From 2d5fcdc98f23d4eeb9a3e88c10633b47c5742d47 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 28 Apr 2020 19:39:39 +0300 Subject: [PATCH] Updated Ubuntu images --- agent/ubuntu/Dockerfile | 166 +-- agent/ubuntu/docker-entrypoint.sh | 986 +-------------- java-gateway/ubuntu/Dockerfile | 80 +- java-gateway/ubuntu/docker-entrypoint.sh | 1113 +---------------- proxy-mysql/ubuntu/Dockerfile | 110 +- proxy-mysql/ubuntu/docker-entrypoint.sh | 858 +------------ proxy-sqlite3/ubuntu/Dockerfile | 108 +- proxy-sqlite3/ubuntu/docker-entrypoint.sh | 996 +-------------- server-mysql/ubuntu/Dockerfile | 119 +- server-mysql/ubuntu/docker-entrypoint.sh | 852 +------------ server-pgsql/centos/Dockerfile | 4 +- server-pgsql/ubuntu/Dockerfile | 114 +- server-pgsql/ubuntu/docker-entrypoint.sh | 829 +----------- snmptraps/ubuntu/Dockerfile | 88 +- .../snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb | Bin 17650 -> 0 bytes web-apache-mysql/ubuntu/Dockerfile | 110 +- .../etc/php/7.2/apache2/conf.d/99-zabbix.ini | 2 +- .../ubuntu/conf/etc/zabbix/apache.conf | 2 +- .../ubuntu/conf/etc/zabbix/apache_ssl.conf | 2 +- web-apache-mysql/ubuntu/docker-entrypoint.sh | 934 +------------- 20 files changed, 707 insertions(+), 6766 deletions(-) delete mode 100644 snmptraps/ubuntu/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 315bb6b68..84cd43acf 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -1,19 +1,64 @@ -FROM ubuntu:bionic as builder +FROM ubuntu:bionic -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" +LABEL org.opencontainers.image.title="Zabbix agent" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ + org.opencontainers.image.licenses="GPL v2.0" -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=agent ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install locales && \ - locale-gen $LC_ALL && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ + addgroup --system --gid 1995 --quiet zabbix && \ + adduser --quiet \ + --system --disabled-login \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ + --home /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ + libssl1.1 \ + libcurl4 \ + libldap-2.4 && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* + +ARG MAJOR_VERSION=3.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.30 +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ libcurl4-openssl-dev \ @@ -23,7 +68,6 @@ RUN set -eux && \ make \ pkg-config \ git \ - ca-certificates \ gcc && \ cd /tmp/ && \ git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ @@ -43,72 +87,30 @@ RUN set -eux && \ --with-openssl \ --enable-ipv6 \ --silent && \ - make -j"$(nproc)" -s - -FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=agent ZBX_DB_TYPE=none ZBX_OPT_TYPE=none \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE} --link zabbix-server:zabbix-server -p 10050:10050 -d zabbix-${ZBX_TYPE}:ubuntu-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix \ - --home /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /etc/zabbix/zabbix_agentd.d && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /var/lib/zabbix/modules && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ - libssl1.1 \ - libcurl4 \ - libldap-2.4 && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + apt-get -y purge \ + autoconf \ + automake \ + libcurl4-openssl-dev \ + libc6-dev \ + libldap2-dev \ + libssl-dev \ + make \ + pkg-config \ + git \ + gcc && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* EXPOSE 10050/TCP @@ -116,6 +118,8 @@ WORKDIR /var/lib/zabbix VOLUME ["/etc/zabbix/zabbix_agentd.d", "/var/lib/zabbix/enc", "/var/lib/zabbix/modules"] -COPY ["docker-entrypoint.sh", "/usr/bin/"] - ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agentd", "--foreground", "-c", "/etc/zabbix/zabbix_agentd.conf"] diff --git a/agent/ubuntu/docker-entrypoint.sh b/agent/ubuntu/docker-entrypoint.sh index 2273afee7..c63af987d 100755 --- a/agent/ubuntu/docker-entrypoint.sh +++ b/agent/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,151 +9,17 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} escape_spec_char() { local var_value=$1 @@ -237,707 +103,12 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - prepare_zbx_agent_config() { echo "** Preparing Zabbix agent configuration file" - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS @@ -956,7 +127,7 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} + : ${ZBX_PASSIVE_ALLOW:="true"} if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" @@ -968,7 +139,7 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} + : ${ZBX_ACTIVE_ALLOW:="true"} if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" @@ -1001,20 +172,11 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1" fi } @@ -1023,130 +185,16 @@ prepare_agent() { prepare_zbx_agent_config } -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} - ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agentd "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_agentd' ]; then + prepare_agent fi +exec "$@" + ################################################# diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 9352084e7..e950c6fda 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -1,60 +1,46 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=java-gateway ZBX_DB_TYPE=none ZBX_OPT_TYPE=none - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ + org.opencontainers.image.licenses="GPL v2.0" + STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix/ && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ openjdk-8-jre-headless && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE} --link zabbix-server:zabbix-server -p 10052:10052 -d zabbix-${ZBX_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ libc6-dev \ @@ -84,7 +70,7 @@ RUN set -eux && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ libc6-dev \ @@ -93,16 +79,22 @@ RUN set -eux && \ pkg-config \ git \ gcc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ rm -rf /var/lib/apt/lists/* EXPOSE 10052/TCP - + WORKDIR /var/lib/zabbix - -COPY ["conf/etc/zabbix/zabbix_java_gateway_logback.xml", "/etc/zabbix/"] + COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] - + ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_java_gateway"] diff --git a/java-gateway/ubuntu/docker-entrypoint.sh b/java-gateway/ubuntu/docker-entrypoint.sh index 2665cfd0d..ec5223733 100755 --- a/java-gateway/ubuntu/docker-entrypoint.sh +++ b/java-gateway/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,998 +9,9 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - -escape_spec_char() { - local var_value=$1 - - var_value="${var_value//\\/\\\\}" - var_value="${var_value//[$'\n']/}" - var_value="${var_value//\//\\/}" - var_value="${var_value//./\\.}" - var_value="${var_value//\*/\\*}" - var_value="${var_value//^/\\^}" - var_value="${var_value//\$/\\\$}" - var_value="${var_value//\&/\\\&}" - var_value="${var_value//\[/\\[}" - var_value="${var_value//\]/\\]}" - - echo "$var_value" -} - -update_config_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - local is_multiple=$4 - - if [ ! -f "$config_path" ]; then - echo "**** Configuration file '$config_path' does not exist" - return - fi - - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " - - # Remove configuration parameter definition in case of unset parameter value - if [ -z "$var_value" ]; then - sed -i -e "/^$var_name=/d" "$config_path" - echo "removed" - return - fi - - # Remove value from configuration parameter in case of double quoted parameter value - if [ "$var_value" == '""' ]; then - sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" - echo "undefined" - return - fi - - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value - var_value=$(escape_spec_char "$var_value") - - if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then - sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" - echo "updated" - elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then - sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" - echo "added first occurrence" - else - sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" - echo "added" - fi - -} - -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} prepare_java_gateway_config() { echo "** Preparing Zabbix Java Gateway log configuration file" @@ -1017,53 +28,6 @@ prepare_java_gateway_config() { fi } -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - prepare_java_gateway() { echo "** Preparing Zabbix Java Gateway" @@ -1072,80 +36,11 @@ prepare_java_gateway() { ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_java_gateway' ]; then + prepare_java_gateway fi -prepare_system "$zbx_type" "$zbx_opt_type" +exec "$@" -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi ################################################# diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index 4acea13e2..281cb3c78 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -1,44 +1,28 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ARG DB_TYPE=mysql -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=proxy ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -47,10 +31,15 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ fping \ libcurl4 \ libmysqlclient20 \ @@ -61,27 +50,32 @@ RUN set -eux && \ libxml2 \ mysql-client \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG MAJOR_VERSION=3.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.30 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -110,8 +104,8 @@ RUN set -eux && \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-proxy \ + --with-mysql \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -124,17 +118,19 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -150,7 +146,7 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* && \ chmod +x /sbin/tini @@ -160,7 +156,11 @@ WORKDIR /var/lib/zabbix VOLUME ["/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/modules", "/var/lib/zabbix/snmptraps"] VOLUME ["/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index 97d33c2c9..4c0b69cd1 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +51,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -239,18 +135,14 @@ update_config_multiple_var() { # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -276,37 +168,7 @@ check_variables_mysql() { DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} } check_db_connect_mysql() { @@ -321,7 +183,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -334,49 +195,6 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" @@ -387,30 +205,6 @@ mysql_query() { echo $result } -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - create_db_user_mysql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -427,20 +221,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -454,22 +234,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -480,240 +245,31 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix proxy configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" update_config_var $ZBX_CONFIG "LogFile" @@ -722,30 +278,20 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" @@ -755,12 +301,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -777,7 +318,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -787,26 +328,13 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" @@ -816,337 +344,61 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" } prepare_proxy() { - local db_type=$1 - echo "Preparing Zabbix proxy" - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" fi - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi +exec "$@" ################################################# diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 926178e64..7c8eb9562 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -1,43 +1,28 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=proxy ZBX_DB_TYPE=sqlite3 ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with SQLite3 database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -46,9 +31,15 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ fping \ libcurl4 \ libopenipmi0 \ @@ -58,27 +49,32 @@ RUN set -eux && \ libssl1.1 \ libxml2 \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG MAJOR_VERSION=3.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.30 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link zabbix-server:zabbix-server -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -107,8 +103,8 @@ RUN set -eux && \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-proxy \ + --with-sqlite3 \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -121,14 +117,16 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -144,17 +142,21 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* && \ chmod +x /sbin/tini EXPOSE 10051/TCP - + WORKDIR /var/lib/zabbix - + VOLUME ["/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/modules", "/var/lib/zabbix/snmptraps"] VOLUME ["/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] - + ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/proxy-sqlite3/ubuntu/docker-entrypoint.sh index 2273afee7..e27cc15fc 100755 --- a/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,151 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} escape_spec_char() { local var_value=$1 @@ -237,483 +102,24 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix proxy configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" update_config_var $ZBX_CONFIG "LogFile" @@ -722,30 +128,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" + update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPort" + update_config_var $ZBX_CONFIG "DBPassword" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" @@ -755,12 +150,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -777,7 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -787,26 +177,13 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" @@ -816,337 +193,54 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" } prepare_proxy() { - local db_type=$1 - echo "Preparing Zabbix proxy" - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy fi +exec "$@" + ################################################# diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index ed4c333ca..ac1dc39c0 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -1,46 +1,29 @@ FROM ubuntu:bionic -LABEL maintainer "Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ usermod -G zabbix,dialout zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/export && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -49,10 +32,16 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-server-mysql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ iputils-ping \ traceroute \ fping \ @@ -66,27 +55,32 @@ RUN set -eux && \ libxml2 \ mysql-client \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG MAJOR_VERSION=3.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.30 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -116,8 +110,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-mysql \ --with-jabber \ --with-ldap \ --with-libcurl \ @@ -131,19 +125,21 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -160,9 +156,8 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + apt-get -y autoremove && \ + rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP @@ -170,7 +165,11 @@ WORKDIR /var/lib/zabbix VOLUME ["/usr/lib/zabbix/alertscripts", "/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/mibs", "/var/lib/zabbix/modules"] VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 97d33c2c9..5943bc826 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,11 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +46,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -239,18 +130,14 @@ update_config_multiple_var() { # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -271,42 +158,12 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && [ "${USE_DB_ROOT_USER}" == "true" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } check_db_connect_mysql() { @@ -321,7 +178,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -334,49 +190,6 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" @@ -387,30 +200,6 @@ mysql_query() { echo $result } -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - create_db_user_mysql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -427,20 +216,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -454,22 +229,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -480,239 +240,19 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix server configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -722,31 +262,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" @@ -755,12 +279,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -777,7 +299,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -787,25 +309,19 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -816,26 +332,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -843,310 +348,41 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config } prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" fi - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi +exec "$@" ################################################# diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 31b1d6087..7e915291e 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -6,9 +6,9 @@ LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ org.opencontainers.image.licenses="GPL v2.0" - + STOPSIGNAL SIGTERM - + ENV TINI_VERSION=v0.19.0 RUN set -eux && \ diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 75af6d0b2..7ee321a3c 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -1,46 +1,29 @@ FROM ubuntu:bionic -LABEL maintainer "Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=postgresql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with PostgreSQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ usermod -G zabbix,dialout zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/export && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -49,10 +32,16 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-server-postgresql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ iputils-ping \ traceroute \ fping \ @@ -66,27 +55,32 @@ RUN set -eux && \ libxml2 \ postgresql-client \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG MAJOR_VERSION=3.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.30 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-pgsql --link postgres-server:postgres -p 10051:10051 -d zabbix-${ZBX_TYPE}-pgsql:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -116,8 +110,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-postgresql \ --with-jabber \ --with-ldap \ --with-libcurl \ @@ -131,19 +125,21 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip database/postgresql/create.sql && \ + cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -160,7 +156,7 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* && \ chmod +x /sbin/tini @@ -174,3 +170,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbi COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index 2273afee7..7fb16ebfa 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,11 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +46,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -237,62 +128,14 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - # Check prerequisites for PostgreSQL database check_variables_postgresql() { - local type=$1 - file_env POSTGRES_USER file_env POSTGRES_PASSWORD - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} + : ${DB_SERVER_HOST:="postgres-server"} + : ${DB_SERVER_PORT:="5432"} + : ${CREATE_ZBX_DB_USER:="false"} DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} @@ -300,38 +143,9 @@ check_variables_postgresql() { DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} + : ${DB_SERVER_SCHEMA:="public"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done + DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} } check_db_connect_postgresql() { @@ -355,7 +169,6 @@ check_db_connect_postgresql() { DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} fi - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then export PGPASSWORD="${DB_SERVER_ZBX_PASS}" fi @@ -376,17 +189,6 @@ check_db_connect_postgresql() { unset PGOPTIONS } - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - psql_query() { query=$1 db=$2 @@ -411,22 +213,6 @@ psql_query() { echo $result } -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - create_db_user_postgresql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -441,19 +227,6 @@ create_db_user_postgresql() { fi } -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - create_db_database_postgresql() { DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") @@ -467,29 +240,7 @@ create_db_database_postgresql() { psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" } -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - create_db_schema_postgresql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") @@ -510,7 +261,7 @@ create_db_schema_postgresql() { export PGOPTIONS fi - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ + zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql -q \ -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null @@ -519,200 +270,15 @@ create_db_schema_postgresql() { fi } -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { local type=$1 local db_type=$2 - echo "** Preparing Zabbix $type configuration file" + echo "** Preparing Zabbix server configuration file" - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -722,31 +288,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" @@ -755,12 +305,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -777,7 +325,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -787,25 +335,20 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -816,26 +359,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -843,310 +375,41 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config } prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_postgresql + check_db_connect_postgresql + create_db_user_postgresql + create_db_database_postgresql + create_db_schema_postgresql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server fi +exec "$@" + ################################################# diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index feef9ba59..c59b8b78c 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -1,60 +1,62 @@ FROM ubuntu:bionic -LABEL maintainer "Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/mibs/iana:/var/lib/mibs/ietf:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.label-schema.name="zabbix-snmptraps-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix SNMP traps receiver" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="1.14" \ - org.label-schema.vcs-url="https://anonscm.debian.org/gitweb/?p=collab-maint/snmptrapfmt.git" \ - org.label-schema.docker.cmd="docker run --name zabbix-snmptraps --link zabbix-server:zabbix-server -p 162:162/UDP -d zabbix-snmptraps:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + +LABEL org.opencontainers.image.title="zabbix-snmptraps-ubuntu" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix SNMP traps receiver" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="https://anonscm.debian.org/gitweb/?p=collab-maint/snmptrapfmt.git" STOPSIGNAL SIGTERM -COPY ["snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb", "/tmp/"] +COPY ["snmptrapfmt_1.14+nmu1ubuntu2.tar.gz", "/tmp/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ snmp-mibs-downloader \ snmptrapd \ supervisor && \ download-mibs && \ - dpkg -i /tmp/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + autoconf \ + automake \ + gcc \ + patch \ + make \ + libc6-dev \ + libsnmp-dev && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/snmptraps && \ mkdir -p /var/lib/zabbix/mibs && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ + cd /tmp/ && \ + tar -zxvf snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ + ls -lah && \ + cd /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ + patch -p1 < ./patches/makefile.patch && \ + patch -p1 < ./patches/pid_location.patch && \ + make -j"$(nproc)" -s && \ + cp snmptrapfmthdlr /usr/sbin/snmptrapfmthdlr && \ + cp snmptrapfmt /usr/sbin/snmptrapfmt && \ + cp snmptrapfmt.conf /etc/snmp/snmptrapfmt.conf && \ echo "disableAuthorization yes" >> "/etc/snmp/snmptrapd.conf" && \ echo "traphandle default /usr/sbin/snmptrapfmthdlr" >> "/etc/snmp/snmptrapd.conf" && \ sed -i \ @@ -62,8 +64,20 @@ RUN set -eux && \ -e '/^LOGFMT=/s/=.*/=\"$x ZBXTRAP $R $G $S $e $*\"/' \ -e "/^LOGFILE=/s/=.*/=\"\/var\/lib\/zabbix\/snmptraps\/snmptraps.log\"/" \ "/etc/snmp/snmptrapfmt.conf" && \ - rm -rf /tmp/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb && \ - apt-get ${APT_FLAGS_COMMON} autoremove 1>/dev/null && \ + rm -rf /tmp/snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ + rm -rf /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ + chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ + autoconf \ + automake \ + gcc \ + patch \ + make \ + libc6-dev \ + libsnmp-dev && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* EXPOSE 162/UDP @@ -75,4 +89,6 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/mibs"] COPY ["conf/etc/supervisor/", "/etc/supervisor/"] COPY ["conf/etc/logrotate.d/zabbix_snmptraps", "/etc/logrotate.d/"] +USER 1997 + CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/snmptraps/ubuntu/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb b/snmptraps/ubuntu/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb deleted file mode 100644 index c360deec264ce8fd362cda5bda329712ca42ddda..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 17650 zcmaf)Q;aZ7(51(=ZQHhO+qOOPj&0kvZQHhObHDv}_j*q{l~mGISCuE#Cuu?+LnmVk zJ}47YBTGX&S|dw4LnluH0s=-Bb_P~9W@Z*n0s@Br^8XhZ85r1DSO^IIJO5V(P)u|T zP{#IlE>89~bS{QYbmm_F|9VDdR*wJEzyJzA3IgDN3kdi|W5<4l4dssdgIZ<^c&Gg% zHVNgtT&0u|5;n$`eu;(ib)u(K5@$oMAe`TCY=X9n*7jdmYvHkk`UEc@pZ@Cy?wDV_ z>kSIgi6$Fg!Yu#T8^vr>c&H-=cLz^gA#I}V4gl;Zlk9k^+N2)oTgQWa@^?VhtksIn z)8`UPkIhdJi|lNzKME=04$(pP@0wg42EUQ?I&rDBca^4o+v*o|b3)}7aRPn`zuOH0 z?8^KG;VT@Az9jTE9M)OA+WfNjgo*hBxL4da=VXE~N2u6Kc_>dtDP6EJZ7_=u!>J~5 z4C^n;vGdBUH$9h5cqw3m2kl%;t^I3Y0ISkQ3VnWJ^;3!-SdW^$LJTC^A^d#ff!1r% zD{vsG($q=5=1TuLjANq72-iXYS)gDQml8Fv=Vb!F+G4z)R87{+qA|pmmT2!1hzM*e zK8+%4gWR2{vX+|=mC6QiS__C^Ea_JB8PS6T?E;M)i9Mq-8kZ3&6sr{{T)yhJ{X#w` z%>96X&Z@?RzXXxvi+(e9~OCT1AB(^Ks49d2WlDJkxr~44dBy@0_*u>^VN2M z;TVCN_?tsSTt}5$w>5COJ*-Gjl|6L&)LyfW)HZt54D46cA+^l# z99B{(seS^vz1S@CHbC`APUD^Jj_G5N9%j{+_Vu44O4->1f8j#(AG;v;Tac97KTS_C z8qI*S8-tnVOAHD6vdK$RcxBqET24ZH-5!;F1VbbgJae$|*B}dQ#zA5e??Zckf~}wY zv?J)MjKw+uv&MzB4lvy9c>MA zbEEu0F-FG1{Q$cdN~Usn!p5}kaF`z~*%E!Q1KO*q$!fba$k`ozT9XyFQk`xS+gce%PdrU;9A13O)N{?oo17jFaN~suD_VU>`><)fBT=m#oOx7yC%*(iJvwiW?}2vj^Db@Klr9^pTD>ym)gH9 z0<18@Y%&^Dp?f3?u)s(Zf>5eJ8suOYF>tft@R%b(9T6NVy)sjkQ_KIRod}6&P4zsIgEqbqvTt!cx>&@&08QbqN7tWKL)L@ArHE{>1sup}X%5 zBq(#t64Vo{I~G~3xI!YbIou*6#nUaN^rEp?QQH4wmzpZGSW@*2=FMn4G11IXH3bqy zG6Su!TPfjEzFDWXT0L1YMw4PNc}-N~%o9qz6ZlSJ>j?9kSXsuL7Aw?r zm|0B#GeiM8cT|#4*MKw7kdr`#1FhLRi}vh;s~efBRfZGr$a00jVmiJ^<(|6thTKMen;{~yU2+5Tht|J*cy z`eFCd&;kGev?SVP0|FofMEj4*F7ziw`*(kQ<+=dq(A_w`fGPdBQhc7MgVSV1YV4OY zH>W9wrn#la)fPl4Ljig{cs7=Tm+PJO-a&~jD>OtggqQ~8`6!e77qd|1$EQgh)?Kj< z-ipY{$JLv|A$cN)v8fLO&EXRkeb%EJr?+t?IMdCs`YRIV`dBK=JbwPYo(xBN)z=Z< z_Fx$!$Y@0#%kkfNAs=L$7uruFm~%W zW7vVJkGR0kdfs(#ctyg>qSG`Ah`%G$DM@6W4?A4L3ck><6X$TpHwGj2b zFTM>(EW~CNq4Dnx;iVK?CfYnE+?u+cyYm!kVxP5A<=GQGDZppT zy_}DwIT^abC>Qhm>0<8m)o146DN&nHwFSb^2~grOso)SL0v!l1`Rs?x06Jh;|SZoQF^&+?(?Q^EAmroj~b`&ytX$#yuA3GSxwIs}uh zfA@PnimOPuiOD~Zi7}K*o#KsPA}O&CIL>q{AZg&uA%l4YB2WS8ZvgO&23^_Sy2EfB z&PNSgZ)_DIBi*c^oO!^y2_w=C(?A(fQ{H(WfQZ``!_G=5?yvhZnYCyaFktSo6ns;K zbajdYkm}+I-b3D>DyYqsM;zV#Y}^7r>A+cu4fL->WKuF|W2|y6@Mo1|?0}h1J)X19 z!x0WbHoz4X&eiXu8}e6g2Mz+HN%SP1PmBCu^t84avZDZu!7Yi4V&h(#QL;Y4^x*bB z3ygrLZqNNxOF8!2=ap7VceNc{ZOPa$R#5EJpnmv;>H;Fx50#7(TFSLm#ZK(oEJN`l z?^AN3@Hnv}rmuoM5y4>V9(`nY?cMD`RAW4w=9#%%tn`7X-}ykZ_4Nj-y8wL!Rkcu` zo==>!^6l&2FG7=){OYFjeGPJ^*H69r?4X>Xtq|sr^IqN#tCbZ9xqyN?#;GPQBZkob z^TH;#{fnP-gE>iFLfT(KP0cZ=q9`7#KQz`wyXkvp)X64lax?Jfx8d}yUFvcf75wC2 zy47m_#lPas71?)M*`n`l6z^XNIfZZ)y?q!O<*I^tPwyEsuCyv;{rLVam&I`p7E325 zb|YVEK6N7b4dKFZ%3%)-u;rUGMN|eqRTChdEaB)t;(P8JiJM^B5MDi#ng;;=Hr%WhSH=r6x=lydaLG5^P*Sm)Sn*~=(?l(-f=-jXVl!{GkdR*qY8aP7& z+TE+QL=38uvnbed%e?5JX^2mwc7MrwS7B`wK;8u6OO-BYBpSLVs;zLx&u|0~zt)S) zTUb2we#KHKbO=wIfw+U>B1+&U0NR=YadtGhDZ~(wHF4>#bm_`WFG%wkl7X|+Gdy5> zAk#7wo1VZzY#(jj^tViTVjtb5-9?Xsn;iEG44XvQ0sJwE!tzLDI&BTf<~Ne?{`5>} z;qfv~jrcv}*TA37;xhH43~jYgH-)Rg43;yi@vN5_c%M2_ZZ3l!s{W=Dn#vd@)foqI zRF?~TY#*lnb|6&4R+J)T(e5iZ-0Ebax_^k*$$J1cs|T_D{t2VVfun@Wv99FG*1R^! z*xd`wsQ0X>vGpxA*3*+D_9P@c%lemRwbf{xOB>zFgd&-$9MY1ld6V2o5?LwAhGS-N z7^f7TJ8<_>csDOr1PkMT>)Hg$II5z@x~ABaaG$EqR=`lEpcT-Lyg+ETihPuT z2T;t>qdS||b++>%+v@ba<~#{3L3IY8I+AUUG1Y!jz|Ar=2YrtZz4%Xpw9R5wbiS7! z?un8Jq03vnN_C>CyfPY$ajB?(Qd-UL%jBA{>@s`nIoka#QA3+=j~do42mU~c?{@rg zL$ZPNi=^f#j}(H%rY>N1y5clvf&9u~^n-#T08d%orMA_I1f^o5G! zHS#=qRWK??rx$k)SsUcXW6nH@UqNo1CQ5D<5QPEw%B~|uOmTV%-K)9!q~BF1mgX-) zNy@H0!p(2kM42ZZn1dc5mtooRYqq>-_&hhJJ}#04r-2Jbo~+IJMyULRsuV0Fa;9@d zfaiLelmE~gx=hv2D3M4Nb)|rbwx+)O`fdZa$K_i;;poXGOFv1`-v{xotd!XEiA(Zf zxwz?eBg{W;H<8S#Zj-i~Q9D!jf?Ytx6gOjiQK#ZZYT^h3X=GpMDQlFF6Wj3%SuxJ@ zF8oGE@OaWDx77mFwqaYYnU%8+0$eY~fteUcU|VilSFM8@)W(M#J=GBw7$UST*k`BB z6*an|K~PlcHxHNd(GF2Da#@8pkq?{^yX~B6Vat5Ct%58sX+UR z+#W{fo|CvcU*g%CeW__6GTBzU)l0^6HnM~B-gfNUG2=eWwfObSA4V=>Z9_#0w9eb> z3@Etf^1u~ExjR;P8XL3yod+bPct&X-LB!R}*xV1Ef6D3BX=wThunwE!r<_=rR1a9G zK&xUe&hr#X&c*esS`i(xX?Kd5mu9n;MA4uQ@FZ3m-by#E*PLF^PZoMPBu@>F3w^V1m{o9tFlO zl*8cnQ9>kRFf=sF6pyveb8;sH7e^*nv704gtnZQkiyq;NX5gmAP3wzJKcJ4 zL*}xH?!DQ0p5F2DSNrI^`0Di-g(5&QA#JI)iG%;szMA)A%cC#)&d2(|!QU8tb$N51 zSto>*_+EWlco~ODz@eS{mYsOyvMuxb^`J zC!cjq^j$LWSXKT4+Ztw+aOQ~gW&F*GP}qu2@*6p0KTuTev2)rCTn?Lb(JGK@@Y~Z5 zXdiLPRA^D-pcE0uBz8P~sg(R`*$2@or+|*ApT8Y#i-8htNmJ0CoRjsv5jD?8NR{T= zDXnd*xX|EkAW9BPl^tVAq8SN0;4Kt3jFd=w_5{N0@gj+CgDHt4^Y&WN)O&Bh-vqNJ z4G0tbhwN*qBStR&v@@!jvod1`vEEQl3uId372?`G(}|Hz`R=&CH~{j;tnf zD$);??cb=>MTXrtpdw<1UK`%9V}^DsL}?!9jDPO30C+fkmay+WCf|TI5?qy(9K4IZ z`x$90!IO*mKO?xB35Qodd5aP^E(fXLEl(k2Uv;PPSEDh(!!I;b{X~Js3I^>$B~O>J zNv<AQ~UH@rG=aH4podbPI&{+w7c>M0B`gpo#uI z3NnL1u_aDNPF(jqojy!2UQ;b+V_KB5>utLnuM`g6?oJlr4G6KpM%AJ#)7E!S12FNk zX*3L#G9H4ah4P1BPqhYWMPosCFAHi6XIxT8=a^^LeEL0<&mr)3Gw_~N~Rvphrg*aGR;R5h?}VXLxvh6H2xUVKLdeP8$SO|M~~_sb=X-A zHs=Sz$u@aQqE+F@RviO=YLbYvl{)5Ztg2@Jx`liIG*l@4&oRttO2Gy;%i*x$C^1yg z=>B20DBvr<>eiG8`)COsNPl?7QBLkta@))xO+7{+G}Z)bjHKhoe}d&OPPRV*VwGUb zi2BVGcqM;P8#zH-&vC9p6-5}#1p>uU2xGht}9`}6yh z#LZ8HXCN5ZIP91FekD~4;mL*L^0x!2y<)03*v>Mu&JFYcM|fD~R5r}u_ta9^TA=Jv z*mguMjK!4lSClC|sf8vTO>|S|J^h!FQmQI2vt5b*a{{#)7DL{boIq7-ANPosp8otK)y{ao?+ZhokQXg*x}m3h*@}l+@9VvM_)2k5{x&AvU8U; z7zc+oJh0`NB?Lz$;0=WGI3vq2t0c}a9U&T*o`B#~+FX~wk@Hbdgx;{bYe`J%Jp-|| zU%OSD9(UJQ;AFhP1)Nd;TLZ%0hcqnu@J+ECruaHAAd(NJHmlNf2at4u#j0_RuYz0! zI09>|&u*eOjp4_mOKiIPaI+_R`NV()8ebkNV*$53KxYH~xpa*#zduQB<9i25!N2X# zX~$#C1P#`T&|Uc~S=_V6+(j94iYli#<$ugIvo=JeA<$%QZ%hSil3xQ*0KlN*uXNN{l#cpHaY+{X@5s1T6Dyp;Wm;tUKXS* zU?-jWTa!8$4I*0O6`x-0V{0|Sh9z^}*+71V!8*CODEqU&N;|6#Py+}v%r{357>dqD z!IdQ%%v@&H#o+9joB&Q7lguHQ&LkH!9;Jckym8Y$7lFB(@l_9=8jZf*e_4w4= z*cELQ>DzHXZz!mU8~9skNvZ32wW0Aj(EO(Klh#;f5H$-;nmik)1nStxJvWIf_{qs< z)>M>gP7Pe2?U|SxIY-+Z-42w9F*B^2s9-Y;0 zs2Q?M35fKnue_AFnPM2O=;qmQCFFfPuC8nDdXS!X1vOT7H0MD_B(Dgq_=M>kfg4Ws z)-J0uk`lWdD0f1;3rFI@uHZOw(;`~TNLuKDpCVepT_IL5XHHG0e(>ou$Pde})bU`I zy^I(Xb^$va^`VP0xX~!2v39x`iN{Yt4Lp18N|g@}ke({vV;j+W7`bblz6HDG51q;f z4#lz_22U(=h+%Sj;_px-Es8f$*rPF?YC`?TOk>TCZ|g#&+c(Ql{23s|bK5=3 zhh3{A7_-U-)B&7{t8iBHe%pN<+q>=!Z%b1z^&HsE*YV9!--A9(eEm{%dC)429SGsH z4=V_c3nx1pki3SZjd81inpdmw^NR^g2iGlszLtdP3^hqHQksm@5G9#w& zp>r+2SNBuaTF?P|LMi@Dk#-bbEYp=9@hy9gpbb{02DJKW8dy?gaz_BP9A^V{rZ#$F^wBJuJKLVuhJcslS9eN}+PRMcG zS%o|{IBrKRO<`46xh#Y2=abS0L5buyF>_z&7@J5_zR-?M>+(>c{Gp!()DH@)tmfW7(DQ%=R`jtd%G4jto8tBdn!=vbp%GRZP}U z#&>w3zOFKQ>HS7Fm~3oXSM0|FT=lNIiw5B(PLvKNL?P~SaNkzR&5TYPT+a6@uW7L4 z;vpRR(MJzYqWLReXyFybdhxvKXQ|x{Cam@*v2)CT;J#;f5QgI&Y3i=F3CZS5yJQp& zyesiS9PTk`$X7oSqAPzVCf*f68-BbT}5x*M}jMm_gz#u-5HXRb1siSY;J2%0>1Rn4G^s4(Z^jp0e9SyNt0|q@%y)ql=q1BIb>#oxcU7lnl@{ zB(%wIMf%!4hMq?;q4%qBD5R*!E!uuoX3j$LWe9lX~Kzr`$ZT&0K?c_LW7y+r|XJ z&|R-Vmqj)$juUr0y4^$X5^L`4tKCaq1vfOYh)r{!5=>)*xusrkAm;DOKXPz~>P-r3MJ z<3wCiE7eA)Bmh%E`+UEu40ejztdc94Y1AD;I)+Lhi)-kqfI>>7*jb*!?2y66-kfyK zqu}WJ;BTdv=5G(zs=HZE?C4Rep7oFnWmY2s7FyyTw}qcImRC1}7gwi$15VS>a{)Xz zG&Fj&T}*uPKWRUnYvt`;Iw>)-)eb`qN#l6#$aPZJwrI4ORqQ zZ&R2!h1#7cZFOJw_i6*z?W*UXyI{3S%!x^VEHvt(pw^W4mq|380^@QHLs;`5{ym>W zFta%*Glfu>%hu<_u||yuzRd}^hYxDxC{cf1)lg8Oq-9C;@OyyF{&wwsc3Y(kQ3Dz;D#Cb==5r3oYYtl^~6eW7$ozxXi zH-$#jA5RtN)PU15F%_?A?|9n<~{^>0GpF|^*^O7UVDgn_4 zeAOtN_WhI`<=*zSMuHEe>1++;i+O4*`&XL6h`xWD2mvW2QBmg!AVnfRP@oS{k6K)^ zX)}OJ@WdUhFc#YIqK@+ABTZ-;u}0+%Z=xY;G4G&=HFP6Ui}s4SI<%|v{Bl@e`=l)<{YdC$hbjZ_$VYk%t{1{rVxj@D|BKrWL_#xcUY55%$-f!TFmNyhc z72evS;%sbCCP;`WbfSll84DssOlvL6YqJdUK1eLDt zg9mO$a^f61{VbeZQ5k3!lyd7~l-bkm(a36m zhI&bTkz#}?{IOe_AdE6!d4!qMOOd_KsWT~>so9#{FUp%)V!NaVlIMp}N9j&2sa<*ynZf?vIMZh2D0;9 z3zm22zoxJWNAnPb=0IrwAd6vsj=t8c7F`DY1`FW@s@$O#VepFfJiy?WY`R;4KFG6s ztpB-SyQv|nm$oTmZK$!0$(x&2Qc5Ml`a7taa+Az)so=DhIWYT=YNC&vBQh)n2mhgv z&N=cJ9&3CBMX>Z}&G7$oUuRWGv$ZWJo{#}Vmm@4@kEtk}-%5wj$&j+Ida{n38>w<% z^`naLm(+X0i2zK6dD2ScmVww__(OMiF!Q*=Ljez7%I<1kbdn82@HW||5gLO9 zl9M08?YOqB5O~~#(y28^Bj-W@(pLa^De5zy02sySDg~_}-W~yu4FoN45csT_GhF3Q zM3z+J#$qKRncX|Ued#bp^pPGz4&NaoMijXx{W&rmRjW=+tK#xr)mjU*^A@=&qOhg+ zDN@I83>>N%Uq(2N!cZy%5a|Dr@DdNafSoYz!9ju0*JAHXc{m$OaAyY_(0^{=l z#LL_Y;^##YQ@3gxIC55nu3jt}={K@j_T693Hs7{knf6<&_lPhzycj$%4K`_~I= zTL~^VD|fJJf5J1PXs&5@uOE5m{5Ul7i6c$R8(iRVRs6w@G_E`Y>q)l~f8|z1cUjj&vV3K&piYU1&rCcH+qb<;YZ|sb@+@W z5h)*_@SKe2)vAprYdNMA;FW~e#uw{!2s2V|VD;bQqro?ii?&)YkGKbQqgE1UZXk8M z?h5R1s>^#cl0vY4^JdgM^zI6}evo*d*=-6+hrSrkX`n#gQC{`I{lJXrEz>I*q=tl0 zIg##=Z^82)_l^hQM~0P6*?bnr5E(f(wK0gPaV!m}s5?0*N%#7aKQEnHU0O z`KwWxI28X&vB{L}OvFrbQVg1WSHr|gsNXE^kVnk~I^54sqgVw5H)#ZrBVBlGEq9U! z{W7M&6@i9Nfm%L!up@WPX>73_>j1K+TohlQI+5?ZFaJ(NedFF3NX&0~r4ea1 zWs<*s9l4RywxC9n*p=!$TxTNs67~8I9=M7l8#-Y*=>#hm%NW8a@ugob&rHI7`yavLsxK0NNKEHIqCN!Y&|!1P!^AoTigK`wP**z0Uw7U;F-pr-IWHX+pq|} zMbg^Hv#73+RV(!*N$g8%Q;x0Yx@YdKZQKbt9gyB)NbntZnn~|r-#CBtt%cKgBwMfY)<`j^8V?j>9rZF69JZaZ^h05|@bQZ5?F2HM424-|*!mHG4m906+bXi7Jj!$BRbX;QAONQZ#8I~C0)ll#Ap}sD=ow`EWtOj9-j@}%cami(^!SDYsnN1$d{CbaRYtcsCvh#$TFpegLji5U-Sr*<#C;w_K)Ug5P7}=urr7|zE5IA+BL;e;uHt>(({Gc zjgnIUR;=L-zkn$hIw`DQIL`GcDE;k~V2I9`G;LmKD&=NK4jFG|qCFm_kt{iOHoFD+ z#d1VMaIhOcFCej9X|XV3mM}e`;|vqs*{ed+X=j(m%c|0}dAKj_bA* ze1%hL6UT+)hpVhxXlBpMjao=O-geSHU+7f;sQ}oe1M2-_;kP5C(C4|oP?u06iLfmE zP&r3h-XdNWkCmaFw2_A&hk3!7W~+oPGdvt4iXz%bpWyEqhWutU*3tf$Eu{SJBudzy_PBHZdI*@wmvfOL93*vUH3EU7@L||h zmy?4jPDCXB_@s|Q2~Lvvnp_wbIc+hkW)*SQF;@AsF@2z<5ZBBmp31Perr!`<^0>aw zGZ_5%l{gPeFr)P(@Rv)}tgXDzRxFR4v$^@&N+(y1+;TSdN9_c7I%s`(x)KiHVFi!g zgn0YEv+a{Y7a`=J0!M^WO8_N4l>=&})f+7{h7`XwW=D^*5`itzKMki&z#hZTaX9Nk z*extjmAG_B0j=t#1Frd$n^GFuspTZVVF9<3!g1Vfjow&A~*6=>m$)IQP06~3H#{++tF-&eg7Bc)}+xa_2E8zvN)9PQ|0dCxhr31LpI%vTRBF6!_ zVl_5@^Up=9u#BB7h>AF*znd9XQ=(?%#Yd)V5r#*HH`xxov)a6f<+XfpnuXl}l{!P2 z^1dwM_YWT3x;1Fdvmv~yR{urlx^#dJo0*QJ_7ifx%aX(0fvugd!H_U~Ma=K-G6?!2 z=I!2c7FMSzJF1Pd)sE)B?avYJL6XW{K!naOr$Nj&`DUsMBD|h*bY2A;(~V~Bn||$c z^dt3F5dX@7iR8`Pq~7#NL@yL|P)x;3P}A4~;_Z4xzpiuwZuMc>qTI7pS`z+B zU_M0XiDt+ML}U~U*~|TjcmnuB4(mw;I2=~a7bd?{s2g#>d|4FtYtjgy{=wI>4&=*e zwb~oTknp~C&(T`npq52;f~XX5?oJf7O+kO)V4e>#|O(P8Y6F4#cyk7sx7R9xBvPL&A7Kzkpz??wI5(Z`~Q!6q9&o!_nl z)Y*R2XVA9J;1UJLM)Tvcv%eJ?2}!YIe(0v4yjuM6 z>jLXW`NeW$plro7K~X$AK?PJ}k$PP_@<2w4zV9eri`xt|;Z^~1s5WfV=B-YTXD5|6 z*{6tTOqVsup&JQCjR&yFIb0DDl)D3ayn5znRuI}gEUn2cbj-xHgW((k5xQr;9}v6f z_t-Lk465s(_NmH3>`JZt9c71AvIdvH_pd^ed5g1WWn(~&?Y(XB9OI@kb|*tRV`W11 zBuxw1fr_*P136#vp=qtqq6!E>pIfJbWzyADBn{&He&FlH+V1mwR>eP<={`c<6|gvp z%upEw{h}A?b~Pa7uBf-YR1pn6^quo~ zU#wCZ5Jt1KDMf`yg5`6v0sb}+lPTJFH(7_^R7kSd>F&*H=2$S%h$^ze!x`u?WS&fQ zDvxr)!paPBlG9{CKv9!Lt0hO^p?bgGhwo<7!AW_t>Qa|oZMSA!_rutRE@)bY zhG^IL;CLynB(Z1$jj4wSNFE;h#s{N?S}$OxtS$*B;Ybg?srQ|6h1NR(srNe&&Um;% zO0vJUM#{%4Wga4GTM~hGr%6~{Qw&t+Gy=|rL)6#-n!*W4sJzL|NNIh7kpK%Tqkh1% zYrz#LU&v61+zfR{ZcEQa7k>X&YwzZe((e{7-bQpLTycqW>JI*=TMOHc`9=_wx-Oxg9I#rRiQo6fNOWoH5ezX3dQH$KHHU2`bqb_8Ycm)0K^cREOm-x^>=u|&)WC^vU zl!CgRA0{*3Kc4C@%X<0mJlXGBaeI`_o9h%mcO*WbG-6tMMi_Hiqc6_*(7c6-R5hwt z{E#9vJ7GG<${nwjDm2J2KjgbB_fDrk#H1g$Sy)L$;7Ri)Wq7SG6I!6hfO?cvEw>SZ zTf2C^xY}l+1IDBRsvKLo0O;k&Ce|7SdEX4(k`)rr6!d+vE;_@v8svlU3NJX;aK>Nb zIh$!$mur)48VA_5(YI2+jUMe3M~1#Sr{pznk>IIinkK$KzQg|tW9PBH+`Mm!pyeG# zR|}=I!YqszP01Yn1o>|rqq7=+K8AIbV0*@+*#|Z~|NJ>pnzcrrb|}f$!6D|HUziky zMCD=4?W!9Sw5JT3hH@dY|7y;uR$hzY_kIQOE0(CbvmNf5 zs}Lx$F)~kHqa7c8f838Afm(Q1$JS@H$3a6(l zMZvBG?yu=?MLPyb9N^RIk&#g>Cn@Rj6oi;t-44Y(iOjQ5;cdorD2)leh!AKF+v5ak zc6dD1>H%!-n7YRe7ZU7q=(Eduvmuzz0NXF(1(g%a@@Mrfl-H8)Su^~Z6m@xn4>7NkrK?6BBGq4O@+J3F+dc0Q zCjziQ?Zjfd=dywQ@|9?0s&Kq>!jC#+WGE3FMaVR2EVkGgmxjD{aASR=FuHv{PZprf zh1wEUk8>gP@TyOOBi<|;i5ZRs`U2eB>m0Mln2GNeg@_(lllnY!M^vuE@li7^^7=7tx5EeSKh@+GYa~xd%knL3g5XRxRW!2q_j#&LJjS* zmZcwHNb78k#{rEa(^M{tkHWj0)o1py?`F=a9Q-mt;G5VLhip$|@Mz83FYBV+kgH)S z=Ic=>^A0ox*KljV`POvUuH?TXcP_PduZ$}sE&t1- z<==cVAtZZ-1ysvje!RF|$WHI~aw>G$LX)cLHpOo*i^Nr4U3;!Xxc#ONXwCjn+g(!8 zFT8F-tlc^ZaZclK-v%fga5=O3thC>+>2-XwE+YD|L#&7~Z<;P@9f4*JPyIK`W%O#S z>*Q^-XRrx2BHjyj06jy|C{f3{OCeS5q{Z|FR1vU*IBSN+YP?v*onkhtjwT+uL&_nN zfnqaAW0k6e0P+`-T{LOTdcCu`vwuc|DCLKF0uA6AT4~&RBB1cd4ZQ}gQS2~A^{M4 zS{qnbL{O=}``&q(&44bY&wcmrx6aEV<|j|%(?>R5MQ~0wWqxwh8$B1r%$+u5J5#?m zdvYZ7Zf+^Wzd2)vEFx3BLyr;OA=`LUudK{gx;{VGO`(4`HI%MAaw#N_@#jE0D9|k= zXltz&(s6A~GX5NFtYw=6ap`m!2rV8|?Bh_b)kRoYltx11G**_05$WP<^jOV{>)+i- z)PaxAmiMzEBHp>RA@{;SJe@En+MPlPGMon?aTD1y<|%8?J)z{4Qndv1JLV}d8X`dz z%i-{|aAWY;yjgo84z1F(Nm3g_uTx&=J3QUNG^g8BGVL{mQU z68rycVw`#)rAr;_S`t^PcIG4SeCGSMayNyO9wUG!p_SVG;CIVnEwc>y4{D-zfxz}3 z{kk|BZWx@3Dp|`Z?{Op^9gu?*$&~~#WpgIn#eAS=1M2m!zmpGG8k_*;ibm+>l7gfi8|B_;=R5y^vA=eEw(35 z_D|A9+Xk>A{mAg=fr=A!;n*8X;m{QE`Juig=RVmim8`;!>8j7@R8#Igx7=m79z$u! zqN$=@0Fo^f=5-9uqqlH(D7ie*iuFFzgM6g~Yfn;l=O0dWdZR-H3<$zI7K<__P-ARg zBdGF2U9!})$)cU%@}f@Q#OZSa58x<_wmONQ)?bOiF$Ihs8&i{ZfQ`;eeP>uTVKk6Z zAjyu6&z|(`ws;moE-V3sCpJA`5-UQsvMCf&VEBN2@Q;GAZchOt(@XC0>|AO7$l}ve z=SvK~DvZL=dwzsuM%5Ox?E|O7V3;Z_AFw=kc!@lb^RL*MoU-<;i^vIf)%xhg9!lU+ zOsgx?a53PRrJvLlj$*?s^##-hY)(tnTq1N}4>bt!28F%(<6H^0w?8CbeFyUhidwhW zyef`k0JyG(IDt!#CcIH@e$9{7xFh~1$PQHiR;YoIATFwG@*k=TXXvoI`K>|4fD2#S zV*}uV$S|_2Ts*r)jil=CQSs`&YBVO?t8b|{F`?6tQQm?lbSMSgD7H>5sIXQ9mxJNf zJgQzIwuE6FP7klb;`rxTw#iZnhoQZj7mp*x-bk94C)ss)5^RCRYk``6{F{xsHWIY{ zFxWPKa>Bd3?7^(&0eCQ(tg0>2nw*bc9qKDAFSeJyu04u8soMI|tN+(RRawL7uGMmp z5A`Kcp&m-O2Uw^vxtAbrI64gyWN6E#+LBO}%7Jv99on6_o9S$Xax%W;?h*7Ni?3mmEb2! z$^ldMhabB_yLbfB2Ga@@K3t8987RyMhR(*VP%E`8fB?CbCR9!Zd8#whoBM*7GAYzxyWi+@5Z`l51$-!~ag>LHIx8bP|?hI8f>}LQ90UUIeck%#t z9dF6{GHfeFx0uy>^0A+Iu8lUf`q*J+QAfk*J^!7SYaBEGy@d9SVt73*mZQ*~m|5Aa z$8X1?E4Vntx#7@3-)f`G({m5i64o+};_0qL$$^rka9&{|@-qw^q^fcg=2IWU7>>6+ zp%&Qxw~TeP>y`fiPEF)_h`QLI3}3pY1wLttsg$v}l0FVEtR-!i!Rm0L3^d08{|SjT z@NbvJ0LedZDL&@m8Is#9j$S<*uLpj4e`B$dPyz7w!N_bR#M!_w=MvQbOOT~jqHvgD z+I^g#uiNjFvfjnT#trqo9dyWC-c`D4I7v=ItUHhwk0Bkfvb7QG*csNXd!y&W+#$&h z$Q=)MXy(lio{Cib@KMH78B zf>ux@pSenkW9W*}{XF6dG(@FuxHGx~Jq!iyLAPr0y8<9V;-uZg6^-oFki?Q&NeP}-5i$OyKVer`|M?-)8UoO;y0NBOqR zL4}I66M$i%fjcuk+fdH$frVrMRP~1HDo?%Gd*eEP*-1)0YFb= zT%USic4EIEJpD0Tu(V`=cmflP#Fj9T`fYkG9E5Tj0oP>p_UR^$Y7;PEZ~J-&a_o#d zIzD$r63fKO8~1qML7z$G1AVqn4%ENPA&-e`=ptlj|0YByTcHV(bNIn6Kx?s4$wn>l zD{=AhTWzPDp>)LEKGu7sc9=@x1yeGMHKKy%2Cwi&2JyeBjMK!Cc zTi8eA*v3+oRkp~B8JV;0^H38rLJd8l))HqQ0xsQ6j@wZ;aM=7VZJEp!baRqh$IhoJ z?A}4MfSr{uh2{F?SzyPx5#Fr}P!tj{I<8s=gOaY+?~)ke94`luCmeDj3U?maA%(V= z_MjXkqCh~V*S6H}mIyBBfN!m(?Ucn&H@R7lnzt~XoNb%P_dolN7Os|_R{7s8uGjXQ zKqIz(K01*;+s*ps6T6^HwO=C`BtdK+`n8M6+Id^^y$v*Dt8ex5O|OL9yGrqjv8EEr z$`A1VwaGJWfF1TWV`^IpkbkpQEE-rq_2JkeHSwjz1+fH7=A7x!ji{gaAR2Z+fTy~C z4kynpkEb$~l{Mx%Oc3(>$ic@;_GNQBxrY&_F;2)_wwtUzXPHqQlsb2Y7uzyWPhI(T zNjIw~yC$|&Q(B*k+{LZL1y-8L*a9(?x3NInkm7wSFMs;8w21T%2a8~Roz6RfPMU?< z^@&1d$9bp2IS>X@gROe6EcBFB;X5^#GO;-{^}r$Rjy}j^`_u)hgI_^brH_& zONMh#N&mBneferez*teeP?loVk-E@MeEdQ3mcJA_nHA&FQLFOAaO5VtC`@HHI__sz z=*OhwFFuO-)52U!RKy#Y?q}wFmY7AzS|E=4N8zj|q2nO?$aS=;MBHNHcjvwxAwdZe1Q9;H#!DG8-Bsb%yN7m-- zO#H2h7N8-CB0y>4Fpmsc#2P$WZo)Can`FnSt?zvdSHN*BQMC|rG$zoB_Z%wMTDLHX z|Gua>IT-gIdTy2$?%37UZIwIaGG-T(p+*dw{{R-`+WD)UG65cmKE54ITfcXwwqnutc5VJ9M`@-A`wNShy~3fjGqfOparIh6tF-O4qo z4s3uYAwf&U)cA{_qPJv5W)Jkre+FCr!+a0>jg4W(KD;4T0{UM8cm#+0tvyfulBCt> z*LE+0)PnwnHuA)BcTtTp_$e}ITNfwKimMcnK`2GpXu<reQ5OQDAT#}d3yl0CyEYBq*sP3ffW>k1NqM)XbhQIR@5|y?Ov^u-slYEUO?ia9 z?%~@bAheE9{gSj(jXu-?ejT{tWbuRz6S&{eNk9@v(MNwbzN7Q;*3{7L7c*ArL%%Hp z+7yYwgC2cQAmQO8*y#1qf&XGLLmnYrj-qRSa{ax6aGQ+O_J&YAapcJO8q1`B416AF$83+$3HzNp==-eJl0D| z93SVhb+fm@$;E*Bi_%yYp6RT86fjo(y3%c>wQqfAk@?Un8ujFp%CS3rT@}Vw@LD|N zs@5y5HsxHAuM+RuW(PdhME-MOpZ6@}Bls}TG=e=Z#ldC3*QZ@z!Yb&E>!`U_@`ncT`FoTXN|dzYc&Ho4fg>d8sk zo3a(%z_yFfkmg0qyn~BSTL<_M#e|cfmQOJL?#kj-z80@YVP``@ZedaE zu;Of09sdhk8UA1}`dcP`7n$70=3%FFK*UVy()~-(AMNXV_dDurTQ85k<_`NkxW#kc zNFEbs;sCApi5S3(*5*N2W>AOVbwo0aV{>U%jmUXmpD2+l!7&=CEQo29~SB9JxILFD1iUeefsDp5ysRyoW7SIBAT5 zrE16k9m%I=qN54@MLrp*=!m4cBPe~}2bZc&gmugr#0%eEfF1(F-E;W0Qo0-EQ+nG{ zt?)Uw2AiSQq5RFh8{T=}1ISL!^jt0$$0edJfs3;V$ig+lOW_k! vi1S^hN50RPpaq-6r5y#fZziFPupp{J}?c70ssI200CKAsf{v0 diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index 7ff4e619e..d408c5bda 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -1,46 +1,31 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=frontend ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=apache - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ apache2 \ curl \ libapache2-mod-php \ + ca-certificates \ mysql-client \ php7.2-bcmath \ php7.2-gd \ @@ -49,26 +34,42 @@ RUN set -eux && \ php7.2-mbstring \ php7.2-mysql \ php7.2-xml && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + rm -f /etc/apache2/sites-available/* && \ + /usr/sbin/a2enmod ssl && \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "/etc/apache2/apache2.conf" && \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "/etc/apache2/conf-available/other-vhosts-access-log.conf" && \ + sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf && \ + sed -i 's/Listen 443/Listen 8443/g' /etc/apache2/ports.conf && \ + sed -i 's|/var/run/apache2$SUFFIX|/tmp|g' /etc/apache2/envvars && \ + rm -f /var/run/apache2/apache2.pid && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG MAJOR_VERSION=3.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.30 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ gettext \ - ca-certificates \ - git && \ + git \ + locales && \ cd /usr/share/ && \ git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ @@ -78,6 +79,8 @@ RUN set -eux && \ rm -f conf/zabbix.conf.php && \ rm -rf tests && \ ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ./locale/make_mo.sh && \ mkdir -p /var/lib/locales/supported.d/ && \ rm -f /var/lib/locales/supported.d/local && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ @@ -86,23 +89,30 @@ RUN set -eux && \ dpkg-reconfigure locales && \ find /usr/share/zabbix/locale -name '*.po' | xargs rm -f && \ find /usr/share/zabbix/locale -name '*.sh' | xargs rm -f && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.2/ && \ + chgrp -R 0 /etc/apache2/ /etc/php/7.2/ && \ + chmod -R g=u /etc/apache2/ /etc/php/7.2/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ - git && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + git \ + locales && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -EXPOSE 80/TCP 443/TCP - +EXPOSE 8080/TCP 8443/TCP + WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/apache2"] -COPY ["conf/etc/zabbix/apache.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/apache_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini", "/etc/php/7.2/apache2/conf.d/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] + +CMD ["source", "/etc/apache2/envvars", "&&", "/usr/sbin/apache2ctl", "-D", "FOREGROUND"] diff --git a/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini b/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini index b5356c3da..be93bd73a 100644 --- a/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini +++ b/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini @@ -6,4 +6,4 @@ max_input_time=300 always_populate_raw_post_date=-1 max_input_vars=10000 ; date.timezone=Europe/Riga -session.save_path=/var/lib/php/sessions +;session.save_path=/var/lib/php/session diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf index 2a5aedc30..36def0c29 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf @@ -1,4 +1,4 @@ - + DocumentRoot /usr/share/zabbix/ ServerName zabbix DirectoryIndex index.php diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf index 798c982dc..d18d08fde 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf @@ -3,7 +3,7 @@ LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so - + SSLEngine on DocumentRoot /usr/share/zabbix/ diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index a31f26a2a..181e85753 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,22 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} +: ${ZBX_SERVER_NAME:="Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} +: ${ZBX_SERVER_PORT:="10051"} # Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${PHP_TZ:="Europe/Riga"} # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" # Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" +ZABBIX_WWW_ROOT="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,90 +57,8 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - prepare_system() { - local type=$1 - local web_server=$2 - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} } escape_spec_char() { @@ -216,37 +122,15 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - # Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} +check_variables() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" exit 1 @@ -266,45 +150,15 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -316,7 +170,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -329,582 +182,46 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi +prepare_web_server() { + APACHE_SITES_DIR="/etc/apache2/sites-available" echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTP virtual host" fi - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - echo "** Adding Zabbix virtual host (HTTPS)" if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTPS virtual host" fi else echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi } clear_deploy() { - local type=$1 echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases } -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" + PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" # Escaping characters in parameter value server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") @@ -922,223 +239,36 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type } prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Apache) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +elif [ -f "/usr/sbin/httpd" ]; then + echo "** Executing HTTPD" + exec /usr/sbin/httpd -D FOREGROUND else echo "Unknown instructions. Exiting..." exit 1