# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
services:
  wazuh.manager:
    image: wazuh/wazuh-manager:4.14.3
    hostname: wazuh.manager
    container_name: wazuh.manager
    restart: unless-stopped
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 655360
        hard: 655360
    ports:
      - "1514:1514"
      - "1515:1515"
      - "514:514/udp"
      - "55000:55000"
    environment:
      - INDEXER_URL=https://wazuh.indexer:9200
      - INDEXER_USERNAME=admin
      - INDEXER_PASSWORD=SecretPassword
      - FILEBEAT_SSL_VERIFICATION_MODE=full
      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
      - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
      - SSL_KEY=/etc/ssl/filebeat.key
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
    volumes:
      - wazuh_api_configuration:/var/ossec/api/configuration
      - wazuh_etc:/var/ossec/etc
      - wazuh_logs:/var/ossec/logs
      - wazuh_queue:/var/ossec/queue
      - wazuh_var_multigroups:/var/ossec/var/multigroups
      - wazuh_integrations:/var/ossec/integrations
      - wazuh_active_response:/var/ossec/active-response/bin
      - wazuh_agentless:/var/ossec/agentless
      - wazuh_wodles:/var/ossec/wodles
      - filebeat_etc:/etc/filebeat
      - filebeat_var:/var/lib/filebeat
      - ./wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
      - ./wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
      - ./wazuh/cve:/cve

  wazuh.indexer:
    image: wazuh/wazuh-indexer:4.14.3
    hostname: wazuh.indexer
    container_name: wazuh.indexer
    restart: always
    ports:
      - "9200:9200"
    environment:
      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - wazuh-indexer-data:/var/lib/wazuh-indexer
      - ./wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key
      - ./wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
      - ./wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
      - ./wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml

  wazuh.dashboard:
    image: wazuh/wazuh-dashboard:4.14.3
    hostname: wazuh.dashboard
    container_name: wazuh.dashboard
    restart: always
    ports:
      - 443:5601
    environment:
      - INDEXER_USERNAME=admin
      - INDEXER_PASSWORD=SecretPassword
      - WAZUH_API_URL=https://wazuh.manager
      - DASHBOARD_USERNAME=kibanaserver
      - DASHBOARD_PASSWORD=kibanaserver
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
    volumes:
      - ./wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
      - ./wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
      - ./wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
      - ./wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
    depends_on:
      - wazuh.indexer
    links:
      - wazuh.indexer:wazuh.indexer
      - wazuh.manager:wazuh.manager

  grafana:
    image: grafana/grafana-enterprise:12.3-ubuntu
    container_name: grafana
    ports:
        - '3000:3000'
    restart: unless-stopped
    volumes:
        - ./grafana/datasources:/etc/grafana/provisioning/datasources
        - ./grafana/plugins:/etc/grafana/provisioning/plugins
    environment:
        - GF_INSTALL_PLUGINS=alexanderzobnin-zabbix-app, volkovlabs-form-panel, grafana-llm-app, consensys-asko11y-app
        - GF_PLUGINS_ALLOW_LOADING_SIGNED_PLUGINS=alexanderzobnin-zabbix-app
        - GF_FEATURE_TOGGLES_ENABLE=externalServiceAccounts
        - GF_AUTH_MANAGED_SERVICE_ACCOUNTS_ENABLED=true
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/"]
      interval: 10s
      timeout: 5s
      retries: 6
      start_period: 20s

  server:
    image: zabbix/zabbix-server-pgsql:ubuntu-7.4-latest
    container_name: zabbix-server
    ports:
      - "10051:10051"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - ./zabbix/zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro
      - ./zabbix/zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro
      - ./zabbix/zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw
      - ./zabbix/zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
      - ./zabbix/zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
      - ./zabbix/zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
      - ./zabbix/zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro
      - ./zabbix/zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro
    restart: unless-stopped
    depends_on:
      - postgres-server
    environment:
      - POSTGRES_USER=zabbix
      - POSTGRES_PASSWORD=zabbix
      - POSTGRES_DB=zabbixNew
      - ZBX_HISTORYSTORAGETYPES=log,text
      - ZBX_DEBUGLEVEL=1
      - ZBX_HOUSEKEEPINGFREQUENCY=1
      - ZBX_MAXHOUSEKEEPERDELETE=5000
      - ZBX_PROXYCONFIGFREQUENCY=3600

  web-nginx-pgsql:
    image: zabbix/zabbix-web-nginx-pgsql:ubuntu-7.4-latest
    container_name: zabbix-web
    ports:
      - "8080:8080"
      - "8443:8443"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - ./zabbix/zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro
      - ./zabbix/zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8080/"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 30s
    sysctls:
      - net.core.somaxconn=65535
    restart: unless-stopped
    depends_on:
      - server
      - postgres-server
    environment:
      - POSTGRES_USER=zabbix
      - POSTGRES_PASSWORD=zabbix
      - POSTGRES_DB=zabbixNew
      - ZBX_SERVER_HOST=server
      - ZBX_POSTMAXSIZE=64M
      - PHP_TZ=Europe/Madrid
      - ZBX_MAXEXECUTIONTIME=500

  agent:
    image: zabbix/zabbix-agent2:ubuntu-7.4-latest
    container_name: zabbix-agent
    ports:
      - "10050:10050"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - ./zabbix/zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro
      - ./zabbix/zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
      - ./zabbix/zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
      - ./zabbix/zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
    privileged: true
    pid: "host"
    restart: unless-stopped
    depends_on:
      - server
    environment:
      - ZBX_SERVER_HOST=server

  snmptraps:
    image: zabbix/zabbix-snmptraps:ubuntu-7.4-latest
    container_name: zabbix-snmptraps
    ports:
      - "162:1162/udp"
    volumes:
      - ./zabbix/snmptraps:/var/lib/zabbix/snmptraps:rw
    restart: unless-stopped
    depends_on:
      - server
    environment:
      - ZBX_SERVER_HOST=server

  postgres-server:
    container_name: zabbix-postgres
    image: postgres:16-alpine
    volumes:
      - ./zabbix/zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw
    restart: unless-stopped
    environment:
      - POSTGRES_PASSWORD=zabbix
      - POSTGRES_USER=zabbix
      - POSTGRES_DB=zabbixNew
    healthcheck:
      test: ["CMD-SHELL", "pg_isready"]
      interval: 10s
      timeout: 5s
      retries: 5

  inicio-dashboards:
    build: ./grafana/dashboards
    container_name: inicio-dashboards
    volumes:
      - ./grafana/dashboards:/grafana/dashboards
    depends_on:
      grafana:
        condition: service_healthy

  ollama:
    build: ./ollama
    container_name: ollama
    restart: unless-stopped
    volumes:
    - ./ollama/:/usr/local
    environment:
    - OLLAMA_NUM_THREADS=10
    - OLLAMA_NUM_PARALLEL=1
    - OLLAMA_MAX_LOADED_MODELS=1
    ports:
      - "11434:11434"

  openwebui:
    image: ghcr.io/open-webui/open-webui:main
    container_name: openwebui
    restart: unless-stopped
    environment:
      - OLLAMA_BASE_URL=http://ollama:11434
    volumes:
      - openwebui:/app/backend/data
    ports:
      - "3500:8080"
    depends_on:
      - ollama

  grafana-mcp:
    image: mcp/grafana
    container_name: grafana-mcp
    ports:
      - "8001:8000"

volumes:
  wazuh_api_configuration:
  wazuh_etc:
  wazuh_logs:
  wazuh_queue:
  wazuh_var_multigroups:
  wazuh_integrations:
  wazuh_active_response:
  wazuh_agentless:
  wazuh_wodles:
  filebeat_etc:
  filebeat_var:
  wazuh-indexer-data:
  wazuh-dashboard-config:
  wazuh-dashboard-custom:
  ollama:
  openwebui: