added certificate data extraction in zabbix agent role

zabbix · Aug 28, 2023 · e59b026 · e59b026
1 parent d538bd6
commit e59b026
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/roles/zabbix_agent/tasks/host.yml b/roles/zabbix_agent/tasks/host.yml
@@ -1,3 +1,20 @@
+### Extract cert data for host: requires openssl installation on
+- name: 'Prepare certificate data'
+  when: >-
+    (param_tlsconnect == "cert" or "cert" in param_tlsaccept)
+    and source_tlscertfile is defined
+    and certificate_extract_data is defined and certificate_extract_data
+  block:
+    - name: Get certificate info
+      local_action: ansible.builtin.command openssl x509 -in {{ source_tlscertfile }} -noout --subject --issuer
+      changed_when: false
+      register: zabbix_agent_cert_data
+    - name: 'SET FACT : Certificate issuer and subject'
+      ansible.builtin.set_fact:
+        zabbix_host_tls_issuer: '{{ zabbix_agent_cert_data.stdout | regex_search("issuer=(.*)$", "\1", multiline=True) | first | replace(" ", "") }}'
+        zabbix_host_tls_subject: '{{ zabbix_agent_cert_data.stdout| regex_search("subject=(.*)$", "\1", multiline=True) | first | replace(" ", "") }}'
+  tags: [host]
+
 ### Compone list of unique hostgroup names from all hosts, that reached this taks without failures.
 - name: 'Prepare hostgroups block'
   when: >-