commit 662f89040f8166ead9af04452233f6d86605c63a Author: SantaSpeen Date: Tue Nov 21 14:11:05 2023 +0300 init diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..5fb3a3b --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,215 @@ +version: "3.8" +services: + zabbix-server: + image: zabbix/zabbix-server-pgsql:6.0-alpine-latest + container_name: zabbix-server + restart: unless-stopped + ports: + - "10051:10051" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro + - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro + - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw + - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + links: + - postgres-server:postgres-server + ulimits: + nproc: 65535 + nofile: + soft: 20000 + hard: 40000 + deploy: + resources: + limits: + cpus: "0.70" + memory: 1G + reservations: + cpus: "0.5" + memory: 512M + env_file: + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_srv + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + depends_on: + - postgres-server + networks: + zbx_net_backend: + ipv4_address: 172.16.239.101 + aliases: + - zabbix-server + - zabbix-server-pgsql + - zabbix-server-alpine-pgsql + - zabbix-server-pgsql-alpine + zbx_net_frontend: + ipv4_address: 172.16.238.101 + stop_grace_period: 30s + sysctls: + - net.ipv4.ip_local_port_range=1024 65000 + - net.ipv4.conf.all.accept_redirects=0 + - net.ipv4.conf.all.secure_redirects=0 + - net.ipv4.conf.all.send_redirects=0 + labels: + com.zabbix.description: "Zabbix server with PostgreSQL database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-server" + com.zabbix.dbtype: "pgsql" + com.zabbix.os: "alpine" + + zabbix-web-nginx-pgsql: + container_name: zabbix-web + image: zabbix/zabbix-web-nginx-pgsql:6.0-alpine-latest + restart: unless-stopped + ports: + - "8080:8080" + - "8443:8443" + links: + - postgres-server:postgres-server + - zabbix-server:zabbix-server + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro + - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro + deploy: + resources: + limits: + cpus: "0.70" + memory: 512M + reservations: + cpus: "0.5" + memory: 256M + env_file: + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + depends_on: + - postgres-server + - zabbix-server + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/"] + interval: 10s + timeout: 5s + retries: 3 + start_period: 30s + networks: + zbx_net_backend: + ipv4_address: 172.16.239.102 + aliases: + - zabbix-web-nginx-pgsql + - zabbix-web-nginx-alpine-pgsql + - zabbix-web-nginx-pgsql-alpine + zbx_net_frontend: + ipv4_address: 172.16.238.102 + ingress_gateway: + aliases: + - zabbix-web-nginx-pgsql + - zabbix-web-nginx-alpine-pgsql + - zabbix-web-nginx-pgsql-alpine + stop_grace_period: 10s + labels: + com.zabbix.description: "Zabbix frontend on Nginx web-server with PostgreSQL database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-frontend" + com.zabbix.webserver: "nginx" + com.zabbix.dbtype: "pgsql" + com.zabbix.os: "alpine" + + zabbix-agent: + image: zabbix/zabbix-agent:alpine-6.0-latest + profiles: + - full + - all + ports: + - "10050:10050" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro + - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + deploy: + resources: + limits: + cpus: '0.2' + memory: 128M + reservations: + cpus: '0.1' + memory: 64M + mode: global + env_file: + - ./env_vars/.env_agent + privileged: true + pid: "host" + networks: + zbx_net_backend: + aliases: + - zabbix-agent + - zabbix-agent-passive + - zabbix-agent-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix agent" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-agentd" + com.zabbix.os: "alpine" + + postgres-server: + container_name: zabbix-db + image: postgres:13.5-alpine3.15 + restart: unless-stopped + volumes: + - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw + # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro + # - ./.ZBX_DB_CERT_FILE:/run/secrets/server-cert.pem:ro + # - ./.ZBX_DB_KEY_FILE:/run/secrets/server-key.pem:ro + env_file: + - ./env_vars/.env_db_pgsql + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + stop_grace_period: 1m + networks: + zbx_net_backend: + ipv4_address: 172.16.239.104 + aliases: + - postgres-server + - pgsql-server + - pgsql-database + +networks: + zbx_net_frontend: + driver: bridge + driver_opts: + com.docker.network.enable_ipv6: "false" + ipam: + driver: default + config: + - subnet: 172.16.238.0/24 + zbx_net_backend: + driver: bridge + driver_opts: + com.docker.network.enable_ipv6: "false" + internal: true + ipam: + driver: default + config: + - subnet: 172.16.239.0/24 + ingress_gateway: + internal: true + name: ingress_gateway + +secrets: + POSTGRES_USER: + file: ./env_vars/.POSTGRES_USER + POSTGRES_PASSWORD: + file: ./env_vars/.POSTGRES_PASSWORD \ No newline at end of file diff --git a/env_vars/.POSTGRES_PASSWORD b/env_vars/.POSTGRES_PASSWORD new file mode 100644 index 0000000..c0a5886 --- /dev/null +++ b/env_vars/.POSTGRES_PASSWORD @@ -0,0 +1 @@ +zabbix \ No newline at end of file diff --git a/env_vars/.POSTGRES_USER b/env_vars/.POSTGRES_USER new file mode 100644 index 0000000..c0a5886 --- /dev/null +++ b/env_vars/.POSTGRES_USER @@ -0,0 +1 @@ +zabbix \ No newline at end of file diff --git a/env_vars/.env_agent b/env_vars/.env_agent new file mode 100644 index 0000000..f13254f --- /dev/null +++ b/env_vars/.env_agent @@ -0,0 +1,39 @@ +# ZBX_SOURCEIP= +# ZBX_DEBUGLEVEL=3 +# ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +# ZBX_LOGREMOTECOMMANDS=0 +# ZBX_FORCEACTIVECHECKSONSTART=0 # Available since 6.0.2 +# ZBX_HOSTINTERFACE= # Available since 4.4.0 +# ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 +# ZBX_SERVER_HOST=zabbix-server +ZBX_PASSIVE_ALLOW=false +# ZBX_PASSIVESERVERS= +ZBX_ACTIVE_ALLOW=true +ZBX_ACTIVESERVERS=zabbix-server +# ZBX_LISTENIP= +# ZBX_LISTENBACKLOG= +# ZBX_STARTAGENTS=3 +# ZBX_HOSTNAME= +# ZBX_HOSTNAMEITEM=system.hostname +# ZBX_METADATA= +# ZBX_METADATAITEM= +# ZBX_REFRESHACTIVECHECKS=120 +# ZBX_BUFFERSEND=5 +# ZBX_BUFFERSIZE=100 +# ZBX_MAXLINESPERSECOND=20 +# ZBX_ALIAS="" +# ZBX_TIMEOUT=3 +# ZBX_UNSAFEUSERPARAMETERS=0 +# ZBX_LOADMODULE="dummy1.so,dummy2.so,dummy10.so" +# ZBX_TLSCONNECT=unencrypted +# ZBX_TLSACCEPT=unencrypted +# ZBX_TLSCAFILE= +# ZBX_TLSCRLFILE= +# ZBX_TLSSERVERCERTISSUER= +# ZBX_TLSSERVERCERTSUBJECT= +# ZBX_TLSCERTFILE= +# ZBX_TLSKEYFILE= +# ZBX_TLSPSKIDENTITY= +# ZBX_TLSPSKFILE= +# ZBX_DENYKEY=system.run[*] +# ZBX_ALLOWKEY= \ No newline at end of file diff --git a/env_vars/.env_db_pgsql b/env_vars/.env_db_pgsql new file mode 100644 index 0000000..d627bf5 --- /dev/null +++ b/env_vars/.env_db_pgsql @@ -0,0 +1,10 @@ +DB_SERVER_HOST=zabbix-db +DB_SERVER_PORT=5432 +POSTGRES_USER=zabbix +# POSTGRES_USER_FILE=/run/secrets/POSTGRES_USER +POSTGRES_PASSWORD=zabbix +# POSTGRES_PASSWORD_FILE=/run/secrets/POSTGRES_PASSWORD +POSTGRES_DB=zabbix +# DB_SERVER_SCHEMA=public +ENABLE_TIMESCALEDB=true +POSTGRES_USE_IMPLICIT_SEARCH_PATH=false diff --git a/env_vars/.env_srv b/env_vars/.env_srv new file mode 100644 index 0000000..3791f63 --- /dev/null +++ b/env_vars/.env_srv @@ -0,0 +1,62 @@ +# ZBX_LISTENIP= +# ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5 +# ZBX_HISTORYSTORAGETYPES=uint,dbl,str,log,text # Available since 3.4.5 +# ZBX_DBTLSCONNECT=required # Available since 5.0.0 +# ZBX_DBTLSCAFILE=/run/secrets/root-ca.pem # Available since 5.0.0 +# ZBX_DBTLSCERTFILE=/run/secrets/client-cert.pem # Available since 5.0.0 +# ZBX_DBTLSKEYFILE=/run/secrets/client-key.pem # Available since 5.0.0 +# ZBX_DBTLSCIPHER= # Available since 5.0.0 +# ZBX_DBTLSCIPHER13= # Available since 5.0.0 +# ZBX_DEBUGLEVEL=3 +# ZBX_STARTPOLLERS=5 +# ZBX_IPMIPOLLERS=0 +# ZBX_STARTPREPROCESSORS=3 # Available since 3.4.0 +# ZBX_STARTPOLLERSUNREACHABLE=1 +# ZBX_STARTTRAPPERS=5 +# ZBX_STARTPINGERS=1 +# ZBX_STARTDISCOVERERS=1 +# ZBX_STARTHTTPPOLLERS=1 +# ZBX_STARTTIMERS=1 +# ZBX_STARTESCALATORS=1 +# ZBX_STARTALERTERS=3 # Available since 3.4.0 +ZBX_JAVAGATEWAY_ENABLE=false +# ZBX_JAVAGATEWAY=zabbix-java-gateway +# ZBX_JAVAGATEWAYPORT=10052 +# ZBX_STARTJAVAPOLLERS=5 +# ZBX_STARTVMWARECOLLECTORS=0 +# ZBX_VMWAREFREQUENCY=60 +# ZBX_VMWAREPERFFREQUENCY=60 +# ZBX_VMWARECACHESIZE=8M +# ZBX_VMWARETIMEOUT=10 +ZBX_ENABLE_SNMP_TRAPS=false +# ZBX_SOURCEIP= +# ZBX_HOUSEKEEPINGFREQUENCY=1 +# ZBX_MAXHOUSEKEEPERDELETE=5000 +# ZBX_SENDERFREQUENCY=30 +# ZBX_CACHESIZE=8M +# ZBX_CACHEUPDATEFREQUENCY=60 +# ZBX_STARTDBSYNCERS=4 +# ZBX_HISTORYCACHESIZE=16M +# ZBX_HISTORYINDEXCACHESIZE=4M +# ZBX_TRENDCACHESIZE=4M +# ZBX_VALUECACHESIZE=8M +# ZBX_TIMEOUT=4 +# ZBX_TRAPPERTIMEOUT=300 +# ZBX_UNREACHABLEPERIOD=45 +# ZBX_UNAVAILABLEDELAY=60 +# ZBX_UNREACHABLEDELAY=15 +# ZBX_LOGSLOWQUERIES=3000 +# ZBX_EXPORTFILESIZE= +# ZBX_STARTPROXYPOLLERS=1 +# ZBX_PROXYCONFIGFREQUENCY=3600 +# ZBX_PROXYDATAFREQUENCY=1 +# ZBX_LOADMODULE="dummy1.so,dummy2.so,dummy10.so" +# ZBX_TLSCAFILE= +# ZBX_TLSCRLFILE= +# ZBX_TLSCERTFILE= +# ZBX_TLSKEYFILE= +# ZBX_VAULTDBPATH= +# ZBX_VAULTURL=https://127.0.0.1:8200 +# VAULT_TOKEN= +# ZBX_STARTREPORTWRITERS=0 +# ZBX_WEBSERVICEURL=http://zabbix-web-service:10053/report diff --git a/env_vars/.env_web b/env_vars/.env_web new file mode 100644 index 0000000..e345c68 --- /dev/null +++ b/env_vars/.env_web @@ -0,0 +1,27 @@ +ZBX_SERVER_HOST=zabbix-server +ZBX_SERVER_PORT=10051 +ZBX_SERVER_NAME=Terra +# ZBX_DB_ENCRYPTION=true # Available since 5.0.0 +# ZBX_DB_KEY_FILE=/run/secrets/client-key.pem # Available since 5.0.0 +# ZBX_DB_CERT_FILE=/run/secrets/client-cert.pem # Available since 5.0.0 +# ZBX_DB_CA_FILE=/run/secrets/root-ca.pem # Available since 5.0.0 +# ZBX_DB_VERIFY_HOST=false # Available since 5.0.0 +# ZBX_DB_CIPHER_LIST= # Available since 5.0.0 +# ZBX_VAULTDBPATH= +# ZBX_VAULTURL=https://127.0.0.1:8200 +# VAULT_TOKEN= +# ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5 +# ZBX_HISTORYSTORAGETYPES=['uint', 'dbl', 'str', 'text', 'log'] # Available since 3.4.5 +# ZBX_SSO_SETTINGS=[] # Available since 5.0.0 +ENABLE_WEB_ACCESS_LOG=true +# ZBX_MAXEXECUTIONTIME=600 +# ZBX_MEMORYLIMIT=128M +# ZBX_POSTMAXSIZE=16M +# ZBX_UPLOADMAXFILESIZE=2M +# ZBX_MAXINPUTTIME=300 +# ZBX_SESSION_NAME=zbx_sessionid +# Timezone one of: http://php.net/manual/en/timezones.php +# PHP_TZ=Europe/Riga +# ZBX_DENY_GUI_ACCESS=false +# ZBX_GUI_ACCESS_IP_RANGE=['127.0.0.1'] +ZBX_GUI_WARNING_MSG=Zabbix Maintenance Mode diff --git a/env_vars/.env_web_service b/env_vars/.env_web_service new file mode 100644 index 0000000..1d473f1 --- /dev/null +++ b/env_vars/.env_web_service @@ -0,0 +1,9 @@ +# ZBX_DEBUGLEVEL=3 +ZBX_ALLOWEDIP=zabbix-server +# ZBX_LISTENPORT=10053 +# ZBX_LISTENIP= +# ZBX_TIMEOUT=3 +# ZBX_TLSACCEPT=unencrypted +# ZBX_TLSCAFILE= +# ZBX_TLSCERTFILE= +# ZBX_TLSKEYFILE=