FIX: Fixing broken rebase :D

.gitignore

@@ -1,3 +1,2 @@
 .vscode/
 Ansible/secrets.yml
-Ansible/inventory/hosts.ini

Ansible/README.md

@@ -4,10 +4,10 @@ This Ansible setup is designed to automate the configuration and maintenance of
 
 ## Directory Structure
 
-- `inventory/`: Contains the inventory files that define the hosts and groups of hosts managed by Ansible. The `hosts.ini` file should be updated with your server details, and `example_hosts.ini` serves as a template.
+-   `inventory/`: Contains the inventory files that define the hosts and groups of hosts managed by Ansible.
-- `group_vars/`: This directory can be used to store variables that apply to specific groups of hosts defined in the inventory.
+-   `playbooks/`: Contains the Ansible playbooks for various automation tasks.
-- `*.yml` files: These are the Ansible playbooks that define the automation tasks.
+-   `secrets.yml`: This file is intended to store sensitive data like passwords and API keys. It is recommended to encrypt this file using Ansible Vault.
-- `secrets.yml`: This file is intended to store sensitive data like passwords and API keys. It is recommended to encrypt this file using Ansible Vault. An `example_secrets.yml` is provided as a template.
+-   `example_secrets.yml`: An example secrets file.
 -   `vars.yml`: This file can be used to store non-sensitive variables that are used across multiple playbooks.
 
 ## Getting Started
@@ -17,5 +17,5 @@ This Ansible setup is designed to automate the configuration and maintenance of
 3.  **Secrets:** Create a `secrets.yml` file based on the `example_secrets.yml` template and encrypt it using Ansible Vault for security.
 4.  **Run a Playbook:** You can run a playbook using the `ansible-playbook` command. For example:
     ```bash
-    ansible-playbook -i inventory/hosts.ini apt_upgrade.yml
+    ansible-playbook -i inventory/hosts.ini playbooks/apt_upgrade.yml
     ```

Ansible/example_secrets.yml

@@ -1,2 +1,7 @@
 # Copy this into secrets.yml and replate with a real values
 ansible_password: 'REPLACE_WITH_ROOT_PASSWORD'
+# Zabbix proxy parameters for connecting to Zabbix server
+zabbix_server_address: 'x.x.x.x'
+zabbix_psk_identity: '<zabbix_psk_identity'
+zabbix_proxy_hostname: '<zabbix_proxy_hostname>' # if needed, in the actual playbook it is set to the hostname of the target
+zabbix_proxy_psk: 'REPLACE_WITH_ZABBIX_PSK'

Ansible/inventory/example_hosts.ini

@@ -1,30 +0,0 @@
-[all:vars]
-ansible_user = mbuz
-ansible_ssh_private_key_file = /home/mbuz/.ssh/id_rsa
-
-[proxmox]
-proxmox-host ansible_host=x.x.x.x
-
-[docker]
-docker-apps ansible_host=x.x.x.x
-docker-cloud ansible_host=x.x.x.x
-
-#[truenas]
-#truenas ansible_host=x.x.x.x
-
-[raspberry_pi]
-raspberry-pi ansible_host=x.x.x.x
-
-[lxc]
-ansible ansible_host=x.x.x.x
-zabbix-proxy ansible_host=x.x.x.x
-pi-hole ansible_host=x.x.x.x
-
-[proxmox_backup]
-proxmox-backup ansible_host=x.x.x.x
-
-# This is a group of groups. It includes all hosts in the 'docker' and 'raspberry_pi' groups.
-[ubuntu:children]
-docker
-raspberry_pi
-lxc

Ansible/inventory/hosts.ini

@@ -0,0 +1,34 @@
+[all:vars]
+ansible_user = mbuz
+ansible_ssh_private_key_file = /home/mbuz/.ssh/id_ed25519
+
+[proxmox]
+proxmox_host ansible_host=10.0.0.1
+
+[ubuntu_servers]
+raspberry-pi ansible_host=10.0.0.5
+oracle-arm ansible_host=130.61.76.209 ansible_user=ubuntu
+
+[docker]
+docker-apps ansible_host=10.0.0.101
+docker-cloud ansible_host=10.0.0.102
+
+[filestorage]
+truenas ansible_host=10.0.0.200
+
+[lxc]
+gitea ansible_host=10.0.0.108
+zabbix-proxy ansible_host=10.0.0.110 
+pi-hole ansible_host=10.0.0.104
+ansible ansible_host=10.0.0.111
+#localhost ansible_connection=local # for testing playbooks on the control node
+
+
+[pbs]
+proxmox-backup ansible_host=10.0.0.201
+
+# This is a group of groups. It includes all Ubuntu based systems.
+[ubuntu:children]
+docker
+ubuntu_servers
+lxc

Ansible/playbooks/apt_upgrade.yml

@@ -1,14 +1,29 @@
-- name: Upgrade packages
+---
+- name: Upgrade all apt packages
   hosts: ubuntu
-  become: true
+  become: yes
-
   tasks:
-   - name: Update cache 
+    - name: Update apt cache
       ansible.builtin.apt:
-      update_cache: true
+        update_cache: yes
-     register: cache_updated
+        cache_valid_time: 3600
 
-   - name: Upgrade packages if something is changed
+    - name: Upgrade all apt packages
       ansible.builtin.apt:
-      upgrade: "yes"
+        upgrade: dist
-     when: cache_updated.changed
+#      environment:
+#        DEBIAN_FRONTEND: noninteractive
+
+    - name: Autoremove unused packages
+      ansible.builtin.apt:
+        autoremove: yes
+
+    - name: Check if a reboot is required
+      ansible.builtin.stat:
+        path: /var/run/reboot-required
+      register: reboot_required_file
+
+    - name: Display reboot message
+      ansible.builtin.debug:
+        msg: "A reboot is required to apply the latest updates."
+      when: reboot_required_file.stat.exists

Ansible/playbooks/zabbix_proxy_install.yml

@@ -1,5 +1,5 @@
 ---
-- name: Install and Configure Zabbix Proxy
+- name: Install and Configure Zabbix Proxy and Agent
   hosts: zabbix-proxy # Assuming you have a group for zabbix proxy in your inventory
   become: yes
   vars_files:
@@ -14,9 +14,11 @@
       ansible.builtin.apt:
         deb: /tmp/zabbix-release.deb
 
-    - name: Install Zabbix proxy
+    - name: Install Zabbix proxy and agent
       ansible.builtin.apt:
-        name: zabbix-proxy-sqlite3
+        name:
+          - zabbix-proxy-sqlite3
+          - zabbix-agent2
         state: present
         update_cache: yes
 
@@ -24,6 +26,8 @@
       ansible.builtin.copy:
         dest: /etc/zabbix/zabbix_proxy.d/custom.conf
         content: |
+          ## Managed by Ansible - do not edit manually ##
+          ## Changes will be overwritten ##
           DBName=/tmp/zabbix_proxy
           StartPollers=2
           StartPreprocessors=1
@@ -40,9 +44,11 @@
       ansible.builtin.copy:
         dest: /etc/zabbix/zabbix_proxy.d/connection.conf
         content: |
+          ## Managed by Ansible - do not edit manually ##
+          ## Changes will be overwritten ##
           Server={{ zabbix_server_address }}:10051
           Hostname={{ ansible_facts.hostname }}
-          TLSPSKFile="/etc/zabbix/{{ ansible_facts.hostname }}.psk"
+          TLSPSKFile=/etc/zabbix/{{ ansible_facts.hostname }}.psk
           TLSPSKIdentity={{ zabbix_psk_identity }}
       notify: restart zabbix-proxy
 
@@ -55,18 +61,43 @@
         mode: '0600'
       notify: restart zabbix-proxy
 
+    - name: Create Zabbix agent custom configuration file
+      ansible.builtin.copy:
+        dest: /etc/zabbix/zabbix_agent2.d/custom.conf
+        content: |
+          ## Managed by Ansible - do not edit manually ##
+          ## Changes will be overwritten ##
+          Hostname={{ ansible_facts.hostname }}
+          Server={{ hostvars['zabbix-proxy']['ansible_host'] }},{{ hostvars['raspberry-pi']['ansible_host'] }}
+          ServerActive={{ hostvars['zabbix-proxy']['ansible_host'] }};{{ hostvars['raspberry-pi']['ansible_host'] }}
+      notify: restart zabbix-agent2
+
+    - name: Create Zabbix agent user parameters file
+      ansible.builtin.copy:
+        dest: /etc/zabbix/zabbix_agent2.d/userparams.conf
+        content: |
+          ## Managed by Ansible - do not edit manually ##
+          ## Changes will be overwritten ## 
+          AllowKey=system.run[*]
+      notify: restart zabbix-agent2
+
   handlers:
     - name: restart zabbix-proxy
       ansible.builtin.service:
         name: zabbix-proxy
         state: restarted
         enabled: yes
+    - name: restart zabbix-agent2
+      ansible.builtin.service:
+        name: zabbix-agent2
+        state: restarted
+        enabled: yes
 
-- name: Verify Zabbix Proxy Service
+- name: Verify Zabbix Services
-  hosts: zabbix_proxy
+  hosts: zabbix-proxy
   become: yes
   tasks:
-    - name: Check if Zabbix proxy service is running
+    - name: Check if Zabbix services are running
       ansible.builtin.service_facts:
 
     - name: Assert that Zabbix proxy is running
@@ -75,3 +106,10 @@
           - "ansible_facts.services['zabbix-proxy.service'].state == 'running'"
         fail_msg: "Zabbix proxy is not running"
         success_msg: "Zabbix proxy is running"
+
+    - name: Assert that Zabbix agent is running
+      ansible.builtin.assert:
+        that:
+          - "ansible_facts.services['zabbix-agent2.service'].state == 'running'"
+        fail_msg: "Zabbix agent 2 is not running"
+        success_msg: "Zabbix agent 2 is running"

Docker/immich/.env.example

@@ -1,21 +1,22 @@
 # You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables
 
 # The location where your uploaded files are stored
-UPLOAD_LOCATION=${UPLOAD_LOCATION}
+UPLOAD_LOCATION=./library
-# The location where your database files are stored
+
-DB_DATA_LOCATION=${DB_DATA_LOCATION}
+# The location where your database files are stored. Network shares are not supported for the database
+DB_DATA_LOCATION=./postgres
 
 # To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
 # TZ=Etc/UTC
 
 # The Immich version to use. You can pin this to a specific version like "v1.71.0"
-IMMICH_VERSION=${IMMICH_VERSION:-release}
+IMMICH_VERSION=release
 
 # Connection secret for postgres. You should change it to a random password
 # Please use only the characters `A-Za-z0-9`, without special characters or spaces
-DB_PASSWORD=${DB_PASSWORD}
+DB_PASSWORD=postgres
 
 # The values below this line do not need to be changed
 ###################################################################################
-DB_USERNAME=${DB_USERNAME}
+DB_USERNAME=postgres
-DB_DATABASE_NAME=${DB_DATABASE_NAME}
+DB_DATABASE_NAME=immich

Docker/semaphore-ui/.env.example

@@ -0,0 +1,11 @@
+<<<<<<< HEAD
+SEMAPHORE_ADMIN=admin
+SEMAPHORE_ADMIN_PASSWORD=changeme
+SEMAPHORE_ADMIN_NAME=Admin
+SEMAPHORE_ADMIN_EMAIL=admin@example.com
+=======
+ADMIN_USER=admin
+ADMIN_PASS=changeme
+ADMIN_NAME=Admin
+ADMIN_EMAIL=admin@example.com
+>>>>>>> ab90593 (ADD: Semaphore UI initial commit)

Docker/semaphore-ui/docker-compose.yml

@@ -0,0 +1,17 @@
+services:
+    semaphore:
+        ports:
+            - 3030:3000
+        image: semaphoreui/semaphore:v2.16.18
+        environment:
+            SEMAPHORE_DB_DIALECT: sqlite
+            SEMAPHORE_ADMIN: ${ADMIN_USER}
+            SEMAPHORE_ADMIN_PASSWORD: ${ADMIN_PASS}
+            SEMAPHORE_ADMIN_NAME: ${ADMIN_NAME}
+            SEMAPHORE_ADMIN_EMAIL: ${ADMIN_EMAIL}
+        volumes:       
+            - semaphore-data:/var/lib/semaphore
+            - semaphore-config:/etc/semaphore  
+volumes:
+  semaphore-data:
+  semaphore-config:

Docker/semaphore-ui/docker-run.sh

@@ -0,0 +1,9 @@
+docker run -d \
+  --restart unless-stopped \
+  --name semaphore \
+  -p 3030:3000 \
+  --env-file .env \
+  -e SEMAPHORE_DB_DIALECT=sqlite \
+  -v semaphore-data:/var/lib/semaphore \
+  -v semaphore-config:/etc/semaphore \
+  semaphoreui/semaphore:latest