Input: Prompts for Container Name, IP Address, VMID, CPU Cores, and Memory.
Actions:
1. Connects to Proxmox API to create a new unprivileged LXC container.
2. Injects SSH Keys: Uses vars.yml to inject public keys directly into /root/.ssh/authorized_keys (bypassing password auth).
3. Starts the container and waits for connectivity.
4. Automatically secures the container (creates mbuz user, secures SSH, disables root) effectively running the logic of lxc_setup_ubuntu.yml.
5. Adds the new host to inventory/hosts.ini in the [lxc] group.

Secures a fresh Ubuntu installation.

Target: Hosts in the [new] group (or fresh installs).
Actions:
1. Creates the administrative user (mbuz).
2. Sets up SSH public key authentication.
3. Disables root login and password authentication for SSH.
4. Configures passwordless sudo for the admin user.
5. Inventory Update: Moves the host from the [new] group to the [lxc] group in hosts.ini.

Provisions application dependencies on managed hosts.

Target: Existing managed hosts (e.g., [lxc]).
Actions:
1. Installs git and core utilities.
2. Clones the central Docker configuration repository from the local Gitea server.
3. Prepares the /opt/docker directory structure.

Maintenance & Upgrades

Performs system-wide updates.

Target: All Ubuntu hosts.
Actions:
1. Updates apt cache.
2. Performs dist-upgrade.
3. Autoremoves unused packages.
4. Checks for and notifies if a reboot is required.

Updates Zabbix Agent.

Target: zagents group.
Actions:
1. Ensures zabbix-agent2 is installed and updated to the latest available version.

Installs Zabbix Proxy and Agent.

Target: Specific Zabbix Proxy host.
Actions:
1. Downloads and installs the Zabbix release package.
2. Installs zabbix-proxy-sqlite3 and zabbix-agent2.
3. Configures PSK encryption and connection settings using secrets.yml.