Fix zabbix agent hostnames for correct host assignment

- Container agent: rename from AgapHost to 'Zabbix server' so it monitors
  the Zabbix server container (was conflicting with the host agent)
- Enable passive listeners in container agent (remove ZBX_STARTAGENTS=0)
- Update 'Zabbix server' host interface from 127.0.0.1 to DNS zabbix-agent
  so the server can reach the agent over the backend Docker network

Host zabbix-agent2 (systemd) keeps hostname AgapHost for host monitoring.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -1,3 +0,0 @@
-include:
-  - path: ./immich-app/docker-compose.yml
-

gitea/.env

@@ -0,0 +1,7 @@
+GITEA_DATA=/mnt/misc/gitea
+SSH_KEY_PATH=/home/git/.ssh
+DB_DATA_LOCATION=/mnt/ssd/dbs/gitea/postgres
+DB_USER=gitea
+DB_PASSWORD=gitea
+DB_NAME=gitea
+BACKUP_DIR=/mnt/backups/gitea

gitea/backup.sh

@@ -0,0 +1,39 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/.env"
+
+if [ ! -d "$BACKUP_DIR" ]; then
+  echo "Error: BACKUP_DIR does not exist: $BACKUP_DIR" >&2
+  exit 1
+fi
+if ! docker info > /dev/null 2>&1; then
+  echo "Error: Docker is not accessible" >&2
+  exit 1
+fi
+
+cleanup() {
+  echo "Restarting all services..."
+  docker compose -f "$SCRIPT_DIR/docker-compose.yml" up -d
+}
+trap cleanup EXIT
+
+echo "Stopping all services..."
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" down
+
+echo "Starting database only..."
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" up -d db
+sleep 5
+
+echo "Running gitea dump..."
+docker run --rm \
+  --network gitea_gitea \
+  -e USER_UID=1001 \
+  -e USER_GID=1001 \
+  -v "${GITEA_DATA}:/data" \
+  -v "${BACKUP_DIR}:/backup" \
+  docker.gitea.com/gitea:1.25.3 \
+  /bin/sh -c "chown 1001:1001 /tmp && su-exec 1001:1001 /bin/sh -c 'cd /tmp && gitea dump -c /data/gitea/conf/app.ini --tempdir /tmp' > /backup/backup.log 2>&1 && cp /tmp/gitea-dump-*.zip /backup/"
+
+echo "Backup completed successfully"

gitea/docker-compose.yml

@@ -1,5 +1,3 @@
-version: "3"
-
 networks:
   gitea:
     external: false
@@ -13,15 +11,19 @@ services:
       - USER_GID=1001
       - GITEA__database__DB_TYPE=postgres
       - GITEA__database__HOST=db:5432
-      - GITEA__database__NAME=gitea
+      - GITEA__database__NAME=${DB_NAME}
-      - GITEA__database__USER=gitea
+      - GITEA__database__USER=${DB_USER}
-      - GITEA__database__PASSWD=gitea
+      - GITEA__database__PASSWD=${DB_PASSWORD}
+      - GITEA__server__DOMAIN=git.alogins.net
+      - GITEA__server__SSH_DOMAIN=git.alogins.net
+      - GITEA__server__ROOT_URL=https://git.alogins.net/
     restart: always
     networks:
       - gitea
     volumes:
-      - /home/git/.ssh/:/data/git/.ssh
+      - ${SSH_KEY_PATH}:/data/git/.ssh
-      - /mnt/misc/gitea:/data
+      - ${GITEA_DATA}:/data
+      - ${BACKUP_DIR}:/backup
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
     ports:
@@ -34,10 +36,10 @@ services:
     image: docker.io/library/postgres:14
     restart: always
     environment:
-      - POSTGRES_USER=gitea
+      - POSTGRES_USER=${DB_USER}
-      - POSTGRES_PASSWORD=gitea
+      - POSTGRES_PASSWORD=${DB_PASSWORD}
-      - POSTGRES_DB=gitea
+      - POSTGRES_DB=${DB_NAME}
     networks:
       - gitea
     volumes:
-      - ./postgres:/var/lib/postgresql/data
+      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data

gitea/restore.sh

@@ -0,0 +1,124 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/.env"
+
+# --- Argument validation ---
+if [ $# -lt 1 ]; then
+  echo "Usage: $0 <path-to-gitea-dump.zip>" >&2
+  exit 1
+fi
+
+DUMP_ZIP="$(realpath "$1")"
+if [ ! -f "$DUMP_ZIP" ]; then
+  echo "Error: dump file not found: $DUMP_ZIP" >&2
+  exit 1
+fi
+
+if ! docker info > /dev/null 2>&1; then
+  echo "Error: Docker is not accessible" >&2
+  exit 1
+fi
+
+# --- Cleanup trap: always bring services back up ---
+cleanup() {
+  echo "Starting all services..."
+  docker compose -f "$SCRIPT_DIR/docker-compose.yml" up -d
+}
+trap cleanup EXIT
+
+# --- Stop everything ---
+echo "Stopping all services..."
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" down
+
+# --- Start only the database ---
+echo "Starting database only..."
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" up -d db
+echo "Waiting for database to be ready..."
+for i in $(seq 1 30); do
+  if docker compose -f "$SCRIPT_DIR/docker-compose.yml" exec -T db \
+    pg_isready -U "$DB_USER" -d "$DB_NAME" > /dev/null 2>&1; then
+    break
+  fi
+  if [ "$i" -eq 30 ]; then
+    echo "Error: database not ready after 30 seconds" >&2
+    exit 1
+  fi
+  sleep 1
+done
+
+# --- Restore database ---
+echo "Restoring database..."
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" exec -T db \
+  psql -U "$DB_USER" -d postgres -c "DROP DATABASE IF EXISTS \"$DB_NAME\";"
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" exec -T db \
+  psql -U "$DB_USER" -d postgres -c "CREATE DATABASE \"$DB_NAME\" OWNER \"$DB_USER\";"
+
+unzip -p "$DUMP_ZIP" gitea-db.sql | \
+  docker compose -f "$SCRIPT_DIR/docker-compose.yml" exec -T db \
+  psql -U "$DB_USER" -d "$DB_NAME"
+
+# --- Restore data files ---
+echo "Restoring data files..."
+docker run --rm \
+  -v "${GITEA_DATA}:/data" \
+  -v "${DUMP_ZIP}:/backup/dump.zip:ro" \
+  docker.gitea.com/gitea:1.25.3 \
+  /bin/sh -c '
+    set -e
+    apk add --no-cache unzip > /dev/null 2>&1 || true
+    mkdir -p /tmp/restore
+    unzip -o /backup/dump.zip -d /tmp/restore
+
+    # Clear old data
+    rm -rf /data/gitea/attachments /data/gitea/avatars /data/gitea/jwt \
+           /data/gitea/indexers /data/gitea/queues /data/gitea/lfs \
+           /data/gitea/packages /data/gitea/tmp
+    rm -rf /data/git/repositories/*
+
+    # Restore data directory contents
+    if [ -d /tmp/restore/data ]; then
+      cp -a /tmp/restore/data/* /data/gitea/ 2>/dev/null || true
+    fi
+
+    # Restore repositories
+    if [ -d /tmp/restore/repos ]; then
+      cp -a /tmp/restore/repos/* /data/git/repositories/ 2>/dev/null || true
+    fi
+
+    # Restore app.ini
+    if [ -f /tmp/restore/app.ini ]; then
+      mkdir -p /data/gitea/conf
+      cp -a /tmp/restore/app.ini /data/gitea/conf/app.ini
+    fi
+
+    # Fix ownership
+    chown -R 1001:1001 /data
+
+    rm -rf /tmp/restore
+  '
+
+# --- Bring everything up (trap will handle this) ---
+# Trap fires on exit, which starts all services.
+# After services are up, regenerate hooks.
+trap - EXIT
+echo "Starting all services..."
+docker compose -f "$SCRIPT_DIR/docker-compose.yml" up -d
+
+echo "Waiting for Gitea to start..."
+for i in $(seq 1 60); do
+  if docker exec gitea curl -sf http://localhost:3000/ > /dev/null 2>&1; then
+    break
+  fi
+  if [ "$i" -eq 60 ]; then
+    echo "Warning: Gitea not responding after 60s, attempting hook regeneration anyway" >&2
+    break
+  fi
+  sleep 1
+done
+
+echo "Regenerating git hooks..."
+docker exec gitea gitea admin regenerate hooks
+
+echo "Restore completed successfully"

immich-app/.env

@@ -6,11 +6,11 @@
 
 # The location where your uploaded files are stored
 UPLOAD_LOCATION=/mnt/media/upload
-THUMB_LOCATION=/mnt/ssd1/media/thumbs
+THUMB_LOCATION=/mnt/ssd/media/thumbs
-ENCODED_VIDEO_LOCATION=/mnt/ssd1/media/encoded-video
+ENCODED_VIDEO_LOCATION=/mnt/ssd/media/encoded-video
 
 # The location where your database files are stored. Network shares are not supported for the database
-DB_DATA_LOCATION=/mnt/ssd1/media/postgres
+DB_DATA_LOCATION=/mnt/ssd/media/postgres
 
 # To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
 # TZ=Etc/UTC

immich-app/docker-compose.yml

@@ -23,7 +23,7 @@ services:
       - ${ENCODED_VIDEO_LOCATION}:/data/encoded-video
       - /etc/localtime:/etc/localtime:ro
     env_file:
-      - ../.env
+      - .env
     ports:
       - '2283:2283'
     depends_on:
@@ -44,7 +44,7 @@ services:
     volumes:
       - model-cache:/cache
     env_file:
-      - ../.env
+      - .env
     restart: always
     healthcheck:
       disable: false

zabbix/.env

@@ -0,0 +1,12 @@
+# Zabbix web frontend
+WEB_PORT=81
+PHP_TZ=Europe/Amsterdam
+
+# Agent
+AGENT_HOSTNAME=Zabbix server
+
+# PostgreSQL
+POSTGRES_DATA_DIR=/mnt/ssd/dbs/zabbix
+POSTGRES_USER=zabbix
+POSTGRES_PASSWORD=fefwG11UAFfs110
+POSTGRES_DB=zabbix

zabbix/docker-compose.yml

@@ -0,0 +1,98 @@
+services:
+  postgres-server:
+    image: postgres:16-alpine
+    restart: unless-stopped
+    volumes:
+      - ${POSTGRES_DATA_DIR}:/var/lib/postgresql/data
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_DB: ${POSTGRES_DB}
+    networks:
+      - database
+    stop_grace_period: 1m
+
+  zabbix-server:
+    image: zabbix/zabbix-server-pgsql:ubuntu-7.4-latest
+    restart: unless-stopped
+    ports:
+      - "10051:10051"
+    environment:
+      DB_SERVER_HOST: postgres-server
+      DB_SERVER_PORT: 5432
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_DB: ${POSTGRES_DB}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+    ulimits:
+      nproc: 65535
+      nofile:
+        soft: 20000
+        hard: 40000
+    depends_on:
+      - postgres-server
+    networks:
+      - database
+      - backend
+      - frontend
+    stop_grace_period: 30s
+
+  zabbix-web:
+    image: zabbix/zabbix-web-apache-pgsql:ubuntu-7.4-latest
+    restart: unless-stopped
+    ports:
+      - "${WEB_PORT}:8080"
+    environment:
+      ZBX_SERVER_HOST: zabbix-server
+      ZBX_SERVER_PORT: 10051
+      DB_SERVER_HOST: postgres-server
+      DB_SERVER_PORT: 5432
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_DB: ${POSTGRES_DB}
+      PHP_TZ: ${PHP_TZ}
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/ping"]
+      interval: 1m30s
+      timeout: 3s
+      retries: 3
+      start_period: 40s
+      start_interval: 5s
+    depends_on:
+      - postgres-server
+      - zabbix-server
+    networks:
+      - database
+      - backend
+      - frontend
+    stop_grace_period: 10s
+
+  zabbix-agent:
+    image: zabbix/zabbix-agent:ubuntu-7.4-latest
+    restart: unless-stopped
+    environment:
+      ZBX_HOSTNAME: ${AGENT_HOSTNAME}
+      ZBX_SERVER_HOST: zabbix-server
+      ZBX_SERVER_ACTIVE: zabbix-server
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+    privileged: true
+    pid: host
+    depends_on:
+      - zabbix-server
+    networks:
+      - backend
+    stop_grace_period: 5s
+
+networks:
+  frontend:
+    driver: bridge
+  backend:
+    driver: bridge
+    internal: true
+  database:
+    driver: bridge
+    internal: true