Skip to content

Instantly share code, notes, and snippets.

@dreamcat4

dreamcat4/zabbix.md

Last active October 31, 2019 10:32
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save dreamcat4/9e938d53c29340c17958 to your computer and use it in GitHub Desktop.
Save dreamcat4/9e938d53c29340c17958 to your computer and use it in GitHub Desktop.
Download ZIP
How to Install Zabbix on NAS4Free / FreeNAS / pfSense, with Finch / Qjail-3.5 - http://dreamcat4.github.io/finch/
Raw
zabbix.md

Zabbix How-To

For notes / info please scroll to bottom of page. Most commands can just be copy-pasted.

Create a new jail

# Finch users should update to get the latest fixes
[ "$(echo "$(finch --shortver) >= 1.25" | bc)" = 1 ] || sudo finch update -y
sudo finch chroot

# Read the page "jail-ip-addresses" before choosing a jail IP address
jail_ip="192.168.1.212"

# Set a matching ip address for the jail's 'lo0' ifconfig device (for localhost)
jail_loopback="lo0|127.0.0.212"

# Give an appropriate server name to your jail
jailname="zabbix"

# Create a basic jail, with local console access
qjail create -4 "$jail_ip,$jail_loopback" "$jailname"

# Enable unix sockets
qjail config -k "$jailname"

# Enable sysvipc semaphores
qjail config -y "$jailname"

Login to the jail

# Start the jail
qjail start "$jailname"

# Login to our new jail as root
qjail console "$jailname"

Install Zabbix

# Update local pkgng database, to avoid 'failed checksum' for 'pkg install'
pkg update -f

# Install zabbix and dependencies
ASSUME_ALWAYS_YES="yes" pkg install "mysql55-server" "nginx" "zabbix22-server" "zabbix22-agent" "zabbix22-frontend"

# Enable mysql rc.d service
sysrc "mysql_enable=YES"
service mysql-server start

# Create zabbix database
mysql -u root <<- EOF
create database zabbix character set utf8;
grant all privileges on zabbix.* to zabbix@localhost identified by '';
flush privileges;
quit
EOF

# Populate zabbix database
cd /usr/local/share/zabbix22/server/database
cat mysql/schema.sql mysql/images.sql mysql/data.sql | mysql -u zabbix zabbix


# Create /var folders for zabbix log & pid files
mkdir -p /var/run/zabbix /var/log/zabbix
chown zabbix:zabbix  /var/run/zabbix /var/log/zabbix

# Configure zabbix server
cd /usr/local/etc/zabbix22
cat > zabbix_server.conf <<- "EOF"

LogFile=/var/log/zabbix/zabbix_server.log
PidFile=/var/run/zabbix/zabbix_server.pid

DBName=zabbix
DBUser=zabbix

Include=/usr/local/etc/zabbix22/zabbix_server.conf.d/

EOF

# Enable zabbix_server rc.d service
sysrc "zabbix_server_enable=YES"
service zabbix_server start

# Configure zabbix agentd
jail_ip="$(ifconfig -a | grep -v "inet 127" | grep -m 1 inet | cut -d ' ' -f 2)"
zabbix_server_ip="$jail_ip"

cd /usr/local/etc/zabbix22
cat > zabbix_agentd.conf <<- EOF

LogFile=/var/log/zabbix/zabbix_agentd.log
PidFile=/var/run/zabbix/zabbix_agentd.pid

Hostname=Zabbix server
EnableRemoteCommands=1

Server=$zabbix_server_ip

Include=/usr/local/etc/zabbix22/zabbix_agentd.conf.d/

EOF

# Configure zabbix agent (cli)
jail_ip="$(ifconfig -a | grep -v "inet 127" | grep -m 1 inet | cut -d ' ' -f 2)"
zabbix_server_ip="$jail_ip"

cd /usr/local/etc/zabbix22
cat > zabbix_agent.conf <<- EOF

Server=$zabbix_server_ip

Include=/usr/local/etc/zabbix22/zabbix_agent.conf.d/

EOF

# Enable zabbix_agentd rc.d service
sysrc "zabbix_agentd_enable=YES"
service zabbix_agentd start

# Configure nginx
cd /usr/local/etc/nginx
cat > nginx.conf <<- "EOF"

user  www www;
worker_processes  1;

events {
  worker_connections  1024;
}

http {
  include       mime.types;
  default_type  application/octet-stream;
  sendfile      on;

  keepalive_timeout  65;
  gzip on;

  include /usr/local/etc/nginx/conf.d/*.conf;
}
EOF

mkdir -p cd /usr/local/etc/nginx/conf.d
cd /usr/local/etc/nginx
cat > conf.d/zabbix.conf <<- "EOF"
server {
        listen 80;
        root /usr/local/www/zabbix22;
        server_name localhost;
        location / {
            deny all;
            include conf.d/zabbix_allowed_hosts.conf;
            index index.php index.html index.htm;
        }
        location ~ \.php$ {
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }
        location ~ /\.ht {
            deny all;
        }
}
EOF

# Allow only certain hosts, others get forbidden
allowed_ip="192.168.1.XXX"
echo "allow ${allowed_ip};" >> /usr/local/etc/nginx/conf.d/zabbix_allowed_hosts.conf

# Configure php-fpm
cd /usr/local/etc
cat > php-fpm.conf <<- "EOF"

[global]
pid = /var/run/php-fpm.pid

[WWW]
listen = /var/run/php5-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0666

listen.backlog = -1
catch_workers_output = yes

user = www
group = www

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
EOF

# Configure php
cd /usr/local/etc
cp php.ini-production php.ini
sed -i '' -e 's/post_max_size = ..*/post_max_size = 16M/g' php.ini
sed -i '' -e 's/max_execution_time = ..*/max_execution_time = 300/g' php.ini
sed -i '' -e 's/max_input_time = ..*/max_input_time = 300/g' php.ini
echo "date.timezone = Europe/London" >> php.ini

# Let the nginx 'www' user write zabbix.conf file for zabbix frontend (webgui)
chown -R www:www /usr/local/www/zabbix22/conf

# Enable php-fpm rc.d service
sysrc "php_fpm_enable=YES"
service php-fpm start

# Enable nginx rc.d service
sysrc "nginx_enable=YES"
service nginx start

Test

# Reboot the Host system

# Login to http://{$jail_ip} from a web browser
#   username: admin
#   password: zabbix
@dreamcat4
Copy link
Author

Description

Zabbix is client/server based an system monitoring tool. It is the main competitor of Naigos.

http://www.zabbix.com/screenshots.php

Requirements

Requires Finch v1.20. (it has version check included).

These cmds can all be copy-pasted and should "just work". However if you wish, it is possible to change some variables near the top. For example "jail_ip=", "jail_loopback=" and "jailname=".

Zabbix Overview

There are several components of zabbix: agent, server, and frontend. The agent instance is run on any computer in your LAN which you wish to monitor. There are versions os zabbix_agent for many platforms, including Linux, Windows, Mac OS X and FreeBSD. (zabbix also has pre-made templates for monitoring each operating system). Each zabbix_agent runs as a daemon and reports it's data back it's data to zabbix_server (x1) which is a headless 'C' daemon. Then "zabbix_frontend" is actually the PHP web application which offers the GUI Browser interface and controls the zabbix_server.

Additionally, any lesser network devices that cannot run zabbix_agent, but instead have SNMP (printers, routers, etc.) can report their data back to zabbix_server also for monitoring.

NOTES

All the commands were tested on FINCH + QJAIL, not theBrig. The zabbix frontend is served by NGINX and PHP-FPM. With MYSQL for the Database backend (to store the data). All nginx and PHP configuration is included (inlined). So can just copy-paste, no editing in a text editor.

Be aware that (from inside a jail), the local zabbix_agent may not be able to see some certain information about the local host system (NAS4Free / FreeNAS / pfSense). Because from inside of a jail some things are restricted and it cannot access. However most things are OK.

If some aspect you really need to monitor is not visible, then just install a 2nd zabbix_agent into the finch chroot. I didn't provide instruction for doing that but it is well documented in the gist above.

@dreamcat4
Copy link
Author

After installing zabbix, it must be configured to monitor your devices.

New how-To:
zabbix configuration - monitor CPU temperature & hdd status (smart attributes)

https://gist.github.com/dreamcat4/1935177aafc8bb674675

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment