host to which the Zabbix server will connect to the database. If the database is PostgreSQL, setting this to an empty string will cause the server to connect via a Unix socket on the local system. If the database is MySQL, setting this to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbhost |
str | no | localhost | |
| zbxserver_database_socket | The path to the MySQL Unix socket file for accessing the database. This is only used if zbxserver_database_type is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbsocket |
path | no | ||
| zbxserver_database_schema | The schema to use for the Zabbix server database. This is only used if zbxproxy_database_type is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbschema |
str | no | ||
| zbxserver_database_port | The port on which the Zabbix server will connect to the database. Valid values are between 1024 and 65535. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbport |
int | no | 5432 | |
| zbxserver_database_password | The password for the Zabbix server to connect to the database. If zbxserver_configure_vault is set to If zbxserver_configure_vault is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbpassword |
str | no | ||
| zbxserver_allow_unsupported_db_versions | Whether to allow the Zabbix server to connect to unsupported versions of the database. This may be needed for newer versions of TimescaleDB. |
bool | no | True | |
| zbxserver_vault_database_mount_point | The HashiCorp Vault KV2 mount point where the Zabbix server database secret is stored. If zbxserver_configure_vault is set to |
str | no | ||
| zbxserver_vault_database_path | The path within the HashiCorp Vault KV2 mount point where the Zabbix server database secret is stored. The secret at this path must have the keys If zbxserver_configure_vault is set to |
str | no | ||
| zbxserver_db_tls_connect | Defines the TLS behavior for connecting to the database. If set to If set to If set to If set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbtlsconnect |
str | no |
|
unencrypted |
| zbxserver_db_tls_ca_file | The path to the CA certificate file used for validating the database server certificate. If zbxserver_db_tls_connect is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbtlscacertfile |
path | no | ||
| zbxserver_db_tls_cert_file | The path to the client certificate file used for authenticating the Zabbix server to the database server. If client certificate authentication is not being used, this option should not be set. If zbxserver_db_tls_key_file is set, this option must also be set. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbtlscertfile |
path | no | ||
| zbxserver_db_tls_key_file | The path to the client private key file used for authenticating the Zabbix server to the database server. If client certificate authentication is not being used, this option should not be set. If zbxserver_db_tls_cert_file is set, this option must also be set. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbtlskeyfile |
path | no | ||
| zbxserver_db_tls_cipher | The list of ciphers in OpenSSL format that the server will accept for TLS connections to the database. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbtlscipher |
str | no | ||
| zbxserver_db_tls_cipher_13 | The list of ciphers in OpenSSL format that the server will accept for TLS 1.3 connections to the database. If not specified, the server will use the system-wide default ciphers. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#dbtlscipher13 |
str | no | ||
| zbxserver_vault_token | The token used to authenticate to HashiCorp Vault. If zbxserver_configure_vault is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#vaulttoken |
str | no | ||
| zbxserver_vault_url | The URL of the HashiCorp Vault server. If zbxserver_configure_vault is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#vaulturl |
str | no | ||
| zbxserver_history_storage | Whether to enable history storage in ElasticSearch/OpenSearch. |
bool | no | False | |
| zbxserver_history_storage_url | The URL of the ElasticSearch/OpenSearch server. If zbxserver_history_storage is set to |
str | no | ||
| zbxserver_history_storage_types | The index in ElasticSearch/OpenSearch where the Zabbix server will store history data. If zbxserver_history_storage is set to |
list of 'str' | no |
|
['uint', 'dbl', 'str', 'log', 'text'] |
| zbxserver_history_storage_date_index | Whether to create a separate index for each day's history data. If zbxserver_history_storage is set to |
bool | no | False | |
| zbxserver_export | Whether to enable export of historical data. |
bool | no | False | |
| zbxserver_export_dir | The directory in which the Zabbix server will store exported historical data. If zbxserver_export is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#exportdir |
path | no | ||
| zbxserver_export_file_size | The maximum size of the exported data files. If zbxserver_export is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#exportfilesize |
bytes | no | 1G | |
| zbxserver_export_type | The types of data to export. If zbxserver_export is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#exporttype |
list of 'str' | no |
|
['events', 'history', 'trends'] |
| zbxserver_start_pollers | The number of poller processes to start. Valid values are between 0 and 1000. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#startpollers |
int | no | 5 | |
| zbxserver_start_agent_pollers | The number of agent poller processes to start. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_start_browser_pollers | The number of browser poller processes to start. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_start_http_agent_pollers | The number of HTTP agent poller processes to start. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_start_snmp_pollers | The number of asynchronous SNMP poller processes to start. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_start_ipmi_pollers | The number of IPMI poller processes to start. Valid values are between 0 and 1000. |
int | no | 0 | |
| zbxserver_start_pollers_unreachable | The number of poller processes to start for unreachable hosts. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_start_preprocessors | The number of preprocessor processes to start. Valid values are between 0 and 1000. |
int | no | 16 | |
| zbxserver_start_history_pollers | The number of history poller processes to start. Valid values are between 0 and 1000. |
int | no | 5 | |
| zbxserver_start_trappers | The number of trapper processes to start. Valid values are between 0 and 1000. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#starttrappers |
int | no | 5 | |
| zbxserver_start_pingers | The number of pinger processes to start. Valid values are between 0 and 1000. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#startpingers |
int | no | 1 | |
| zbxserver_start_discoverers | The number of discoverer processes to start. Valid values are between 0 and 1000. |
int | no | 5 | |
| zbxserver_start_http_pollers | The number of HTTP poller processes to start. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_start_connecctors | The number of connector processes to start. Valid values are between 0 and 1000. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#startconnectors |
int | no | 0 | |
| zbxserver_start_timers | The number of timer processes to start. Valid values are between 1 and 1000. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#starttimers |
int | no | 1 | |
| zbxserver_start_escalators | The number of escalator processes to start. Valid values are between 1 and 100. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#startescalators |
int | no | 1 | |
| zbxserver_start_alerters | The number of alerter processes to start. Valid values are between 1 and 100. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#startalerters |
int | no | 3 | |
| zbxserver_start_java_pollers | The number of Java poller processes to start. Valid values are between 0 and 1000. If zbxserver_use_java_gateway is set to |
int | no | 0 | |
| zbxserver_start_vmware_collectors | The number of VMware collector processes to start. Valid values are between 0 and 250. |
int | no | 0 | |
| zbxserver_start_snmp_trapper | The number of SNMP trapper processes to start. Valid values are between 0 and 1. |
int | no | 0 | |
| zbxserver_start_db_syncers | The number of database syncer processes to start. Valid values are between 1 and 100. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#startdbsyncers |
int | no | 4 | |
| zbxserver_start_proxy_pollers | The number of proxy poller processes to start. Valid values are between 0 and 250. |
int | no | 1 | |
| zbxserver_start_lld_processors | The number of low-level discovery (LLD) processor processes to start. Valid values are between 0 and 100. |
int | no | 2 | |
| zbxserver_start_report_writers | The number of report writer processes to start. Valid values are between 0 and 100. |
int | no | 0 | |
| zbxserver_start_odbc_pollers | The number of ODBC poller processes to start. Valid values are between 0 and 1000. |
int | no | 1 | |
| zbxserver_cache_size | The size of the cache in memory. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#cachesize |
bytes | no | 32M | |
| zbxserver_history_cache_size | The size of the history cache in memory. |
bytes | no | 8M | |
| zbxserver_history_index_cache_size | The size of the history index cache in memory. |
bytes | no | 4M | |
| zbxserver_trend_cache_size | The size of the trend cache in memory. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#trendcachesize |
bytes | no | 4M | |
| zbxserver_trend_function_cache_size | The size of the trend function cache in memory. |
bytes | no | 4M | |
| zbxserver_value_cache_size | The size of the value cache in memory. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#valuecachesize |
bytes | no | 8M | |
| zbxserver_vmware_cache_size | The size of the VMware cache in memory. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#vmwarecachesize |
bytes | no | 8M | |
| zbxserver_max_concurrent_checks_per_poller | The maximum number of checks that can be processed concurrently by a poller process. Valid values are between 1 and 1000. |
int | no | 1000 | |
| zbxserver_use_java_gateway | Whether to use the Java Gateway for monitoring. |
bool | no | False | |
| zbxserver_java_gateway | The IP address or hostname of the Java Gateway. If zbxserver_use_java_gateway is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#javagateway |
str | no | ||
| zbxserver_java_gateway_port | The port on which the Java Gateway will listen for incoming connections. Valid values are between 1024 and 32767. If zbxserver_use_java_gateway is set to Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#javagatewayport |
int | no | 10052 | |
| zbxserver_vmware_frequency | The frequency in seconds at which the Zabbix server will poll VMware data. Valid values are between 10 and 86400. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#vmwarefrequency |
int | no | 60 | |
| zbxserver_vmware_perf_frequency | The frequency in seconds at which the Zabbix server will poll VMware performance data. Valid values are between 10 and 86400. |
int | no | 60 | |
| zbxserver_vmware_timeout | The timeout in seconds for VMware data collection. Valid values are between 1 and 300. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#vmwaretimeout |
int | no | 10 | |
| zbxserver_snmp_trapper_file | The path to the file where SNMP traps will be stored. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#snmptrapperfile |
path | no | /tmp/zabbix_traps.tmp | |
| zbxserver_housekeeping_frequency | The frequency in hours at which the Zabbix server will perform housekeeping tasks. Valid values are between 0 and 24. |
int | no | 1 | |
| zbxserver_max_housekeeper_delete | The maximum number of records to delete during housekeeping. Valid values are between 0 and 1000000. |
int | no | 5000 | |
| zbxserver_problem_housekeeping_frequency | The frequency in seconds at which the Zabbix server will perform problem housekeeping tasks. Valid values are between 1 and 3600. |
int | no | 60 | |
| zbxserver_cache_update_frequency | The frequency in seconds at which the Zabbix server will update the cache. Valid values are between 1 and 3600. |
int | no | 10 | |
| zbxserver_timeout | The timeout in seconds for processing requests. Valid values are between 1 and 30. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#timeout |
int | no | 3 | |
| zbxserver_trapper_timeout | The timeout in seconds for processing trapper requests. Valid values are between 1 and 300. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#trappertimeout |
int | no | 300 | |
| zbxserver_unreachable_period | The period with no response in seconds after which a host is considered unavailable. Valid values are between 1 and 3600. |
int | no | 45 | |
| zbxserver_unreachable_delay | The period in seconds between checks for hosts that did not respond previously but are not yet considered unavailable. Valid values are between 1 and 3600. |
int | no | 15 | |
| zbxserver_unavailable_delay | The period in seconds between checks for hosts that are considered unavailable. Valid values are between 1 and 3600. |
int | no | 60 | |
| zbxserver_alert_scripts_path | The path to the directory where alert scripts are stored. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#alertscripts |
path | no | /usr/lib/zabbix/alertscripts | |
| zbxserver_external_scripts | The path to the directory where external scripts are stored. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#externalscripts |
path | no | /usr/lib/zabbix/externalscripts | |
| zbxserver_fping_location | The path to the fping binary. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#fpinglocation |
path | no | /usr/sbin/fping | |
| zbxserver_fping6_location | The path to the fping6 binary. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#fping6location |
path | no | /usr/sbin/fping6 | |
| zbxserver_ssh_key_location | The path to the SSH key used for SSH checks. If not specified, the default SSH key will be used. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#sshkeylocation |
path | no | ||
| zbxserver_tmp_dir | The directory in which the Zabbix server will store temporary files. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#tmpdir |
path | no | /tmp | |
| zbxserver_proxy_config_frequency | The frequency in seconds at which the Zabbix server will synchronize with the proxy configuration. Valid values are between 1 and 604800. |
int | no | 10 | |
| zbxserver_proxy_data_frequency | The frequency in seconds at which the Zabbix server will synchronize with the proxy data. Valid values are between 1 and 3600. |
int | no | 1 | |
| zbxserver_sms_devices | A list of SMS modem devices to use for sending notifications. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#smsdevices |
list of 'str' | no | ||
| zbxserver_include_files | A list of paths to additional configuration files to include in the Zabbix server configuration. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#include |
list of 'path' | no | ||
| zbxserver_include_directories | A list of directories containing additional configuration files to include in the Zabbix server configuration. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#include |
list of 'path' | no | ||
| zbxserver_ssl_cert_location | The path to the SSL certificate files to use in web monitoring. If not specified, the server will not use SSL client certificates for web monitoring. If specified, the zbxserver_ssl_key_location option must also be specified. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#sslcertlocation |
path | no | ||
| zbxserver_ssl_key_location | The path to the SSL key files to use in web monitoring. If not specified, the server will not use SSL client certificates for web monitoring. If specified, the zbxserver_ssl_cert_location option must also be specified. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#sslkeylocation |
path | no | ||
| zbxserver_load_module_path | The path to the directory containing loadable modules. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#loadmodulepath |
path | no | ||
| zbxserver_load_modules | A list of loadable modules to load. Reference: https://www.zabbix.com/documentation/current/en/manual/appendix/config/zabbix_server#loadmodule |
list of 'str' | no | ||
| zbxserver_vault_users_mount_point | The HashiCorp Vault KV2 mount point where the Zabbix server user secrets are stored. |
str | no | ||
| zbxserver_vault_users_base_path | The base path within the HashiCorp Vault KV2 mount point where the Zabbix server user secrets are stored. The value should not include a trailing slash. |
str | no | ||
| zbxserver_user_groups | A list of user groups to create in the Zabbix server. |
list of dicts of 'zbxserver_user_groups' options | no | [] | |
| zbxserver_vault_managed_users | A list of users whose credentials are stored in HashiCorp Vault. Each user should be specified as a string. |
list of dicts of 'zbxserver_vault_managed_users' options | no | [{'username': 'ansible', 'role_name': 'Super admin role'}] | |
| zbxserver_unmanaged_users | A list of users that are not managed in HashiCorp Vault. |
list of dicts of 'zbxserver_unmanaged_users' options | no | [] | |
| zbxserver_ldap_directories | A list of LDAP directories to configure for the Zabbix server. |
list of dicts of 'zbxserver_ldap_directories' options | no | [] | |
| zbxserver_saml_directories | A list of SAML directories to configure for the Zabbix server. |
list of dicts of 'zbxserver_saml_directories' options | no | [] | |
| zbxserver_default_auth_type | The default authentication type to use for users. |
str | no |
|
internal |
| zbxserver_disabled_users_group | The name of the user group to which disabled users should be moved. |
str | no | Disabled | |
| zbxserver_min_password_length | The minimum length of a user's password. |
int | no | 8 | |
| zbxserver_password_complexity | The complexity level of a user's password. |
list of 'str' | no |
|
['avoid_easy_to_guess'] |
| zbxserver_jit_provisioning_interval | The interval in seconds at which just-in-time provisioning should be performed. |
str | no | 1h | |
| zbxserver_ldap_enabled | Whether LDAP authentication is enabled. If zbxserver_ldap_directories is specified, this will default to |
bool | no | ||
| zbxserver_ldap_jit_status | Whether just-in-time provisioning is enabled for LDAP users. |
bool | no | False | |
| zbxserver_active_ldap_directory | The name of the LDAP directory to use for authentication. If zbxserver_ldap_enabled is set to |
str | no | ||
| zbxserver_saml_enabled | Whether SAML authentication is enabled. If zbxserver_saml_directories is specified, this will default to |
bool | no | ||
| zbxserver_saml_jit_status | Whether just-in-time provisioning is enabled for SAML users. |
bool | no | False | |
| zbxserver_logrotate_period | The period at which logrotate should rotate the Zabbix server's log file. |
str | no |
|
daily |
| zbxserver_logrotate_retention | The number of rotated log files to retain. |
int | no | 14 | |
| zbxserver_logrotate_mode | The permissions to set on the rotated log files. |
str | no | 0640 | |
| zbxserver_templates | A list of templates to import into the Zabbix server from a path on the controller node. |
list of 'path' | no | [] |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| name | The name of the user group. |
str | yes | ||
| gui_access | Whether the user has GUI access and the authentication method to use. |
str | no |
|
|
| host_group_rights | A list of host group rights for the user group. |
list of dicts of 'host_group_rights' options | no | ||
| template_group_rights | A list of template group rights for the user group. |
list of dicts of 'template_group_rights' options | no |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| host_group | The name of the host group. |
str | yes | ||
| permission | The permission level for the host group. |
str | yes |
|
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| template_group | The name of the host group. |
str | yes | ||
| permission | The permission level for the host group. |
str | yes |
|
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| username | The username of the user. |
str | yes | ||
| password | The password of the user. If not specified, the password will be generated before storing in HashiCorp Vault. |
str | no | ||
| name | The display name of the user. If not specified, the username will be used. |
str | no | ||
| surname | The surname of the user. |
str | no | ||
| groups | A list of groups to which the user belongs. |
list of 'str' | no | ||
| role_name | The name of the role to assign to the user. |
str | yes | ||
| lang | The language to use for the user. |
str | no |
|
|
| refresh | The period in seconds at which the user's credentials should be refreshed. |
int | no | ||
| theme | The theme to use for the user. |
str | no |
|
default |
| timezone | The timezone to use for the user. |
str | no | ||
| user_medias | A list of media entries for the user. |
list of dicts of 'user_medias' options | no |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| active | Whether the media entry is active. |
bool | no | True | |
| mediatype | The type of media. |
str | yes | ||
| period | The period in seconds at which the media should be checked. |
int | no | ||
| sendto | The address to which the media should be sent. |
raw | yes | ||
| severity | The severity levels at which the media should be sent. |
dict of 'severity' options | no |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| not_classified | Whether to send notifications for not classified events. |
bool | no | True | |
| information | Whether to send notifications for information events. |
bool | no | True | |
| warning | Whether to send notifications for information events. |
bool | no | True | |
| average | Whether to send notifications for average events. |
bool | no | True | |
| high | Whether to send notifications for high events. |
bool | no | True | |
| disaster | Whether to send notifications for disaster events. |
bool | no | True |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| username | The username of the user. |
str | yes | ||
| password | The password of the user. |
str | yes | ||
| name | The display name of the user. If not specified, the username will be used. |
str | no | ||
| surname | The surname of the user. |
str | no | ||
| groups | A list of groups to which the user belongs. |
list of 'str' | no | ||
| role_name | The name of the role to assign to the user. |
str | yes | ||
| lang | The language to use for the user. |
str | no |
|
|
| refresh | The period in seconds at which the user's credentials should be refreshed. |
int | no | ||
| theme | The theme to use for the user. |
str | no |
|
default |
| timezone | The timezone to use for the user. |
str | no | ||
| user_medias | A list of media entries for the user. |
list of dicts of 'user_medias' options | no |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| active | Whether the media entry is active. |
bool | no | True | |
| media_type | The type of media. |
str | yes | ||
| period | The period in seconds at which the media should be checked. |
int | no | ||
| sendto | The address to which the media should be sent. |
raw | yes | ||
| severity | The severity levels at which the media should be sent. |
dict of 'severity' options | no |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| not_classified | Whether to send notifications for not classified events. |
bool | no | True | |
| information | Whether to send notifications for information events. |
bool | no | True | |
| warning | Whether to send notifications for information events. |
bool | no | True | |
| average | Whether to send notifications for average events. |
bool | no | True | |
| high | Whether to send notifications for high events. |
bool | no | True | |
| disaster | Whether to send notifications for disaster events. |
bool | no | True |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| name | The name of the LDAP directory within Zabbix server. |
str | yes | ||
| host | The hostname or IP address of the LDAP server. |
str | yes | ||
| encryption | The type of encryption to use for the LDAP connection. |
str | no |
|
unencrypted |
| port | The port on which the LDAP server is listening. If using LDAPS, the default is 636. Otherwise, the default is 389. |
int | no | ||
| description | A description of the LDAP directory. |
str | no | ||
| base_dn | The base distinguished name for querying the LDAP directory. |
str | yes | ||
| filter | The filter to use when authenticating users. |
str | no | ||
| bind_dn | The distinguished name to use for binding to the LDAP server. If anonymous binding is allowed and desired, this should not be set. |
str | no | ||
| bind_password | The password to use for binding to the LDAP server. If anonymous binding is allowed and desired, this should not be set. |
str | no | ||
| username_attribute | The attribute to use for the username. |
str | no | sAMAccountName | |
| name_attribute | The attribute to use for the user's first name. |
str | no | displayName | |
| last_name_attribute | The attribute to use for the user's last name. |
str | no | sn | |
| email_attribute | The attribute to use for the user's email address. |
str | no | ||
| user_group_attribute | The attribute to use for the user's group membership. |
str | no | memberOf | |
| group_mappings | A list of group mappings for the LDAP directory. |
list of dicts of 'group_mappings' options | no | [] |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| name | The name of the group in the LDAP directory. Use '*' to match users that don't match any other group. |
str | yes | ||
| role | The name of the role to assign to users that match this group. |
str | yes | ||
| user_groups | A list of Zabbix user groups to assign to users that match this group. |
list of 'str' | no |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| name | The name of the LDAP directory within Zabbix server. |
str | yes | ||
| sp_entity_id | The entity ID of the Zabbix server. |
str | yes | ||
| idp_entity_id | The entity ID of the identity provider. |
str | yes | ||
| sso_url | The URL to use for single sign-on. |
str | yes | ||
| slo_url | The URL to use for single logout. |
str | no | ||
| encrypt_assertions | Whether to encrypt SAML assertions. |
bool | no | False | |
| encrypt_nameid | Whether to encrypt the NameID. |
bool | no | False | |
| sign_assertions | Whether to sign SAML assertions. |
bool | no | False | |
| sign_authn_requests | Whether to sign SAML AuthN responses. |
bool | no | False | |
| sign_logout_requests | Whether to sign SAML logout requests. |
bool | no | False | |
| sign_logout_responses | Whether to sign SAML logout responses. |
bool | no | False | |
| sign_messages | Whether to sign SAML messages. |
bool | no | False | |
| username_attribute | The attribute to use for the username. |
str | no | NameID | |
| name_format | The format to use for the NameID. |
str | no | urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified | |
| name_attribute | The attribute to use for the user's first name. |
str | no | DisplayName | |
| last_name_attribute | The attribute to use for the user's last name. |
str | no | LastName | |
| email_attribute | The attribute to use for the user's email address. |
str | no | ||
| user_group_attribute | The attribute to use for the user's group membership. |
str | no | Groups | |
| group_mappings | A list of group mappings for the SAML directory. |
list of dicts of 'group_mappings' options | no | [] |
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| name | The name of the group in the SAML directory. Use '*' to match users that don't match any other group. |
str | yes | ||
| role | The name of the role to assign to users that match this group. |
str | yes | ||
| user_groups | A list of Zabbix user groups to assign to users that match this group. |
list of 'str' | no |
MIT
Jim Tarpley