Closed Kajot-dev closed 1 week ago
And using newest release 3.0.0
This is even worse. Situation where zabbix_agent_tlspskfile
is undefined or None
is not even possible because of:
https://github.com/ansible-collections/community.zabbix/blob/45ed88b2abbaffb8869bcb102ac2ce5ed6694769/roles/zabbix_agent/tasks/psk_secret.yml#L21
Which will fail
+1 to this!
SUMMARY
Zabbix agent role has a default value for
zabbix_agent_tlspskfile
set. Then when templating.conf
file https://github.com/ansible-collections/community.zabbix/blob/45ed88b2abbaffb8869bcb102ac2ce5ed6694769/roles/zabbix_agent/templates/agent.conf.j2#L138There is only check whether this variable is not defined or null. This leads to invalid configuration when using
zabbix_agent_tlsconnect
orzabbix_agent_tlsaccept
is set to for examplecert
:ISSUE TYPE
COMPONENT NAME
Zabbix agent role
ANSIBLE VERSION
OS / ENVIRONMENT / Zabbix Version
Zabbix 7.0
STEPS TO REPRODUCE
Try to configure zabbix agent with the role using "cert" mode. Role completes successfully but zabbix-agent2 service fails instantly
EXPECTED RESULTS
TLSPSKFile is not set when
zabbix_agent_tlsconnect
and/orzabbix_agent_tlsconnect
is set to something different thanpsk
.ACTUAL RESULTS