search

ansible-collections / community.zabbix

Zabbix Ansible modules
http://galaxy.ansible.com/community/zabbix
Other
315 stars 265 forks source link

DRAFT: Fixed PSK Logic #1298

Closed pyrodie18 closed 1 week ago

pyrodie18 commented 1 week ago
SUMMARY

This change adds logic that that the PSK identify and secret files are touched unless encryption is set to PSK and solves #1297.

ISSUE TYPE
K3ndu commented 1 week ago

"msg": "The conditional check 'zabbix_agent_tlsaccept == 'psk' or zabbix_agent_tlsconnect == 'psk'' failed. The error was: error while evaluating conditional (zabbix_agent_tlsaccept == 'psk' or zabbix_agent_tlsconnect == 'psk'): 'zabbix_agent_tlsaccept' is undefined

Should be (zabbix_agent_tlsaccept is defined and zabbix_agent_tlsaccept == 'psk') or (zabbix_agent_tlsconnect is defined and zabbix_agent_tlsconnect == 'psk')

Also troy has added zabbix_agent_tlspskfile value to defaults

Kajot-dev commented 1 week ago

This solves the problem partially because zabbix_agent_tlspskfile has default value and thus config will be always in the configuration (event if it's not supposed to). The same check can be added to configuration template (or default value can be changed).

With the current state of this PR this will be possible to mitigate by explicitly setting zabbix_agent_tlspskfile to None/null

pyrodie18 commented 1 week ago

OK I think this will fix it.