This guide provides a complete Ansible playbook to install Zabbix with PostgreSQL database, web frontend, and agent. Includes proper repository configuration, database setup, and security hardening.
Current Zabbix version: 7.4.7
Create a file named zabbix.yml:
---
- name: Install and Configure Zabbix Server
hosts: zabbix
become: true
vars:
zabbix_version: "7.4"
zabbix_server_port: 10051
zabbix_agent_port: 10050
zabbix_web_port: 80
db_type: "postgresql"
db_name: "zabbix"
db_user: "zabbix"
db_password: "zabbix_secure_password_123" # Change this!
zabbix_admin_password: "zabbix_admin_123" # Change this!
tasks:
- name: Install prerequisites (Debian/Ubuntu)
apt:
name:
- apt-transport-https
- software-properties-common
- wget
- gnupg2
- lsb-release
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Install prerequisites (RHEL/CentOS)
yum:
name:
- wget
- gnupg2
state: present
when: ansible_os_family == "RedHat"
- name: Add Zabbix APT repository (Debian/Ubuntu)
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main"
state: present
filename: zabbix
when: ansible_os_family == "Debian"
- name: Add Zabbix APT key (Debian/Ubuntu)
apt_key:
url: "http://repo.zabbix.com/zabbix-official-repo.key"
state: present
when: ansible_os_family == "Debian"
- name: Add Zabbix YUM repository (RHEL/CentOS)
yum_repository:
name: zabbix
description: Zabbix Official Repository
baseurl: "http://repo.zabbix.com/zabbix/{{ zabbix_version }}/rhel/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}"
gpgcheck: true
gpgkey: "http://repo.zabbix.com/RPM-GPG-KEY-ZABBIX"
enabled: true
when: ansible_os_family == "RedHat"
- name: Install PostgreSQL server
package:
name:
- postgresql-server
- postgresql-contrib
- postgresql
state: present
when: ansible_os_family == "RedHat"
- name: Install PostgreSQL (Debian/Ubuntu)
apt:
name:
- postgresql
- postgresql-contrib
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Initialize PostgreSQL database (RHEL/CentOS)
command: postgresql-setup --initdb
args:
creates: /var/lib/pgsql/data/PG_VERSION
when: ansible_os_family == "RedHat"
- name: Start and enable PostgreSQL
systemd:
name: postgresql
enabled: true
state: started
when: ansible_os_family == "Debian"
- name: Start and enable PostgreSQL (RHEL)
systemd:
name: postgresql-server
enabled: true
state: started
when: ansible_os_family == "RedHat"
- name: Install Zabbix server with PostgreSQL
package:
name:
- zabbix-server-pgsql
- zabbix-web-pgsql
- zabbix-apache-conf
- zabbix-sql-scripts
- zabbix-agent
state: present
when: ansible_os_family == "RedHat"
- name: Install Zabbix server (Debian/Ubuntu)
apt:
name:
- zabbix-server-pgsql
- zabbix-frontend-php
- zabbix-apache-conf
- zabbix-sql-scripts
- zabbix-agent
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Create Zabbix database
become_user: postgres
postgresql_db:
name: "{{ db_name }}"
encoding: UTF8
lc_collate: en_US.UTF-8
lc_ctype: en_US.UTF-8
when: ansible_os_family == "Debian"
- name: Create Zabbix database user
become_user: postgres
postgresql_user:
name: "{{ db_user }}"
password: "{{ db_password }}"
db: "{{ db_name }}"
priv: ALL
when: ansible_os_family == "Debian"
- name: Import Zabbix schema and data
become_user: postgres
command: >
zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz |
psql -U {{ db_user }} -d {{ db_name }}
args:
creates: /tmp/zabbix_db_imported
environment:
PGPASSWORD: "{{ db_password }}"
when: ansible_os_family == "Debian"
- name: Create import marker file
file:
path: /tmp/zabbix_db_imported
state: touch
when: ansible_os_family == "Debian"
- name: Configure Zabbix server database connection
lineinfile:
path: /etc/zabbix/zabbix_server.conf
regexp: "^#?DBPassword="
line: "DBPassword={{ db_password }}"
- name: Configure PHP timezone
lineinfile:
path: /etc/php/8.2/apache2/conf.d/99-zabbix.conf
regexp: "^#?php_value date.timezone"
line: "php_value date.timezone {{ ansible_timezone | default('UTC') }}"
when: ansible_os_family == "Debian"
failed_when: false
- name: Enable and start Zabbix server
systemd:
name: zabbix-server
enabled: true
state: started
- name: Enable and start Zabbix agent
systemd:
name: zabbix-agent
enabled: true
state: started
- name: Restart Apache web server
systemd:
name: apache2
enabled: true
state: restarted
when: ansible_os_family == "Debian"
- name: Restart httpd (RHEL)
systemd:
name: httpd
enabled: true
state: restarted
when: ansible_os_family == "RedHat"
- name: Configure firewall for Zabbix server
ufw:
rule: allow
port: "{{ item }}"
proto: tcp
loop:
- "{{ zabbix_server_port }}"
- "{{ zabbix_agent_port }}"
- "{{ zabbix_web_port }}"
when: ansible_os_family == "Debian"
failed_when: false
- name: Configure firewall (firewalld)
firewalld:
port: "{{ item }}/tcp"
permanent: true
immediate: true
state: enabled
loop:
- "{{ zabbix_server_port }}"
- "{{ zabbix_agent_port }}"
- "80"
- "443"
when: ansible_os_family == "RedHat"
failed_when: false
- name: Wait for Zabbix web interface
wait_for:
port: "{{ zabbix_web_port }}"
delay: 5
timeout: 60
- name: Display Zabbix status
debug:
msg: |
Zabbix {{ zabbix_version }} installed successfully!
Web Interface: http://{{ ansible_default_ipv4.address | default(ansible_host) }}/zabbix
Username: Admin
Password: {{ zabbix_admin_password }}
IMPORTANT: Change default credentials after first login!
---
zabbix:
hosts:
zabbix-server:
ansible_host: 192.168.1.102
ansible_user: ansible
ansible_become: true
# Test connectivity
ansible all -i inventory.yml -m ping
# Run the Zabbix playbook
ansible-playbook -i inventory.yml zabbix.yml
# Run with custom passwords
ansible-playbook -i inventory.yml zabbix.yml \
-e "db_password=MySecureDBPass123" \
-e "zabbix_admin_password=AdminSecurePass456"
# Check Zabbix server status
ssh zabbix-server "sudo systemctl status zabbix-server"
# Check Zabbix agent status
ssh zabbix-server "sudo systemctl status zabbix-agent"
# Test web interface
curl -I http://zabbix-server/zabbix
# Access web UI
# http://zabbix-server/zabbix
---
- name: Install Zabbix Agent on remote hosts
hosts: monitored_hosts
become: true
vars:
zabbix_version: "7.4"
zabbix_server_ip: "192.168.1.102"
tasks:
- name: Add Zabbix repository (Debian/Ubuntu)
apt_repository:
repo: "deb http://repo.zabbix.com/zabbix/{{ zabbix_version }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main"
state: present
when: ansible_os_family == "Debian"
- name: Add Zabbix APT key
apt_key:
url: "http://repo.zabbix.com/zabbix-official-repo.key"
state: present
when: ansible_os_family == "Debian"
- name: Install Zabbix agent
apt:
name: zabbix-agent
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Configure Zabbix agent
lineinfile:
path: /etc/zabbix/zabbix_agentd.conf
regexp: "^#?{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop:
- { key: 'Server', value: '{{ zabbix_server_ip }}' }
- { key: 'ServerActive', value: '{{ zabbix_server_ip }}' }
- { key: 'Hostname', value: '{{ ansible_fqdn | default(ansible_hostname) }}' }
- name: Enable and start Zabbix agent
systemd:
name: zabbix-agent
enabled: true
state: started
- name: Configure firewall for agent
ufw:
rule: allow
port: 10050
proto: tcp
when: ansible_os_family == "Debian"
failed_when: false
- name: Add hosts to Zabbix via API
hosts: zabbix
become: false
vars:
zabbix_url: "http://{{ ansible_host }}/zabbix"
zabbix_user: "Admin"
zabbix_pass: "{{ zabbix_admin_password }}"
hosts_to_add:
- name: "web-server-01"
ip: "192.168.1.10"
groups:
- "Linux servers"
templates:
- "Linux by Zabbix agent"
- name: "db-server-01"
ip: "192.168.1.20"
groups:
- "Linux servers"
templates:
- "Linux by Zabbix agent"
tasks:
- name: Get Zabbix API auth token
uri:
url: "{{ zabbix_url }}/api_jsonrpc.php"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "user.login"
params:
user: "{{ zabbix_user }}"
password: "{{ zabbix_pass }}"
id: 1
auth: null
headers:
Content-Type: "application/json-rpc"
return_content: true
register: zabbix_auth
- name: Set auth token
set_fact:
zabbix_token: "{{ zabbix_auth.json.result }}"
- name: Get template ID
uri:
url: "{{ zabbix_url }}/api_jsonrpc.php"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "template.get"
params:
filter:
host: "Linux by Zabbix agent"
id: 1
auth: "{{ zabbix_token }}"
headers:
Content-Type: "application/json-rpc"
return_content: true
register: template_result
- name: Add hosts to Zabbix
uri:
url: "{{ zabbix_url }}/api_jsonrpc.php"
method: POST
body_format: json
body:
jsonrpc: "2.0"
method: "host.create"
params:
host: "{{ item.name }}"
interfaces:
- type: 1
main: 1
useip: 1
ip: "{{ item.ip }}"
dns: ""
port: "10050"
groups:
- groupid: "{{ item.group_id | default(2) }}"
templates:
- templateid: "{{ template_result.json.result[0].templateid }}"
id: 1
auth: "{{ zabbix_token }}"
headers:
Content-Type: "application/json-rpc"
return_content: true
loop: "{{ hosts_to_add }}"
register: host_create_results
# Check PostgreSQL status
sudo systemctl status postgresql
# Test database connection
sudo -u zabbix psql -h localhost -U zabbix -d zabbix -c "SELECT version();"
# Check Zabbix server logs
sudo tail -f /var/log/zabbix/zabbix_server.log
# Check Apache logs
sudo tail -f /var/log/apache2/error.log # Debian/Ubuntu
sudo tail -f /var/log/httpd/error_log # RHEL/CentOS
# Verify PHP configuration
php -i | grep -i timezone
# Check Zabbix frontend requirements
curl http://localhost/zabbix/setup.php
# Test agent connectivity
zabbix_get -s localhost -k system.uptime
# Check agent logs
sudo tail -f /var/log/zabbix/zabbix_agentd.log
# Verify agent configuration
sudo zabbix_agentd -t system.uptime
We develop tailored automation solutions for:
Let’s discuss your requirements: office@linux-server-admin.com | Contact