--- - hosts: all become: yes remote_user: ansible gather_facts: false vars: docker_compose_definition: | services: # Zabbix database zabbix-db: container_name: zabbix-db image: mariadb:10.11.4 restart: always volumes: - ${ZABBIX_DATA_PATH}/zabbix-db/mariadb:/var/lib/mysql:rw - ${ZABBIX_DATA_PATH}/zabbix-db/backups:/backups command: - mariadbd - --character-set-server=utf8mb4 - --collation-server=utf8mb4_bin - --default-authentication-plugin=mysql_native_password environment: - MYSQL_USER=${MYSQL_USER} - MYSQL_PASSWORD=${MYSQL_PASSWORD} - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} stop_grace_period: 1m # Zabbix server zabbix-server: container_name: zabbix-server image: zabbix/zabbix-server-mysql:ubuntu-6.4-latest restart: always ports: - 10051:10051 volumes: - /etc/localtime:/etc/localtime:ro - ${ZABBIX_DATA_PATH}/zabbix-server/alertscripts:/usr/lib/zabbix/alertscripts:ro - ${ZABBIX_DATA_PATH}/zabbix-server/externalscripts:/usr/lib/zabbix/externalscripts:ro - ${ZABBIX_DATA_PATH}/zabbix-server/dbscripts:/var/lib/zabbix/dbscripts:ro - ${ZABBIX_DATA_PATH}/zabbix-server/export:/var/lib/zabbix/export:rw - ${ZABBIX_DATA_PATH}/zabbix-server/modules:/var/lib/zabbix/modules:ro - ${ZABBIX_DATA_PATH}/zabbix-server/enc:/var/lib/zabbix/enc:ro - ${ZABBIX_DATA_PATH}/zabbix-server/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ${ZABBIX_DATA_PATH}/zabbix-server/mibs:/var/lib/zabbix/mibs:ro environment: - MYSQL_ROOT_USER=root - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - DB_SERVER_HOST=zabbix-db - ZBX_STARTPINGERS=${ZBX_STARTPINGERS} depends_on: - zabbix-db stop_grace_period: 30s sysctls: - net.ipv4.ip_local_port_range=1024 65000 - net.ipv4.conf.all.accept_redirects=0 - net.ipv4.conf.all.secure_redirects=0 - net.ipv4.conf.all.send_redirects=0 # Zabbix web UI zabbix-web: container_name: zabbix-web image: zabbix/zabbix-web-nginx-mysql:ubuntu-6.4-latest restart: always ports: - 8080:8080 volumes: - /etc/localtime:/etc/localtime:ro - ${ZABBIX_DATA_PATH}/zabbix-web/nginx:/etc/ssl/nginx:ro - ${ZABBIX_DATA_PATH}/zabbix-web/modules/:/usr/share/zabbix/modules/:ro environment: - MYSQL_USER=${MYSQL_USER} - MYSQL_PASSWORD=${MYSQL_PASSWORD} - DB_SERVER_HOST=zabbix-db - ZBX_SERVER_HOST=zabbix-server - ZBX_SERVER_NAME=Zabbix Docker - PHP_TZ=America/Chicago depends_on: - zabbix-db - zabbix-server stop_grace_period: 10s tasks: - name: Upgrade-packages.yml - update packages include: ../../lib/upgrade-packages.yml - name: Install-docker.yml - setting up docker include: ../../lib/install-docker.yml - name: Install Restic and setup include: ../../lib/setup-restic.yml - name: Setup Restic Cron jobs include: ../../lib/setup-restic-cron.yml - name: Create zabbix user user: name: zabbix uid: 2005 group: users state: present create_home: yes home: /home/zabbix shell: /bin/bash - name: Install Python Packages apt: name: - python3-full - python3-pip state: present update_cache: yes - name: Setup Service copy: dest: /etc/systemd/system/zabbix.service content: | [Unit] Description=zabbix After=network.target [Service#] User=docker WorkingDirectory=/home/docker ExecStart=/usr/bin/docker compose --env-file ./docker-compose.env -f docker-compose.yml up -d Restart=always [Install] WantedBy=multi-user.target owner: root group: root mode: '0644' - name: Write docker-compose.yml ansible.builtin.copy: content: "{{ docker_compose_definition }}" dest: /home/docker/docker-compose.yml owner: docker group: docker mode: u=rw,g=r,o=r - name: Write docker-compose.env ansible.builtin.copy: src: docker-compose.env dest: /home/docker/docker-compose.env owner: docker group: docker mode: u=rw,g=r,o=r - name: Check if zabbix directory exists stat: path: /zabbix register: zabbix_stat - name: Restore zabbix Dir shell: | restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / restore latest args: chdir: /home/restic creates: /zabbix when: not zabbix.stat.exists or not zabbix_stat.stat.isdir - name: Reload systemd daemon systemd: daemon_reload: yes - name: Start zabbix Service systemd: name: zabbix state: started enabled: yes