From 2e96b91275940cdbcaf4d456fcd085df3baebb1e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 16 Jan 2025 13:53:02 +0900 Subject: [PATCH] Added OpenSSL package to server and sqlite3 images. Required to perform rehash of added CA certificates --- Dockerfiles/proxy-mysql/alpine/Dockerfile | 1 + Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/centos/Dockerfile | 1 + Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/ol/Dockerfile | 1 + Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh | 5 +++++ Dockerfiles/proxy-mysql/rhel/Dockerfile | 1 + Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/ubuntu/Dockerfile | 1 + Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/alpine/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/centos/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/ol/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/rhel/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/alpine/Dockerfile | 1 + Dockerfiles/server-mysql/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/centos/Dockerfile | 1 + Dockerfiles/server-mysql/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/ol/Dockerfile | 1 + Dockerfiles/server-mysql/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/rhel/Dockerfile | 1 + Dockerfiles/server-mysql/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/ubuntu/Dockerfile | 1 + Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/alpine/Dockerfile | 1 + Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/centos/Dockerfile | 1 + Dockerfiles/server-pgsql/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/ol/Dockerfile | 1 + Dockerfiles/server-pgsql/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/rhel/Dockerfile | 1 + Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/ubuntu/Dockerfile | 1 + Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh | 2 ++ compose_zabbix_components.yaml | 6 ++++++ 41 files changed, 69 insertions(+) diff --git a/Dockerfiles/proxy-mysql/alpine/Dockerfile b/Dockerfiles/proxy-mysql/alpine/Dockerfile index 22e6dbc2a..002594628 100644 --- a/Dockerfiles/proxy-mysql/alpine/Dockerfile +++ b/Dockerfiles/proxy-mysql/alpine/Dockerfile @@ -44,6 +44,7 @@ RUN set -eux && \ traceroute \ nmap \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh index 33618dab1..8dcf7faf8 100755 --- a/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh @@ -513,6 +513,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/centos/Dockerfile b/Dockerfiles/proxy-mysql/centos/Dockerfile index d497e5d74..2328d8d91 100644 --- a/Dockerfiles/proxy-mysql/centos/Dockerfile +++ b/Dockerfiles/proxy-mysql/centos/Dockerfile @@ -55,6 +55,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ shadow-utils \ diff --git a/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh index 7eefa6e3a..195e495df 100755 --- a/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh @@ -510,6 +510,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/ol/Dockerfile b/Dockerfiles/proxy-mysql/ol/Dockerfile index 286484e6e..41e998d5e 100644 --- a/Dockerfiles/proxy-mysql/ol/Dockerfile +++ b/Dockerfiles/proxy-mysql/ol/Dockerfile @@ -55,6 +55,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ zlib \ diff --git a/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh index 7eefa6e3a..5c4222940 100755 --- a/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh @@ -510,6 +510,11 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}" + update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}" + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/rhel/Dockerfile b/Dockerfiles/proxy-mysql/rhel/Dockerfile index 29160fe7f..c53abc29d 100644 --- a/Dockerfiles/proxy-mysql/rhel/Dockerfile +++ b/Dockerfiles/proxy-mysql/rhel/Dockerfile @@ -70,6 +70,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ libcurl-minimal \ libevent \ openldap \ + openssl \ libssh \ libxml2 \ mysql \ diff --git a/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh index 7eefa6e3a..195e495df 100755 --- a/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh @@ -510,6 +510,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile index 36e8d6ee5..55ff03a40 100644 --- a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile @@ -48,6 +48,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ nmap \ ca-certificates \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh index 7eefa6e3a..195e495df 100755 --- a/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -510,6 +510,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile index 3dae3c71e..9dc8f9a60 100644 --- a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile @@ -44,6 +44,7 @@ RUN set -eux && \ nmap \ fping \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh index 59bf825d9..140c164cd 100755 --- a/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -260,6 +260,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/centos/Dockerfile b/Dockerfiles/proxy-sqlite3/centos/Dockerfile index 39e41d03e..c282b609f 100644 --- a/Dockerfiles/proxy-sqlite3/centos/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/centos/Dockerfile @@ -51,6 +51,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ shadow-utils \ diff --git a/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh index 59bf825d9..140c164cd 100755 --- a/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh @@ -260,6 +260,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/ol/Dockerfile b/Dockerfiles/proxy-sqlite3/ol/Dockerfile index 1dc62110a..168563eab 100644 --- a/Dockerfiles/proxy-sqlite3/ol/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ol/Dockerfile @@ -52,6 +52,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ zlib \ diff --git a/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh index 59bf825d9..140c164cd 100755 --- a/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh @@ -260,6 +260,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile index 6d6d5cf74..8264a8ff5 100644 --- a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile @@ -69,6 +69,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ libcurl-minimal \ libevent \ openldap \ + openssl \ libssh \ libxml2 \ net-snmp-agent-libs \ diff --git a/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh index 59bf825d9..140c164cd 100755 --- a/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh @@ -260,6 +260,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile index ee1ef35ee..de2ad797d 100644 --- a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile @@ -47,6 +47,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ nmap \ ca-certificates \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh index 59bf825d9..140c164cd 100755 --- a/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -260,6 +260,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/alpine/Dockerfile b/Dockerfiles/server-mysql/alpine/Dockerfile index d9a04935d..c11a70ea3 100644 --- a/Dockerfiles/server-mysql/alpine/Dockerfile +++ b/Dockerfiles/server-mysql/alpine/Dockerfile @@ -45,6 +45,7 @@ RUN set -eux && \ nmap \ tzdata \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh b/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh index 685d27be9..21b60d29f 100755 --- a/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh @@ -562,6 +562,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/centos/Dockerfile b/Dockerfiles/server-mysql/centos/Dockerfile index b1b242642..d92f1cbc9 100644 --- a/Dockerfiles/server-mysql/centos/Dockerfile +++ b/Dockerfiles/server-mysql/centos/Dockerfile @@ -59,6 +59,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ shadow-utils \ diff --git a/Dockerfiles/server-mysql/centos/docker-entrypoint.sh b/Dockerfiles/server-mysql/centos/docker-entrypoint.sh index b409005f3..b0dc153e3 100755 --- a/Dockerfiles/server-mysql/centos/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/centos/docker-entrypoint.sh @@ -559,6 +559,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/ol/Dockerfile b/Dockerfiles/server-mysql/ol/Dockerfile index 257b6f8a1..d5c17ffac 100644 --- a/Dockerfiles/server-mysql/ol/Dockerfile +++ b/Dockerfiles/server-mysql/ol/Dockerfile @@ -58,6 +58,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ zlib \ diff --git a/Dockerfiles/server-mysql/ol/docker-entrypoint.sh b/Dockerfiles/server-mysql/ol/docker-entrypoint.sh index b409005f3..b0dc153e3 100755 --- a/Dockerfiles/server-mysql/ol/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/ol/docker-entrypoint.sh @@ -559,6 +559,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/rhel/Dockerfile b/Dockerfiles/server-mysql/rhel/Dockerfile index 4bcdd8732..cf7db5b1f 100644 --- a/Dockerfiles/server-mysql/rhel/Dockerfile +++ b/Dockerfiles/server-mysql/rhel/Dockerfile @@ -68,6 +68,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ shadow-utils \ iputils \ hostname \ + openssl \ libssh \ libpsl \ libbrotli \ diff --git a/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh b/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh index b409005f3..b0dc153e3 100755 --- a/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh @@ -559,6 +559,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/ubuntu/Dockerfile b/Dockerfiles/server-mysql/ubuntu/Dockerfile index 77528cabd..47c43c635 100644 --- a/Dockerfiles/server-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/server-mysql/ubuntu/Dockerfile @@ -50,6 +50,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ iputils-ping \ traceroute \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh b/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh index b409005f3..b0dc153e3 100755 --- a/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh @@ -559,6 +559,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/alpine/Dockerfile b/Dockerfiles/server-pgsql/alpine/Dockerfile index 931c9be7a..90b2bb3e0 100644 --- a/Dockerfiles/server-pgsql/alpine/Dockerfile +++ b/Dockerfiles/server-pgsql/alpine/Dockerfile @@ -45,6 +45,7 @@ RUN set -eux && \ fping \ tzdata \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh b/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh index 5038f485d..c13b56593 100755 --- a/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh @@ -588,6 +588,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/centos/Dockerfile b/Dockerfiles/server-pgsql/centos/Dockerfile index d066ffaed..78a7b3ae1 100644 --- a/Dockerfiles/server-pgsql/centos/Dockerfile +++ b/Dockerfiles/server-pgsql/centos/Dockerfile @@ -57,6 +57,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ postgresql \ diff --git a/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh b/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh index 5038f485d..c13b56593 100755 --- a/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh @@ -588,6 +588,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/ol/Dockerfile b/Dockerfiles/server-pgsql/ol/Dockerfile index 957e74b79..a2b7b82bc 100644 --- a/Dockerfiles/server-pgsql/ol/Dockerfile +++ b/Dockerfiles/server-pgsql/ol/Dockerfile @@ -56,6 +56,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ postgresql \ diff --git a/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh b/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh index 5038f485d..c13b56593 100755 --- a/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh @@ -588,6 +588,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/rhel/Dockerfile b/Dockerfiles/server-pgsql/rhel/Dockerfile index 3f5df46f2..113a9f6ba 100644 --- a/Dockerfiles/server-pgsql/rhel/Dockerfile +++ b/Dockerfiles/server-pgsql/rhel/Dockerfile @@ -67,6 +67,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ shadow-utils \ iputils \ hostname \ + openssl \ libssh \ libpsl \ libbrotli \ diff --git a/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh b/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh index aa20d0cca..ede8d5442 100755 --- a/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh @@ -594,6 +594,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/ubuntu/Dockerfile b/Dockerfiles/server-pgsql/ubuntu/Dockerfile index 0cc8c5ec2..f6438d932 100644 --- a/Dockerfiles/server-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/server-pgsql/ubuntu/Dockerfile @@ -50,6 +50,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ iputils-ping \ traceroute \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh b/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh index 5038f485d..c13b56593 100755 --- a/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh @@ -588,6 +588,8 @@ update_zbx_config() { else update_config_var $ZBX_CONFIG "AllowRoot" "1" fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" 1>/dev/null } clear_zbx_env() { diff --git a/compose_zabbix_components.yaml b/compose_zabbix_components.yaml index 7727d1752..20cd0ad9d 100644 --- a/compose_zabbix_components.yaml +++ b/compose_zabbix_components.yaml @@ -17,6 +17,9 @@ services: - ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ${DATA_DIRECTORY}/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/certs:/var/lib/zabbix/ssl/certs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/keys:/var/lib/zabbix/ssl/keys:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/ssl_ca:/var/lib/zabbix/ssl/ssl_ca:rw - snmptraps:/var/lib/zabbix/snmptraps:roz tmpfs: /tmp ulimits: @@ -168,6 +171,9 @@ services: - ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ${DATA_DIRECTORY}/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/certs:/var/lib/zabbix/ssl/certs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/keys:/var/lib/zabbix/ssl/keys:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/ssl_ca:/var/lib/zabbix/ssl/ssl_ca:rw - snmptraps:/var/lib/zabbix/snmptraps:ro tmpfs: /tmp ulimits: