#!/bin/bash ##================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= export domain="$YNH_APP_ARG_DOMAIN" export path_url="$YNH_APP_ARG_PATH" admin="$YNH_APP_ARG_ADMIN" is_public="$YNH_APP_ARG_IS_PUBLIC" language="$YNH_APP_ARG_LANGUAGE" ### If it's a multi-instance app, meaning it can be installed several times independently ### The id of the app as stated in the manifest is available as $YNH_APP_ID ### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) ### The app instance name is available as $YNH_APP_INSTANCE_NAME ### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample ### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 ### - ynhexample__{N} for the subsequent installations, with N=3,4, ... ### The app instance name is probably what interests you most, since this is ### guaranteed to be unique. This is a good unique identifier to define installation path, ### db names, ... app="$YNH_APP_INSTANCE_NAME" #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". ### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" final_path=/var/www/zabbix test ! -e "$final_path" || ynh_die "This path already contains a folder" # Normalize the url path syntax path_url=$(ynh_normalize_url_path "$path_url") # Check web path availability ynh_webpath_available "$domain" "$path_url" # Register (book) web path ynh_webpath_register "$app" "$domain" "$path_url" #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_print_info "Get infos from manifest" ynh_app_setting_set "$app" domain "$domain" ynh_app_setting_set "$app" path "$path_url" ynh_app_setting_set "$app" admin "$admin" ynh_app_setting_set "$app" is_public "$is_public" ynh_app_setting_set "$app" language "$language" #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= ### Use these lines if you have to open a port for the application ### `ynh_find_port` will find the first available port starting from the given port. ### If you're not using these lines: ### - Remove the section "CLOSE A PORT" in the remove script ### Zabbix server is not opened by default for external usage. ### if you want use zabbix server with external agent (in active mode), setup the listen address in server configuration and open port on firewall via the cmd yunohost firewall # Find a free port #port=$(ynh_find_port 8095) # Open this port #yunohost firewall allow --no-upnp TCP $port 2>&1 #ynh_app_setting_set $app port $port #================================================= # INSTALL DEPENDENCIES #================================================= ### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. ### Those deb packages will be installed as dependencies of this package. ### If you're not using this helper: ### - Remove the section "REMOVE DEPENDENCIES" in the remove script ### - As well as the section "REINSTALL DEPENDENCIES" in the restore script ### - And the section "UPGRADE DEPENDENCIES" in the upgrade script ynh_print_info "Install dependencies" wget "https://repo.zabbix.com/zabbix/4.0/debian/pool/main/z/zabbix-release/zabbix-release_4.0-2+stretch_all.deb" dpkg -i zabbix-release_*.deb rm zabbix-release_*.deb echo "deb http://deb.debian.org/debian stretch non-free" >/etc/apt/sources.list.d/non-free.list ynh_package_update ynh_install_app_dependencies libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap liblua5.2-0 php7.0 php-bcmath php7.0-bcmath ttf-dejavu-core php7.0-bcmath patch smistrip unzip wget fping libcap2-bin libiksemel3 libopenipmi0 libpam-cap libsnmp-base libsnmp30 snmptrapd snmpd snmp-mibs-downloader libjs-prototype zabbix-server-mysql zabbix-agent jq yunohost service add snmpd -d "Management of SNMP Daemon" DEBIAN_FRONTEND=noninteractive apt-get -y download zabbix-frontend-php ar x ./*.deb tar xzf control.tar.gz sed -i 's/apache2 | httpd, //' control tar --ignore-failed-read -cvzf control.tar.gz {post,pre}{inst,rm} md5sums control ar rcs zabbix-frontend-php+stretch_all-noapache2.deb debian-binary control.tar.gz data.tar.xz dpkg -i zabbix-frontend-php+stretch_all-noapache2.deb rm -fr zabbix-*.deb DEBIAN_FRONTEND=noninteractive apt-mark hold zabbix-server-mysql zabbix-frontend-php sed -i "s/# fr_FR.UTF-8 UTF-8/fr_FR.UTF-8 UTF-8/g" /etc/locale.gen locale-gen ln -s /usr/share/zabbix "$final_path" rm "$final_path/conf/zabbix.conf.php" #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_print_info "Create and add default data in db" ### Use these lines if you need a database for the application. ### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. ### The password will be stored as 'mysqlpwd' into the app settings, ### and will be available as $db_pwd ### If you're not using these lines: ### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script ### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script ### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script declare db_pwd db_name=$(ynh_sanitize_dbid "$app") db_user="$db_name" ynh_app_setting_set "$app" db_name "$db_name" ynh_app_setting_set "$app" db_user "$db_user" ynh_mysql_setup_db "$db_user" "$db_name" export mysqlconn="mysql -u $db_user -p $db_pwd $db_name" zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | $mysqlconn #sso integration $mysqlconn -e "UPDATE \`config\` SET \`http_auth_enabled\` = '1', \`http_login_form\` = '1' WHERE \`config\`.\`configid\` = 1;" if [ "$language" == "fr" ];then lang="fr_FR" else lang="en_GB" fi #admin creation surname=$(ynh_user_get_info "$admin" lastname) name=$(ynh_user_get_info "$admin" firstname) $mysqlconn -e "INSERT INTO \`users\` (\`userid\`,\`alias\`, \`name\`, \`surname\`, \`passwd\`, \`url\`, \`autologin\`, \`autologout\`, \`lang\`, \`refresh\`, \`type\`, \`theme\`, \`attempt_failed\`, \`attempt_ip\`, \`attempt_clock\`, \`rows_per_page\`) VALUES (3,'$admin', '$admin', '$admin', '5fce1b3e34b520afeffb37ce08c7cd66', '', 0, '0', '$lang', '30s', 3, 'default', 0, '', 0, 50);" $mysqlconn -e "INSERT INTO \`users_groups\` (\`id\`, \`usrgrpid\`, \`userid\`) VALUES (5, 7, 3);" #users creation in zabbix database i=4 for user in $(ynh_user_list); do if [ "$user" != "$admin" ];then surname=$(ynh_user_get_info "$user" lastname) name=$(ynh_user_get_info "$user" firstname) $mysqlconn -e "INSERT INTO \`users\` (\`userid\`, \`alias\`, \`name\`, \`surname\`, \`passwd\`, \`url\`, \`autologin\`, \`autologout\`, \`lang\`, \`refresh\`, \`type\`, \`theme\`, \`attempt_failed\`, \`attempt_ip\`, \`attempt_clock\`, \`rows_per_page\`) VALUES ($i,'$user', '$name', '$surname', '5fce1b3e34b520afeffb37ce08c7cd66', '', 0, '0', '$lang', '30s', 1, 'default', 0, '', 0, 50);" i=$((i+1)) fi done disable_guest_user() #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ### `ynh_setup_source` is used to install an app from a zip or tar.gz file, ### downloaded from an upstream source, like a git repository. ### `ynh_setup_source` use the file conf/app.src ynh_app_setting_set "$app" final_path "$final_path" # Download, check integrity, uncompress and patch the source from app.src #ynh_setup_source "$final_path" ynh_print_info "Generate web config" #================================================= # NGINX CONFIGURATION #================================================= ### `ynh_add_nginx_config` will use the file conf/nginx.conf # Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= # Create a system user #ynh_system_user_create $app # ### zabbix user created in zabbix server dpkg install #================================================= # PHP-FPM CONFIGURATION #================================================= ### `ynh_add_fpm_config` is used to set up a PHP config. ### You can remove it if your app doesn't use PHP. ### `ynh_add_fpm_config` will use the files conf/php-fpm.conf and conf/php-fpm.ini ### If you're not using these lines: ### - You can remove these files in conf/. ### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script ### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script ### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script ### With the reload at the end of the script. ### - And the section "PHP-FPM CONFIGURATION" in the upgrade script # Create a dedicated php-fpm config ynh_add_fpm_config #================================================= # SPECIFIC SETUP #================================================= # ... #================================================= #================================================= # SETUP SYSTEMD #================================================= ### `ynh_systemd_config` is used to configure a systemd script for an app. ### It can be used for apps that use sysvinit (with adaptation) or systemd. ### Have a look at the app to be sure this app needs a systemd script. ### `ynh_systemd_config` will use the file conf/systemd.service ### If you're not using these lines: ### - You can remove those files in conf/. ### - Remove the section "BACKUP SYSTEMD" in the backup script ### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script ### - As well as the section "RESTORE SYSTEMD" in the restore script ### - And the section "SETUP SYSTEMD" in the upgrade script # Create a dedicated systemd config #ynh_add_systemd_config ### Systemd service created when dpkg install #================================================= # SETUP APPLICATION WITH CURL #================================================= ### Use these lines only if the app installation needs to be finalized through ### web forms. We generally don't want to ask the final user, ### so we're going to use curl to automatically fill the fields and submit the ### forms. # Set right permissions for curl install #chown -R www-data: $final_path # Set the app as temporarily public for curl call #ynh_app_setting_set $app skipped_uris "/" # Reload SSOwat config yunohost app ssowatconf # Reload Nginx systemctl reload nginx # Installation with curl #ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" #================================================= # MODIFY A CONFIG FILE #================================================= ### `ynh_replace_string` is used to replace a string in a file. ### (It's compatible with sed regular expressions syntax) ynh_print_info "Generate zabbix config files" echo "/usr/share/zabbix/conf/zabbix.conf.php chown -R www-data. /usr/share/zabbix sed -i "s/DBName=zabbix/DBName=$db_name/g" /etc/zabbix/zabbix_server.conf sed -i "s/DBUser=zabbix/DBUser=$db_user/g" /etc/zabbix/zabbix_server.conf sed -i "126a DBPassword=$db_pwd" /etc/zabbix/zabbix_server.conf systemctl enable zabbix-server && systemctl start zabbix-server yunohost service add zabbix-server -d "Management of Zabbix Server - Monitoring server" yunohost service add zabbix-agent -d "Management of Zabbix Agent" #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= ### `ynh_store_file_checksum` is used to store the checksum of a file. ### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, ### you can make a backup of this file before modifying it again if the admin had modified it. # Calculate and store the config file checksum into the app settings #ynh_store_file_checksum "$final_path/CONFIG_FILE" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= ### For security reason, any app should set the permissions to root: before anything else. ### Then, if write authorization is needed, any access should be given only to directories ### that really need such authorization. # Set permissions to app files #chown -R root: $final_path #================================================= # SETUP LOGROTATE #================================================= ### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. ### Use this helper only if there is effectively a log file for this app. ### If you're not using this helper: ### - Remove the section "BACKUP LOGROTATE" in the backup script ### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script ### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script ### - And the section "SETUP LOGROTATE" in the upgrade script # Use logrotate to manage application logfile(s) #native logrotate because install officials packages. #ynh_use_logrotate #================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= ### `yunohost service add` is a CLI yunohost command to add a service in the admin panel. ### You'll find the service in the 'services' section of YunoHost admin panel. ### This CLI command would be useless if the app does not have any services (systemd or sysvinit) ### If you're not using these lines: ### - You can remove these files in conf/. ### - Remove the section "REMOVE SERVICE FROM ADMIN PANEL" in the remove script ### - As well as the section ADVERTISE SERVICE IN ADMIN PANEL" in the restore script #yunohost service add NAME_INIT.D --log "/var/log/FILE.log" # Make app public if for importing template # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set "$app" unprotected_uris "/" #================================================= # RELOAD NGINX AND PHP-FPM #================================================= systemctl reload nginx systemctl reload php7.0-fpm # Reload SSOwat config yunohost app ssowatconf #================================================= # Import Yunohost template #================================================= ynh_print_info "Import yunohost template" zabbixFullpath=https://$domain$path_url localpath=$(find /var/cache/yunohost/ -name "Template_Yunohost.xml") sudoUserPpath=$(find /var/cache/yunohost/ -name "etc_sudoers.d_zabbix") confUserPpath=$(find /var/cache/yunohost/ -name "etc_zabbix_zabbix_agentd.d_userP_yunohost.conf") bashUserPpath=$(find /var/cache/yunohost/ -name "etc_zabbix_zabbix_agentd.d_yunohost.sh") cp "$sudoUserPpath" /etc/sudoers.d/zabbix cp "$confUserPpath" /etc/zabbix/zabbix_agentd.d/userP_yunohost.conf cp "$bashUserPpath" /etc/zabbix/zabbix_agentd.d/yunohost.sh chmod a+x /etc/zabbix/zabbix_agentd.d/yunohost.sh systemctl restart zabbix-agent curlOptions="-k -s --cookie cookiejar.txt --cookie-jar cookiejar.txt --resolve $domain:443:127.0.0.1" curl -L $curlOptions \ --form "enter=Sign+in" \ --form "name=Admin" \ --form "password=zabbix" \ "$zabbixFullpath/index.php" if [ $? -eq 0 ];then sid=$(curl $curlOptions \ "$zabbixFullpath/conf.import.php?rules_preset=template" \ | grep -Po 'name="sid" value="\K([a-z0-9]{16})(?=")' ) importState=$(curl $curlOptions \ --form "config=1" \ --form "import_file=@$localpath" \ --form "rules[groups][createMissing]=1" \ --form "rules[templates][updateExisting]=1" \ --form "rules[templates][createMissing]=1" \ --form "rules[templateScreens][updateExisting]=1" \ --form "rules[templateScreens][createMissing]=1" \ --form "rules[templateLinkage][createMissing]=1" \ --form "rules[applications][createMissing]=1" \ --form "rules[items][updateExisting]=1" \ --form "rules[items][createMissing]=1" \ --form "rules[discoveryRules][updateExisting]=1" \ --form "rules[discoveryRules][createMissing]=1" \ --form "rules[triggers][updateExisting]=1" \ --form "rules[triggers][createMissing]=1" \ --form "rules[graphs][updateExisting]=1" \ --form "rules[graphs][createMissing]=1" \ --form "rules[httptests][updateExisting]=1" \ --form "rules[httptests][createMissing]=1" \ --form "rules[valueMaps][createMissing]=1" \ --form "import=Import" \ --form "backurl=templates.php" \ --form "form_refresh=1" \ --form "sid=${sid}" \ \ "${zabbixFullpath}/conf.import.php?rules_preset=template" \ | grep -c "Imported successfully") if [ "$importState" -eq "1" ];then ynh_print_info "Template Yunohost imported !" else ynh_print_warn "Template Yunohost not imported !" fi #apply template to host tokenapi=$(curl -k -s --resolve $domain:443:127.0.0.1 --header "Content-Type: application/json" --request POST --data '{ "jsonrpc": "2.0","method": "user.login","params": {"user": "Admin","password": "zabbix"},"id": 1,"auth": null}' "${zabbixFullpath}/api_jsonrpc.php" | jq -r '.result') zabbixHostID=$(curl -k -s --resolve $domain:443:127.0.0.1 --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"host.get","params":{"filter":{"host":["Zabbix server"]}},"auth":"'"$tokenapi"'","id":1}' "${zabbixFullpath}/api_jsonrpc.php" | jq -r '.result[0].hostid') zabbixTemplateID=$(curl -k -s --resolve $domain:443:127.0.0.1 --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"template.get","params":{"filter":{"host":["Template Yunohost"]}},"auth":"'"$tokenapi"'","id":1}' "${zabbixFullpath}/api_jsonrpc.php" | jq -r '.result[0].templateid') applyTemplate=$(curl -k -s --resolve $domain:443:127.0.0.1 --header "Content-Type: application/json" --request POST --data '{"jsonrpc":"2.0","method":"host.massadd","params":{"hosts":[{"hostid":"'"$zabbixHostID"'"}],"templates":[{"templateid":"'"$zabbixTemplateID"'"}]},"auth":"'"$tokenapi"'","id":1}' "${zabbixFullpath}/api_jsonrpc.php" | jq -r '.result.hostids[]') if [ "$applyTemplate" -eq "$zabbixHostID" ];then ynh_print_info "Template Yunohost linked to Zabbix server !" else ynh_print_warn "Template Yunohost no linked to Zabbix server !" fi else ynh_print_warn "Template Yunohost not imported ! (cannot connect admin)" fi #================================================= # disable default admin #================================================= ynh_print_info "disable default admin" disable_admin_user() #================================================= # SETUP SSOWAT #================================================= # Make app private if necessary if [ "$is_public" -eq 0 ] then # unprotected_uris allows SSO credentials to be passed anyway. ynh_app_setting_delete "$app" unprotected_uris fi #================================================= # RELOAD NGINX AND PHP-FPM #================================================= systemctl reload nginx systemctl reload php7.0-fpm # Reload SSOwat config yunohost app ssowatconf