114 lines
4.4 KiB
Bash
114 lines
4.4 KiB
Bash
#!/bin/bash
|
|
|
|
## Windows
|
|
# Command to run for PSK ID and PSK with powershell
|
|
# PSK ID: (1..16 | %{ '{0:x}' -f (Get-Random -Max 16) }) -join ''
|
|
# PSK: (1..64 | %{ '{0:x}' -f (Get-Random -Max 16) }) -join ''
|
|
|
|
|
|
# installs the zabbix agent and configures it
|
|
|
|
# make sure we are running as sudo
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "Please run as root"
|
|
exit
|
|
fi
|
|
|
|
# get OS ditro and version
|
|
OS=$(lsb_release -si)
|
|
OS_VER=$(lsb_release -sr)
|
|
|
|
# zabbix server
|
|
ZABBIX_SERVER="gauntzabbix.home.johnhgaunt.com"
|
|
|
|
if [ ${OS} == 'Debian' ]; then
|
|
# Install the repository configuration package. This package contains apt (software package manager) configuration files.
|
|
if [[ ${OS_VER} =~ ^9.* ]]; then
|
|
wget -P /tmp/ https://repo.zabbix.com/zabbix/4.0/debian/pool/main/z/zabbix-release/zabbix-release_4.0-3+stretch_all.deb
|
|
dpkg -i /tmp/zabbix-release_4.0-3+stretch_all.deb
|
|
elif [[ ${OS_VER} =~ ^10.* ]]; then
|
|
wget -P /tmp/ https://repo.zabbix.com/zabbix/4.0/debian/pool/main/z/zabbix-release/zabbix-release_4.0-3+buster_all.deb
|
|
dpkg -i /tmp/zabbix-release_4.0-3+buster_all.deb
|
|
fi
|
|
# update the cache
|
|
apt update
|
|
# install the agent
|
|
apt install -y zabbix-agent
|
|
|
|
elif [ ${OS} == 'Ubuntu' ]; then
|
|
# Install the repository configuration package. This package contains apt (software package manager) configuration files.
|
|
if [[ ${OS_VER} == 16.04 ]]; then
|
|
wget -P /tmp/ https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-3+xenial_all.deb
|
|
dpkg -i /tmp/zabbix-release_4.0-3+xenial_all.deb
|
|
elif [[ ${OS_VER} == 18.04 ]]; then
|
|
wget -P /tmp/ https://repo.zabbix.com/zabbix/4.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_4.0-3+bionic_all.deb
|
|
dpkg -i /tmp/zabbix-release_4.0-3+bionic_all.deb
|
|
fi
|
|
# update the cache
|
|
apt update
|
|
# install the agent
|
|
apt install -y zabbix-agent
|
|
|
|
elif [ ${OS} == 'CentOS' ]; then
|
|
# Install the repository configuration package. This package contains yum (software package manager) configuration files.
|
|
if [[ ${OS_VER} =~ ^7.* ]]; then
|
|
rpm -Uvh https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-2.el7.noarch.rpm
|
|
fi
|
|
# install the zabbix agent
|
|
yum install -y zabbix-agent
|
|
cat << EOF >> /etc/firewalld/services/zabbix-agent.xml
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
<service>
|
|
<short>zabbix agent</short>
|
|
<description>zabbix agent</description>
|
|
<port protocol="tcp" port="10050"/>
|
|
<port protocol="udp" port="10050"/>
|
|
</service>
|
|
EOF
|
|
sleep 5
|
|
firewall-cmd --add-service=zabbix-agent --permanent
|
|
firewall-cmd --reload
|
|
|
|
else
|
|
echo "You are running an unsupported OS"
|
|
echo "Support OSes: Debian 9/10, Ubunut 16.04/18.04, CentOS 7"
|
|
echo "Your OS: ${OS} ${OS_VER}"
|
|
exit
|
|
fi
|
|
|
|
|
|
|
|
# ask for the hostname
|
|
read -e -p "Enter Hostname: " -i "$(cat /etc/hostname)" hostname
|
|
|
|
# configure the hostname
|
|
sed --in-place 's/^Hostname=Zabbix\ server/Hostname='${hostname}'/' /etc/zabbix/zabbix_agentd.conf
|
|
# configure the zabbix server
|
|
sed --in-place 's/^Server=127.0.0.1/Server='${ZABBIX_SERVER}'/' /etc/zabbix/zabbix_agentd.conf
|
|
# configure the zabbix server
|
|
sed --in-place 's/^ServerActive=127.0.0.1/ServerActive='${ZABBIX_SERVER}'/' /etc/zabbix/zabbix_agentd.conf
|
|
# configure the encryption, cheeck before running this as it adds lines to keep comments
|
|
if [ $(grep -c TLSAccept=psk /etc/zabbix/zabbix_agentd.conf) -eq 0 ]; then
|
|
sed --in-place $'s/^# TLSAccept=unencrypted/# TLSAccept=unencrypted\\\nTLSAccept=psk/' /etc/zabbix/zabbix_agentd.conf
|
|
sed --in-place $'s/^# TLSConnect=unencrypted/# TLSConnect=unencrypted\\\nTLSConnect=psk/' /etc/zabbix/zabbix_agentd.conf
|
|
# generate random PSK ID
|
|
PSKID=$(openssl rand -hex 8)
|
|
sed --in-place $'s/^# TLSPSKIdentity=/# TLSPSKIdentity=\\\nTLSPSKIdentity='${PSKID}'/' /etc/zabbix/zabbix_agentd.conf
|
|
# generate psk
|
|
TLSPSK=$(openssl rand -hex 32 | tee /etc/zabbix/zabbix_agentd.psk)
|
|
sed --in-place $'s/^# TLSPSKFile=/# TLSPSKFile=\\\nTLSPSKFile=\/etc\/zabbix\/zabbix_agentd.psk/' /etc/zabbix/zabbix_agentd.conf
|
|
|
|
echo "############################################################"
|
|
echo "## Encryption Details ##"
|
|
echo "## Please enter the PSK ID and PSK into the Zabbix Server ##"
|
|
echo "############################################################"
|
|
echo "PSK Identity = ${PSKID}"
|
|
echo "PSK = ${TLSPSK}"
|
|
|
|
fi
|
|
|
|
systemctl restart zabbix-agent
|
|
|
|
systemctl enable zabbix-agent
|
|
|