[Zabbix Agent] TLSPSKFile config is always set breaking configuration
Kajot-dev opened this issue · 3 comments
SUMMARY
Zabbix agent role has a default value for zabbix_agent_tlspskfile
set. Then when templating .conf
file
There is only check whether this variable is not defined or null. This leads to invalid configuration when using zabbix_agent_tlsconnect
or zabbix_agent_tlsaccept
is set to for example cert
:
cannot use encryption configuration: TLSPSKFile configuration parameter set without PSK being used
ISSUE TYPE
- Bug Report
COMPONENT NAME
Zabbix agent role
ANSIBLE VERSION
2.17.0
OS / ENVIRONMENT / Zabbix Version
Zabbix 7.0
STEPS TO REPRODUCE
Try to configure zabbix agent with the role using "cert" mode. Role completes successfully but zabbix-agent2 service fails instantly
EXPECTED RESULTS
TLSPSKFile is not set when zabbix_agent_tlsconnect
and/or zabbix_agent_tlsconnect
is set to something different than psk
.
ACTUAL RESULTS
cannot use encryption configuration: TLSPSKFile configuration parameter set without PSK being used
And using newest release 3.0.0
This is even worse. Situation where zabbix_agent_tlspskfile
is undefined or None
is not even possible because of:
Which will fail
+1 to this!