Skip to content

siedi/zabbix-autossh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
autossh-start.sh
autossh-start.sh
 
 
id_rsa
id_rsa
 
 

Repository files navigation

zabbix-autossh

While running a Zabbix server at home using the nice https://github.com/monitoringartist/zabbix-xxl, I want it to connect to the agents on my public servers. To not expose the Zabbix agents to the internet, I run it only on the localhost interface. iptables would be an option, but my home IP is dynamic and changes from time to time. To make the connection between the Zabbix server and agents, I run an ssh tunnel, controled by autssh.

Setup docker container

Either you build the image by yourself, already including the private key file, then follow the first three steps. Or you can mount a host volume includig your generated id_rsa file by adding the option -v /path/to/your/id_rsa:/root/.ssh/id_rsa

Clone Repository

git clone https://github.com/siedi/zabbix-autossh.git

Generate your own keys

ssh-keygen -t rsa -b 4096 -f ./id_rsa -C "[email protected]"

Build new image

docker build -t siedi/zabbix-autossh .

Setup server with Zabbix agent

(borrowed from https://sathya.de/blog/how-tos/setup-zabbix-agent-through-ssh-tunnel-on-debian/)

Assuming you have already installed the zabbix-agent, e.g. with

aptitude install zabbix-agent

Edit /etc/zabbix/zabbix_agentd.conf and make the following changes

ListenIP=127.0.0.1

Add a new user we are using for the ssh tunnel

adduser --system --group zabbixagent

Copy the previously generated public key file id_rsa.pub to /home/zabbixagent/.ssh/authorized_keys

Set the right permissions

chown -R zabbixagent:zabbixagent /home/zabbixagent
chmod 440 /home/zabbixagent/.ssh/authorized_keys

Run the container

Start the container and the ssh tunnel

docker run -d --name autossh-yourserver -t -i siedi/zabbix-autossh [email protected] -p 2222

Link that container in your Zabbix Server container, e.g.

docker run \
    -d \
    --name zabbix \
    -p 8085:80 \
    -p 10051:10051 \
    -v /etc/localtime:/etc/localtime:ro \
    --link zabbix-db:zabbix.db \
    --link autossh-yourserver:yourserver \
    --env="ZS_DBHost=zabbix.db" \
    ....
    monitoringartist/zabbix-3.0-xxl:latest

Add Agent to Zabbix

In the Zabbix server add the new host to your configuration. In the agent config of that host add "yourserver" as the DNS name. Port is default.

You can also add a discovery rule by scanning the IP range 172.17.0.1-254.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages