@import url("/assets/md.css")feat: initial commit

@import url("/assets/md.css")

14 files changed, 1849 insertions, 0 deletions

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..2cab6f6
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,3 @@
+POSTGRES_USER=zabbix
+POSTGRES_PASSWORD=aa2e7b87f1569586a3eebfd017c0cd9dcf1e987680d1e5ada1d4ea974631b4ea
+POSTGRES_DB=zabbix
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..595f364
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+/zabbix/pg
+/zabbix/conf/zabbix_server.conf
+.env
+/backups/*
+
+!*.gitkeep
diff --git a/Caddyfile b/Caddyfile
new file mode 120000
index 0000000..d78f98f
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1 @@
+build-context/Caddyfile
\ No newline at end of file
diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000..7078b0a
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,43 @@
+FROM alpine AS base
+RUN apk update && apk upgrade
+FROM base AS openrc
+RUN apk add openrc && \
+  sed -i 's/^\(tty\d\:\:\)/#\1/g' /etc/inittab && \
+  sed -i \
+  -e 's/#rc_sys=".*"/rc_sys="docker"/g' \
+  -e 's/#rc_env_allow=".*"/rc_env_allow="\*"/g' \
+  -e 's/#rc_crashed_stop=.*/rc_crashed_stop=NO/g' \
+  -e 's/#rc_crashed_start=.*/rc_crashed_start=YES/g' \
+  -e 's/#rc_provide=".*"/rc_provide="loopback net"/g' \
+  /etc/rc.conf && \
+  rm -f /etc/init.d/hwdrivers \
+  /etc/init.d/hwclock \
+  /etc/init.d/hwdrivers \
+  /etc/init.d/modules \
+  /etc/init.d/modules-load \
+  /etc/init.d/modloop
+
+CMD [ "/sbin/init" ]
+
+FROM openrc AS zabbix
+
+RUN apk add openrc logbookd
+RUN apk add caddy caddy-openrc zabbix zabbix-setup zabbix-pgsql zabbix-webif php83-fpm && rm -rf /etc/php83/php-fpm.d
+RUN mkdir -p /etc/zabbix/conf && ln -s /etc/zabbix/conf/zabbix.conf.php /usr/share/webapps/zabbix/conf/zabbix.conf.php
+RUN apk add php83-pgsql php83-ldap
+COPY ./php-fpm.d /etc/php83/php-fpm.d
+COPY Caddyfile /etc/caddy/Caddyfile
+RUN echo "max_execution_time = 600" > /etc/php83/conf.d/30_max_exec_time.ini
+RUN echo "post_max_size = 32M" > /etc/php83/conf.d/30_post_max_size.ini
+RUN echo "max_input_time = 300" > /etc/php83/conf.d/30_max_input_time.ini
+
+# RUN echo '<?php phpinfo(); ?>' > /var/www/mediawiki/w/catgirlinfo.php
+RUN adduser --uid=1001 --system phpfpm
+RUN rc-update add caddy default
+RUN rc-update add php-fpm83 default
+RUN rc-update add zabbix-server default
+RUN rc-update add logbookd default
+
+# Add Zabbix Agent for self-monitoring
+RUN apk add zabbix-agent2 zabbix-agent2-plugin-alpine
+RUN rc-update add zabbix-agent2 default
diff --git a/build-context/.gitkeep b/build-context/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/build-context/.gitkeep
diff --git a/build-context/Caddyfile b/build-context/Caddyfile
new file mode 100644
index 0000000..6979a0a
--- /dev/null
+++ b/build-context/Caddyfile
@@ -0,0 +1,7 @@
+http:// {
+  encode gzip zstd
+
+  root * /usr/share/webapps/zabbix
+  php_fastcgi 127.0.0.1:9000
+  file_server
+}
diff --git a/build-context/php-fpm.d/docker.conf b/build-context/php-fpm.d/docker.conf
new file mode 100644
index 0000000..864c61c
--- /dev/null
+++ b/build-context/php-fpm.d/docker.conf
@@ -0,0 +1,6 @@
+[global]
+error_log = /proc/self/fd/2
+daemonize = no
+
+; https://github.com/docker-library/php/pull/725#issuecomment-443540114
+log_limit = 8192
diff --git a/build-context/php-fpm.d/zabbix.conf b/build-context/php-fpm.d/zabbix.conf
new file mode 100644
index 0000000..c658bf6
--- /dev/null
+++ b/build-context/php-fpm.d/zabbix.conf
@@ -0,0 +1,20 @@
+[zabbix]
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+pm.max_requests = 1000
+
+user = phpfpm
+
+listen = 9000
+chdir = /usr/share/webapps/zabbix
+
+; if we send this to /proc/self/fd/1, it never appears
+access.log = /proc/self/fd/3
+clear_env = no
+
+; Ensure worker stdout and stderr are sent to the main error log.
+catch_workers_output = yes
+decorate_workers_output = no
diff --git a/compose.yml b/compose.yml
new file mode 100644
index 0000000..5dc329f
--- /dev/null
+++ b/compose.yml
@@ -0,0 +1,29 @@
+services:
+  zabbix:
+    image: codeberg.org/dmpmem/zabbix:latest
+    build:
+      dockerfile: ../Containerfile
+      context: ./build-context
+    networks:
+      - zabbix
+    volumes:
+      - ./php-fpm.d:/etc/php83/php-fpm.d:ro
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - ./zabbix/conf:/etc/zabbix/conf:ro
+      - ./zabbix/conf/zabbix_server.conf:/etc/zabbix/zabbix_server.conf:ro
+      - ./zabbix/conf/zabbix_agent2.conf:/etc/zabbix/zabbix_agent2.conf:ro
+    ports:
+      - 127.0.0.1:16161:80
+    depends_on:
+      - postgres
+  postgres:
+    image: postgres
+    networks:
+      - zabbix
+    env_file:
+      - .env
+    volumes:
+      - ./zabbix/pg:/var/lib/postgresql/data:rw
+
+networks:
+  zabbix:
\ No newline at end of file
diff --git a/php-fpm.d b/php-fpm.d
new file mode 120000
index 0000000..e0d209a
--- /dev/null
+++ b/php-fpm.d
@@ -0,0 +1 @@
+build-context/php-fpm.d
\ No newline at end of file
diff --git a/setup-zabbix-db.sh b/setup-zabbix-db.sh
new file mode 100755
index 0000000..d867076
--- /dev/null
+++ b/setup-zabbix-db.sh
@@ -0,0 +1,9 @@
+#!/bin/zsh
+set -eax
+podman compose up -d postgres
+for f in /usr/share/zabbix/database/postgresql/schema.sql /usr/share/zabbix/database/postgresql/images.sql /usr/share/zabbix/database/postgresql/data.sql; do
+  f2="$(basename "$f")"
+  podman compose run -it --rm zabbix cat "$f" > "tmp.$f2" || (rm "tmp.$f2" && exit 1)
+  (cat "tmp.$f2" | podman compose exec -T postgres psql -U zabbix -f /proc/self/fd/0) || (rm "tmp.$f2" && exit 1)
+  rm "tmp.$f2"
+done
diff --git a/zabbix/conf/zabbix.conf.php b/zabbix/conf/zabbix.conf.php
new file mode 100644
index 0000000..944347d
--- /dev/null
+++ b/zabbix/conf/zabbix.conf.php
@@ -0,0 +1,58 @@
+<?php
+// Zabbix GUI configuration file.
+
+$DB['TYPE']			= 'POSTGRESQL';
+$DB['SERVER']			= 'postgres';
+$DB['PORT']			= '0';
+$DB['DATABASE']			= 'zabbix';
+$DB['USER']			= 'zabbix';
+$DB['PASSWORD']			= '1d03dcc36d69df8b6d8075109b559627f7dad4f0189b7ed82eb8aa8d1d539e4131b2427bce89af8c6631af568bd3fc922c6adeb95de62dfec3da8ed7dcc0052a';
+
+// Schema name. Used for PostgreSQL.
+$DB['SCHEMA']			= '';
+
+// Used for TLS connection.
+$DB['ENCRYPTION']		= false;
+$DB['KEY_FILE']			= '';
+$DB['CERT_FILE']		= '';
+$DB['CA_FILE']			= '';
+$DB['VERIFY_HOST']		= false;
+$DB['CIPHER_LIST']		= '';
+
+// Vault configuration. Used if database credentials are stored in Vault secrets manager.
+$DB['VAULT']			= '';
+$DB['VAULT_URL']		= '';
+$DB['VAULT_PREFIX']		= '';
+$DB['VAULT_DB_PATH']		= '';
+$DB['VAULT_TOKEN']		= '';
+$DB['VAULT_CERT_FILE']		= '';
+$DB['VAULT_KEY_FILE']		= '';
+// Uncomment to bypass local caching of credentials.
+// $DB['VAULT_CACHE']		= true;
+
+// Uncomment and set to desired values to override Zabbix hostname/IP and port.
+// $ZBX_SERVER			= '';
+// $ZBX_SERVER_PORT		= '';
+
+$ZBX_SERVER_NAME		= 'test';
+
+$IMAGE_FORMAT_DEFAULT	= IMAGE_FORMAT_PNG;
+
+// Uncomment this block only if you are using Elasticsearch.
+// Elasticsearch url (can be string if same url is used for all types).
+//$HISTORY['url'] = [
+//	'uint' => 'http://localhost:9200',
+//	'text' => 'http://localhost:9200'
+//];
+// Value types stored in Elasticsearch.
+//$HISTORY['types'] = ['uint', 'text'];
+
+// Used for SAML authentication.
+// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings.
+//$SSO['SP_KEY']			= 'conf/certs/sp.key';
+//$SSO['SP_CERT']			= 'conf/certs/sp.crt';
+//$SSO['IDP_CERT']		= 'conf/certs/idp.crt';
+//$SSO['SETTINGS']		= [];
+
+// If set to false, support for HTTP authentication will be disabled.
+// $ALLOW_HTTP_AUTH = true;
diff --git a/zabbix/conf/zabbix_agent2.conf.example b/zabbix/conf/zabbix_agent2.conf.example
new file mode 100644
index 0000000..87eae5d
--- /dev/null
+++ b/zabbix/conf/zabbix_agent2.conf.example
@@ -0,0 +1,556 @@
+# This is a configuration file for Zabbix agent 2 (Unix)
+# To get more information about Zabbix, visit https://www.zabbix.com
+
+############ GENERAL PARAMETERS #################
+
+### Option: PidFile
+#	Name of PID file.
+#
+# Mandatory: no
+# Default:
+# PidFile=/tmp/zabbix_agent2.pid
+
+### Option: LogType
+#	Specifies where log messages are written to:
+#		system  - syslog
+#		file    - file specified with LogFile parameter
+#		console - standard output
+#
+# Mandatory: no
+# Default:
+# LogType=file
+
+### Option: LogFile
+#	Log file name for LogType 'file' parameter.
+#
+# Mandatory: yes, if LogType is set to file, otherwise no
+# Default:
+# LogFile=/tmp/zabbix_agent2.log
+
+LogFile=/var/log/zabbix/zabbix_agent2.log
+
+### Option: LogFileSize
+#	Maximum size of log file in MB.
+#	0 - disable automatic log rotation.
+#
+# Mandatory: no
+# Range: 0-1024
+# Default:
+# LogFileSize=1
+
+### Option: DebugLevel
+#	Specifies debug level:
+#	0 - basic information about starting and stopping of Zabbix processes
+#	1 - critical information
+#	2 - error information
+#	3 - warnings
+#	4 - for debugging (produces lots of information)
+#	5 - extended debugging (produces even more information)
+#
+# Mandatory: no
+# Range: 0-5
+# Default:
+# DebugLevel=3
+
+### Option: SourceIP
+#	Source IP address for outgoing connections.
+#
+# Mandatory: no
+# Default:
+# SourceIP=
+
+##### Passive checks related
+
+### Option: Server
+#	List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
+#	Incoming connections will be accepted only from the hosts listed here.
+#	If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally
+#	and '::/0' will allow any IPv4 or IPv6 address.
+#	'0.0.0.0/0' can be used to allow any IPv4 address.
+#	Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
+#
+#   If left empty or not set will disable passive checks, and Zabbix agent 2 will not listen on the ListenPort.
+#
+# Mandatory: no
+# Default:
+# Server=
+Server=127.0.0.1
+
+### Option: ListenPort
+#	Agent will listen on this port for connections from the server.
+#
+# Mandatory: no
+# Range: 1024-32767
+# Default:
+# ListenPort=10050
+
+### Option: ListenIP
+#	List of comma delimited IP addresses that the agent should listen on.
+#	First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
+#
+# Mandatory: no
+# Default:
+# ListenIP=0.0.0.0
+
+### Option: StatusPort
+#	Agent will listen on this port for HTTP status requests.
+#
+# Mandatory: no
+# Range: 1024-32767
+# Default:
+# StatusPort=
+
+##### Active checks related
+
+### Option: ServerActive
+#	Zabbix server/proxy address or cluster configuration to get active checks from.
+#	Server/proxy address is IP address or DNS name and optional port separated by colon.
+#	Cluster configuration is one or more server addresses separated by semicolon.
+#	Multiple Zabbix servers/clusters and Zabbix proxies can be specified, separated by comma.
+#	More than one Zabbix proxy should not be specified from each Zabbix server/cluster.
+#	If Zabbix proxy is specified then Zabbix server/cluster for that proxy should not be specified.
+#	Multiple comma-delimited addresses can be provided to use several independent Zabbix servers in parallel. Spaces are allowed.
+#	If port is not specified, default port is used.
+#	IPv6 addresses must be enclosed in square brackets if port for that host is specified.
+#	If port is not specified, square brackets for IPv6 addresses are optional.
+#	If this parameter is not specified, active checks are disabled.
+#	Example for Zabbix proxy:
+#		ServerActive=127.0.0.1:10051
+#	Example for multiple servers:
+#		ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
+#	Example for high availability:
+#		ServerActive=zabbix.cluster.node1;zabbix.cluster.node2:20051;zabbix.cluster.node3
+#	Example for high availability with two clusters and one server:
+#		ServerActive=zabbix.cluster.node1;zabbix.cluster.node2:20051,zabbix.cluster2.node1;zabbix.cluster2.node2,zabbix.domain
+#
+# Mandatory: no
+# Default:
+# ServerActive=
+
+ServerActive=127.0.0.1
+
+### Option: Hostname
+#	List of comma delimited unique, case sensitive hostnames.
+#	Required for active checks and must match hostnames as configured on the server.
+#	Value is acquired from HostnameItem if undefined.
+#
+# Mandatory: no
+# Default:
+# Hostname=
+Hostname=Zabbix Container
+
+### Option: HostnameItem
+#	Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
+#	Does not support UserParameters or aliases.
+#
+# Mandatory: no
+# Default:
+# HostnameItem=system.hostname
+
+HostnameItem=system.run[hostname -f]
+
+### Option: HostMetadata
+#	Optional parameter that defines host metadata.
+#	Host metadata is used at host auto-registration process.
+#	An agent will issue an error and not start if the value is over limit of 2034 bytes.
+#	If not defined, value will be acquired from HostMetadataItem.
+#
+# Mandatory: no
+# Range: 0-2034 bytes
+# Default:
+# HostMetadata=
+
+### Option: HostMetadataItem
+#	Optional parameter that defines an item used for getting host metadata.
+#	Host metadata is used at host auto-registration process.
+#	During an auto-registration request an agent will log a warning message if
+#	the value returned by specified item is over limit of 65535 characters.
+#	This option is only used when HostMetadata is not defined.
+#
+# Mandatory: no
+# Default:
+# HostMetadataItem=
+
+### Option: HostInterface
+#	Optional parameter that defines host interface.
+#	Host interface is used at host auto-registration process.
+#	An agent will issue an error and not start if the value is over limit of 255 characters.
+#	If not defined, value will be acquired from HostInterfaceItem.
+#
+# Mandatory: no
+# Range: 0-255 characters
+# Default:
+# HostInterface=
+
+### Option: HostInterfaceItem
+#	Optional parameter that defines an item used for getting host interface.
+#	Host interface is used at host auto-registration process.
+#	During an auto-registration request an agent will log a warning message if
+#	the value returned by specified item is over limit of 255 characters.
+#	This option is only used when HostInterface is not defined.
+#
+# Mandatory: no
+# Default:
+# HostInterfaceItem=
+
+### Option: RefreshActiveChecks
+#	How often list of active checks is refreshed, in seconds.
+#
+# Mandatory: no
+# Range: 1-86400
+# Default:
+# RefreshActiveChecks=5
+
+### Option: BufferSend
+#	Do not keep data longer than N seconds in buffer.
+#
+# Mandatory: no
+# Range: 1-3600
+# Default:
+# BufferSend=5
+
+### Option: BufferSize
+#	Maximum number of values in a memory buffer. The agent will send
+#	all collected data to Zabbix Server or Proxy if the buffer is full.
+#	Option is not valid if EnablePersistentBuffer=1
+#
+# Mandatory: no
+# Range: 2-65535
+# Default:
+# BufferSize=1000
+
+### Option: EnablePersistentBuffer
+#	Enable usage of local persistent storage for active items.
+#	0 - disabled, in-memory buffer is used (default); 1 - use persistent buffer
+# Mandatory: no
+# Range: 0-1
+# Default:
+# EnablePersistentBuffer=0
+
+### Option: PersistentBufferPeriod
+#	Zabbix Agent2 will keep data for this time period in case of no
+#	connectivity with Zabbix server or proxy. Older data will be lost. Log data will be preserved.
+#	Option is valid if EnablePersistentBuffer=1
+#
+# Mandatory: no
+# Range: 1m-365d
+# Default:
+# PersistentBufferPeriod=1h
+
+### Option: PersistentBufferFile
+#	Full filename. Zabbix Agent2 will keep SQLite database in this file.
+#	Option is valid if EnablePersistentBuffer=1
+#
+# Mandatory: no
+# Default:
+# PersistentBufferFile=
+
+### Option: HeartbeatFrequency
+#	Frequency of heartbeat messages in seconds.
+#	Used for monitoring availability of active checks.
+#	0 - heartbeat messages disabled.
+#
+# Mandatory: no
+# Range: 0-3600
+# Default: 60
+# HeartbeatFrequency=
+
+############ ADVANCED PARAMETERS #################
+
+### Option: Alias
+#	Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
+#	Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
+#	Different Alias keys may reference the same item key.
+#	For example, to retrieve the ID of user 'zabbix':
+#	Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]
+#	Now shorthand key zabbix.userid may be used to retrieve data.
+#	Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
+#
+# Mandatory: no
+# Range:
+# Default:
+
+### Option: Timeout
+#	Specifies how long to wait (in seconds) for establishing connection and exchanging data with Zabbix proxy or server.
+#
+# Mandatory: no
+# Range: 1-30
+# Default:
+# Timeout=3
+
+### Option: Include
+#	You may include individual files or all files in a directory in the configuration file.
+#	Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
+#
+# Mandatory: no
+# Default:
+# Include=
+
+# Include=/usr/local/etc/zabbix_agent2.userparams.conf
+# Include=/usr/local/etc/zabbix_agent2.conf.d/
+# Include=/usr/local/etc/zabbix_agent2.conf.d/*.conf
+
+### Option:PluginTimeout
+#	Timeout for connections with external plugins.
+#
+# Mandatory: no
+# Range: 1-30
+# Default: <Global timeout>
+# PluginTimeout=
+
+### Option:PluginSocket
+#	Path to unix socket for external plugin communications.
+#
+# Mandatory: no
+# Default:/tmp/agent.plugin.sock
+# PluginSocket=
+
+PluginSocket=/run/zabbix/agent.plugin.sock
+
+####### USER-DEFINED MONITORED PARAMETERS #######
+
+### Option: UnsafeUserParameters
+#	Allow all characters to be passed in arguments to user-defined parameters.
+#	The following characters are not allowed:
+#	\ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
+#	Additionally, newline characters are not allowed.
+#	0 - do not allow
+#	1 - allow
+#
+# Mandatory: no
+# Range: 0-1
+# Default:
+# UnsafeUserParameters=0
+
+### Option: UserParameter
+#	User-defined parameter to monitor. There can be several user-defined parameters.
+#	Format: UserParameter=<key>,<shell command>
+#	See 'zabbix_agentd' directory for examples.
+#
+# Mandatory: no
+# Default:
+# UserParameter=
+
+### Option: UserParameterDir
+#	Directory to execute UserParameter commands from. Only one entry is allowed.
+#	When executing UserParameter commands the agent will change the working directory to the one
+#	specified in the UserParameterDir option.
+#	This way UserParameter commands can be specified using the relative ./ prefix.
+#
+# Mandatory: no
+# Default:
+# UserParameterDir=
+
+### Option: ControlSocket
+#	The control socket, used to send runtime commands with '-R' option.
+#
+# Mandatory: no
+# Default:
+# ControlSocket=
+
+ControlSocket=/run/zabbix/zabbix_agent2.sock
+
+####### TLS-RELATED PARAMETERS #######
+
+### Option: TLSConnect
+#	How the agent should connect to server or proxy. Used for active checks.
+#	Only one value can be specified:
+#		unencrypted - connect without encryption
+#		psk         - connect using TLS and a pre-shared key
+#		cert        - connect using TLS and a certificate
+#
+# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
+# Default:
+# TLSConnect=unencrypted
+
+### Option: TLSAccept
+#	What incoming connections to accept.
+#	Multiple values can be specified, separated by comma:
+#		unencrypted - accept connections without encryption
+#		psk         - accept connections secured with TLS and a pre-shared key
+#		cert        - accept connections secured with TLS and a certificate
+#
+# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
+# Default:
+# TLSAccept=unencrypted
+
+### Option: TLSCAFile
+#	Full pathname of a file containing the top-level CA(s) certificates for
+#	peer certificate verification.
+#
+# Mandatory: no
+# Default:
+# TLSCAFile=
+
+### Option: TLSCRLFile
+#	Full pathname of a file containing revoked certificates.
+#
+# Mandatory: no
+# Default:
+# TLSCRLFile=
+
+### Option: TLSServerCertIssuer
+#		Allowed server certificate issuer.
+#
+# Mandatory: no
+# Default:
+# TLSServerCertIssuer=
+
+### Option: TLSServerCertSubject
+#		Allowed server certificate subject.
+#
+# Mandatory: no
+# Default:
+# TLSServerCertSubject=
+
+### Option: TLSCertFile
+#	Full pathname of a file containing the agent certificate or certificate chain.
+#
+# Mandatory: no
+# Default:
+# TLSCertFile=
+
+### Option: TLSKeyFile
+#	Full pathname of a file containing the agent private key.
+#
+# Mandatory: no
+# Default:
+# TLSKeyFile=
+
+### Option: TLSPSKIdentity
+#	Unique, case sensitive string used to identify the pre-shared key.
+#
+# Mandatory: no
+# Default:
+# TLSPSKIdentity=
+
+### Option: TLSPSKFile
+#	Full pathname of a file containing the pre-shared key.
+#
+# Mandatory: no
+# Default:
+# TLSPSKFile=
+
+####### PLUGIN-SPECIFIC PARAMETERS #######
+
+### Option: Plugins
+#	A plugin can have one or more plugin specific configuration parameters in format:
+#     Plugins.<PluginName>.<Parameter1>=<value1>
+#     Plugins.<PluginName>.<Parameter2>=<value2>
+#
+# Mandatory: no
+# Range:
+# Default:
+
+### Option: Plugins.Log.MaxLinesPerSecond
+#	Maximum number of new lines the agent will send per second to Zabbix Server
+#	or Proxy processing 'log' and 'logrt' active checks.
+#	The provided value will be overridden by the parameter 'maxlines',
+#	provided in 'log' or 'logrt' item keys.
+#
+# Mandatory: no
+# Range: 1-1000
+# Default:
+# Plugins.Log.MaxLinesPerSecond=20
+
+### Option: AllowKey
+#	Allow execution of item keys matching pattern.
+#	Multiple keys matching rules may be defined in combination with DenyKey.
+#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
+#	Parameters are processed one by one according their appearance order.
+#	If no AllowKey or DenyKey rules defined, all keys are allowed.
+#
+# Mandatory: no
+
+### Option: DenyKey
+#	Deny execution of items keys matching pattern.
+#	Multiple keys matching rules may be defined in combination with AllowKey.
+#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
+#	Parameters are processed one by one according their appearance order.
+#	If no AllowKey or DenyKey rules defined, all keys are allowed.
+#       Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default.
+#
+# Mandatory: no
+# Default:
+# DenyKey=system.run[*]
+
+### Option: Plugins.SystemRun.LogRemoteCommands
+#	Enable logging of executed shell commands as warnings.
+#	0 - disabled
+#	1 - enabled
+#
+# Mandatory: no
+# Default:
+# Plugins.SystemRun.LogRemoteCommands=0
+
+### Option: ForceActiveChecksOnStart
+#	Perform active checks immediately after restart for first received configuration.
+#	Also available as per plugin configuration, example: Plugins.Uptime.System.ForceActiveChecksOnStart=1
+#
+# Mandatory: no
+# Range: 0-1
+# Default:
+# ForceActiveChecksOnStart=0
+
+# Include configuration files for plugins
+Include=./zabbix_agent2.d/plugins.d/*.conf
+
+####### For advanced users - TLS ciphersuite selection criteria #######
+
+### Option: TLSCipherCert13
+#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
+#	Override the default ciphersuite selection criteria for certificate-based encryption.
+#
+# Mandatory: no
+# Default:
+# TLSCipherCert13=
+
+### Option: TLSCipherCert
+#	OpenSSL (TLS 1.2) cipher string.
+#	Override the default ciphersuite selection criteria for certificate-based encryption.
+#	Example:
+#		EECDH+aRSA+AES128:RSA+aRSA+AES128
+#
+# Mandatory: no
+# Default:
+# TLSCipherCert=
+
+### Option: TLSCipherPSK13
+#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
+#	Override the default ciphersuite selection criteria for PSK-based encryption.
+#	Example:
+#		TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
+#
+# Mandatory: no
+# Default:
+# TLSCipherPSK13=
+
+### Option: TLSCipherPSK
+#	OpenSSL (TLS 1.2) cipher string.
+#	Override the default ciphersuite selection criteria for PSK-based encryption.
+#	Example:
+#		kECDHEPSK+AES128:kPSK+AES128
+#
+# Mandatory: no
+# Default:
+# TLSCipherPSK=
+
+### Option: TLSCipherAll13
+#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
+#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
+#	Example:
+#		TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
+#
+# Mandatory: no
+# Default:
+# TLSCipherAll13=
+
+### Option: TLSCipherAll
+#	OpenSSL (TLS 1.2) cipher string.
+#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
+#	Example:
+#		EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128
+#
+# Mandatory: no
+# Default:
+# TLSCipherAll=
diff --git a/zabbix/conf/zabbix_server.conf.example b/zabbix/conf/zabbix_server.conf.example
new file mode 100644
index 0000000..6035469
--- /dev/null
+++ b/zabbix/conf/zabbix_server.conf.example
@@ -0,0 +1,1110 @@
+# This is a configuration file for Zabbix server daemon
+# To get more information about Zabbix, visit https://www.zabbix.com
+
+############ GENERAL PARAMETERS #################
+
+### Option: ListenPort
+#	Listen port for trapper.
+#
+# Mandatory: no
+# Range: 1024-32767
+# Default:
+# ListenPort=10051
+
+### Option: SourceIP
+#	Source IP address for outgoing connections.
+#
+# Mandatory: no
+# Default:
+# SourceIP=
+
+### Option: LogType
+#	Specifies where log messages are written to:
+#		system  - syslog
+#		file    - file specified with LogFile parameter
+#		console - standard output
+#
+# Mandatory: no
+# Default:
+# LogType=file
+
+### Option: LogFile
+#	Log file name for LogType 'file' parameter.
+#
+# Mandatory: yes, if LogType is set to file, otherwise no
+# Default:
+# LogFile=
+
+LogFile=/var/log/zabbix/zabbix_server.log
+
+### Option: LogFileSize
+#	Maximum size of log file in MB.
+#	0 - disable automatic log rotation.
+#
+# Mandatory: no
+# Range: 0-1024
+# Default:
+# LogFileSize=1
+
+### Option: DebugLevel
+#	Specifies debug level:
+#	0 - basic information about starting and stopping of Zabbix processes
+#	1 - critical information
+#	2 - error information
+#	3 - warnings
+#	4 - for debugging (produces lots of information)
+#	5 - extended debugging (produces even more information)
+#
+# Mandatory: no
+# Range: 0-5
+# Default:
+# DebugLevel=3
+
+### Option: PidFile
+#	Name of PID file.
+#
+# Mandatory: no
+# Default:
+PidFile=/var/run/zabbix/zabbix_server.pid
+
+### Option: SocketDir
+#	IPC socket directory.
+#		Directory to store IPC sockets used by internal Zabbix services.
+#
+# Mandatory: no
+# Default:
+# SocketDir=/tmp
+
+### Option: DBHost
+#	Database host name.
+#	If set to localhost, socket is used for MySQL.
+#	If set to empty string, socket is used for PostgreSQL.
+#
+# Mandatory: no
+DBHost=postgres
+
+### Option: DBName
+#	Database name.
+#
+# Mandatory: yes
+DBName=zabbix
+
+### Option: DBSchema
+#	Schema name. Used for PostgreSQL.
+#
+# Mandatory: no
+# Default:
+# DBSchema=
+
+### Option: DBUser
+#	Database user.
+#
+# Mandatory: no
+DBUser=zabbix
+
+### Option: DBPassword
+#	Database password.
+#	Comment this line if no password is used.
+#
+# Mandatory: no
+# Default:
+# DBPassword=
+DBPassword=aa2e7b87f1569586a3eebfd017c0cd9dcf1e987680d1e5ada1d4ea974631b4ea
+
+### Option: DBSocket
+#	Path to MySQL socket.
+#
+# Mandatory: no
+# Default:
+# DBSocket=
+
+### Option: DBPort
+#	Database port when not using local socket.
+#
+# Mandatory: no
+# Range: 1024-65535
+# Default for MySQL: 3306
+# Default for PostgreSQL: 5432
+# DBPort=
+
+### Option: AllowUnsupportedDBVersions
+#	Allow server to work with unsupported database versions.
+#       0 - do not allow
+#       1 - allow
+#
+# Mandatory: no
+# Default:
+# AllowUnsupportedDBVersions=0
+
+### Option: HistoryStorageURL
+#	History storage HTTP[S] URL.
+#
+# Mandatory: no
+# Default:
+# HistoryStorageURL=
+
+### Option: HistoryStorageTypes
+#	Comma separated list of value types to be sent to the history storage.
+#
+# Mandatory: no
+# Default:
+# HistoryStorageTypes=uint,dbl,str,log,text
+
+### Option: HistoryStorageDateIndex
+#	Enable preprocessing of history values in history storage to store values in different indices based on date.
+#	0 - disable
+#	1 - enable
+#
+# Mandatory: no
+# Default:
+# HistoryStorageDateIndex=0
+
+### Option: ExportDir
+#	Directory for real time export of events, history and trends in newline delimited JSON format.
+#	If set, enables real time export.
+#
+# Mandatory: no
+# Default:
+# ExportDir=
+
+### Option: ExportFileSize
+#	Maximum size per export file in bytes.
+#	Only used for rotation if ExportDir is set.
+#
+# Mandatory: no
+# Range: 1M-1G
+# Default:
+# ExportFileSize=1G
+
+### Option: ExportType
+#	List of comma delimited types of real time export - allows to control export e