diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml
index 2d14096dcadd..e8e8ed8eae2d 100644
--- a/nixos/doc/manual/release-notes/rl-1909.xml
+++ b/nixos/doc/manual/release-notes/rl-1909.xml
@@ -137,9 +137,9 @@
Several of the apache subservices have been replaced with full NixOS
- modules including LimeSurvey and WordPress.
- These modules can be enabled using the
- and options.
+ modules including LimeSurvey, WordPress, and Zabbix.
+ These modules can be enabled using the ,
+ , and options.
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 14ba5a573b18..1047df95cdf5 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -516,7 +516,7 @@
tss = 176;
#memcached = 177; # unused, removed 2018-01-03
#ntp = 179; # unused
- #zabbix = 180; # unused
+ zabbix = 180;
#redis = 181; # unused, removed 2018-01-03
#unifi = 183; # unused
#uptimed = 184; # unused
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 1d1995eda25a..db47e69bd4a4 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -516,6 +516,7 @@
./services/monitoring/uptime.nix
./services/monitoring/vnstat.nix
./services/monitoring/zabbix-agent.nix
+ ./services/monitoring/zabbix-proxy.nix
./services/monitoring/zabbix-server.nix
./services/network-filesystems/beegfs.nix
./services/network-filesystems/cachefilesd.nix
@@ -782,6 +783,7 @@
./services/web-apps/virtlyst.nix
./services/web-apps/wordpress.nix
./services/web-apps/youtrack.nix
+ ./services/web-apps/zabbix.nix
./services/web-servers/apache-httpd/default.nix
./services/web-servers/caddy.nix
./services/web-servers/fcgiwrap.nix
diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index 1b77a895d717..e127782e85f5 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -171,6 +171,9 @@ with lib;
The starting time can be configured via services.postgresqlBackup.startAt.
'')
+ # zabbixServer
+ (mkRenamedOptionModule [ "services" "zabbixServer" "dbServer" ] [ "services" "zabbixServer" "database" "host" ])
+
# Profile splitting
(mkRenamedOptionModule [ "virtualisation" "growPartition" ] [ "boot" "growPartition" ])
@@ -214,6 +217,7 @@ with lib;
(mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")
(mkRemovedOptionModule [ "services" "mysql" "pidDir" ] "Don't wait for pidfiles, describe dependencies through systemd")
(mkRemovedOptionModule [ "services" "mysql" "rootPassword" ] "Use socket authentication or set the password outside of the nix store.")
+ (mkRemovedOptionModule [ "services" "zabbixServer" "dbPassword" ] "Use services.zabbixServer.database.passwordFile instead.")
# ZSH
(mkRenamedOptionModule [ "programs" "zsh" "enableSyntaxHighlighting" ] [ "programs" "zsh" "syntaxHighlighting" "enable" ])
diff --git a/nixos/modules/services/monitoring/zabbix-agent.nix b/nixos/modules/services/monitoring/zabbix-agent.nix
index 0519e7c2ad6a..b1645f861101 100644
--- a/nixos/modules/services/monitoring/zabbix-agent.nix
+++ b/nixos/modules/services/monitoring/zabbix-agent.nix
@@ -1,73 +1,118 @@
-# Zabbix agent daemon.
{ config, lib, pkgs, ... }:
-with lib;
-
let
-
cfg = config.services.zabbixAgent;
- zabbix = cfg.package;
+ inherit (lib) mkDefault mkEnableOption mkIf mkOption;
+ inherit (lib) attrValues concatMapStringsSep literalExample optionalString types;
- stateDir = "/run/zabbix";
+ user = "zabbix-agent";
+ group = "zabbix-agent";
- logDir = "/var/log/zabbix";
+ moduleEnv = pkgs.symlinkJoin {
+ name = "zabbix-agent-module-env";
+ paths = attrValues cfg.modules;
+ };
- pidFile = "${stateDir}/zabbix_agentd.pid";
-
- configFile = pkgs.writeText "zabbix_agentd.conf"
- ''
- Server = ${cfg.server}
-
- LogFile = ${logDir}/zabbix_agentd
-
- PidFile = ${pidFile}
-
- StartAgents = 1
-
- ${config.services.zabbixAgent.extraConfig}
- '';
+ configFile = pkgs.writeText "zabbix_agent.conf" ''
+ LogType = console
+ Server = ${cfg.server}
+ ListenIP = ${cfg.listen.ip}
+ ListenPort = ${toString cfg.listen.port}
+ ${optionalString (cfg.modules != {}) "LoadModulePath = ${moduleEnv}/lib"}
+ ${concatMapStringsSep "\n" (name: "LoadModule = ${name}") (builtins.attrNames cfg.modules)}
+ ${cfg.extraConfig}
+ '';
in
{
-
- ###### interface
+ # interface
options = {
services.zabbixAgent = {
+ enable = mkEnableOption "the Zabbix Agent";
- enable = mkOption {
- default = false;
+ package = mkOption {
+ type = types.package;
+ default = pkgs.zabbix.agent;
+ defaultText = "pkgs.zabbix.agent";
+ description = "The Zabbix package to use.";
+ };
+
+ extraPackages = mkOption {
+ type = types.listOf types.package;
+ default = with pkgs; [ nettools ];
+ defaultText = "[ nettools ]";
+ example = "[ nettools mysql ]";
description = ''
- Whether to run the Zabbix monitoring agent on this machine.
- It will send monitoring data to a Zabbix server.
+ Packages to be added to the Zabbix PATH.
+ Typically used to add executables for scripts, but can be anything.
'';
};
- package = mkOption {
- type = types.attrs; # Note: pkgs.zabbixXY isn't a derivation, but an attrset of { server = ...; agent = ...; }.
- default = pkgs.zabbix;
- defaultText = "pkgs.zabbix";
- example = literalExample "pkgs.zabbix34";
- description = ''
- The Zabbix package to use.
+ modules = mkOption {
+ type = types.attrsOf types.package;
+ description = "A set of modules to load.";
+ default = {};
+ example = literalExample ''
+ {
+ "dummy.so" = pkgs.stdenv.mkDerivation {
+ name = "zabbix-dummy-module-''${cfg.package.version}";
+ src = cfg.package.src;
+ buildInputs = [ cfg.package ];
+ sourceRoot = "zabbix-''${cfg.package.version}/src/modules/dummy";
+ installPhase = '''
+ mkdir -p $out/lib
+ cp dummy.so $out/lib/
+ ''';
+ };
+ }
'';
};
server = mkOption {
- default = "127.0.0.1";
+ type = types.str;
description = ''
The IP address or hostname of the Zabbix server to connect to.
'';
};
+ listen = {
+ ip = mkOption {
+ type = types.str;
+ default = "0.0.0.0";
+ description = ''
+ List of comma delimited IP addresses that the agent should listen on.
+ '';
+ };
+
+ port = mkOption {
+ type = types.port;
+ default = 10050;
+ description = ''
+ Agent will listen on this port for connections from the server.
+ '';
+ };
+ };
+
+ openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Open ports in the firewall for the Zabbix Agent.
+ '';
+ };
+
+ # TODO: for bonus points migrate this to https://github.com/NixOS/rfcs/pull/42
extraConfig = mkOption {
default = "";
type = types.lines;
description = ''
- Configuration that is injected verbatim into the configuration file.
+ Configuration that is injected verbatim into the configuration file. Refer to
+
+ for details on supported values.
'';
};
@@ -75,38 +120,38 @@ in
};
-
- ###### implementation
+ # implementation
config = mkIf cfg.enable {
- users.users = mkIf (!config.services.zabbixServer.enable) (singleton
- { name = "zabbix";
- uid = config.ids.uids.zabbix;
- description = "Zabbix daemon user";
- });
+ networking.firewall = mkIf cfg.openFirewall {
+ allowedTCPPorts = [ cfg.listen.port ];
+ };
- systemd.services."zabbix-agent" =
- { description = "Zabbix Agent";
+ users.users.${user} = {
+ description = "Zabbix Agent daemon user";
+ inherit group;
+ };
- wantedBy = [ "multi-user.target" ];
+ users.groups.${group} = { };
- path = [ pkgs.nettools ];
+ systemd.services."zabbix-agent" = {
+ description = "Zabbix Agent";
- preStart =
- ''
- mkdir -m 0755 -p ${stateDir} ${logDir}
- chown zabbix ${stateDir} ${logDir}
- '';
+ wantedBy = [ "multi-user.target" ];
- serviceConfig.ExecStart = "@${zabbix.agent}/sbin/zabbix_agentd zabbix_agentd --config ${configFile}";
- serviceConfig.Type = "forking";
- serviceConfig.RemainAfterExit = true;
- serviceConfig.Restart = "always";
- serviceConfig.RestartSec = 2;
+ path = [ "/run/wrappers" ] ++ cfg.extraPackages;
+
+ serviceConfig = {
+ ExecStart = "@${cfg.package}/sbin/zabbix_agentd zabbix_agentd -f --config ${configFile}";
+ Restart = "always";
+ RestartSec = 2;
+
+ User = user;
+ Group = group;
+ PrivateTmp = true;
};
-
- environment.systemPackages = [ zabbix.agent ];
+ };
};
diff --git a/nixos/modules/services/monitoring/zabbix-proxy.nix b/nixos/modules/services/monitoring/zabbix-proxy.nix
new file mode 100644
index 000000000000..c1a45fba4af3
--- /dev/null
+++ b/nixos/modules/services/monitoring/zabbix-proxy.nix
@@ -0,0 +1,290 @@
+{ config, lib, pkgs, ... }:
+
+let
+ cfg = config.services.zabbixProxy;
+ pgsql = config.services.postgresql;
+ mysql = config.services.mysql;
+
+ inherit (lib) mkDefault mkEnableOption mkIf mkOption;
+ inherit (lib) attrValues concatMapStringsSep literalExample optional optionalAttrs optionalString types;
+
+ user = "zabbix";
+ group = "zabbix";
+ runtimeDir = "/run/zabbix";
+ stateDir = "/var/lib/zabbix";
+ passwordFile = "${runtimeDir}/zabbix-dbpassword.conf";
+
+ moduleEnv = pkgs.symlinkJoin {
+ name = "zabbix-proxy-module-env";
+ paths = attrValues cfg.modules;
+ };
+
+ configFile = pkgs.writeText "zabbix_proxy.conf" ''
+ LogType = console
+ ListenIP = ${cfg.listen.ip}
+ ListenPort = ${toString cfg.listen.port}
+ # TODO: set to cfg.database.socket if database type is pgsql?
+ DBHost = ${optionalString (cfg.database.createLocally != true) cfg.database.host}
+ ${optionalString (cfg.database.createLocally != true) "DBPort = ${cfg.database.port}"}
+ DBName = ${cfg.database.name}
+ DBUser = ${cfg.database.user}
+ ${optionalString (cfg.database.passwordFile != null) "Include ${passwordFile}"}
+ ${optionalString (mysqlLocal && cfg.database.socket != null) "DBSocket = ${cfg.database.socket}"}
+ SocketDir = ${runtimeDir}
+ FpingLocation = /run/wrappers/bin/fping
+ ${optionalString (cfg.modules != {}) "LoadModulePath = ${moduleEnv}/lib"}
+ ${concatMapStringsSep "\n" (name: "LoadModule = ${name}") (builtins.attrNames cfg.modules)}
+ ${cfg.extraConfig}
+ '';
+
+ mysqlLocal = cfg.database.createLocally && cfg.database.type == "mysql";
+ pgsqlLocal = cfg.database.createLocally && cfg.database.type == "pgsql";
+
+in
+
+{
+ # interface
+
+ options = {
+
+ services.zabbixProxy = {
+ enable = mkEnableOption "the Zabbix Proxy";
+
+ package = mkOption {
+ type = types.package;
+ default =
+ if cfg.database.type == "mysql" then pkgs.zabbix.proxy-mysql
+ else if cfg.database.type == "pgsql" then pkgs.zabbix.proxy-pgsql
+ else pkgs.zabbix.proxy-sqlite;
+ defaultText = "pkgs.zabbix.proxy-pgsql";
+ description = "The Zabbix package to use.";
+ };
+
+ extraPackages = mkOption {
+ type = types.listOf types.package;
+ default = with pkgs; [ nettools nmap traceroute ];
+ defaultText = "[ nettools nmap traceroute ]";
+ description = ''
+ Packages to be added to the Zabbix PATH.
+ Typically used to add executables for scripts, but can be anything.
+ '';
+ };
+
+ modules = mkOption {
+ type = types.attrsOf types.package;
+ description = "A set of modules to load.";
+ default = {};
+ example = literalExample ''
+ {
+ "dummy.so" = pkgs.stdenv.mkDerivation {
+ name = "zabbix-dummy-module-''${cfg.package.version}";
+ src = cfg.package.src;
+ buildInputs = [ cfg.package ];
+ sourceRoot = "zabbix-''${cfg.package.version}/src/modules/dummy";
+ installPhase = '''
+ mkdir -p $out/lib
+ cp dummy.so $out/lib/
+ ''';
+ };
+ }
+ '';
+ };
+
+ database = {
+ type = mkOption {
+ type = types.enum [ "mysql" "pgsql" "sqlite" ];
+ example = "mysql";
+ default = "pgsql";
+ description = "Database engine to use.";
+ };
+
+ host = mkOption {
+ type = types.str;
+ default = "localhost";
+ description = "Database host address.";
+ };
+
+ port = mkOption {
+ type = types.int;
+ default = if cfg.database.type == "mysql" then mysql.port else pgsql.port;
+ description = "Database host port.";
+ };
+
+ name = mkOption {
+ type = types.str;
+ default = "zabbix";
+ description = "Database name.";
+ };
+
+ user = mkOption {
+ type = types.str;
+ default = "zabbix";
+ description = "Database user.";
+ };
+
+ passwordFile = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ example = "/run/keys/zabbix-dbpassword";
+ description = ''
+ A file containing the password corresponding to
+ .
+ '';
+ };
+
+ socket = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ example = "/run/postgresql";
+ description = "Path to the unix socket file to use for authentication.";
+ };
+
+ createLocally = mkOption {
+ type = types.bool;
+ default = true;
+ description = "Whether to create a local database automatically.";
+ };
+ };
+
+ listen = {
+ ip = mkOption {
+ type = types.str;
+ default = "0.0.0.0";
+ description = ''
+ List of comma delimited IP addresses that the trapper should listen on.
+ Trapper will listen on all network interfaces if this parameter is missing.
+ '';
+ };
+
+ port = mkOption {
+ type = types.port;
+ default = 10051;
+ description = ''
+ Listen port for trapper.
+ '';
+ };
+ };
+
+ openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Open ports in the firewall for the Zabbix Proxy.
+ '';
+ };
+
+ # TODO: for bonus points migrate this to https://github.com/NixOS/rfcs/pull/42
+ extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ description = ''
+ Configuration that is injected verbatim into the configuration file. Refer to
+
+ for details on supported values.
+ '';
+ };
+
+ };
+
+ };
+
+ # implementation
+
+ config = mkIf cfg.enable {
+
+ assertions = [
+ { assertion = !config.services.zabbixServer.enable;
+ message = "Please choose one of services.zabbixServer or services.zabbixProxy.";
+ }
+ { assertion = cfg.database.createLocally -> cfg.database.user == user;
+ message = "services.zabbixProxy.database.user must be set to ${user} if services.zabbixProxy.database.createLocally is set true";
+ }
+ { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
+ message = "a password cannot be specified if services.zabbixProxy.database.createLocally is set to true";
+ }
+ ];
+
+ networking.firewall = mkIf cfg.openFirewall {
+ allowedTCPPorts = [ cfg.listen.port ];
+ };
+
+ services.mysql = optionalAttrs mysqlLocal {
+ enable = true;
+ package = mkDefault pkgs.mariadb;
+ ensureDatabases = [ cfg.database.name ];
+ ensureUsers = [
+ { name = cfg.database.user;
+ ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; };
+ }
+ ];
+ };
+
+ services.postgresql = optionalAttrs pgsqlLocal {
+ enable = true;
+ ensureDatabases = [ cfg.database.name ];
+ ensureUsers = [
+ { name = cfg.database.user;
+ ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; };
+ }
+ ];
+ };
+
+ users.users.${user} = {
+ description = "Zabbix daemon user";
+ uid = config.ids.uids.zabbix;
+ inherit group;
+ };
+
+ users.groups.${group} = {
+ gid = config.ids.gids.zabbix;
+ };
+
+ security.wrappers = {
+ fping.source = "${pkgs.fping}/bin/fping";
+ };
+
+ systemd.services."zabbix-proxy" = {
+ description = "Zabbix Proxy";
+
+ wantedBy = [ "multi-user.target" ];
+ after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
+
+ path = [ "/run/wrappers" ] ++ cfg.extraPackages;
+ preStart = optionalString pgsqlLocal ''
+ if ! test -e "${stateDir}/db-created"; then
+ cat ${cfg.package}/share/zabbix/database/postgresql/schema.sql | ${pgsql.package}/bin/psql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/postgresql/images.sql | ${pgsql.package}/bin/psql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/postgresql/data.sql | ${pgsql.package}/bin/psql ${cfg.database.name}
+ touch "${stateDir}/db-created"
+ fi
+ '' + optionalString mysqlLocal ''
+ if ! test -e "${stateDir}/db-created"; then
+ cat ${cfg.package}/share/zabbix/database/mysql/schema.sql | ${mysql.package}/bin/mysql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/mysql/images.sql | ${mysql.package}/bin/mysql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/mysql/data.sql | ${mysql.package}/bin/mysql ${cfg.database.name}
+ touch "${stateDir}/db-created"
+ fi
+ '' + optionalString (cfg.database.passwordFile != null) ''
+ # create a copy of the supplied password file in a format zabbix can consume
+ touch ${passwordFile}
+ chmod 0600 ${passwordFile}
+ echo -n "DBPassword = " > ${passwordFile}
+ cat ${cfg.database.passwordFile} >> ${passwordFile}
+ '';
+
+ serviceConfig = {
+ ExecStart = "@${cfg.package}/sbin/zabbix_proxy zabbix_proxy -f --config ${configFile}";
+ Restart = "always";
+ RestartSec = 2;
+
+ User = user;
+ Group = group;
+ RuntimeDirectory = "zabbix";
+ StateDirectory = "zabbix";
+ PrivateTmp = true;
+ };
+ };
+
+ };
+
+}
diff --git a/nixos/modules/services/monitoring/zabbix-server.nix b/nixos/modules/services/monitoring/zabbix-server.nix
index 823145d8b906..11311b466c3f 100644
--- a/nixos/modules/services/monitoring/zabbix-server.nix
+++ b/nixos/modules/services/monitoring/zabbix-server.nix
@@ -1,147 +1,293 @@
-# Zabbix server daemon.
{ config, lib, pkgs, ... }:
-with lib;
-
let
-
cfg = config.services.zabbixServer;
+ pgsql = config.services.postgresql;
+ mysql = config.services.mysql;
- stateDir = "/run/zabbix";
+ inherit (lib) mkDefault mkEnableOption mkIf mkOption;
+ inherit (lib) attrValues concatMapStringsSep literalExample optional optionalAttrs optionalString types;
- logDir = "/var/log/zabbix";
+ user = "zabbix";
+ group = "zabbix";
+ runtimeDir = "/run/zabbix";
+ stateDir = "/var/lib/zabbix";
+ passwordFile = "${runtimeDir}/zabbix-dbpassword.conf";
- libDir = "/var/lib/zabbix";
+ moduleEnv = pkgs.symlinkJoin {
+ name = "zabbix-server-module-env";
+ paths = attrValues cfg.modules;
+ };
- pidFile = "${stateDir}/zabbix_server.pid";
+ configFile = pkgs.writeText "zabbix_server.conf" ''
+ LogType = console
+ ListenIP = ${cfg.listen.ip}
+ ListenPort = ${toString cfg.listen.port}
+ # TODO: set to cfg.database.socket if database type is pgsql?
+ DBHost = ${optionalString (cfg.database.createLocally != true) cfg.database.host}
+ ${optionalString (cfg.database.createLocally != true) "DBPort = ${cfg.database.port}"}
+ DBName = ${cfg.database.name}
+ DBUser = ${cfg.database.user}
+ ${optionalString (cfg.database.passwordFile != null) "Include ${passwordFile}"}
+ ${optionalString (mysqlLocal && cfg.database.socket != null) "DBSocket = ${cfg.database.socket}"}
+ SocketDir = ${runtimeDir}
+ FpingLocation = /run/wrappers/bin/fping
+ ${optionalString (cfg.modules != {}) "LoadModulePath = ${moduleEnv}/lib"}
+ ${concatMapStringsSep "\n" (name: "LoadModule = ${name}") (builtins.attrNames cfg.modules)}
+ ${cfg.extraConfig}
+ '';
- configFile = pkgs.writeText "zabbix_server.conf"
- ''
- ListenPort = ${cfg.listenPort}
-
- LogFile = ${logDir}/zabbix_server
-
- PidFile = ${pidFile}
-
- ${optionalString (cfg.dbServer != "localhost") ''
- DBHost = ${cfg.dbServer}
- ''}
-
- DBName = ${cfg.dbName}
-
- DBUser = ${cfg.dbUser}
-
- DBPort = ${cfg.dbPort}
-
- DBPassword = ${cfg.dbPassword}
-
- ${config.services.zabbixServer.extraConfig}
- '';
-
- useLocalMysql = cfg.dbServer == "localhost" || cfg.dbServer == "";
+ mysqlLocal = cfg.database.createLocally && cfg.database.type == "mysql";
+ pgsqlLocal = cfg.database.createLocally && cfg.database.type == "pgsql";
in
{
-
- ###### interface
+ # interface
options = {
- services.zabbixServer.enable = mkOption {
- default = false;
- type = types.bool;
- description = ''
- Whether to run the Zabbix server on this machine.
- '';
+ services.zabbixServer = {
+ enable = mkEnableOption "the Zabbix Server";
+
+ package = mkOption {
+ type = types.package;
+ default = if cfg.database.type == "mysql" then pkgs.zabbix.server-mysql else pkgs.zabbix.server-pgsql;
+ defaultText = "pkgs.zabbix.server-pgsql";
+ description = "The Zabbix package to use.";
+ };
+
+ extraPackages = mkOption {
+ type = types.listOf types.package;
+ default = with pkgs; [ nettools nmap traceroute ];
+ defaultText = "[ nettools nmap traceroute ]";
+ description = ''
+ Packages to be added to the Zabbix PATH.
+ Typically used to add executables for scripts, but can be anything.
+ '';
+ };
+
+ modules = mkOption {
+ type = types.attrsOf types.package;
+ description = "A set of modules to load.";
+ default = {};
+ example = literalExample ''
+ {
+ "dummy.so" = pkgs.stdenv.mkDerivation {
+ name = "zabbix-dummy-module-''${cfg.package.version}";
+ src = cfg.package.src;
+ buildInputs = [ cfg.package ];
+ sourceRoot = "zabbix-''${cfg.package.version}/src/modules/dummy";
+ installPhase = '''
+ mkdir -p $out/lib
+ cp dummy.so $out/lib/
+ ''';
+ };
+ }
+ '';
+ };
+
+ database = {
+ type = mkOption {
+ type = types.enum [ "mysql" "pgsql" ];
+ example = "mysql";
+ default = "pgsql";
+ description = "Database engine to use.";
+ };
+
+ host = mkOption {
+ type = types.str;
+ default = "localhost";
+ description = "Database host address.";
+ };
+
+ port = mkOption {
+ type = types.int;
+ default = if cfg.database.type == "mysql" then mysql.port else pgsql.port;
+ description = "Database host port.";
+ };
+
+ name = mkOption {
+ type = types.str;
+ default = "zabbix";
+ description = "Database name.";
+ };
+
+ user = mkOption {
+ type = types.str;
+ default = "zabbix";
+ description = "Database user.";
+ };
+
+ passwordFile = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ example = "/run/keys/zabbix-dbpassword";
+ description = ''
+ A file containing the password corresponding to
+ .
+ '';
+ };
+
+ socket = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ example = "/run/postgresql";
+ description = "Path to the unix socket file to use for authentication.";
+ };
+
+ createLocally = mkOption {
+ type = types.bool;
+ default = true;
+ description = "Whether to create a local database automatically.";
+ };
+ };
+
+ listen = {
+ ip = mkOption {
+ type = types.str;
+ default = "0.0.0.0";
+ description = ''
+ List of comma delimited IP addresses that the trapper should listen on.
+ Trapper will listen on all network interfaces if this parameter is missing.
+ '';
+ };
+
+ port = mkOption {
+ type = types.port;
+ default = 10051;
+ description = ''
+ Listen port for trapper.
+ '';
+ };
+ };
+
+ openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Open ports in the firewall for the Zabbix Server.
+ '';
+ };
+
+ # TODO: for bonus points migrate this to https://github.com/NixOS/rfcs/pull/42
+ extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ description = ''
+ Configuration that is injected verbatim into the configuration file. Refer to
+
+ for details on supported values.
+ '';
+ };
+
};
- services.zabbixServer.dbServer = mkOption {
- default = "localhost";
- type = types.str;
- description = ''
- Hostname or IP address of the database server.
- Use an empty string ("") to use peer authentication.
- '';
- };
-
- services.zabbixServer.dbPassword = mkOption {
- type = types.str;
- description = "Password used to connect to the database server.";
- };
-
- services.zabbixServer.dbUser = mkOption {
- default = "zabbix";
- type = types.str;
- description = "User used to connect to the database server.";
- };
-
- services.zabbixServer.dbPort = mkOption {
- default = "3306";
- type = types.str;
- description = "Port used to connect to the database server.";
- };
-
- services.zabbixServer.dbName = mkOption {
- default = "zabbix";
- type = types.str;
- description = "Port used to connect to the database server.";
- };
-
- services.zabbixServer.listenPort = mkOption {
- default = "10051";
- type = types.str;
- description = "Port used to listen to the agent.";
- };
-
- services.zabbixServer.extraConfig = mkOption {
- default = "";
- type = types.lines;
- description = ''
- Configuration that is injected verbatim into the configuration file.
- '';
- };
};
- ###### implementation
+ # implementation
config = mkIf cfg.enable {
- services.mysql.enable = useLocalMysql;
- services.mysql.package = pkgs.mysql;
+ assertions = [
+ { assertion = cfg.database.createLocally -> cfg.database.user == user;
+ message = "services.zabbixServer.database.user must be set to ${user} if services.zabbixServer.database.createLocally is set true";
+ }
+ { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
+ message = "a password cannot be specified if services.zabbixServer.database.createLocally is set to true";
+ }
+ ];
- users.users = singleton
- { name = "zabbix";
- uid = config.ids.uids.zabbix;
- description = "Zabbix daemon user";
+ networking.firewall = mkIf cfg.openFirewall {
+ allowedTCPPorts = [ cfg.listen.port ];
+ };
+
+ services.mysql = optionalAttrs mysqlLocal {
+ enable = true;
+ package = mkDefault pkgs.mariadb;
+ ensureDatabases = [ cfg.database.name ];
+ ensureUsers = [
+ { name = cfg.database.user;
+ ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; };
+ }
+ ];
+ };
+
+ services.postgresql = optionalAttrs pgsqlLocal {
+ enable = true;
+ ensureDatabases = [ cfg.database.name ];
+ ensureUsers = [
+ { name = cfg.database.user;
+ ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; };
+ }
+ ];
+ };
+
+ users.users.${user} = {
+ description = "Zabbix daemon user";
+ uid = config.ids.uids.zabbix;
+ inherit group;
+ };
+
+ users.groups.${group} = {
+ gid = config.ids.gids.zabbix;
+ };
+
+ security.wrappers = {
+ fping.source = "${pkgs.fping}/bin/fping";
+ };
+
+ systemd.services."zabbix-server" = {
+ description = "Zabbix Server";
+
+ wantedBy = [ "multi-user.target" ];
+ after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
+
+ path = [ "/run/wrappers" ] ++ cfg.extraPackages;
+ preStart = ''
+ # pre 19.09 compatibility
+ if test -e "${runtimeDir}/db-created"; then
+ mv "${runtimeDir}/db-created" "${stateDir}/"
+ fi
+ '' + optionalString pgsqlLocal ''
+ if ! test -e "${stateDir}/db-created"; then
+ cat ${cfg.package}/share/zabbix/database/postgresql/schema.sql | ${pgsql.package}/bin/psql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/postgresql/images.sql | ${pgsql.package}/bin/psql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/postgresql/data.sql | ${pgsql.package}/bin/psql ${cfg.database.name}
+ touch "${stateDir}/db-created"
+ fi
+ '' + optionalString mysqlLocal ''
+ if ! test -e "${stateDir}/db-created"; then
+ cat ${cfg.package}/share/zabbix/database/mysql/schema.sql | ${mysql.package}/bin/mysql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/mysql/images.sql | ${mysql.package}/bin/mysql ${cfg.database.name}
+ cat ${cfg.package}/share/zabbix/database/mysql/data.sql | ${mysql.package}/bin/mysql ${cfg.database.name}
+ touch "${stateDir}/db-created"
+ fi
+ '' + optionalString (cfg.database.passwordFile != null) ''
+ # create a copy of the supplied password file in a format zabbix can consume
+ touch ${passwordFile}
+ chmod 0600 ${passwordFile}
+ echo -n "DBPassword = " > ${passwordFile}
+ cat ${cfg.database.passwordFile} >> ${passwordFile}
+ '';
+
+ serviceConfig = {
+ ExecStart = "@${cfg.package}/sbin/zabbix_server zabbix_server -f --config ${configFile}";
+ Restart = "always";
+ RestartSec = 2;
+
+ User = user;
+ Group = group;
+ RuntimeDirectory = "zabbix";
+ StateDirectory = "zabbix";
+ PrivateTmp = true;
};
+ };
- systemd.services."zabbix-server" =
- { description = "Zabbix Server";
+ systemd.services.httpd.after =
+ optional (config.services.zabbixWeb.enable && mysqlLocal) "mysql.service" ++
+ optional (config.services.zabbixWeb.enable && pgsqlLocal) "postgresql.service";
- wantedBy = [ "multi-user.target" ];
- after = optional useLocalMysql "mysql.service";
-
- preStart =
- ''
- mkdir -m 0755 -p ${stateDir} ${logDir} ${libDir}
- chown zabbix ${stateDir} ${logDir} ${libDir}
- ${lib.optionalString (useLocalMysql) ''
- if ! test -e "${libDir}/db-created"; then
- ${pkgs.sudo}/bin/sudo -u ${config.services.mysql.user} ${pkgs.mysql}/bin/mysql -uroot -e 'CREATE DATABASE ${cfg.dbName}'
- ${pkgs.sudo}/bin/sudo -u ${config.services.mysql.user} ${pkgs.mysql}/bin/mysql -uroot -e "GRANT ALL ON ${cfg.dbName}.* TO ${cfg.dbUser}@localhost IDENTIFIED BY \"${cfg.dbPassword}\";"
- cat ${pkgs.zabbix.server}/share/zabbix/db/schema/mysql.sql | ${pkgs.sudo}/bin/sudo -u zabbix ${pkgs.mysql}/bin/mysql -u${cfg.dbUser} -p${cfg.dbPassword} ${cfg.dbName}
- cat ${pkgs.zabbix.server}/share/zabbix/db/data/images.sql | ${pkgs.sudo}/bin/sudo -u zabbix ${pkgs.mysql}/bin/mysql -u${cfg.dbUser} -p${cfg.dbPassword} ${cfg.dbName}
- cat ${pkgs.zabbix.server}/share/zabbix/db/data/data.sql | ${pkgs.sudo}/bin/sudo -u zabbix ${pkgs.mysql}/bin/mysql -u${cfg.dbUser} -p${cfg.dbPassword} ${cfg.dbName}
- touch "${libDir}/db-created"
- fi''}
- '';
-
- path = [ pkgs.nettools ];
-
- serviceConfig.ExecStart = "${pkgs.zabbix.server}/sbin/zabbix_server --config ${configFile}";
- serviceConfig.Type = "forking";
- serviceConfig.PIDFile = pidFile;
- };
};
+
}
diff --git a/nixos/modules/services/web-apps/zabbix.nix b/nixos/modules/services/web-apps/zabbix.nix
new file mode 100644
index 000000000000..4b5334579a99
--- /dev/null
+++ b/nixos/modules/services/web-apps/zabbix.nix
@@ -0,0 +1,225 @@
+{ config, lib, pkgs, ... }:
+
+let
+
+ inherit (lib) mkDefault mkEnableOption mkForce mkIf mkMerge mkOption types;
+ inherit (lib) literalExample mapAttrs optionalString;
+
+ cfg = config.services.zabbixWeb;
+ fpm = config.services.phpfpm.pools.zabbix;
+
+ user = "zabbix";
+ group = "zabbix";
+ stateDir = "/var/lib/zabbix";
+
+ zabbixConfig = pkgs.writeText "zabbix.conf.php" ''
+ database.user.
+ '';
+ };
+
+ socket = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ example = "/run/postgresql";
+ description = "Path to the unix socket file to use for authentication.";
+ };
+ };
+
+ virtualHost = mkOption {
+ type = types.submodule ({
+ options = import ../web-servers/apache-httpd/per-server-options.nix {
+ inherit lib;
+ forMainServer = false;
+ };
+ });
+ example = {
+ hostName = "zabbix.example.org";
+ enableSSL = true;
+ adminAddr = "webmaster@example.org";
+ sslServerCert = "/var/lib/acme/zabbix.example.org/full.pem";
+ sslServerKey = "/var/lib/acme/zabbix.example.org/key.pem";
+ };
+ description = ''
+ Apache configuration can be done by adapting services.httpd.virtualHosts.<name>.
+ See for further information.
+ '';
+ };
+
+ poolConfig = mkOption {
+ type = types.lines;
+ default = ''
+ pm = dynamic
+ pm.max_children = 32
+ pm.start_servers = 2
+ pm.min_spare_servers = 2
+ pm.max_spare_servers = 4
+ pm.max_requests = 500
+ '';
+ description = ''
+ Options for the Zabbix PHP pool. See the documentation on php-fpm.conf for details on configuration directives.
+ '';
+ };
+
+ };
+ };
+
+ # implementation
+
+ config = mkIf cfg.enable {
+
+ systemd.tmpfiles.rules = [
+ "d '${stateDir}' 0750 ${user} ${group} - -"
+ "d '${stateDir}/session' 0750 ${user} ${config.services.httpd.group} - -"
+ ];
+
+ services.phpfpm.pools.zabbix = {
+ phpOptions = ''
+ # https://www.zabbix.com/documentation/current/manual/installation/install
+ memory_limit = 128M
+ post_max_size = 16M
+ upload_max_filesize = 2M
+ max_execution_time = 300
+ max_input_time = 300
+ session.auto_start = 0
+ mbstring.func_overload = 0
+ always_populate_raw_post_data = -1
+ # https://bbs.archlinux.org/viewtopic.php?pid=1745214#p1745214
+ session.save_path = ${stateDir}/session
+ '' + optionalString (config.time.timeZone != null) ''
+ date.timezone = "${config.time.timeZone}"
+ '' + optionalString (cfg.database.type == "oracle") ''
+ extension=${pkgs.phpPackages.oci8}/lib/php/extensions/oci8.so
+ '';
+ listen = "/run/phpfpm/zabbix.sock";
+ extraConfig = ''
+ listen.owner = ${config.services.httpd.user};
+ listen.group = ${config.services.httpd.group};
+ user = ${user};
+ group = ${config.services.httpd.group};
+ env[ZABBIX_CONFIG] = ${zabbixConfig}
+ ${cfg.poolConfig}
+ '';
+ };
+
+ services.httpd = {
+ enable = true;
+ adminAddr = mkDefault cfg.virtualHost.adminAddr;
+ extraModules = [ "proxy_fcgi" ];
+ virtualHosts = [ (mkMerge [
+ cfg.virtualHost {
+ documentRoot = mkForce "${cfg.package}/share/zabbix";
+ extraConfig = ''
+
+
+
+ SetHandler "proxy:unix:${fpm.listen}|fcgi://localhost/"
+
+
+ AllowOverride all
+ Options -Indexes
+ DirectoryIndex index.php
+
+ '';
+ }
+ ]) ];
+ };
+
+ users.users.${user} = mapAttrs (name: mkDefault) {
+ description = "Zabbix daemon user";
+ uid = config.ids.uids.zabbix;
+ inherit group;
+ };
+
+ users.groups.${group} = mapAttrs (name: mkDefault) {
+ gid = config.ids.gids.zabbix;
+ };
+
+ };
+}
diff --git a/nixos/modules/services/web-servers/apache-httpd/zabbix.nix b/nixos/modules/services/web-servers/apache-httpd/zabbix.nix
deleted file mode 100644
index cab16593bcbc..000000000000
--- a/nixos/modules/services/web-servers/apache-httpd/zabbix.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{ config, lib, pkgs, serverInfo, ... }:
-
-with lib;
-
-let
-
- # The Zabbix PHP frontend needs to be able to write its
- # configuration settings (the connection info to the database) to
- # the "conf" subdirectory. So symlink $out/conf to some directory
- # outside of the Nix store where we want to keep this stateful info.
- # Note that different instances of the frontend will therefore end
- # up with their own copies of the PHP sources. !!! Alternatively,
- # we could generate zabbix.conf.php declaratively.
- zabbixPHP = pkgs.runCommand "${pkgs.zabbix.server.name}-php" {}
- ''
- cp -rs ${pkgs.zabbix.server}/share/zabbix/php "$out"
- chmod -R u+w $out
- ln -s "${if config.configFile == null
- then "${config.stateDir}/zabbix.conf.php"
- else config.configFile}" "$out/conf/zabbix.conf.php"
- '';
-
-in
-
-{
-
- enablePHP = true;
-
- phpOptions =
- ''
- post_max_size = 32M
- max_execution_time = 300
- max_input_time = 300
- '';
-
- extraConfig = ''
- Alias ${config.urlPrefix}/ ${zabbixPHP}/
-
-
- DirectoryIndex index.php
- Order deny,allow
- Allow from *
-
- '';
-
- startupScript = pkgs.writeScript "zabbix-startup-hook" ''
- mkdir -p ${config.stateDir}
- chown -R ${serverInfo.serverConfig.user} ${config.stateDir}
- '';
-
- # The frontend needs "ps" to find out whether zabbix_server is running.
- extraServerPath = [ pkgs.procps ];
-
- options = {
-
- urlPrefix = mkOption {
- default = "/zabbix";
- description = "
- The URL prefix under which the Zabbix service appears.
- Use the empty string to have it appear in the server root.
- ";
- };
-
- configFile = mkOption {
- default = null;
- type = types.nullOr types.path;
- description = ''
- The configuration file (zabbix.conf.php) which contains the database
- connection settings. If not set, the configuration settings will created
- by the web installer.
- '';
- };
-
- stateDir = mkOption {
- default = "/var/lib/zabbix/frontend";
- description = "
- Directory where the dynamically generated configuration data
- of the PHP frontend will be stored.
- ";
- };
-
- };
-
-}
diff --git a/pkgs/servers/monitoring/zabbix/3.4.nix b/pkgs/servers/monitoring/zabbix/3.4.nix
deleted file mode 100644
index 72e6fa55b003..000000000000
--- a/pkgs/servers/monitoring/zabbix/3.4.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ stdenv, fetchurl, pcre, libiconv, openssl }:
-
-
-let
-
- version = "3.4.8";
- branch = "3.4";
-
- src = fetchurl {
- url = "https://netix.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/${version}/zabbix-${version}.tar.gz";
- sha256 = "cec14993d1ec2c9d8c51f6608c9408620f27174db92edc2347bafa7b841ccc07";
- };
-
-in
-
-{
- agent = stdenv.mkDerivation {
- name = "zabbix-agent-${version}";
-
- inherit src;
-
- configureFlags = [
- "--enable-agent"
- "--with-libpcre=${pcre.dev}"
- "--with-iconv=${libiconv}"
- "--with-openssl=${openssl.dev}"
- ];
- buildInputs = [ pcre libiconv openssl ];
-
- meta = with stdenv.lib; {
- inherit branch;
- description = "An enterprise-class open source distributed monitoring solution (client-side agent)";
- homepage = https://www.zabbix.com/;
- license = licenses.gpl2;
- maintainers = [ maintainers.eelco ];
- platforms = platforms.linux;
- };
- };
-
-}
-
diff --git a/pkgs/servers/monitoring/zabbix/agent.nix b/pkgs/servers/monitoring/zabbix/agent.nix
new file mode 100644
index 000000000000..09f43c755f16
--- /dev/null
+++ b/pkgs/servers/monitoring/zabbix/agent.nix
@@ -0,0 +1,38 @@
+{ stdenv, fetchurl, pkgconfig, libiconv, openssl, pcre }:
+
+import ./versions.nix ({ version, sha256 }:
+ stdenv.mkDerivation {
+ pname = "zabbix-agent";
+ inherit version;
+
+ src = fetchurl {
+ url = "mirror://sourceforge/zabbix/ZABBIX%20Latest%20Stable/${version}/zabbix-${version}.tar.gz";
+ inherit sha256;
+ };
+
+ nativeBuildInputs = [ pkgconfig ];
+ buildInputs = [
+ libiconv
+ openssl
+ pcre
+ ];
+
+ configureFlags = [
+ "--enable-agent"
+ "--with-iconv"
+ "--with-libpcre"
+ "--with-openssl=${openssl.dev}"
+ ];
+
+ postInstall = ''
+ cp conf/zabbix_agentd/*.conf $out/etc/zabbix_agentd.conf.d/
+ '';
+
+ meta = with stdenv.lib; {
+ description = "An enterprise-class open source distributed monitoring solution (client-side agent)";
+ homepage = "https://www.zabbix.com/";
+ license = licenses.gpl2;
+ maintainers = with maintainers; [ mmahut psyanticy ];
+ platforms = platforms.linux;
+ };
+ })
diff --git a/pkgs/servers/monitoring/zabbix/default.nix b/pkgs/servers/monitoring/zabbix/default.nix
deleted file mode 100644
index 47db4a15023c..000000000000
--- a/pkgs/servers/monitoring/zabbix/default.nix
+++ /dev/null
@@ -1,76 +0,0 @@
-{ stdenv, fetchurl, pkgconfig, curl, openssl, zlib, pcre, libevent, mysql, libiconv, libxml2 }:
-
-let
- version = "4.0.9";
-
- src = fetchurl {
- url = "https://netix.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/${version}/zabbix-${version}.tar.gz";
- sha256 = "aa0bc9b5e5ca8e1b49b7551e2c5d86e0342c8630cba3a0b0e0e5d9c846e784d1";
- };
-
-in
-
-{
-
- server = stdenv.mkDerivation {
- name = "zabbix-${version}";
-
- inherit src;
- NIX_CFLAGS_COMPILE = "-L${mysql.connector-c}/lib/mysql -I${mysql.connector-c}/include/mysql";
- configureFlags = [
- "--enable-server"
- "--with-mysql"
- "--with-libcurl"
- "--with-libxml2"
- "--with-zlib"
- "--with-libpcre=${pcre.dev}"
- "--with-libevent=${libevent.dev}"
- "--with-iconv=${libiconv}"
- "--with-openssl=${openssl.dev}"
- ];
-
- nativeBuildInputs = [ pkgconfig ];
- buildInputs = [ mysql curl openssl zlib pcre libxml2 libevent ] ;
-
- postInstall =
- ''
- mkdir -p $out/share/zabbix
- cp -prvd frontends/php $out/share/zabbix/php
- mkdir -p $out/share/zabbix/db/data
- cp -prvd database/mysql/data.sql $out/share/zabbix/db/data/data.sql
- cp -prvd database/mysql/images.sql $out/share/zabbix/db/data/images.sql
- mkdir -p $out/share/zabbix/db/schema
- cp -prvd database/mysql/schema.sql $out/share/zabbix/db/schema/mysql.sql
- '';
-
- meta = with stdenv.lib; {
- description = "An enterprise-class open source distributed monitoring solution (server)";
- homepage = http://www.zabbix.com/;
- license = licenses.gpl2;
- maintainers = [ maintainers.psyanticy ];
- platforms = platforms.linux;
- };
- };
-
- agent = stdenv.mkDerivation {
- name = "zabbix-agent-${version}";
-
- inherit src;
-
- configureFlags = [
- "--enable-agent"
- "--with-libpcre=${pcre.dev}"
- "--with-iconv=${libiconv}"
- "--with-openssl=${openssl.dev}"
- ];
- buildInputs = [ pcre libiconv openssl ];
-
- meta = with stdenv.lib; {
- description = "An enterprise-class open source distributed monitoring solution (client-side agent)";
- homepage = http://www.zabbix.com/;
- license = licenses.gpl2;
- maintainers = [ maintainers.psyanticy ];
- platforms = platforms.linux;
- };
- };
-}
\ No newline at end of file
diff --git a/pkgs/servers/monitoring/zabbix/proxy.nix b/pkgs/servers/monitoring/zabbix/proxy.nix
new file mode 100644
index 000000000000..2062dc6659f8
--- /dev/null
+++ b/pkgs/servers/monitoring/zabbix/proxy.nix
@@ -0,0 +1,79 @@
+{ stdenv, fetchurl, pkgconfig, libevent, libiconv, openssl, pcre, zlib
+, odbcSupport ? true, unixODBC
+, snmpSupport ? true, net_snmp
+, sshSupport ? true, libssh2
+, sqliteSupport ? false, sqlite
+, mysqlSupport ? false, mysql
+, postgresqlSupport ? false, postgresql
+}:
+
+# ensure exactly one database type is selected
+assert mysqlSupport -> !postgresqlSupport && !sqliteSupport;
+assert postgresqlSupport -> !mysqlSupport && !sqliteSupport;
+assert sqliteSupport -> !mysqlSupport && !postgresqlSupport;
+
+let
+ inherit (stdenv.lib) optional optionalString;
+in
+ import ./versions.nix ({ version, sha256 }:
+ stdenv.mkDerivation {
+ pname = "zabbix-proxy";
+ inherit version;
+
+ src = fetchurl {
+ url = "mirror://sourceforge/zabbix/ZABBIX%20Latest%20Stable/${version}/zabbix-${version}.tar.gz";
+ inherit sha256;
+ };
+
+ nativeBuildInputs = [ pkgconfig ];
+ buildInputs = [
+ libevent
+ libiconv
+ openssl
+ pcre
+ zlib
+ ]
+ ++ optional odbcSupport unixODBC
+ ++ optional snmpSupport net_snmp
+ ++ optional sqliteSupport sqlite
+ ++ optional sshSupport libssh2
+ ++ optional mysqlSupport mysql.connector-c
+ ++ optional postgresqlSupport postgresql;
+
+ configureFlags = [
+ "--enable-proxy"
+ "--with-iconv"
+ "--with-libevent"
+ "--with-libpcre"
+ "--with-openssl=${openssl.dev}"
+ "--with-zlib=${zlib}"
+ ]
+ ++ optional odbcSupport "--with-unixodbc"
+ ++ optional snmpSupport "--with-net-snmp"
+ ++ optional sqliteSupport "--with-sqlite3=${sqlite.dev}"
+ ++ optional sshSupport "--with-ssh2=${libssh2.dev}"
+ ++ optional mysqlSupport "--with-mysql"
+ ++ optional postgresqlSupport "--with-postgresql";
+
+ prePatch = ''
+ find database -name data.sql -exec sed -i 's|/usr/bin/||g' {} +
+ '';
+
+ postInstall = ''
+ mkdir -p $out/share/zabbix/database/
+ '' + optionalString sqliteSupport ''
+ mkdir -p $out/share/zabbix/database/sqlite3
+ cp -prvd database/sqlite3/*.sql $out/share/zabbix/database/sqlite3/
+ '' + optionalString postgresqlSupport ''
+ mkdir -p $out/share/zabbix/database/postgresql
+ cp -prvd database/postgresql/schema.sql $out/share/zabbix/database/postgresql/
+ '';
+
+ meta = with stdenv.lib; {
+ description = "An enterprise-class open source distributed monitoring solution (client-server proxy)";
+ homepage = "https://www.zabbix.com/";
+ license = licenses.gpl2;
+ maintainers = [ maintainers.mmahut ];
+ platforms = platforms.linux;
+ };
+ })
diff --git a/pkgs/servers/monitoring/zabbix/server.nix b/pkgs/servers/monitoring/zabbix/server.nix
new file mode 100644
index 000000000000..51ca38e8cfc8
--- /dev/null
+++ b/pkgs/servers/monitoring/zabbix/server.nix
@@ -0,0 +1,86 @@
+{ stdenv, fetchurl, pkgconfig, curl, libevent, libiconv, libxml2, openssl, pcre, zlib
+, jabberSupport ? true, iksemel
+, ldapSupport ? true, openldap
+, odbcSupport ? true, unixODBC
+, snmpSupport ? true, net_snmp
+, sshSupport ? true, libssh2
+, mysqlSupport ? false, mysql
+, postgresqlSupport ? false, postgresql
+}:
+
+# ensure exactly one primary database type is selected
+assert mysqlSupport -> !postgresqlSupport;
+assert postgresqlSupport -> !mysqlSupport;
+
+let
+ inherit (stdenv.lib) optional optionalString;
+in
+ import ./versions.nix ({ version, sha256 }:
+ stdenv.mkDerivation {
+ pname = "zabbix-server";
+ inherit version;
+
+ src = fetchurl {
+ url = "mirror://sourceforge/zabbix/ZABBIX%20Latest%20Stable/${version}/zabbix-${version}.tar.gz";
+ inherit sha256;
+ };
+
+ nativeBuildInputs = [ pkgconfig ];
+ buildInputs = [
+ curl
+ libevent
+ libiconv
+ libxml2
+ openssl
+ pcre
+ zlib
+ ]
+ ++ optional odbcSupport unixODBC
+ ++ optional jabberSupport iksemel
+ ++ optional ldapSupport openldap
+ ++ optional snmpSupport net_snmp
+ ++ optional sshSupport libssh2
+ ++ optional mysqlSupport mysql.connector-c
+ ++ optional postgresqlSupport postgresql;
+
+ configureFlags = [
+ "--enable-server"
+ "--with-iconv"
+ "--with-libcurl"
+ "--with-libevent"
+ "--with-libpcre"
+ "--with-libxml2"
+ "--with-openssl=${openssl.dev}"
+ "--with-zlib=${zlib}"
+ ]
+ ++ optional odbcSupport "--with-unixodbc"
+ ++ optional jabberSupport "--with-jabber"
+ ++ optional ldapSupport "--with-ldap=${openldap.dev}"
+ ++ optional snmpSupport "--with-net-snmp"
+ ++ optional sshSupport "--with-ssh2=${libssh2.dev}"
+ ++ optional mysqlSupport "--with-mysql"
+ ++ optional postgresqlSupport "--with-postgresql";
+
+ prePatch = ''
+ find database -name data.sql -exec sed -i 's|/usr/bin/||g' {} +
+ '';
+
+ postInstall = ''
+ mkdir -p $out/share/zabbix/database/
+ cp -r include $out/
+ '' + optionalString mysqlSupport ''
+ mkdir -p $out/share/zabbix/database/mysql
+ cp -prvd database/mysql/*.sql $out/share/zabbix/database/mysql/
+ '' + optionalString postgresqlSupport ''
+ mkdir -p $out/share/zabbix/database/postgresql
+ cp -prvd database/postgresql/*.sql $out/share/zabbix/database/postgresql/
+ '';
+
+ meta = with stdenv.lib; {
+ description = "An enterprise-class open source distributed monitoring solution";
+ homepage = "https://www.zabbix.com/";
+ license = licenses.gpl2;
+ maintainers = with maintainers; [ mmahut psyanticy ];
+ platforms = platforms.linux;
+ };
+ })
diff --git a/pkgs/servers/monitoring/zabbix/versions.nix b/pkgs/servers/monitoring/zabbix/versions.nix
new file mode 100644
index 000000000000..7b6b5d8fcccb
--- /dev/null
+++ b/pkgs/servers/monitoring/zabbix/versions.nix
@@ -0,0 +1,16 @@
+generic: {
+ v42 = generic {
+ version = "4.2.3";
+ sha256 = "0865c1a9vcgg4syhp5133rw9v1h65lp0g1y2f758jb9x9ybrr01s";
+ };
+
+ v40 = generic {
+ version = "4.0.9";
+ sha256 = "1lc4wx3cing5w2qa18yb6232qd70hrfjq7jmnx4ip3nawnswj2xa";
+ };
+
+ v30 = generic {
+ version = "3.0.28";
+ sha256 = "16966danf5ww4lhjg5gx5bnpid8abxh2ymdg6k5mymrman5bcdjj";
+ };
+}
diff --git a/pkgs/servers/monitoring/zabbix/web.nix b/pkgs/servers/monitoring/zabbix/web.nix
new file mode 100644
index 000000000000..c4cf5d044dae
--- /dev/null
+++ b/pkgs/servers/monitoring/zabbix/web.nix
@@ -0,0 +1,32 @@
+{ stdenv, fetchurl, writeText }:
+
+import ./versions.nix ({ version, sha256 }:
+ stdenv.mkDerivation rec {
+ pname = "zabbix-web";
+ inherit version;
+
+ src = fetchurl {
+ url = "mirror://sourceforge/zabbix/ZABBIX%20Latest%20Stable/${version}/zabbix-${version}.tar.gz";
+ inherit sha256;
+ };
+
+ phpConfig = writeText "zabbix.conf.php" ''
+
+ '';
+
+ installPhase = ''
+ mkdir -p $out/share/zabbix/
+ cp -a frontends/php/. $out/share/zabbix/
+ cp ${phpConfig} $out/share/zabbix/conf/zabbix.conf.php
+ '';
+
+ meta = with stdenv.lib; {
+ description = "An enterprise-class open source distributed monitoring solution (web frontend)";
+ homepage = "https://www.zabbix.com/";
+ license = licenses.gpl2;
+ maintainers = [ maintainers.mmahut ];
+ platforms = platforms.linux;
+ };
+ })
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index b354e0a7ac80..fff202583a6a 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -14959,9 +14959,24 @@ in
youtrack = callPackage ../servers/jetbrains/youtrack.nix { };
- zabbix = recurseIntoAttrs (callPackages ../servers/monitoring/zabbix {});
+ zabbixFor = version: rec {
+ agent = (callPackages ../servers/monitoring/zabbix/agent.nix {}).${version};
+ proxy-mysql = (callPackages ../servers/monitoring/zabbix/proxy.nix { mysqlSupport = true; }).${version};
+ proxy-pgsql = (callPackages ../servers/monitoring/zabbix/proxy.nix { postgresqlSupport = true; }).${version};
+ proxy-sqlite = (callPackages ../servers/monitoring/zabbix/proxy.nix { sqliteSupport = true; }).${version};
+ server-mysql = (callPackages ../servers/monitoring/zabbix/server.nix { mysqlSupport = true; }).${version};
+ server-pgsql = (callPackages ../servers/monitoring/zabbix/server.nix { postgresqlSupport = true; }).${version};
+ web = (callPackages ../servers/monitoring/zabbix/web.nix {}).${version};
- zabbix34 = callPackage ../servers/monitoring/zabbix/3.4.nix { };
+ # backwards compatibility
+ server = server-pgsql;
+ };
+
+ zabbix42 = zabbixFor "v42";
+ zabbix40 = zabbixFor "v40";
+ zabbix30 = zabbixFor "v30";
+
+ zabbix = zabbix42;
zipkin = callPackage ../servers/monitoring/zipkin { };