From 6bf717a4fa7d8d5590f0863f27ef9ed9a4175a2f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 13 May 2020 00:41:26 +0300 Subject: [PATCH 001/253] PSK config --- proxy-sqlite3/alpine/docker-entrypoint.sh | 3 +++ proxy-sqlite3/centos/docker-entrypoint.sh | 3 +++ 2 files changed, 6 insertions(+) diff --git a/proxy-sqlite3/alpine/docker-entrypoint.sh b/proxy-sqlite3/alpine/docker-entrypoint.sh index 1f9ad7586..16190efcb 100755 --- a/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -219,6 +219,9 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_CONFIG "User" "$(whoami)" else diff --git a/proxy-sqlite3/centos/docker-entrypoint.sh b/proxy-sqlite3/centos/docker-entrypoint.sh index 1f9ad7586..16190efcb 100755 --- a/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/proxy-sqlite3/centos/docker-entrypoint.sh @@ -219,6 +219,9 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_CONFIG "User" "$(whoami)" else From 06e0def526bd9728d86acc597b31a54ef3f2f62e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 28 May 2020 17:43:49 +0300 Subject: [PATCH 002/253] Fix encryption for agent2 image --- agent2/alpine/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 3a3d1c5a6..c376f8a5d 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -48,6 +48,7 @@ RUN set -eux && \ make \ git \ pcre-dev \ + openssl-dev \ zlib-dev \ coreutils && \ cd /tmp/ && \ @@ -64,8 +65,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ + --with-openssl \ --enable-ipv6 \ - --enable-static \ --enable-agent2 \ --enable-agent \ --silent && \ From 489e3e10e57fe43cdd61c1b982188adce7b02074 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 22 Jun 2020 16:32:32 +0300 Subject: [PATCH 003/253] Removed timezone mount for Ubuntu dockercompose files --- docker-compose_v3_ubuntu_pgsql_latest.yaml | 6 ------ docker-compose_v3_ubuntu_pgsql_local.yaml | 6 ------ 2 files changed, 12 deletions(-) diff --git a/docker-compose_v3_ubuntu_pgsql_latest.yaml b/docker-compose_v3_ubuntu_pgsql_latest.yaml index 15534cf60..67c7bef3a 100644 --- a/docker-compose_v3_ubuntu_pgsql_latest.yaml +++ b/docker-compose_v3_ubuntu_pgsql_latest.yaml @@ -6,7 +6,6 @@ services: - "10051:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw @@ -73,7 +72,6 @@ services: - "10061:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -123,7 +121,6 @@ services: - "10071:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -183,7 +180,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro @@ -240,7 +236,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro @@ -293,7 +288,6 @@ services: - "10050:10050" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index bca8daf85..3f74ad745 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -10,7 +10,6 @@ services: - "10051:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw @@ -81,7 +80,6 @@ services: - "10061:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -135,7 +133,6 @@ services: - "10071:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -199,7 +196,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro @@ -260,7 +256,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro @@ -317,7 +312,6 @@ services: - "10050:10050" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro From e99ce25b46abc6e8d8bbc9fa4e953f531819f627 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 23 Jun 2020 15:24:49 +0300 Subject: [PATCH 004/253] Added DOUBLE_IEEE754 varaiable --- web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-apache-mysql/alpine/docker-entrypoint.sh | 1 + web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-apache-mysql/centos/docker-entrypoint.sh | 1 + web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-apache-mysql/ubuntu/docker-entrypoint.sh | 1 + web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-apache-pgsql/alpine/docker-entrypoint.sh | 1 + web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-apache-pgsql/centos/docker-entrypoint.sh | 1 + web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 1 + web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-nginx-mysql/alpine/docker-entrypoint.sh | 1 + web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-nginx-mysql/centos/docker-entrypoint.sh | 1 + web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 1 + web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-nginx-pgsql/alpine/docker-entrypoint.sh | 1 + web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-nginx-pgsql/centos/docker-entrypoint.sh | 1 + web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 2 +- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 1 + 24 files changed, 24 insertions(+), 12 deletions(-) diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 326200409..29f041457 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index d8dab5d47..f7499235e 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -252,6 +252,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index 326200409..29f041457 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index a95e092e8..b817433e9 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -252,6 +252,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 326200409..29f041457 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index c9f21c9c6..f2a07403c 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -245,6 +245,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index f351642a7..a964548fa 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-apache-pgsql/alpine/docker-entrypoint.sh b/web-apache-pgsql/alpine/docker-entrypoint.sh index 42b0fdc30..efe64cf40 100755 --- a/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -251,6 +251,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index f351642a7..a964548fa 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-apache-pgsql/centos/docker-entrypoint.sh b/web-apache-pgsql/centos/docker-entrypoint.sh index 29ecc69a4..5cd77aeec 100755 --- a/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/web-apache-pgsql/centos/docker-entrypoint.sh @@ -254,6 +254,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index f351642a7..a964548fa 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index b5dc7f697..2e7490d5c 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -256,6 +256,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 326200409..29f041457 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index c84d1e78c..f8717440a 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -280,6 +280,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index 326200409..29f041457 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index 1476f75e3..6eb0ac402 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -280,6 +280,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 326200409..29f041457 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index a00ecbd05..39b9b902c 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -272,6 +272,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index f351642a7..a964548fa 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index f19affd65..4c159808c 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -281,6 +281,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index f351642a7..a964548fa 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index af071f410..5ffd5a008 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -281,6 +281,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index f351642a7..a964548fa 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -27,7 +27,7 @@ $DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. -$DB['DOUBLE_IEEE754'] = true; +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 491cbdfe5..2d31a16cd 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -277,6 +277,7 @@ prepare_zbx_web_config() { -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" From 293d2192ef9a47a4243f13c0828f83c0fed09d5c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 23 Jun 2020 16:28:09 +0300 Subject: [PATCH 005/253] Added masking for secure params --- agent2/alpine/docker-entrypoint.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/agent2/alpine/docker-entrypoint.sh b/agent2/alpine/docker-entrypoint.sh index 43b5e09f5..45aa51a94 100755 --- a/agent2/alpine/docker-entrypoint.sh +++ b/agent2/alpine/docker-entrypoint.sh @@ -44,12 +44,18 @@ update_config_var() { local var_value=$3 local is_multiple=$4 + local masklist=("TLSPSKIdentity") + if [ ! -f "$config_path" ]; then echo "**** Configuration file '$config_path' does not exist" return fi - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi # Remove configuration parameter definition in case of unset parameter value if [ -z "$var_value" ]; then From ea8832cf3a505b37618e6a4d7761206f774d65cb Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 9 Jul 2020 01:09:33 +0300 Subject: [PATCH 006/253] Changed php-fpm config argument from -c to -y. Removed appliances for Alpine, Ubuntu, CentOS --- .../supervisor/conf.d/supervisord_zabbix.conf | 2 +- .../supervisor/conf.d/supervisord_zabbix.conf | 2 +- zabbix-appliance/alpine/.dockerignore | 1 - zabbix-appliance/alpine/Dockerfile | 198 --- zabbix-appliance/alpine/README.md | 258 ---- zabbix-appliance/alpine/build.sh | 1 - .../alpine/conf/etc/nginx/nginx.conf | 64 - .../alpine/conf/etc/php7/conf.d/99-zabbix.ini | 9 - .../alpine/conf/etc/php7/php-fpm.conf | 537 -------- .../conf.d/supervisord_java_gateway.conf | 17 - .../supervisor/conf.d/supervisord_mysql.conf | 14 - .../supervisor/conf.d/supervisord_server.conf | 18 - .../conf.d/supervisord_web_nginx.conf | 30 - .../conf/etc/supervisor/supervisord.conf | 35 - .../alpine/conf/etc/zabbix/nginx.conf | 74 - .../alpine/conf/etc/zabbix/nginx_ssl.conf | 98 -- .../conf/etc/zabbix/web/zabbix.conf.php | 24 - .../zabbix/zabbix_java_gateway_logback.xml | 15 - .../alpine/conf/usr/sbin/zabbix_java_gateway | 27 - zabbix-appliance/alpine/docker-entrypoint.sh | 1187 ----------------- zabbix-appliance/centos/.dockerignore | 1 - zabbix-appliance/centos/Dockerfile | 199 --- zabbix-appliance/centos/README.md | 258 ---- zabbix-appliance/centos/build.sh | 1 - .../centos/conf/etc/nginx/nginx.conf | 64 - zabbix-appliance/centos/conf/etc/php-fpm.conf | 537 -------- .../centos/conf/etc/php.d/99-zabbix.ini | 9 - .../conf.d/supervisord_java_gateway.conf | 17 - .../supervisor/conf.d/supervisord_mysql.conf | 14 - .../supervisor/conf.d/supervisord_server.conf | 18 - .../conf.d/supervisord_web_nginx.conf | 30 - .../conf/etc/supervisor/supervisord.conf | 35 - .../centos/conf/etc/zabbix/nginx.conf | 74 - .../centos/conf/etc/zabbix/nginx_ssl.conf | 98 -- .../conf/etc/zabbix/web/zabbix.conf.php | 24 - .../zabbix/zabbix_java_gateway_logback.xml | 15 - .../centos/conf/usr/sbin/zabbix_java_gateway | 27 - zabbix-appliance/centos/docker-entrypoint.sh | 1187 ----------------- .../conf.d/supervisord_web_nginx.conf | 2 +- zabbix-appliance/ubuntu/.dockerignore | 1 - zabbix-appliance/ubuntu/Dockerfile | 233 ---- zabbix-appliance/ubuntu/README.md | 258 ---- zabbix-appliance/ubuntu/build.sh | 1 - .../ubuntu/conf/etc/nginx/nginx.conf | 64 - .../conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini | 9 - .../conf.d/supervisord_java_gateway.conf | 17 - .../supervisor/conf.d/supervisord_mysql.conf | 14 - .../supervisor/conf.d/supervisord_server.conf | 18 - .../conf.d/supervisord_web_nginx.conf | 30 - .../conf/etc/supervisor/supervisord.conf | 35 - .../ubuntu/conf/etc/zabbix/nginx.conf | 74 - .../ubuntu/conf/etc/zabbix/nginx_ssl.conf | 98 -- .../conf/etc/zabbix/web/zabbix.conf.php | 24 - .../zabbix/zabbix_java_gateway_logback.xml | 15 - .../ubuntu/conf/usr/sbin/zabbix_java_gateway | 27 - zabbix-appliance/ubuntu/docker-entrypoint.sh | 1187 ----------------- 56 files changed, 3 insertions(+), 7323 deletions(-) delete mode 100644 zabbix-appliance/alpine/.dockerignore delete mode 100644 zabbix-appliance/alpine/Dockerfile delete mode 100644 zabbix-appliance/alpine/README.md delete mode 120000 zabbix-appliance/alpine/build.sh delete mode 100644 zabbix-appliance/alpine/conf/etc/nginx/nginx.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/php7/conf.d/99-zabbix.ini delete mode 100644 zabbix-appliance/alpine/conf/etc/php7/php-fpm.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_mysql.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_server.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/supervisor/supervisord.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/zabbix/nginx.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/zabbix/nginx_ssl.conf delete mode 100644 zabbix-appliance/alpine/conf/etc/zabbix/web/zabbix.conf.php delete mode 100644 zabbix-appliance/alpine/conf/etc/zabbix/zabbix_java_gateway_logback.xml delete mode 100755 zabbix-appliance/alpine/conf/usr/sbin/zabbix_java_gateway delete mode 100755 zabbix-appliance/alpine/docker-entrypoint.sh delete mode 100644 zabbix-appliance/centos/.dockerignore delete mode 100644 zabbix-appliance/centos/Dockerfile delete mode 100644 zabbix-appliance/centos/README.md delete mode 120000 zabbix-appliance/centos/build.sh delete mode 100644 zabbix-appliance/centos/conf/etc/nginx/nginx.conf delete mode 100644 zabbix-appliance/centos/conf/etc/php-fpm.conf delete mode 100644 zabbix-appliance/centos/conf/etc/php.d/99-zabbix.ini delete mode 100644 zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf delete mode 100644 zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_mysql.conf delete mode 100644 zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_server.conf delete mode 100644 zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf delete mode 100644 zabbix-appliance/centos/conf/etc/supervisor/supervisord.conf delete mode 100644 zabbix-appliance/centos/conf/etc/zabbix/nginx.conf delete mode 100644 zabbix-appliance/centos/conf/etc/zabbix/nginx_ssl.conf delete mode 100644 zabbix-appliance/centos/conf/etc/zabbix/web/zabbix.conf.php delete mode 100644 zabbix-appliance/centos/conf/etc/zabbix/zabbix_java_gateway_logback.xml delete mode 100755 zabbix-appliance/centos/conf/usr/sbin/zabbix_java_gateway delete mode 100755 zabbix-appliance/centos/docker-entrypoint.sh delete mode 100644 zabbix-appliance/ubuntu/.dockerignore delete mode 100644 zabbix-appliance/ubuntu/Dockerfile delete mode 100644 zabbix-appliance/ubuntu/README.md delete mode 120000 zabbix-appliance/ubuntu/build.sh delete mode 100644 zabbix-appliance/ubuntu/conf/etc/nginx/nginx.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini delete mode 100644 zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_mysql.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_server.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/supervisor/supervisord.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/zabbix/nginx.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/zabbix/nginx_ssl.conf delete mode 100644 zabbix-appliance/ubuntu/conf/etc/zabbix/web/zabbix.conf.php delete mode 100644 zabbix-appliance/ubuntu/conf/etc/zabbix/zabbix_java_gateway_logback.xml delete mode 100755 zabbix-appliance/ubuntu/conf/usr/sbin/zabbix_java_gateway delete mode 100755 zabbix-appliance/ubuntu/docker-entrypoint.sh diff --git a/web-apache-mysql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf b/web-apache-mysql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf index 103d56271..8badf9d43 100644 --- a/web-apache-mysql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf +++ b/web-apache-mysql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf @@ -16,7 +16,7 @@ stdout_logfile = /dev/stdout stdout_logfile_maxbytes = 0 [program:php-fpm] -command = /usr/sbin/%(program_name)s -F -c /etc/%(program_name)s.conf +command = /usr/sbin/%(program_name)s -F -y /etc/%(program_name)s.conf auto_start = true autorestart = true diff --git a/web-apache-pgsql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf b/web-apache-pgsql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf index 103d56271..8badf9d43 100644 --- a/web-apache-pgsql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf +++ b/web-apache-pgsql/centos/conf/etc/supervisor/conf.d/supervisord_zabbix.conf @@ -16,7 +16,7 @@ stdout_logfile = /dev/stdout stdout_logfile_maxbytes = 0 [program:php-fpm] -command = /usr/sbin/%(program_name)s -F -c /etc/%(program_name)s.conf +command = /usr/sbin/%(program_name)s -F -y /etc/%(program_name)s.conf auto_start = true autorestart = true diff --git a/zabbix-appliance/alpine/.dockerignore b/zabbix-appliance/alpine/.dockerignore deleted file mode 100644 index 88a84e55a..000000000 --- a/zabbix-appliance/alpine/.dockerignore +++ /dev/null @@ -1 +0,0 @@ -build.sh diff --git a/zabbix-appliance/alpine/Dockerfile b/zabbix-appliance/alpine/Dockerfile deleted file mode 100644 index 243b42385..000000000 --- a/zabbix-appliance/alpine/Dockerfile +++ /dev/null @@ -1,198 +0,0 @@ -FROM alpine:3.10 - -ARG BUILD_DATE -ARG VCS_REF - -ARG APK_FLAGS_COMMON="" -ARG APK_FLAGS_DEV="${APK_FLAGS_COMMON} --no-cache" -ARG APK_FLAGS_PERSISTENT="${APK_FLAGS_COMMON} --clean-protected --no-cache" -ENV PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ JAVA_HOME=/usr/lib/jvm/default-jvm \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx \ - MYSQL_ALLOW_EMPTY_PASSWORD=true ZBX_ADD_SERVER=true ZBX_ADD_WEB=true DB_SERVER_HOST=localhost MYSQL_USER=zabbix ZBX_ADD_JAVA_GATEWAY=true ZBX_JAVAGATEWAY_ENABLE=true ZBX_JAVAGATEWAY=localhost - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-alpine" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix appliance with MySQL database support and ${ZBX_OPT_TYPE} web-server" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL 2.0" - -STOPSIGNAL SIGTERM - -RUN set -eux && \ - addgroup zabbix && \ - adduser -S \ - -D -G zabbix \ - -h /var/lib/zabbix/ \ - zabbix && \ - adduser zabbix dialout && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ - apk update && \ - apk add ${APK_FLAGS_PERSISTENT} \ - tini \ - bash \ - curl \ - fping \ - iputils \ - libcurl \ - libevent \ - libldap \ - libssh2 \ - libxml2 \ - mariadb-client \ - mariadb-connector-c \ - mysql \ - net-snmp-agent-libs \ - nginx \ - openipmi-libs \ - openjdk8-jre-base \ - php7-bcmath \ - php7-ctype \ - php7-fpm \ - php7-gd \ - php7-gettext \ - php7-json \ - php7-ldap \ - php7-mbstring \ - php7-mysqli \ - php7-session \ - php7-simplexml \ - php7-sockets \ - php7-fileinfo \ - php7-xmlreader \ - php7-xmlwriter \ - supervisor \ - pcre \ - unixodbc && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=5.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix-appliance:alpine-${ZBX_VERSION}" - -RUN set -eux && \ - apk add ${APK_FLAGS_DEV} --virtual build-dependencies \ - bash \ - alpine-sdk \ - autoconf \ - automake \ - coreutils \ - curl-dev \ - gettext \ - libevent-dev \ - libssh2-dev \ - libxml2-dev \ - mysql-dev \ - net-snmp-dev \ - openipmi-dev \ - openjdk8 \ - openldap-dev \ - pcre-dev \ - git \ - unixodbc-dev && \ - cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --enable-java \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh2 \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz && \ - mkdir -p /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ - rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ - cd /usr/share/zabbix/ && \ - rm -f conf/zabbix.conf.php && \ - rm -rf tests && \ - ./locale/make_mo.sh && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - apk del ${APK_FLAGS_COMMON} --purge --no-network \ - build-dependencies && \ - rm -rf /var/cache/apk/* - -EXPOSE 80/TCP 443/TCP 10051/TCP - -WORKDIR /var/lib/zabbix - -VOLUME ["/etc/ssl/nginx"] -VOLUME ["/usr/lib/zabbix/alertscripts", "/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/mibs", "/var/lib/zabbix/modules"] -VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] -VOLUME ["/var/lib/mysql/"] - -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php7/php-fpm.conf", "/etc/php7/"] -COPY ["conf/etc/php7/conf.d/99-zabbix.ini", "/etc/php7/conf.d/"] -COPY ["conf/etc/zabbix/zabbix_java_gateway_logback.xml", "/etc/zabbix/"] -COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] -COPY ["docker-entrypoint.sh", "/usr/bin/"] - -ENV ZBX_TYPE=appliance - -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] diff --git a/zabbix-appliance/alpine/README.md b/zabbix-appliance/alpine/README.md deleted file mode 100644 index 814159c7e..000000000 --- a/zabbix-appliance/alpine/README.md +++ /dev/null @@ -1,258 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix appliance? - -Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server. - -# Zabbix appliance images - -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic) and CentOS 7 images. The available versions of Zabbix appliance are: - - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) - Zabbix appliance 5.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. The image is very useful for testing purposes. - -# How to use this image - -## Start `zabbix-appliance` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag - -Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-appliance/tags/). - -## Container shell access and viewing Zabbix appliance logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-appliance` container: - -```console -$ docker exec -ti some-zabbix-appliance /bin/bash -``` - -The Zabbix appliance logs is available through Docker's container log: - -```console -$ docker logs some-zabbix-appliance -``` - -## Environment Variables - -When you start the `zabbix-appliance` image, you can adjust the configuration of the Zabbix appliance by passing one or more environment variables on the `docker run` command line. - -### `PHP_TZ` - -The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga'. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_SERVER_NAME` - -The variable is visible Zabbix installation name in right top corner of the web interface. - -### `ZBX_MAXEXECUTIONTIME` - -The varable is PHP ``max_execution_time`` option. By default, value is `300`. - -### `ZBX_MEMORYLIMIT` - -The varable is PHP ``memory_limit`` option. By default, value is `128M`. - -### `ZBX_POSTMAXSIZE` - -The varable is PHP ``post_max_size`` option. By default, value is `16M`. - -### `ZBX_UPLOADMAXFILESIZE` - -The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. - -### `ZBX_MAXINPUTTIME` - -The varable is PHP ``max_input_time`` option. By default, value is `300`. - -### `ZBX_SESSION_NAME` - -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_LISTENIP= -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/etc/ssl/nginx`` - -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. - -Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. - -# The image variants - -The `zabbix-appliance` images come in many flavors, each designed for a specific use case. - -## `zabbix-appliance:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-appliance:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`zabbix-appliance/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/zabbix-appliance) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues -Some configuration environment variables are the same between multiple Zabbix components. Be careful when change these variables. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/zabbix-appliance/alpine/build.sh b/zabbix-appliance/alpine/build.sh deleted file mode 120000 index fcb4d4ee7..000000000 --- a/zabbix-appliance/alpine/build.sh +++ /dev/null @@ -1 +0,0 @@ -../../build.sh \ No newline at end of file diff --git a/zabbix-appliance/alpine/conf/etc/nginx/nginx.conf b/zabbix-appliance/alpine/conf/etc/nginx/nginx.conf deleted file mode 100644 index 6e1ae33ce..000000000 --- a/zabbix-appliance/alpine/conf/etc/nginx/nginx.conf +++ /dev/null @@ -1,64 +0,0 @@ -user nginx; -worker_processes 5; -worker_rlimit_nofile 256000; - -error_log /dev/fd/2 warn; - -pid /var/run/nginx.pid; - -events { - worker_connections 5120; - use epoll; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/fd/1 main; - - client_body_timeout 5m; - send_timeout 5m; - - connection_pool_size 4096; - client_header_buffer_size 4k; - large_client_header_buffers 4 4k; - request_pool_size 4k; - reset_timedout_connection on; - - - gzip on; - gzip_min_length 100; - gzip_buffers 4 8k; - gzip_comp_level 5; - gzip_types text/plain; - gzip_types application/x-javascript; - gzip_types text/css; - - output_buffers 128 512k; - postpone_output 1460; - aio on; - directio 512; - - sendfile on; - client_max_body_size 8m; - client_body_buffer_size 256k; - fastcgi_intercept_errors on; - - tcp_nopush on; - tcp_nodelay on; - - keepalive_timeout 75 20; - - ignore_invalid_headers on; - - index index.php; - server_tokens off; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/zabbix-appliance/alpine/conf/etc/php7/conf.d/99-zabbix.ini b/zabbix-appliance/alpine/conf/etc/php7/conf.d/99-zabbix.ini deleted file mode 100644 index 332ad1c5f..000000000 --- a/zabbix-appliance/alpine/conf/etc/php7/conf.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -; always_populate_raw_post_data=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -; session.save_path=/var/lib/php7 diff --git a/zabbix-appliance/alpine/conf/etc/php7/php-fpm.conf b/zabbix-appliance/alpine/conf/etc/php7/php-fpm.conf deleted file mode 100644 index 19e557456..000000000 --- a/zabbix-appliance/alpine/conf/etc/php7/php-fpm.conf +++ /dev/null @@ -1,537 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;; -; FPM Configuration ; -;;;;;;;;;;;;;;;;;;;;; - -; All relative paths in this configuration file are relative to PHP's install -; prefix (/usr). This prefix can be dynamically changed by using the -; '-p' argument from the command line. - -; Include one or more files. If glob(3) exists, it is used to include a bunch of -; files from a glob(3) pattern. This directive can be used everywhere in the -; file. -; Relative path can also be used. They will be prefixed by: -; - the global prefix if it's been set (-p argument) -; - /usr otherwise -include = /etc/php7/php-fpm.d/*.conf - -;;;;;;;;;;;;;;;;;; -; Global Options ; -;;;;;;;;;;;;;;;;;; - -[global] -; Pid file -; Note: the default prefix is /var -; Default Value: none -;pid = run/php-fpm.pid - -; Error log file -; If it's set to "syslog", log is sent to syslogd instead of being written -; in a local file. -; Note: the default prefix is /var -; Default Value: log/php-fpm.log -error_log = /var/log/php-fpm.log - -; syslog_facility is used to specify what type of program is logging the -; message. This lets syslogd specify that messages from different facilities -; will be handled differently. -; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) -; Default Value: daemon -;syslog.facility = daemon - -; syslog_ident is prepended to every message. If you have multiple FPM -; instances running on the same server, you can change the default value -; which must suit common needs. -; Default Value: php-fpm -;syslog.ident = php-fpm - -; Log level -; Possible Values: alert, error, warning, notice, debug -; Default Value: notice -;log_level = notice - -; If this number of child processes exit with SIGSEGV or SIGBUS within the time -; interval set by emergency_restart_interval then FPM will restart. A value -; of '0' means 'Off'. -; Default Value: 0 -;emergency_restart_threshold = 0 - -; Interval of time used by emergency_restart_interval to determine when -; a graceful restart will be initiated. This can be useful to work around -; accidental corruptions in an accelerator's shared memory. -; Available Units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;emergency_restart_interval = 0 - -; Time limit for child processes to wait for a reaction on signals from master. -; Available units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;process_control_timeout = 0 - -; The maximum number of processes FPM will fork. This has been design to control -; the global number of processes when using dynamic PM within a lot of pools. -; Use it with caution. -; Note: A value of 0 indicates no limit -; Default Value: 0 -; process.max = 128 - -; Specify the nice(2) priority to apply to the master process (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool process will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. -; Default Value: yes -;daemonize = yes - -; Set open file descriptor rlimit for the master process. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit for the master process. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Specify the event mechanism FPM will use. The following is available: -; - select (any POSIX os) -; - poll (any POSIX os) -; - epoll (linux >= 2.5.44) -; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) -; - /dev/poll (Solaris >= 7) -; - port (Solaris >= 10) -; Default Value: not set (auto detection) -;events.mechanism = epoll - -; When FPM is build with systemd integration, specify the interval, -; in second, between health report notification to systemd. -; Set to 0 to disable. -; Available Units: s(econds), m(inutes), h(ours) -; Default Unit: seconds -; Default value: 10 -;systemd_interval = 10 - -;;;;;;;;;;;;;;;;;;;; -; Pool Definitions ; -;;;;;;;;;;;;;;;;;;;; - -; Multiple pools of child processes may be started with different listening -; ports and different management options. The name of the pool will be -; used in logs and stats. There is no limitation on the number of pools which -; FPM can handle. Your system will tell you anyway :) - -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = nginx -group = nginx - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -listen = /var/run/php7-fpm.sock - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 65535 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -listen.owner = nginx -listen.group = nginx -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 5 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 0 - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -;chdir = /var/www - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf b/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf deleted file mode 100644 index df9514bd1..000000000 --- a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf +++ /dev/null @@ -1,17 +0,0 @@ -[supervisord] -nodaemon = true - -[program:zabbix_java_gateway] -command = /bin/bash /usr/sbin/%(program_name)s -user = zabbix -auto_start = true -autorestart = true - -startsecs=3 -startretries=3 -stopsignal=INT -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_mysql.conf b/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_mysql.conf deleted file mode 100644 index 27e712e5e..000000000 --- a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_mysql.conf +++ /dev/null @@ -1,14 +0,0 @@ -[supervisord] -nodaemon = true - -[program:mysqld] -command = /usr/bin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid --port=3306 --console -user = mysql -auto_start = true -autorestart = true -priority = 1 - -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 -stderr_logfile = /dev/stderr -stderr_logfile_maxbytes = 0 diff --git a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_server.conf b/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_server.conf deleted file mode 100644 index b11628eb2..000000000 --- a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_server.conf +++ /dev/null @@ -1,18 +0,0 @@ -[supervisord] -nodaemon = true - -[program:zabbix_server] -command = /usr/sbin/%(program_name)s --foreground -c /etc/zabbix/%(program_name)s.conf -user = zabbix -auto_start = true -autorestart = true - -startsecs=10 -startretries=3 -stopsignal=INT -stopwaitsecs=10 - -redirect_stderr=true - -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf b/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf deleted file mode 100644 index 70b6b577b..000000000 --- a/zabbix-appliance/alpine/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf +++ /dev/null @@ -1,30 +0,0 @@ -[supervisord] -nodaemon = true - -[program:nginx] -command = /usr/sbin/%(program_name)s -g "daemon off;" -c /etc/nginx/%(program_name)s.conf -auto_start = true -autorestart = true - -startsecs=2 -startretries=3 -stopsignal=TERM -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 - -[program:php-fpm7] -command = /usr/sbin/%(program_name)s -F -c /etc/php7/php-fpm.conf -auto_start = true -autorestart = true - -startsecs=2 -startretries=3 -stopsignal=TERM -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/alpine/conf/etc/supervisor/supervisord.conf b/zabbix-appliance/alpine/conf/etc/supervisor/supervisord.conf deleted file mode 100644 index 925bb1838..000000000 --- a/zabbix-appliance/alpine/conf/etc/supervisor/supervisord.conf +++ /dev/null @@ -1,35 +0,0 @@ -; supervisor config file - -[unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) -chmod = 0700 ; sockef file mode (default 0700) -username = zbx -password = password - -[supervisord] -logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) -childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) -critical = critical -user = root -logfile_maxbytes = 0 -logfile_backupcount = 0 -loglevel = info - -; the below section must remain in the config file for RPC -; (supervisorctl/web interface) to work, additional interfaces may be -; added by defining them in separate rpcinterface: sections -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket - -; The [include] section can just contain the "files" setting. This -; setting can list multiple files (separated by whitespace or -; newlines). It can also contain wildcards. The filenames are -; interpreted as relative to this file. Included files *cannot* -; include files themselves. - -[include] -files = /etc/supervisor/conf.d/*.conf diff --git a/zabbix-appliance/alpine/conf/etc/zabbix/nginx.conf b/zabbix-appliance/alpine/conf/etc/zabbix/nginx.conf deleted file mode 100644 index cd77db528..000000000 --- a/zabbix-appliance/alpine/conf/etc/zabbix/nginx.conf +++ /dev/null @@ -1,74 +0,0 @@ -server { - listen 80; - server_name zabbix; - index index.php; - - access_log /dev/fd/1 main; - error_log /dev/fd/2 notice; - - set $webroot '/usr/share/zabbix'; - - root $webroot; - - large_client_header_buffers 8 8k; - client_max_body_size 10M; - - - location = /favicon.ico { - log_not_found off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). - location ~ /\. { - deny all; - access_log off; - log_not_found off; - } - - # caching of files - location ~* \.(ico|pdf|flv)$ { - expires 1y; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { - expires 14d; - } - - location / { - try_files $uri $uri/ /index.php?$args; - } - - location ~ .php$ { - fastcgi_pass unix:/var/run/php7-fpm.sock; - fastcgi_index index.php; - - fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; - - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } -} diff --git a/zabbix-appliance/alpine/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/alpine/conf/etc/zabbix/nginx_ssl.conf deleted file mode 100644 index e3c3e0243..000000000 --- a/zabbix-appliance/alpine/conf/etc/zabbix/nginx_ssl.conf +++ /dev/null @@ -1,98 +0,0 @@ -server { - listen 443 ssl http2; - server_name zabbix; - server_name_in_redirect off; - - index index.php; - access_log /dev/fd/1 main; - error_log /dev/fd/2 error; - - set $webroot '/usr/share/zabbix'; - - root $webroot; - - large_client_header_buffers 8 8k; - - client_max_body_size 10M; - - - ssl on; -# ssl_stapling on; - ssl_certificate /etc/ssl/nginx/ssl.crt; - ssl_certificate_key /etc/ssl/nginx/ssl.key; - ssl_dhparam /etc/ssl/nginx/dhparam.pem; - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_verify_depth 3; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - ssl_prefer_server_ciphers on; - - add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; - add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report"; - - location =/nginx_status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - - location = /favicon.ico { - log_not_found off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). - location ~ /\. { - deny all; - access_log off; - log_not_found off; - } - - # caching of files - location ~* \.(ico|pdf|flv)$ { - expires 1y; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { - expires 14d; - } - - location / { - try_files $uri $uri/ /index.php?$args; - } - - location ~ .php$ { - fastcgi_pass unix:/var/run/php7-fpm.sock; - fastcgi_index index.php; - - fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; - - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } -} diff --git a/zabbix-appliance/alpine/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/alpine/conf/etc/zabbix/web/zabbix.conf.php deleted file mode 100644 index a4c9fadab..000000000 --- a/zabbix-appliance/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - diff --git a/zabbix-appliance/alpine/conf/usr/sbin/zabbix_java_gateway b/zabbix-appliance/alpine/conf/usr/sbin/zabbix_java_gateway deleted file mode 100755 index 2da696885..000000000 --- a/zabbix-appliance/alpine/conf/usr/sbin/zabbix_java_gateway +++ /dev/null @@ -1,27 +0,0 @@ -JAVA=${JAVA:-"/usr/bin/java"} -DAEMON=${DAEMON:-"/usr/sbin/zabbix_java"} - -JAVA_OPTIONS="-server $JAVA_OPTIONS" -JAVA_OPTIONS="$JAVA_OPTIONS -Dlogback.configurationFile=/etc/zabbix/zabbix_java_gateway_logback.xml" - -cd $DAEMON - -CLASSPATH="$DAEMON/lib" -for jar in `find lib bin -name "*.jar"`; do - if [ $jar != *junit* ]; then - CLASSPATH="$CLASSPATH:$DAEMON/$jar" - fi -done - -ZABBIX_OPTIONS="" -if [ -n "$ZBX_START_POLLERS" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.startPollers=$ZBX_START_POLLERS" -fi -if [ -n "$ZBX_TIMEOUT" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.timeout=$ZBX_TIMEOUT -Dsun.rmi.transport.tcp.responseTimeout=${ZBX_TIMEOUT}000" -fi - - -COMMAND_LINE="$JAVA $JAVA_OPTIONS -classpath $CLASSPATH $ZABBIX_OPTIONS com.zabbix.gateway.JavaGateway" - -exec $COMMAND_LINE diff --git a/zabbix-appliance/alpine/docker-entrypoint.sh b/zabbix-appliance/alpine/docker-entrypoint.sh deleted file mode 100755 index 20e78e0da..000000000 --- a/zabbix-appliance/alpine/docker-entrypoint.sh +++ /dev/null @@ -1,1187 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -set +e - -# Script trace mode -if [ "${DEBUG_MODE}" == "true" ]; then - set -o xtrace -fi - -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - -# Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" -# Configuration files directory -ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - -escape_spec_char() { - local var_value=$1 - - var_value="${var_value//\\/\\\\}" - var_value="${var_value//[$'\n']/}" - var_value="${var_value//\//\\/}" - var_value="${var_value//./\\.}" - var_value="${var_value//\*/\\*}" - var_value="${var_value//^/\\^}" - var_value="${var_value//\$/\\\$}" - var_value="${var_value//\&/\\\&}" - var_value="${var_value//\[/\\[}" - var_value="${var_value//\]/\\]}" - - echo "$var_value" -} - -update_config_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - local is_multiple=$4 - - if [ ! -f "$config_path" ]; then - echo "**** Configuration file '$config_path' does not exist" - return - fi - - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " - - # Remove configuration parameter definition in case of unset parameter value - if [ -z "$var_value" ]; then - sed -i -e "/^$var_name=/d" "$config_path" - echo "removed" - return - fi - - # Remove value from configuration parameter in case of double quoted parameter value - if [ "$var_value" == '""' ]; then - sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" - echo "undefined" - return - fi - - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value - var_value=$(escape_spec_char "$var_value") - - if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then - sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" - echo "updated" - elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then - sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" - echo "added first occurrence" - else - sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" - echo "added" - fi - -} - -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} - -################################################# - -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi - -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi - -################################################# diff --git a/zabbix-appliance/centos/.dockerignore b/zabbix-appliance/centos/.dockerignore deleted file mode 100644 index 88a84e55a..000000000 --- a/zabbix-appliance/centos/.dockerignore +++ /dev/null @@ -1 +0,0 @@ -build.sh diff --git a/zabbix-appliance/centos/Dockerfile b/zabbix-appliance/centos/Dockerfile deleted file mode 100644 index 5bcaa1644..000000000 --- a/zabbix-appliance/centos/Dockerfile +++ /dev/null @@ -1,199 +0,0 @@ -FROM centos:centos7 as builder - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=5.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx \ - MYSQL_ALLOW_EMPTY_PASSWORD=true ZBX_ADD_SERVER=true ZBX_ADD_WEB=true DB_SERVER_HOST=localhost MYSQL_USER=zabbix ZBX_ADD_JAVA_GATEWAY=true ZBX_JAVAGATEWAY_ENABLE=true ZBX_JAVAGATEWAY=localhost - -RUN set -eux && \ - yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install \ - autoconf \ - automake \ - gcc \ - gettext \ - java-1.8.0-openjdk-devel \ - libcurl-devel \ - libevent-devel \ - libssh2-devel \ - libxml2-devel \ - make \ - mariadb-devel \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - git \ - unixODBC-devel && \ - cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --enable-java \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh2 \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib/*.xml && \ - cd ui/ && \ - rm -f conf/zabbix.conf.php && \ - rm -rf tests && \ - ./locale/make_mo.sh - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=5.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx \ - MYSQL_ALLOW_EMPTY_PASSWORD=true ZBX_ADD_SERVER=true ZBX_ADD_WEB=true DB_SERVER_HOST=localhost MYSQL_USER=zabbix ZBX_ADD_JAVA_GATEWAY=true ZBX_JAVAGATEWAY_ENABLE=true ZBX_JAVAGATEWAY=localhost -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix appliance with MySQL database support and ${ZBX_OPT_TYPE} web-server" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix-appliance:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin/ /usr/sbin/zabbix_java/bin/ -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib/ /usr/sbin/zabbix_java/lib/ - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/ui/ /usr/share/zabbix/ -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum ${YUM_FLAGS_PERSISTENT} install epel-release && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - iputils \ - traceroute \ - curl \ - OpenIPMI-libs \ - java-1.8.0-openjdk-headless \ - libcurl \ - libevent \ - libxml2 \ - mariadb \ - mariadb-server \ - net-snmp-libs \ - nginx \ - openldap \ - openssl-libs \ - pcre \ - php-bcmath \ - php-fpm \ - php-gd \ - php-ldap \ - php-mbstring \ - php-mysql \ - php-xml \ - supervisor \ - unixODBC && \ - rm -f /etc/php-fpm.d/www.conf && \ - mkdir -p /var/lib/php/ && \ - chown --quiet -R nginx:nginx /var/lib/php/ && \ - cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ - cut -d"'" -f 2 | sort | \ - xargs -I '{}' bash -c 'echo "{}" && localedef -c -i {} -f UTF-8 {}.UTF-8 2>/dev/null' && \ - chown --quiet -R nginx:nginx /usr/share/zabbix && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ && \ - chmod +x /sbin/tini - -EXPOSE 80/TCP 443/TCP 10051/TCP - -WORKDIR /var/lib/zabbix - -VOLUME ["/etc/ssl/nginx"] -VOLUME ["/usr/lib/zabbix/alertscripts", "/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/mibs", "/var/lib/zabbix/modules"] -VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] -VOLUME ["/var/lib/mysql/"] - -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php-fpm.conf", "/etc/php-fpm.conf"] -COPY ["conf/etc/php.d/99-zabbix.ini", "/etc/php.d/99-zabbix.ini"] -COPY ["conf/etc/zabbix/zabbix_java_gateway_logback.xml", "/etc/zabbix/"] -COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] -COPY ["docker-entrypoint.sh", "/usr/bin/"] - -ENV ZBX_TYPE=appliance - -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] diff --git a/zabbix-appliance/centos/README.md b/zabbix-appliance/centos/README.md deleted file mode 100644 index 814159c7e..000000000 --- a/zabbix-appliance/centos/README.md +++ /dev/null @@ -1,258 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix appliance? - -Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server. - -# Zabbix appliance images - -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic) and CentOS 7 images. The available versions of Zabbix appliance are: - - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) - Zabbix appliance 5.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. The image is very useful for testing purposes. - -# How to use this image - -## Start `zabbix-appliance` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag - -Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-appliance/tags/). - -## Container shell access and viewing Zabbix appliance logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-appliance` container: - -```console -$ docker exec -ti some-zabbix-appliance /bin/bash -``` - -The Zabbix appliance logs is available through Docker's container log: - -```console -$ docker logs some-zabbix-appliance -``` - -## Environment Variables - -When you start the `zabbix-appliance` image, you can adjust the configuration of the Zabbix appliance by passing one or more environment variables on the `docker run` command line. - -### `PHP_TZ` - -The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga'. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_SERVER_NAME` - -The variable is visible Zabbix installation name in right top corner of the web interface. - -### `ZBX_MAXEXECUTIONTIME` - -The varable is PHP ``max_execution_time`` option. By default, value is `300`. - -### `ZBX_MEMORYLIMIT` - -The varable is PHP ``memory_limit`` option. By default, value is `128M`. - -### `ZBX_POSTMAXSIZE` - -The varable is PHP ``post_max_size`` option. By default, value is `16M`. - -### `ZBX_UPLOADMAXFILESIZE` - -The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. - -### `ZBX_MAXINPUTTIME` - -The varable is PHP ``max_input_time`` option. By default, value is `300`. - -### `ZBX_SESSION_NAME` - -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_LISTENIP= -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/etc/ssl/nginx`` - -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. - -Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. - -# The image variants - -The `zabbix-appliance` images come in many flavors, each designed for a specific use case. - -## `zabbix-appliance:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-appliance:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`zabbix-appliance/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/zabbix-appliance) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues -Some configuration environment variables are the same between multiple Zabbix components. Be careful when change these variables. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/zabbix-appliance/centos/build.sh b/zabbix-appliance/centos/build.sh deleted file mode 120000 index fcb4d4ee7..000000000 --- a/zabbix-appliance/centos/build.sh +++ /dev/null @@ -1 +0,0 @@ -../../build.sh \ No newline at end of file diff --git a/zabbix-appliance/centos/conf/etc/nginx/nginx.conf b/zabbix-appliance/centos/conf/etc/nginx/nginx.conf deleted file mode 100644 index 6e1ae33ce..000000000 --- a/zabbix-appliance/centos/conf/etc/nginx/nginx.conf +++ /dev/null @@ -1,64 +0,0 @@ -user nginx; -worker_processes 5; -worker_rlimit_nofile 256000; - -error_log /dev/fd/2 warn; - -pid /var/run/nginx.pid; - -events { - worker_connections 5120; - use epoll; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/fd/1 main; - - client_body_timeout 5m; - send_timeout 5m; - - connection_pool_size 4096; - client_header_buffer_size 4k; - large_client_header_buffers 4 4k; - request_pool_size 4k; - reset_timedout_connection on; - - - gzip on; - gzip_min_length 100; - gzip_buffers 4 8k; - gzip_comp_level 5; - gzip_types text/plain; - gzip_types application/x-javascript; - gzip_types text/css; - - output_buffers 128 512k; - postpone_output 1460; - aio on; - directio 512; - - sendfile on; - client_max_body_size 8m; - client_body_buffer_size 256k; - fastcgi_intercept_errors on; - - tcp_nopush on; - tcp_nodelay on; - - keepalive_timeout 75 20; - - ignore_invalid_headers on; - - index index.php; - server_tokens off; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/zabbix-appliance/centos/conf/etc/php-fpm.conf b/zabbix-appliance/centos/conf/etc/php-fpm.conf deleted file mode 100644 index 801c1ae13..000000000 --- a/zabbix-appliance/centos/conf/etc/php-fpm.conf +++ /dev/null @@ -1,537 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;; -; FPM Configuration ; -;;;;;;;;;;;;;;;;;;;;; - -; All relative paths in this configuration file are relative to PHP's install -; prefix (/usr). This prefix can be dynamically changed by using the -; '-p' argument from the command line. - -; Include one or more files. If glob(3) exists, it is used to include a bunch of -; files from a glob(3) pattern. This directive can be used everywhere in the -; file. -; Relative path can also be used. They will be prefixed by: -; - the global prefix if it's been set (-p argument) -; - /usr otherwise -include = /etc/php-fpm.d/*.conf - -;;;;;;;;;;;;;;;;;; -; Global Options ; -;;;;;;;;;;;;;;;;;; - -[global] -; Pid file -; Note: the default prefix is /var -; Default Value: none -;pid = run/php-fpm.pid - -; Error log file -; If it's set to "syslog", log is sent to syslogd instead of being written -; in a local file. -; Note: the default prefix is /var -; Default Value: log/php-fpm.log -error_log = /var/log/php-fpm.log - -; syslog_facility is used to specify what type of program is logging the -; message. This lets syslogd specify that messages from different facilities -; will be handled differently. -; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) -; Default Value: daemon -;syslog.facility = daemon - -; syslog_ident is prepended to every message. If you have multiple FPM -; instances running on the same server, you can change the default value -; which must suit common needs. -; Default Value: php-fpm -;syslog.ident = php-fpm - -; Log level -; Possible Values: alert, error, warning, notice, debug -; Default Value: notice -;log_level = notice - -; If this number of child processes exit with SIGSEGV or SIGBUS within the time -; interval set by emergency_restart_interval then FPM will restart. A value -; of '0' means 'Off'. -; Default Value: 0 -;emergency_restart_threshold = 0 - -; Interval of time used by emergency_restart_interval to determine when -; a graceful restart will be initiated. This can be useful to work around -; accidental corruptions in an accelerator's shared memory. -; Available Units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;emergency_restart_interval = 0 - -; Time limit for child processes to wait for a reaction on signals from master. -; Available units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;process_control_timeout = 0 - -; The maximum number of processes FPM will fork. This has been design to control -; the global number of processes when using dynamic PM within a lot of pools. -; Use it with caution. -; Note: A value of 0 indicates no limit -; Default Value: 0 -; process.max = 128 - -; Specify the nice(2) priority to apply to the master process (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool process will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. -; Default Value: yes -;daemonize = yes - -; Set open file descriptor rlimit for the master process. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit for the master process. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Specify the event mechanism FPM will use. The following is available: -; - select (any POSIX os) -; - poll (any POSIX os) -; - epoll (linux >= 2.5.44) -; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) -; - /dev/poll (Solaris >= 7) -; - port (Solaris >= 10) -; Default Value: not set (auto detection) -;events.mechanism = epoll - -; When FPM is build with systemd integration, specify the interval, -; in second, between health report notification to systemd. -; Set to 0 to disable. -; Available Units: s(econds), m(inutes), h(ours) -; Default Unit: seconds -; Default value: 10 -;systemd_interval = 10 - -;;;;;;;;;;;;;;;;;;;; -; Pool Definitions ; -;;;;;;;;;;;;;;;;;;;; - -; Multiple pools of child processes may be started with different listening -; ports and different management options. The name of the pool will be -; used in logs and stats. There is no limitation on the number of pools which -; FPM can handle. Your system will tell you anyway :) - -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = nginx -group = nginx - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -listen = /var/run/php5-fpm.sock - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 65535 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -listen.owner = nginx -listen.group = nginx -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 5 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 0 - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -;chdir = /var/www - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/zabbix-appliance/centos/conf/etc/php.d/99-zabbix.ini b/zabbix-appliance/centos/conf/etc/php.d/99-zabbix.ini deleted file mode 100644 index e87054b7d..000000000 --- a/zabbix-appliance/centos/conf/etc/php.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -always_populate_raw_post_data=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -session.save_path=/var/lib/php/ diff --git a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf b/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf deleted file mode 100644 index df9514bd1..000000000 --- a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf +++ /dev/null @@ -1,17 +0,0 @@ -[supervisord] -nodaemon = true - -[program:zabbix_java_gateway] -command = /bin/bash /usr/sbin/%(program_name)s -user = zabbix -auto_start = true -autorestart = true - -startsecs=3 -startretries=3 -stopsignal=INT -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_mysql.conf b/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_mysql.conf deleted file mode 100644 index 7860463bd..000000000 --- a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_mysql.conf +++ /dev/null @@ -1,14 +0,0 @@ -[supervisord] -nodaemon = true - -[program:mysqld] -command = /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid --socket=/var/lib/mysql/mysql.sock --port=3306 --console -user = mysql -auto_start = true -autorestart = true -priority = 1 - -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 -stderr_logfile = /dev/stderr -stderr_logfile_maxbytes = 0 diff --git a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_server.conf b/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_server.conf deleted file mode 100644 index b11628eb2..000000000 --- a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_server.conf +++ /dev/null @@ -1,18 +0,0 @@ -[supervisord] -nodaemon = true - -[program:zabbix_server] -command = /usr/sbin/%(program_name)s --foreground -c /etc/zabbix/%(program_name)s.conf -user = zabbix -auto_start = true -autorestart = true - -startsecs=10 -startretries=3 -stopsignal=INT -stopwaitsecs=10 - -redirect_stderr=true - -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf b/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf deleted file mode 100644 index 134b95140..000000000 --- a/zabbix-appliance/centos/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf +++ /dev/null @@ -1,30 +0,0 @@ -[supervisord] -nodaemon = true - -[program:nginx] -command = /usr/sbin/%(program_name)s -g "daemon off;" -c /etc/nginx/%(program_name)s.conf -auto_start = true -autorestart = true - -startsecs=2 -startretries=3 -stopsignal=TERM -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 - -[program:php-fpm] -command = /usr/sbin/%(program_name)s -F -c /etc/%(program_name)s.conf -auto_start = true -autorestart = true - -startsecs=2 -startretries=3 -stopsignal=TERM -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/centos/conf/etc/supervisor/supervisord.conf b/zabbix-appliance/centos/conf/etc/supervisor/supervisord.conf deleted file mode 100644 index 925bb1838..000000000 --- a/zabbix-appliance/centos/conf/etc/supervisor/supervisord.conf +++ /dev/null @@ -1,35 +0,0 @@ -; supervisor config file - -[unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) -chmod = 0700 ; sockef file mode (default 0700) -username = zbx -password = password - -[supervisord] -logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) -childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) -critical = critical -user = root -logfile_maxbytes = 0 -logfile_backupcount = 0 -loglevel = info - -; the below section must remain in the config file for RPC -; (supervisorctl/web interface) to work, additional interfaces may be -; added by defining them in separate rpcinterface: sections -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket - -; The [include] section can just contain the "files" setting. This -; setting can list multiple files (separated by whitespace or -; newlines). It can also contain wildcards. The filenames are -; interpreted as relative to this file. Included files *cannot* -; include files themselves. - -[include] -files = /etc/supervisor/conf.d/*.conf diff --git a/zabbix-appliance/centos/conf/etc/zabbix/nginx.conf b/zabbix-appliance/centos/conf/etc/zabbix/nginx.conf deleted file mode 100644 index 3bde42701..000000000 --- a/zabbix-appliance/centos/conf/etc/zabbix/nginx.conf +++ /dev/null @@ -1,74 +0,0 @@ -server { - listen 80; - server_name zabbix; - index index.php; - - access_log /dev/fd/1 main; - error_log /dev/fd/2 notice; - - set $webroot '/usr/share/zabbix'; - - root $webroot; - - large_client_header_buffers 8 8k; - client_max_body_size 10M; - - - location = /favicon.ico { - log_not_found off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). - location ~ /\. { - deny all; - access_log off; - log_not_found off; - } - - # caching of files - location ~* \.(ico|pdf|flv)$ { - expires 1y; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { - expires 14d; - } - - location / { - try_files $uri $uri/ /index.php?$args; - } - - location ~ .php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_index index.php; - - fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; - - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } -} diff --git a/zabbix-appliance/centos/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/centos/conf/etc/zabbix/nginx_ssl.conf deleted file mode 100644 index b38103186..000000000 --- a/zabbix-appliance/centos/conf/etc/zabbix/nginx_ssl.conf +++ /dev/null @@ -1,98 +0,0 @@ -server { - listen 443 ssl http2; - server_name zabbix; - server_name_in_redirect off; - - index index.php; - access_log /dev/fd/1 main; - error_log /dev/fd/2 error; - - set $webroot '/usr/share/zabbix'; - - root $webroot; - - large_client_header_buffers 8 8k; - - client_max_body_size 10M; - - - ssl on; -# ssl_stapling on; - ssl_certificate /etc/ssl/nginx/ssl.crt; - ssl_certificate_key /etc/ssl/nginx/ssl.key; - ssl_dhparam /etc/ssl/nginx/dhparam.pem; - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_verify_depth 3; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - ssl_prefer_server_ciphers on; - - add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; - add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report"; - - location =/nginx_status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - - location = /favicon.ico { - log_not_found off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). - location ~ /\. { - deny all; - access_log off; - log_not_found off; - } - - # caching of files - location ~* \.(ico|pdf|flv)$ { - expires 1y; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { - expires 14d; - } - - location / { - try_files $uri $uri/ /index.php?$args; - } - - location ~ .php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_index index.php; - - fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; - - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } -} diff --git a/zabbix-appliance/centos/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/centos/conf/etc/zabbix/web/zabbix.conf.php deleted file mode 100644 index a4c9fadab..000000000 --- a/zabbix-appliance/centos/conf/etc/zabbix/web/zabbix.conf.php +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - diff --git a/zabbix-appliance/centos/conf/usr/sbin/zabbix_java_gateway b/zabbix-appliance/centos/conf/usr/sbin/zabbix_java_gateway deleted file mode 100755 index 2da696885..000000000 --- a/zabbix-appliance/centos/conf/usr/sbin/zabbix_java_gateway +++ /dev/null @@ -1,27 +0,0 @@ -JAVA=${JAVA:-"/usr/bin/java"} -DAEMON=${DAEMON:-"/usr/sbin/zabbix_java"} - -JAVA_OPTIONS="-server $JAVA_OPTIONS" -JAVA_OPTIONS="$JAVA_OPTIONS -Dlogback.configurationFile=/etc/zabbix/zabbix_java_gateway_logback.xml" - -cd $DAEMON - -CLASSPATH="$DAEMON/lib" -for jar in `find lib bin -name "*.jar"`; do - if [ $jar != *junit* ]; then - CLASSPATH="$CLASSPATH:$DAEMON/$jar" - fi -done - -ZABBIX_OPTIONS="" -if [ -n "$ZBX_START_POLLERS" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.startPollers=$ZBX_START_POLLERS" -fi -if [ -n "$ZBX_TIMEOUT" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.timeout=$ZBX_TIMEOUT -Dsun.rmi.transport.tcp.responseTimeout=${ZBX_TIMEOUT}000" -fi - - -COMMAND_LINE="$JAVA $JAVA_OPTIONS -classpath $CLASSPATH $ZABBIX_OPTIONS com.zabbix.gateway.JavaGateway" - -exec $COMMAND_LINE diff --git a/zabbix-appliance/centos/docker-entrypoint.sh b/zabbix-appliance/centos/docker-entrypoint.sh deleted file mode 100755 index 20e78e0da..000000000 --- a/zabbix-appliance/centos/docker-entrypoint.sh +++ /dev/null @@ -1,1187 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -set +e - -# Script trace mode -if [ "${DEBUG_MODE}" == "true" ]; then - set -o xtrace -fi - -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - -# Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" -# Configuration files directory -ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - -escape_spec_char() { - local var_value=$1 - - var_value="${var_value//\\/\\\\}" - var_value="${var_value//[$'\n']/}" - var_value="${var_value//\//\\/}" - var_value="${var_value//./\\.}" - var_value="${var_value//\*/\\*}" - var_value="${var_value//^/\\^}" - var_value="${var_value//\$/\\\$}" - var_value="${var_value//\&/\\\&}" - var_value="${var_value//\[/\\[}" - var_value="${var_value//\]/\\]}" - - echo "$var_value" -} - -update_config_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - local is_multiple=$4 - - if [ ! -f "$config_path" ]; then - echo "**** Configuration file '$config_path' does not exist" - return - fi - - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " - - # Remove configuration parameter definition in case of unset parameter value - if [ -z "$var_value" ]; then - sed -i -e "/^$var_name=/d" "$config_path" - echo "removed" - return - fi - - # Remove value from configuration parameter in case of double quoted parameter value - if [ "$var_value" == '""' ]; then - sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" - echo "undefined" - return - fi - - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value - var_value=$(escape_spec_char "$var_value") - - if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then - sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" - echo "updated" - elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then - sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" - echo "added first occurrence" - else - sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" - echo "added" - fi - -} - -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} - -################################################# - -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi - -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi - -################################################# diff --git a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf index 134b95140..56e330bae 100644 --- a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf +++ b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf @@ -16,7 +16,7 @@ stdout_logfile = /dev/stdout stdout_logfile_maxbytes = 0 [program:php-fpm] -command = /usr/sbin/%(program_name)s -F -c /etc/%(program_name)s.conf +command = /usr/sbin/%(program_name)s -F -y /etc/%(program_name)s.conf auto_start = true autorestart = true diff --git a/zabbix-appliance/ubuntu/.dockerignore b/zabbix-appliance/ubuntu/.dockerignore deleted file mode 100644 index 88a84e55a..000000000 --- a/zabbix-appliance/ubuntu/.dockerignore +++ /dev/null @@ -1 +0,0 @@ -build.sh diff --git a/zabbix-appliance/ubuntu/Dockerfile b/zabbix-appliance/ubuntu/Dockerfile deleted file mode 100644 index 73a83e23f..000000000 --- a/zabbix-appliance/ubuntu/Dockerfile +++ /dev/null @@ -1,233 +0,0 @@ -FROM ubuntu:bionic as builder - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" - -ARG MAJOR_VERSION=5.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx \ - MYSQL_ALLOW_EMPTY_PASSWORD=true ZBX_ADD_SERVER=true ZBX_ADD_WEB=true DB_SERVER_HOST=localhost MYSQL_USER=zabbix ZBX_ADD_JAVA_GATEWAY=true ZBX_JAVAGATEWAY_ENABLE=true ZBX_JAVAGATEWAY=localhost - -RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install locales && \ - locale-gen $LC_ALL && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ - autoconf \ - automake \ - gcc \ - gettext \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libmysqlclient-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libssh2-1-dev \ - libxml2-dev \ - make \ - openjdk-8-jdk \ - pkg-config \ - git \ - unixodbc-dev && \ - cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --enable-java \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh2 \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib/*.xml && \ - cd ui/ && \ - rm -f conf/zabbix.conf.php && \ - rm -rf tests && \ - ./locale/make_mo.sh - -FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG MAJOR_VERSION=5.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx \ - MYSQL_ALLOW_EMPTY_PASSWORD=true ZBX_ADD_SERVER=true ZBX_ADD_WEB=true DB_SERVER_HOST=localhost MYSQL_USER=zabbix ZBX_ADD_JAVA_GATEWAY=true ZBX_JAVAGATEWAY_ENABLE=true ZBX_JAVAGATEWAY=localhost -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix appliance with MySQL database support and ${ZBX_OPT_TYPE} web-server" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix-appliance:ubuntu-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin/ /usr/sbin/zabbix_java/bin/ -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib/ /usr/sbin/zabbix_java/lib/ - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/ui/ /usr/share/zabbix/ -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales gnupg2 ca-certificates && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix \ - --home /var/lib/zabbix/ \ - --no-create-home \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ - apt-get ${APT_FLAGS_COMMON} update && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ - DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ - echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ - iputils-ping \ - traceroute \ - curl \ - fping \ - libcurl4 \ - libevent-2.1 \ - libmysqlclient20 \ - libopenipmi0 \ - libpcre3 \ - libsnmp30 \ - libssh2-1 \ - libssl1.1 \ - libxml2 \ - mysql-client \ - mysql-server \ - nginx \ - openjdk-8-jre-headless \ - php7.2-bcmath \ - php7.2-fpm \ - php7.2-gd \ - php7.2-json \ - php7.2-ldap \ - php7.2-mbstring \ - php7.2-mysql \ - php7.2-xml \ - snmp-mibs-downloader \ - supervisor \ - unixodbc && \ - mkdir -p /var/lib/locales/supported.d/ && \ - rm -f /var/lib/locales/supported.d/local && \ - cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ - cut -d"'" -f 2 | sort | \ - xargs -I '{}' bash -c 'echo "{}.UTF-8 UTF-8" >> /var/lib/locales/supported.d/local' && \ - dpkg-reconfigure locales && \ - chown --quiet -R www-data:www-data /usr/share/zabbix && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ - mkdir -p /var/lib/php7 && \ - chown --quiet -R www-data:www-data /var/lib/php7 && \ - rm -rf /var/cache/nginx/* && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini - -EXPOSE 80/TCP 443/TCP 10051/TCP - -WORKDIR /var/lib/zabbix - -VOLUME ["/etc/ssl/nginx"] -VOLUME ["/usr/lib/zabbix/alertscripts", "/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/mibs", "/var/lib/zabbix/modules"] -VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] -VOLUME ["/var/lib/mysql/"] - -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini", "/etc/php/7.2/fpm/conf.d/"] -COPY ["conf/etc/zabbix/zabbix_java_gateway_logback.xml", "/etc/zabbix/"] -COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] -COPY ["docker-entrypoint.sh", "/usr/bin/"] - -ENV ZBX_TYPE=appliance - -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] diff --git a/zabbix-appliance/ubuntu/README.md b/zabbix-appliance/ubuntu/README.md deleted file mode 100644 index 814159c7e..000000000 --- a/zabbix-appliance/ubuntu/README.md +++ /dev/null @@ -1,258 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix appliance? - -Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server. - -# Zabbix appliance images - -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic) and CentOS 7 images. The available versions of Zabbix appliance are: - - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) - Zabbix appliance 5.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. The image is very useful for testing purposes. - -# How to use this image - -## Start `zabbix-appliance` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag - -Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-appliance/tags/). - -## Container shell access and viewing Zabbix appliance logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-appliance` container: - -```console -$ docker exec -ti some-zabbix-appliance /bin/bash -``` - -The Zabbix appliance logs is available through Docker's container log: - -```console -$ docker logs some-zabbix-appliance -``` - -## Environment Variables - -When you start the `zabbix-appliance` image, you can adjust the configuration of the Zabbix appliance by passing one or more environment variables on the `docker run` command line. - -### `PHP_TZ` - -The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga'. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_SERVER_NAME` - -The variable is visible Zabbix installation name in right top corner of the web interface. - -### `ZBX_MAXEXECUTIONTIME` - -The varable is PHP ``max_execution_time`` option. By default, value is `300`. - -### `ZBX_MEMORYLIMIT` - -The varable is PHP ``memory_limit`` option. By default, value is `128M`. - -### `ZBX_POSTMAXSIZE` - -The varable is PHP ``post_max_size`` option. By default, value is `16M`. - -### `ZBX_UPLOADMAXFILESIZE` - -The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. - -### `ZBX_MAXINPUTTIME` - -The varable is PHP ``max_input_time`` option. By default, value is `300`. - -### `ZBX_SESSION_NAME` - -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_LISTENIP= -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/etc/ssl/nginx`` - -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. - -Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. - -# The image variants - -The `zabbix-appliance` images come in many flavors, each designed for a specific use case. - -## `zabbix-appliance:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-appliance:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`zabbix-appliance/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/zabbix-appliance) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues -Some configuration environment variables are the same between multiple Zabbix components. Be careful when change these variables. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/zabbix-appliance/ubuntu/build.sh b/zabbix-appliance/ubuntu/build.sh deleted file mode 120000 index fcb4d4ee7..000000000 --- a/zabbix-appliance/ubuntu/build.sh +++ /dev/null @@ -1 +0,0 @@ -../../build.sh \ No newline at end of file diff --git a/zabbix-appliance/ubuntu/conf/etc/nginx/nginx.conf b/zabbix-appliance/ubuntu/conf/etc/nginx/nginx.conf deleted file mode 100644 index fe6ad67e0..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/nginx/nginx.conf +++ /dev/null @@ -1,64 +0,0 @@ -user www-data; -worker_processes 5; -#worker_rlimit_nofile 256000; - -error_log /dev/fd/2 warn; - -pid /var/run/nginx.pid; - -events { - worker_connections 5120; - use epoll; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/fd/1 main; - - client_body_timeout 5m; - send_timeout 5m; - - connection_pool_size 4096; - client_header_buffer_size 4k; - large_client_header_buffers 4 4k; - request_pool_size 4k; - reset_timedout_connection on; - - - gzip on; - gzip_min_length 100; - gzip_buffers 4 8k; - gzip_comp_level 5; - gzip_types text/plain; - gzip_types application/x-javascript; - gzip_types text/css; - - output_buffers 128 512k; - postpone_output 1460; - aio on; - directio 512; - - sendfile on; - client_max_body_size 8m; - client_body_buffer_size 256k; - fastcgi_intercept_errors on; - - tcp_nopush on; - tcp_nodelay on; - - keepalive_timeout 75 20; - - ignore_invalid_headers on; - - index index.php; - server_tokens off; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/zabbix-appliance/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini b/zabbix-appliance/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini deleted file mode 100644 index 91c0953a3..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -always_populate_raw_post_date=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -session.save_path=/var/lib/php7 diff --git a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf b/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf deleted file mode 100644 index df9514bd1..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf +++ /dev/null @@ -1,17 +0,0 @@ -[supervisord] -nodaemon = true - -[program:zabbix_java_gateway] -command = /bin/bash /usr/sbin/%(program_name)s -user = zabbix -auto_start = true -autorestart = true - -startsecs=3 -startretries=3 -stopsignal=INT -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_mysql.conf b/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_mysql.conf deleted file mode 100644 index d9069d6ab..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_mysql.conf +++ /dev/null @@ -1,14 +0,0 @@ -[supervisord] -nodaemon = true - -[program:mysqld] -command = /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid --port=3306 --console -user = mysql -auto_start = true -autorestart = true -priority = 1 - -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 -stderr_logfile = /dev/stderr -stderr_logfile_maxbytes = 0 diff --git a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_server.conf b/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_server.conf deleted file mode 100644 index b11628eb2..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_server.conf +++ /dev/null @@ -1,18 +0,0 @@ -[supervisord] -nodaemon = true - -[program:zabbix_server] -command = /usr/sbin/%(program_name)s --foreground -c /etc/zabbix/%(program_name)s.conf -user = zabbix -auto_start = true -autorestart = true - -startsecs=10 -startretries=3 -stopsignal=INT -stopwaitsecs=10 - -redirect_stderr=true - -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf b/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf deleted file mode 100644 index 4055ea6d7..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf +++ /dev/null @@ -1,30 +0,0 @@ -[supervisord] -nodaemon = true - -[program:nginx] -command = /usr/sbin/%(program_name)s -g "daemon off;" -c /etc/nginx/%(program_name)s.conf -auto_start = true -autorestart = true - -startsecs=2 -startretries=3 -stopsignal=TERM -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 - -[program:php-fpm7.2] -command = /usr/sbin/%(program_name)s -F -c /etc/php/7.2/fpm/php-fpm.conf -auto_start = true -autorestart = true - -startsecs=2 -startretries=3 -stopsignal=TERM -stopwaitsecs=2 - -redirect_stderr=true -stdout_logfile = /dev/stdout -stdout_logfile_maxbytes = 0 diff --git a/zabbix-appliance/ubuntu/conf/etc/supervisor/supervisord.conf b/zabbix-appliance/ubuntu/conf/etc/supervisor/supervisord.conf deleted file mode 100644 index 925bb1838..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/supervisor/supervisord.conf +++ /dev/null @@ -1,35 +0,0 @@ -; supervisor config file - -[unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) -chmod = 0700 ; sockef file mode (default 0700) -username = zbx -password = password - -[supervisord] -logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) -childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) -critical = critical -user = root -logfile_maxbytes = 0 -logfile_backupcount = 0 -loglevel = info - -; the below section must remain in the config file for RPC -; (supervisorctl/web interface) to work, additional interfaces may be -; added by defining them in separate rpcinterface: sections -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket - -; The [include] section can just contain the "files" setting. This -; setting can list multiple files (separated by whitespace or -; newlines). It can also contain wildcards. The filenames are -; interpreted as relative to this file. Included files *cannot* -; include files themselves. - -[include] -files = /etc/supervisor/conf.d/*.conf diff --git a/zabbix-appliance/ubuntu/conf/etc/zabbix/nginx.conf b/zabbix-appliance/ubuntu/conf/etc/zabbix/nginx.conf deleted file mode 100644 index e1331f0bf..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/zabbix/nginx.conf +++ /dev/null @@ -1,74 +0,0 @@ -server { - listen 80; - server_name zabbix; - index index.php; - - access_log /dev/fd/1 main; - error_log /dev/fd/2 notice; - - set $webroot '/usr/share/zabbix'; - - root $webroot; - - large_client_header_buffers 8 8k; - client_max_body_size 10M; - - - location = /favicon.ico { - log_not_found off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). - location ~ /\. { - deny all; - access_log off; - log_not_found off; - } - - # caching of files - location ~* \.(ico|pdf|flv)$ { - expires 1y; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { - expires 14d; - } - - location / { - try_files $uri $uri/ /index.php?$args; - } - - location ~ .php$ { - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; - fastcgi_index index.php; - - fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; - - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } -} diff --git a/zabbix-appliance/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/ubuntu/conf/etc/zabbix/nginx_ssl.conf deleted file mode 100644 index 2d68009ab..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ /dev/null @@ -1,98 +0,0 @@ -server { - listen 443 ssl http2; - server_name zabbix; - server_name_in_redirect off; - - index index.php; - access_log /dev/fd/1 main; - error_log /dev/fd/2 error; - - set $webroot '/usr/share/zabbix'; - - root $webroot; - - large_client_header_buffers 8 8k; - - client_max_body_size 10M; - - - ssl on; -# ssl_stapling on; - ssl_certificate /etc/ssl/nginx/ssl.crt; - ssl_certificate_key /etc/ssl/nginx/ssl.key; - ssl_dhparam /etc/ssl/nginx/dhparam.pem; - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_verify_depth 3; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - ssl_prefer_server_ciphers on; - - add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; - add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report"; - - location =/nginx_status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - - location = /favicon.ico { - log_not_found off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). - location ~ /\. { - deny all; - access_log off; - log_not_found off; - } - - # caching of files - location ~* \.(ico|pdf|flv)$ { - expires 1y; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { - expires 14d; - } - - location / { - try_files $uri $uri/ /index.php?$args; - } - - location ~ .php$ { - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; - fastcgi_index index.php; - - fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; - - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } -} diff --git a/zabbix-appliance/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/ubuntu/conf/etc/zabbix/web/zabbix.conf.php deleted file mode 100644 index a4c9fadab..000000000 --- a/zabbix-appliance/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - diff --git a/zabbix-appliance/ubuntu/conf/usr/sbin/zabbix_java_gateway b/zabbix-appliance/ubuntu/conf/usr/sbin/zabbix_java_gateway deleted file mode 100755 index 2da696885..000000000 --- a/zabbix-appliance/ubuntu/conf/usr/sbin/zabbix_java_gateway +++ /dev/null @@ -1,27 +0,0 @@ -JAVA=${JAVA:-"/usr/bin/java"} -DAEMON=${DAEMON:-"/usr/sbin/zabbix_java"} - -JAVA_OPTIONS="-server $JAVA_OPTIONS" -JAVA_OPTIONS="$JAVA_OPTIONS -Dlogback.configurationFile=/etc/zabbix/zabbix_java_gateway_logback.xml" - -cd $DAEMON - -CLASSPATH="$DAEMON/lib" -for jar in `find lib bin -name "*.jar"`; do - if [ $jar != *junit* ]; then - CLASSPATH="$CLASSPATH:$DAEMON/$jar" - fi -done - -ZABBIX_OPTIONS="" -if [ -n "$ZBX_START_POLLERS" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.startPollers=$ZBX_START_POLLERS" -fi -if [ -n "$ZBX_TIMEOUT" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.timeout=$ZBX_TIMEOUT -Dsun.rmi.transport.tcp.responseTimeout=${ZBX_TIMEOUT}000" -fi - - -COMMAND_LINE="$JAVA $JAVA_OPTIONS -classpath $CLASSPATH $ZABBIX_OPTIONS com.zabbix.gateway.JavaGateway" - -exec $COMMAND_LINE diff --git a/zabbix-appliance/ubuntu/docker-entrypoint.sh b/zabbix-appliance/ubuntu/docker-entrypoint.sh deleted file mode 100755 index 20e78e0da..000000000 --- a/zabbix-appliance/ubuntu/docker-entrypoint.sh +++ /dev/null @@ -1,1187 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -set +e - -# Script trace mode -if [ "${DEBUG_MODE}" == "true" ]; then - set -o xtrace -fi - -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - -# Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" -# Configuration files directory -ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - -escape_spec_char() { - local var_value=$1 - - var_value="${var_value//\\/\\\\}" - var_value="${var_value//[$'\n']/}" - var_value="${var_value//\//\\/}" - var_value="${var_value//./\\.}" - var_value="${var_value//\*/\\*}" - var_value="${var_value//^/\\^}" - var_value="${var_value//\$/\\\$}" - var_value="${var_value//\&/\\\&}" - var_value="${var_value//\[/\\[}" - var_value="${var_value//\]/\\]}" - - echo "$var_value" -} - -update_config_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - local is_multiple=$4 - - if [ ! -f "$config_path" ]; then - echo "**** Configuration file '$config_path' does not exist" - return - fi - - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " - - # Remove configuration parameter definition in case of unset parameter value - if [ -z "$var_value" ]; then - sed -i -e "/^$var_name=/d" "$config_path" - echo "removed" - return - fi - - # Remove value from configuration parameter in case of double quoted parameter value - if [ "$var_value" == '""' ]; then - sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" - echo "undefined" - return - fi - - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value - var_value=$(escape_spec_char "$var_value") - - if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then - sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" - echo "updated" - elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then - sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" - echo "added first occurrence" - else - sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" - echo "added" - fi - -} - -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} - -################################################# - -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi - -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi - -################################################# From 925ed5b5bc1d0387b3d8fc5c1284d5eb16437948 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 9 Jul 2020 01:10:27 +0300 Subject: [PATCH 007/253] Changed php-fpm config argument from -c to -y. Removed appliances for Alpine, Ubuntu, CentOS --- docker-compose_v3_ubuntu_mysql_latest.yaml | 6 ------ docker-compose_v3_ubuntu_mysql_local.yaml | 6 ------ 2 files changed, 12 deletions(-) diff --git a/docker-compose_v3_ubuntu_mysql_latest.yaml b/docker-compose_v3_ubuntu_mysql_latest.yaml index 216d22a4e..b3cb31a0a 100644 --- a/docker-compose_v3_ubuntu_mysql_latest.yaml +++ b/docker-compose_v3_ubuntu_mysql_latest.yaml @@ -6,7 +6,6 @@ services: - "10051:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw @@ -74,7 +73,6 @@ services: - "10061:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -124,7 +122,6 @@ services: - "10071:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -187,7 +184,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro deploy: @@ -244,7 +240,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro deploy: @@ -297,7 +292,6 @@ services: - "10050:10050" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro diff --git a/docker-compose_v3_ubuntu_mysql_local.yaml b/docker-compose_v3_ubuntu_mysql_local.yaml index 2924b6f48..d00d5a657 100644 --- a/docker-compose_v3_ubuntu_mysql_local.yaml +++ b/docker-compose_v3_ubuntu_mysql_local.yaml @@ -10,7 +10,6 @@ services: - "10051:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw @@ -82,7 +81,6 @@ services: - "10061:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -136,7 +134,6 @@ services: - "10071:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -203,7 +200,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro deploy: @@ -264,7 +260,6 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro deploy: @@ -321,7 +316,6 @@ services: - "10050:10050" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro From aa51ecd73da7f0163faac084f1e54117f4f9b28b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Jul 2020 00:34:25 +0300 Subject: [PATCH 008/253] Added ZBX_ALLOWKEY and ZBX_DENYKEY variables processing --- .env_agent | 4 +++- agent/alpine/README.md | 4 +++- agent/alpine/docker-entrypoint.sh | 9 +++++++-- agent/centos/README.md | 4 +++- agent/centos/docker-entrypoint.sh | 9 +++++++-- agent/ubuntu/README.md | 4 +++- agent/ubuntu/docker-entrypoint.sh | 9 +++++++-- 7 files changed, 33 insertions(+), 10 deletions(-) diff --git a/.env_agent b/.env_agent index 5c84ba591..a2f9be2a6 100644 --- a/.env_agent +++ b/.env_agent @@ -1,6 +1,6 @@ # ZBX_SOURCEIP= # ZBX_DEBUGLEVEL=3 -# ZBX_ENABLEREMOTECOMMANDS=0 +# ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 # ZBX_LOGREMOTECOMMANDS=0 # ZBX_HOSTINTERFACE= # Available since 4.4.0 # ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 @@ -33,3 +33,5 @@ # ZBX_TLSKEYFILE= # ZBX_TLSPSKIDENTITY= # ZBX_TLSPSKFILE= +# ZBX_DENYKEY=system.run[*] +# ZBX_ALLOWKEY= diff --git a/agent/alpine/README.md b/agent/alpine/README.md index 336a73d60..b80622c12 100644 --- a/agent/alpine/README.md +++ b/agent/alpine/README.md @@ -137,7 +137,7 @@ Additionally the image allows to specify many other environment variables listed ``` ZBX_SOURCEIP= -ZBX_ENABLEREMOTECOMMANDS=0 +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 ZBX_LOGREMOTECOMMANDS=0 ZBX_HOSTINTERFACE= # Available since 4.4.0 ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 @@ -161,6 +161,8 @@ ZBX_TLSCERTFILE= ZBX_TLSKEYFILE= ZBX_TLSPSKIDENTITY= ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 ``` Default values of these variables are specified after equal sign. diff --git a/agent/alpine/docker-entrypoint.sh b/agent/alpine/docker-entrypoint.sh index 2c215dc81..6f9b0bf77 100755 --- a/agent/alpine/docker-entrypoint.sh +++ b/agent/alpine/docker-entrypoint.sh @@ -86,9 +86,12 @@ update_config_var() { elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" echo "added first occurrence" - else + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" fi } @@ -130,7 +133,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "LogFileSize" update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" : ${ZBX_PASSIVE_ALLOW:="true"} @@ -182,6 +184,9 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" else diff --git a/agent/centos/README.md b/agent/centos/README.md index 336a73d60..b80622c12 100644 --- a/agent/centos/README.md +++ b/agent/centos/README.md @@ -137,7 +137,7 @@ Additionally the image allows to specify many other environment variables listed ``` ZBX_SOURCEIP= -ZBX_ENABLEREMOTECOMMANDS=0 +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 ZBX_LOGREMOTECOMMANDS=0 ZBX_HOSTINTERFACE= # Available since 4.4.0 ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 @@ -161,6 +161,8 @@ ZBX_TLSCERTFILE= ZBX_TLSKEYFILE= ZBX_TLSPSKIDENTITY= ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 ``` Default values of these variables are specified after equal sign. diff --git a/agent/centos/docker-entrypoint.sh b/agent/centos/docker-entrypoint.sh index 2c215dc81..6f9b0bf77 100755 --- a/agent/centos/docker-entrypoint.sh +++ b/agent/centos/docker-entrypoint.sh @@ -86,9 +86,12 @@ update_config_var() { elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" echo "added first occurrence" - else + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" fi } @@ -130,7 +133,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "LogFileSize" update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" : ${ZBX_PASSIVE_ALLOW:="true"} @@ -182,6 +184,9 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" else diff --git a/agent/ubuntu/README.md b/agent/ubuntu/README.md index 336a73d60..b80622c12 100644 --- a/agent/ubuntu/README.md +++ b/agent/ubuntu/README.md @@ -137,7 +137,7 @@ Additionally the image allows to specify many other environment variables listed ``` ZBX_SOURCEIP= -ZBX_ENABLEREMOTECOMMANDS=0 +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 ZBX_LOGREMOTECOMMANDS=0 ZBX_HOSTINTERFACE= # Available since 4.4.0 ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 @@ -161,6 +161,8 @@ ZBX_TLSCERTFILE= ZBX_TLSKEYFILE= ZBX_TLSPSKIDENTITY= ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 ``` Default values of these variables are specified after equal sign. diff --git a/agent/ubuntu/docker-entrypoint.sh b/agent/ubuntu/docker-entrypoint.sh index 2c215dc81..6f9b0bf77 100755 --- a/agent/ubuntu/docker-entrypoint.sh +++ b/agent/ubuntu/docker-entrypoint.sh @@ -86,9 +86,12 @@ update_config_var() { elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" echo "added first occurrence" - else + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" fi } @@ -130,7 +133,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "LogFileSize" update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" : ${ZBX_PASSIVE_ALLOW:="true"} @@ -182,6 +184,9 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" else From 7da2e16ff27d19febc2b2317f793bf80f321e190 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 23 Jul 2020 11:35:09 -0400 Subject: [PATCH 009/253] Allow PHP-FPM under root and add PHP openssl package in Alpine images --- web-apache-mysql/alpine/Dockerfile | 3 ++- web-apache-mysql/centos/docker-entrypoint.sh | 7 +++++++ web-apache-pgsql/alpine/Dockerfile | 1 + web-apache-pgsql/centos/docker-entrypoint.sh | 7 +++++++ web-nginx-mysql/alpine/Dockerfile | 1 + web-nginx-pgsql/alpine/Dockerfile | 1 + 6 files changed, 19 insertions(+), 1 deletion(-) diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index 269c58035..9106643e0 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -39,7 +39,8 @@ RUN set -eux && \ php7-sockets \ php7-fileinfo \ php7-xmlreader \ - php7-xmlwriter && \ + php7-xmlwriter \ + php7-openssl && \ apk add --clean-protected --no-cache --no-scripts apache2-ssl && \ rm -f "/etc/apache2/conf.d/default.conf" && \ rm -f "/etc/apache2/conf.d/ssl.conf" && \ diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index 5e3a0ade8..d5aa5fc3f 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -223,6 +223,13 @@ prepare_zbx_web_config() { update_config_var "$PHP_CONFIG_FILE" "php_value[max_input_time]" "${ZBX_MAXINPUTTIME:-"300"}" update_config_var "$PHP_CONFIG_FILE" "php_value[date.timezone]" "${PHP_TZ}" + if [ "$(id -u)" == '0' ]; then + echo "user = zabbix" >> "$PHP_CONFIG_FILE" + echo "group = zabbix" >> "$PHP_CONFIG_FILE" + echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" + echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + fi + ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} # Escaping characters in parameter value diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index 03f655619..eae0ba871 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -38,6 +38,7 @@ RUN set -eux && \ php7-fileinfo \ php7-xmlreader \ php7-xmlwriter \ + php7-openssl \ postgresql-client && \ apk add --clean-protected --no-cache --no-scripts apache2-ssl && \ rm -f "/etc/apache2/conf.d/default.conf" && \ diff --git a/web-apache-pgsql/centos/docker-entrypoint.sh b/web-apache-pgsql/centos/docker-entrypoint.sh index 1c3b45bd5..34834ff40 100755 --- a/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/web-apache-pgsql/centos/docker-entrypoint.sh @@ -225,6 +225,13 @@ prepare_zbx_web_config() { update_config_var "$PHP_CONFIG_FILE" "php_value[max_input_time]" "${ZBX_MAXINPUTTIME:-"300"}" update_config_var "$PHP_CONFIG_FILE" "php_value[date.timezone]" "${PHP_TZ}" + if [ "$(id -u)" == '0' ]; then + echo "user = zabbix" >> "$PHP_CONFIG_FILE" + echo "group = zabbix" >> "$PHP_CONFIG_FILE" + echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" + echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + fi + ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} # Escaping characters in parameter value diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index c07dc49c0..1ffcb9a74 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -41,6 +41,7 @@ RUN set -eux && \ php7-fileinfo \ php7-xmlreader \ php7-xmlwriter \ + php7-openssl \ supervisor && \ rm -rf /etc/php7/php-fpm.d/www.conf && \ rm -f /etc/nginx/conf.d/*.conf && \ diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 3e1cb954b..819f11c01 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -39,6 +39,7 @@ RUN set -eux && \ php7-fileinfo \ php7-xmlreader \ php7-xmlwriter \ + php7-openssl \ postgresql-client \ supervisor && \ rm -rf /etc/php7/php-fpm.d/www.conf && \ From bc51597b66ea362d9388ea8f229bc40203e98242 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 29 Jul 2020 23:02:51 -0400 Subject: [PATCH 010/253] Using env variables for certs --- server-pgsql/alpine/docker-entrypoint.sh | 40 ++++++++++++++------ server-pgsql/centos/docker-entrypoint.sh | 38 ++++++++++++++----- server-pgsql/ubuntu/docker-entrypoint.sh | 38 ++++++++++++++----- web-apache-pgsql/alpine/docker-entrypoint.sh | 12 ++++-- web-apache-pgsql/centos/docker-entrypoint.sh | 12 ++++-- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 12 ++++-- web-nginx-pgsql/alpine/docker-entrypoint.sh | 12 ++++-- web-nginx-pgsql/centos/docker-entrypoint.sh | 12 ++++-- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 12 ++++-- 9 files changed, 139 insertions(+), 49 deletions(-) diff --git a/server-pgsql/alpine/docker-entrypoint.sh b/server-pgsql/alpine/docker-entrypoint.sh index bceb400bc..988883f26 100755 --- a/server-pgsql/alpine/docker-entrypoint.sh +++ b/server-pgsql/alpine/docker-entrypoint.sh @@ -190,8 +190,10 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --list --quiet 2>/dev/null)" ]; do @@ -201,6 +203,10 @@ check_db_connect_postgresql() { unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } psql_query() { @@ -219,15 +225,21 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - result=$(psql "$ssl_opts" --no-align --quiet --tuples-only --host "${DB_SERVER_HOST}" --port "${DB_SERVER_PORT}" \ + result=$(psql --no-align --quiet --tuples-only --host "${DB_SERVER_HOST}" --port "${DB_SERVER_PORT}" \ --username "${DB_SERVER_ROOT_USER}" --command "$query" --dbname "$db" 2>/dev/null); unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY echo $result } @@ -285,22 +297,28 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql "$ssl_opts" --quiet \ + zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql --quiet \ --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} \ - --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null + --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null || exit 1 if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql "$ssl_opts" --quiet \ + cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql --quiet \ --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} \ - --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null + --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null || exit 1 fi unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY fi } diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index bceb400bc..d79944622 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -190,17 +190,23 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } psql_query() { @@ -219,15 +225,21 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - result=$(psql "$ssl_opts" --no-align --quiet --tuples-only --host "${DB_SERVER_HOST}" --port "${DB_SERVER_PORT}" \ + result=$(psql --no-align --quiet --tuples-only --host "${DB_SERVER_HOST}" --port "${DB_SERVER_PORT}" \ --username "${DB_SERVER_ROOT_USER}" --command "$query" --dbname "$db" 2>/dev/null); unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY echo $result } @@ -285,22 +297,28 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql "$ssl_opts" --quiet \ + zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql --quiet \ --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} \ --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql "$ssl_opts" --quiet \ + cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql --quiet \ --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} \ --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null fi unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY fi } diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index eb12f9773..9ac696fab 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -190,17 +190,23 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } psql_query() { @@ -219,15 +225,21 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - result=$(psql "$ssl_opts" --no-align --quiet --tuples-only --host "${DB_SERVER_HOST}" --port "${DB_SERVER_PORT}" \ + result=$(psql --no-align --quiet --tuples-only --host "${DB_SERVER_HOST}" --port "${DB_SERVER_PORT}" \ --username "${DB_SERVER_ROOT_USER}" --command "$query" --dbname "$db" 2>/dev/null); unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY echo $result } @@ -285,22 +297,28 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql "$ssl_opts" --quiet \ + zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql --quiet \ --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} \ --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql "$ssl_opts" --quiet \ + cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql --quiet \ --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} \ --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} 1>/dev/null fi unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY fi } diff --git a/web-apache-pgsql/alpine/docker-entrypoint.sh b/web-apache-pgsql/alpine/docker-entrypoint.sh index 5e0fa94a7..87251c25f 100755 --- a/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -171,17 +171,23 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } prepare_web_server() { diff --git a/web-apache-pgsql/centos/docker-entrypoint.sh b/web-apache-pgsql/centos/docker-entrypoint.sh index 34834ff40..01fd2fd1c 100755 --- a/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/web-apache-pgsql/centos/docker-entrypoint.sh @@ -174,17 +174,23 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } prepare_web_server() { diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 6d473b2ca..5d8618bfd 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -175,17 +175,23 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } prepare_web_server() { diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index 3e438e608..4454b43a7 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -192,17 +192,23 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } prepare_web_server() { diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index 0b297ed47..28a7bd845 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -192,17 +192,23 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } prepare_web_server() { diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index de47e9f3f..9b5e8ca3a 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -192,17 +192,23 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} - ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} + export PGSSLCERT=${ZBX_DBTLSCERTFILE} + export PGSSLKEY=${ZBX_DBTLSKEYFILE} fi - while [ ! "$(psql "$ssl_opts" --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do + while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ROOT_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done unset PGPASSWORD unset PGOPTIONS + unset PGSSLMODE + unset PGSSLROOTCERT + unset PGSSLCERT + unset PGSSLKEY } prepare_web_server() { From 84924fa93e87f9ad3690f7d2d588dbff58622088 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 30 Jul 2020 11:00:57 -0400 Subject: [PATCH 011/253] Incorrect location for TimescaleDB env var --- web-apache-mysql/alpine/docker-entrypoint.sh | 3 --- web-apache-mysql/centos/docker-entrypoint.sh | 3 --- web-apache-mysql/ubuntu/docker-entrypoint.sh | 3 --- web-nginx-mysql/alpine/docker-entrypoint.sh | 3 --- web-nginx-mysql/centos/docker-entrypoint.sh | 3 --- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 3 --- 6 files changed, 18 deletions(-) diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index 04266e0b1..cc9d10176 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -20,9 +20,6 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index d5aa5fc3f..a781bf7d8 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -20,9 +20,6 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index d00832998..3ca979b6a 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -20,9 +20,6 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index 43b32ec79..92fa4f8e1 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index c66ee27c2..5c0f07902 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 0cb199a93..2a0b48763 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" From 743b4512c7c498527d9fbed0389ae90595d80f2b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 5 Aug 2020 16:58:07 -0400 Subject: [PATCH 012/253] Added new params for many Zabbix components --- agent/alpine/docker-entrypoint.sh | 6 ++++++ agent/centos/docker-entrypoint.sh | 6 ++++++ agent/ubuntu/docker-entrypoint.sh | 6 ++++++ proxy-mysql/alpine/docker-entrypoint.sh | 6 ++++++ proxy-mysql/centos/docker-entrypoint.sh | 8 +++++++- proxy-mysql/ubuntu/docker-entrypoint.sh | 6 ++++++ proxy-sqlite3/alpine/docker-entrypoint.sh | 6 ++++++ proxy-sqlite3/centos/docker-entrypoint.sh | 6 ++++++ proxy-sqlite3/ubuntu/docker-entrypoint.sh | 6 ++++++ server-mysql/alpine/docker-entrypoint.sh | 6 ++++++ server-mysql/centos/docker-entrypoint.sh | 6 ++++++ server-mysql/ubuntu/docker-entrypoint.sh | 6 ++++++ server-pgsql/alpine/docker-entrypoint.sh | 6 ++++++ server-pgsql/centos/docker-entrypoint.sh | 6 ++++++ server-pgsql/ubuntu/docker-entrypoint.sh | 6 ++++++ 15 files changed, 91 insertions(+), 1 deletion(-) diff --git a/agent/alpine/docker-entrypoint.sh b/agent/alpine/docker-entrypoint.sh index 6f9b0bf77..9c8fc5791 100755 --- a/agent/alpine/docker-entrypoint.sh +++ b/agent/alpine/docker-entrypoint.sh @@ -180,6 +180,12 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" diff --git a/agent/centos/docker-entrypoint.sh b/agent/centos/docker-entrypoint.sh index 6f9b0bf77..9c8fc5791 100755 --- a/agent/centos/docker-entrypoint.sh +++ b/agent/centos/docker-entrypoint.sh @@ -180,6 +180,12 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" diff --git a/agent/ubuntu/docker-entrypoint.sh b/agent/ubuntu/docker-entrypoint.sh index 6f9b0bf77..9c8fc5791 100755 --- a/agent/ubuntu/docker-entrypoint.sh +++ b/agent/ubuntu/docker-entrypoint.sh @@ -180,6 +180,12 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" diff --git a/proxy-mysql/alpine/docker-entrypoint.sh b/proxy-mysql/alpine/docker-entrypoint.sh index 59210c305..6d8a1c2a6 100755 --- a/proxy-mysql/alpine/docker-entrypoint.sh +++ b/proxy-mysql/alpine/docker-entrypoint.sh @@ -398,6 +398,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/proxy-mysql/centos/docker-entrypoint.sh b/proxy-mysql/centos/docker-entrypoint.sh index 9fdf41782..6d8a1c2a6 100755 --- a/proxy-mysql/centos/docker-entrypoint.sh +++ b/proxy-mysql/centos/docker-entrypoint.sh @@ -265,7 +265,7 @@ create_db_schema_mysql() { zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ ${DB_SERVER_DBNAME} 1>/dev/null fi } @@ -398,6 +398,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index c904f6d49..ba066f813 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -398,6 +398,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/proxy-sqlite3/alpine/docker-entrypoint.sh b/proxy-sqlite3/alpine/docker-entrypoint.sh index b4987d07f..5a068a347 100755 --- a/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -223,6 +223,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/proxy-sqlite3/centos/docker-entrypoint.sh b/proxy-sqlite3/centos/docker-entrypoint.sh index b4987d07f..5a068a347 100755 --- a/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/proxy-sqlite3/centos/docker-entrypoint.sh @@ -223,6 +223,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/proxy-sqlite3/ubuntu/docker-entrypoint.sh index a33618ab4..e9a88482a 100755 --- a/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -223,6 +223,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/server-mysql/alpine/docker-entrypoint.sh b/server-mysql/alpine/docker-entrypoint.sh index 2a6629615..755c64913 100755 --- a/server-mysql/alpine/docker-entrypoint.sh +++ b/server-mysql/alpine/docker-entrypoint.sh @@ -396,6 +396,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index 2a6629615..755c64913 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -396,6 +396,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 59773fb50..22b595854 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -396,6 +396,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/server-pgsql/alpine/docker-entrypoint.sh b/server-pgsql/alpine/docker-entrypoint.sh index eb947d616..568562bff 100755 --- a/server-pgsql/alpine/docker-entrypoint.sh +++ b/server-pgsql/alpine/docker-entrypoint.sh @@ -463,6 +463,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index eb947d616..568562bff 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -463,6 +463,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index e823d6321..27acf0933 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -463,6 +463,12 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" From 461d07fa5acdc018128cc9eaea9a1b203f588edf Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 5 Aug 2020 17:21:01 -0400 Subject: [PATCH 013/253] Updated Zabbix agent2 information and allowed params --- agent2/alpine/Dockerfile | 4 ++-- agent2/alpine/README.md | 19 +++++++++++++---- agent2/alpine/docker-entrypoint.sh | 33 +++++++++++++++++++++++++++--- 3 files changed, 47 insertions(+), 9 deletions(-) diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index c376f8a5d..d06176a81 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix agent 2" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -84,7 +84,7 @@ RUN set -eux && \ build-dependencies && \ rm -rf /var/cache/apk/* -EXPOSE 10050/TCP +EXPOSE 10050/TCP 31999/TCP WORKDIR /var/lib/zabbix diff --git a/agent2/alpine/README.md b/agent2/alpine/README.md index 9e66e89c5..2df5ed256 100644 --- a/agent2/alpine/README.md +++ b/agent2/alpine/README.md @@ -14,11 +14,13 @@ Zabbix agent 2 is deployed on a monitoring target to actively monitor local reso # Zabbix agent 2 images -These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.10 images. The available versions of Zabbix agent 2 are: +These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: - Zabbix agent 2 4.4 (tags: alpine-4.4-latest, alpine-latest, latest) + Zabbix agent 2 4.4 (tags: alpine-4.4-latest, alpine-latest, latest) (unsupported) Zabbix agent 2 4.4.* (tags: alpine-4.4.*) - Zabbix agent 2 5.0 (tags: alpine-trunk) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. @@ -124,8 +126,11 @@ The variable is used to specify timeout for processing checks. By default, value Additionally the image allows to specify many other environment variables listed below: ``` +ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 +ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 +ZBX_ENABLESTATUSPORT= ZBX_SOURCEIP= -ZBX_ENABLEREMOTECOMMANDS=0 +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 ZBX_LOGREMOTECOMMANDS=0 ZBX_STARTAGENTS=3 ZBX_HOSTNAMEITEM=system.hostname @@ -147,6 +152,8 @@ ZBX_TLSCERTFILE= ZBX_TLSKEYFILE= ZBX_TLSPSKIDENTITY= ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 ``` Default values of these variables are specified after equal sign. @@ -169,6 +176,10 @@ The volume allows load additional modules and extend Zabbix agent 2 using ``Load The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. +### ``/var/lib/zabbix/buffer`` + +The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. + # The image variants The `zabbix-agent2` images come in many flavors, each designed for a specific use case. diff --git a/agent2/alpine/docker-entrypoint.sh b/agent2/alpine/docker-entrypoint.sh index 45aa51a94..0646d101c 100755 --- a/agent2/alpine/docker-entrypoint.sh +++ b/agent2/alpine/docker-entrypoint.sh @@ -76,8 +76,9 @@ update_config_var() { var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value fi - # Escaping characters in parameter value + # Escaping characters in parameter value and name var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" @@ -85,9 +86,12 @@ update_config_var() { elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" echo "added first occurrence" - else + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" fi } @@ -129,7 +133,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "LogFileSize" update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" : ${ZBX_PASSIVE_ALLOW:="true"} @@ -152,6 +155,21 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "ServerActive" fi + if [ "$ZBX_ENABLESTATUSPORT" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" + else + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" + fi + + if [ "$ZBX_ENABLESTATUSPORT" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999" + fi + + update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" + update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" + update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" @@ -174,10 +192,19 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" else From 2c9656a67993c4cfdfc7e60b5d8ecbb86db6f64a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 5 Aug 2020 17:28:01 -0400 Subject: [PATCH 014/253] Updated Zabbix agent2 information and allowed params --- agent2/alpine/docker-entrypoint.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/agent2/alpine/docker-entrypoint.sh b/agent2/alpine/docker-entrypoint.sh index 0646d101c..39d3540a0 100755 --- a/agent2/alpine/docker-entrypoint.sh +++ b/agent2/alpine/docker-entrypoint.sh @@ -192,12 +192,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" - update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" - update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" - update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" - update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" From 009c55d34f2105b1208b995e4a0d15d277676b24 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 6 Aug 2020 16:22:01 -0400 Subject: [PATCH 015/253] All images updated to latest stable base images Alpine 3.12, Ubuntu 20 (focal), CentOS 8 --- agent/alpine/Dockerfile | 2 +- agent/centos/Dockerfile | 24 +++++------ agent/ubuntu/Dockerfile | 26 ++---------- java-gateway/alpine/Dockerfile | 2 +- java-gateway/centos/Dockerfile | 20 ++++----- java-gateway/ubuntu/Dockerfile | 2 +- proxy-mysql/alpine/Dockerfile | 8 ++-- proxy-mysql/centos/Dockerfile | 32 ++++++++------- proxy-mysql/ubuntu/Dockerfile | 41 +++++-------------- proxy-sqlite3/alpine/Dockerfile | 8 ++-- proxy-sqlite3/centos/Dockerfile | 32 ++++++++------- proxy-sqlite3/ubuntu/Dockerfile | 39 ++++-------------- server-mysql/alpine/Dockerfile | 8 ++-- server-mysql/centos/Dockerfile | 32 ++++++++------- server-mysql/ubuntu/Dockerfile | 38 ++++------------- server-pgsql/alpine/Dockerfile | 8 ++-- server-pgsql/centos/Dockerfile | 32 ++++++++------- server-pgsql/ubuntu/Dockerfile | 39 ++++-------------- snmptraps/alpine/Dockerfile | 2 +- web-apache-mysql/alpine/Dockerfile | 2 +- web-apache-mysql/ubuntu/Dockerfile | 22 +++++----- .../etc/php/7.2/apache2/conf.d/99-zabbix.ini | 9 ---- web-apache-mysql/ubuntu/docker-entrypoint.sh | 2 +- web-apache-pgsql/alpine/Dockerfile | 2 +- web-apache-pgsql/ubuntu/Dockerfile | 22 +++++----- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 2 +- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-mysql/ubuntu/Dockerfile | 26 ++++++------ .../ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf | 9 ---- .../conf/etc/php/7.2/fpm/pool.d/zabbix.conf | 25 ----------- .../supervisor/conf.d/supervisord_zabbix.conf | 4 +- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- web-nginx-pgsql/ubuntu/Dockerfile | 26 ++++++------ .../ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf | 9 ---- .../conf/etc/php/7.2/fpm/pool.d/zabbix.conf | 25 ----------- .../supervisor/conf.d/supervisord_zabbix.conf | 4 +- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 2 +- 38 files changed, 214 insertions(+), 378 deletions(-) delete mode 100644 web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini delete mode 100644 web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf delete mode 100644 web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf delete mode 100644 web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf delete mode 100644 web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 5e767c02e..6ad8cf52e 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 37a422a5a..480448b91 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -22,10 +22,9 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ - libldap \ - libcurl \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ + libcurl-minimal \ openssl-libs && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ @@ -41,9 +40,9 @@ RUN set -eux && \ gpg --batch --verify /tmp/tini.asc /sbin/tini && \ rm -r "$GNUPGHOME" /tmp/tini.asc && \ chmod +x /sbin/tini && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -56,10 +55,11 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ autoconf \ automake \ + pcre-devel \ libcurl-devel \ make \ openssl-devel \ @@ -92,13 +92,13 @@ RUN set -eux && \ cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - yum -y clean all && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10050/TCP diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 6be8ec187..87e4be68a 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -9,8 +9,6 @@ LABEL org.opencontainers.image.title="Zabbix agent" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ addgroup --system --gid 1995 --quiet zabbix && \ @@ -27,29 +25,11 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/modules && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - curl \ + tini \ ca-certificates \ - gpg \ - dirmngr \ - gpg-agent \ libssl1.1 \ libcurl4 \ libldap-2.4 && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - apt-get -y purge curl gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* @@ -127,7 +107,7 @@ WORKDIR /var/lib/zabbix COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index e3ca22a55..6f360dd8b 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index 6d3227848..5cc3a0e6d 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -17,12 +17,12 @@ RUN set -eux && \ zabbix && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ java-1.8.0-openjdk-headless && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -37,8 +37,8 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ autoconf \ automake \ java-1.8.0-openjdk-devel \ @@ -66,13 +66,13 @@ RUN set -eux && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - yum -y clean all && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10052/TCP diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 4041796b7..340168a65 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index 6584cb248..eb853f6c0 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -36,7 +36,7 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ - libssh2 \ + libssh \ libxml2 \ mariadb-client \ mariadb-connector-c \ @@ -68,7 +68,7 @@ RUN set -eux && \ g++ \ git \ make \ - libssh2-dev \ + libssh-dev \ libxml2-dev \ mysql-dev \ net-snmp-dev \ @@ -97,7 +97,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index a170d13f8..591d02d72 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -30,11 +30,12 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ - yum --quiet makecache && \ - yum -y install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm --setopt=tsflags=nodocs && \ - yum -y install --setopt=tsflags=nodocs \ - libcurl \ + dnf --quiet makecache && \ + dnf -y install http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm --setopt=tsflags=nodocs && \ + dnf -y install --setopt=tsflags=nodocs \ + libcurl-minimal \ libevent \ + libssh \ libxml2 \ mariadb \ net-snmp-libs \ @@ -57,9 +58,9 @@ RUN set -eux && \ gpg --batch --verify /tmp/tini.asc /sbin/tini && \ rm -r "$GNUPGHOME" /tmp/tini.asc && \ chmod +x /sbin/tini && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -73,14 +74,16 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ autoconf \ automake \ gcc \ + pcre-devel \ libcurl-devel \ libevent-devel \ - libssh2-devel \ + libssh-devel \ libxml2-devel \ make \ mariadb-devel \ @@ -110,7 +113,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -128,10 +131,11 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - yum -y clean all && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index 1533e80ff..7022e59e3 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -9,8 +9,6 @@ LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ addgroup --system --gid 1995 --quiet zabbix && \ @@ -35,39 +33,21 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - curl \ + tini \ ca-certificates \ - gpg \ - dirmngr \ - gpg-agent \ fping \ libcurl4 \ libevent-2.1 \ - libmysqlclient20 \ + libmysqlclient21 \ libopenipmi0 \ libpcre3 \ - libsnmp30 \ - libssh2-1 \ + libsnmp35 \ + libssh-4 \ libssl1.1 \ libxml2 \ mysql-client \ snmp-mibs-downloader \ unixodbc && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - apt-get -y purge curl gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* @@ -97,7 +77,7 @@ RUN set -eux && \ libopenipmi-dev \ libpcre3-dev \ libsnmp-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ @@ -124,7 +104,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -154,15 +134,14 @@ RUN set -eux && \ libopenipmi-dev \ libpcre3-dev \ libsnmp-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ git \ unixodbc-dev && \ apt-get -y autoremove && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP @@ -172,7 +151,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index c25fec7c2..fbf5adde8 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -36,7 +36,7 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ - libssh2 \ + libssh \ libxml2 \ net-snmp-agent-libs \ openipmi-libs \ @@ -64,7 +64,7 @@ RUN set -eux && \ coreutils \ curl-dev \ libevent-dev \ - libssh2-dev \ + libssh-dev \ libxml2-dev \ net-snmp-dev \ openipmi-dev \ @@ -96,7 +96,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 2de808399..59be1bc84 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -30,11 +30,12 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-proxy-sqlite3 && \ - yum --quiet makecache && \ - yum -y install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm --setopt=tsflags=nodocs && \ - yum -y install --setopt=tsflags=nodocs \ - libcurl \ + dnf --quiet makecache && \ + dnf -y install http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm --setopt=tsflags=nodocs && \ + dnf -y install --setopt=tsflags=nodocs \ + libcurl-minimal \ libevent \ + libssh \ libxml2 \ net-snmp-libs \ OpenIPMI-libs \ @@ -56,9 +57,9 @@ RUN set -eux && \ gpg --batch --verify /tmp/tini.asc /sbin/tini && \ rm -r "$GNUPGHOME" /tmp/tini.asc && \ chmod +x /sbin/tini && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -72,14 +73,16 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ autoconf \ automake \ gcc \ + pcre-devel \ libcurl-devel \ libevent-devel \ - libssh2-devel \ + libssh-devel \ libxml2-devel \ make \ net-snmp-devel \ @@ -109,7 +112,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -127,10 +130,11 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - yum -y clean all && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 6e3ff53f7..386c476ee 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -9,8 +9,6 @@ LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ addgroup --system --gid 1995 --quiet zabbix && \ @@ -34,38 +32,20 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/externalscripts && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - curl \ + tini \ ca-certificates \ - gpg \ - dirmngr \ - gpg-agent \ fping \ libcurl4 \ libevent-2.1 \ libopenipmi0 \ libpcre3 \ - libsnmp30 \ + libsnmp35 \ libsqlite3-0 \ - libssh2-1 \ + libssh-4 \ libssl1.1 \ libxml2 \ snmp-mibs-downloader \ unixodbc && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - apt-get -y purge curl gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* @@ -95,7 +75,7 @@ RUN set -eux && \ libpcre3-dev \ libsnmp-dev \ libsqlite3-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ @@ -122,7 +102,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -149,15 +129,14 @@ RUN set -eux && \ libpcre3-dev \ libsnmp-dev \ libsqlite3-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ git \ unixodbc-dev && \ apt-get -y autoremove && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP @@ -167,7 +146,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 3bdb70866..75bf7bd65 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -40,7 +40,7 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ - libssh2 \ + libssh-4 \ libxml2 \ mariadb-client \ mariadb-connector-c \ @@ -68,7 +68,7 @@ RUN set -eux && \ coreutils \ curl-dev \ libevent-dev \ - libssh2-dev \ + libssh-dev \ libxml2-dev \ mysql-dev \ net-snmp-dev \ @@ -100,7 +100,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index abb632047..d0079ea7d 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -32,14 +32,15 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum -y install --setopt=tsflags=nodocs \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm && \ + dnf -y install --setopt=tsflags=nodocs \ iputils \ traceroute \ - libcurl \ + libcurl-minimal \ libevent \ libxml2 \ + libssh \ mariadb \ net-snmp-libs \ OpenIPMI-libs \ @@ -61,9 +62,9 @@ RUN set -eux && \ gpg --batch --verify /tmp/tini.asc /sbin/tini && \ rm -r "$GNUPGHOME" /tmp/tini.asc && \ chmod +x /sbin/tini && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -77,14 +78,16 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ autoconf \ automake \ gcc \ + pcre-devel \ libcurl-devel \ libevent-devel \ - libssh2-devel \ + libssh-devel \ libxml2-devel \ make \ mariadb-devel \ @@ -114,7 +117,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -134,10 +137,11 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - yum -y clean all && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index 79d696aad..90082df9f 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -9,8 +9,6 @@ LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - RUN set -eux && \ addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ @@ -37,41 +35,23 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - curl \ + tini \ ca-certificates \ - gpg \ - dirmngr \ - gpg-agent \ iputils-ping \ traceroute \ fping \ libcurl4 \ libevent-2.1 \ - libmysqlclient20 \ + libmysqlclient21 \ libopenipmi0 \ libpcre3 \ - libsnmp30 \ - libssh2-1 \ + libsnmp35 \ + libssh-4 \ libssl1.1 \ libxml2 \ mysql-client \ snmp-mibs-downloader \ unixodbc && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - apt-get -y purge curl gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* @@ -101,7 +81,7 @@ RUN set -eux && \ libopenipmi-dev \ libpcre3-dev \ libsnmp-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ @@ -128,7 +108,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -160,7 +140,7 @@ RUN set -eux && \ libopenipmi-dev \ libpcre3-dev \ libsnmp-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ @@ -177,7 +157,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index bb14d574d..0d96dae73 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -40,7 +40,7 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ - libssh2 \ + libssh \ libxml2 \ net-snmp-agent-libs \ openipmi-libs \ @@ -69,7 +69,7 @@ RUN set -eux && \ coreutils \ curl-dev \ libevent-dev \ - libssh2-dev \ + libssh-dev \ libxml2-dev \ net-snmp-dev \ openipmi-dev \ @@ -101,7 +101,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 825e870ed..313e57e3f 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -32,13 +32,14 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-postgresql && \ - yum --quiet makecache && \ - yum -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum -y install --setopt=tsflags=nodocs \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ + dnf -y install --setopt=tsflags=nodocs \ iputils \ traceroute \ - libcurl \ + libcurl-minimal \ libevent \ + libssh \ libxml2 \ net-snmp-libs \ OpenIPMI-libs \ @@ -62,9 +63,9 @@ RUN set -eux && \ gpg --batch --verify /tmp/tini.asc /sbin/tini && \ rm -r "$GNUPGHOME" /tmp/tini.asc && \ chmod +x /sbin/tini && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -78,14 +79,16 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - yum --quiet makecache && \ - yum -y install \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + dnf --quiet makecache && \ + dnf -y install \ autoconf \ automake \ gcc \ + pcre-devel \ libcurl-devel \ libevent-devel \ - libssh2-devel \ + libssh-devel \ libxml2-devel \ make \ net-snmp-devel \ @@ -115,7 +118,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -136,10 +139,11 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - yum -y clean all && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin /root/.pki + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 2bba84f5e..f694b7eaf 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -9,8 +9,6 @@ LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - RUN set -eux && \ addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ @@ -37,11 +35,8 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-server-postgresql && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - curl \ + tini \ ca-certificates \ - gpg \ - dirmngr \ - gpg-agent \ iputils-ping \ traceroute \ fping \ @@ -50,28 +45,13 @@ RUN set -eux && \ libopenipmi0 \ libpcre3 \ libpq5 \ - libsnmp30 \ - libssh2-1 \ + libsnmp35 \ + libssh-4 \ libssl1.1 \ libxml2 \ postgresql-client \ snmp-mibs-downloader \ unixodbc && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - apt-get -y purge curl gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* @@ -101,7 +81,7 @@ RUN set -eux && \ libpcre3-dev \ libpq-dev \ libsnmp-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ @@ -128,7 +108,7 @@ RUN set -eux && \ --with-net-snmp \ --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ @@ -161,15 +141,14 @@ RUN set -eux && \ libpcre3-dev \ libpq-dev \ libsnmp-dev \ - libssh2-1-dev \ + libssh-dev \ libxml2-dev \ make \ pkg-config \ git \ unixodbc-dev && \ apt-get -y autoremove && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP @@ -179,7 +158,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index 67e8ff0bf..09c0edffe 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index 9106643e0..c3d0defa1 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index ee64be28a..68cf941c4 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -28,13 +28,13 @@ RUN set -eux && \ ca-certificates \ mysql-client \ locales \ - php7.2-bcmath \ - php7.2-gd \ - php7.2-json \ - php7.2-ldap \ - php7.2-mbstring \ - php7.2-mysql \ - php7.2-xml && \ + php7.4-bcmath \ + php7.4-gd \ + php7.4-json \ + php7.4-ldap \ + php7.4-mbstring \ + php7.4-mysql \ + php7.4-xml && \ rm -f /etc/apache2/sites-available/* && \ rm -f /etc/apache2/sites-enabled/* && \ /usr/sbin/a2enmod ssl && \ @@ -93,9 +93,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chmod -R g=u /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ - chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.2/ && \ - chgrp -R 0 /etc/apache2/ /etc/php/7.2/ && \ - chmod -R g=u /etc/apache2/ /etc/php/7.2/ && \ + chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.4/ && \ + chgrp -R 0 /etc/apache2/ /etc/php/7.4/ && \ + chmod -R g=u /etc/apache2/ /etc/php/7.4/ && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ git && \ diff --git a/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini b/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini deleted file mode 100644 index be93bd73a..000000000 --- a/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -always_populate_raw_post_date=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -;session.save_path=/var/lib/php/session diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 3ca979b6a..4d1654ee7 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -208,7 +208,7 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" + PHP_CONFIG_FILE="/etc/php/7.4/apache2/conf.d/99-zabbix.ini" update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index eae0ba871..bca989564 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index fe377020a..1f0d7d000 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -27,13 +27,13 @@ RUN set -eux && \ libapache2-mod-php \ ca-certificates \ locales \ - php7.2-bcmath \ - php7.2-gd \ - php7.2-json \ - php7.2-ldap \ - php7.2-mbstring \ - php7.2-xml \ - php7.2-pgsql \ + php7.4-bcmath \ + php7.4-gd \ + php7.4-json \ + php7.4-ldap \ + php7.4-mbstring \ + php7.4-xml \ + php7.4-pgsql \ postgresql-client && \ rm -f /etc/apache2/sites-available/* && \ rm -f /etc/apache2/sites-enabled/* && \ @@ -93,9 +93,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chmod -R g=u /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ - chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.2/ && \ - chgrp -R 0 /etc/apache2/ /etc/php/7.2/ && \ - chmod -R g=u /etc/apache2/ /etc/php/7.2/ && \ + chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.4/ && \ + chgrp -R 0 /etc/apache2/ /etc/php/7.4/ && \ + chmod -R g=u /etc/apache2/ /etc/php/7.4/ && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ git && \ diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 5d8618bfd..49d8268ec 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -228,7 +228,7 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" + PHP_CONFIG_FILE="/etc/php/7.4/apache2/conf.d/99-zabbix.ini" update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 1ffcb9a74..2c77fb8f6 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index fedf12408..e90fe9ae6 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -46,18 +46,18 @@ RUN set -eux && \ mysql-client \ nginx \ locales \ - php7.2-bcmath \ - php7.2-fpm \ - php7.2-gd \ - php7.2-json \ - php7.2-ldap \ - php7.2-mbstring \ - php7.2-mysql \ - php7.2-xml \ + php7.4-bcmath \ + php7.4-fpm \ + php7.4-gd \ + php7.4-json \ + php7.4-ldap \ + php7.4-mbstring \ + php7.4-mysql \ + php7.4-xml \ supervisor && \ rm -f /etc/nginx/conf.d/*.conf && \ rm -rf /var/cache/nginx/ && \ - rm -f /etc/php/7.2/fpm/pool.d/www.conf && \ + rm -f /etc/php/7.4/fpm/pool.d/www.conf && \ ln -sf /dev/fd/2 /var/log/nginx/error.log && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ @@ -103,9 +103,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chmod -R g=u /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ - chown --quiet -R zabbix:root /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ - chgrp -R 0 /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ - chmod -R g=u /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/php/7.4/fpm/php-fpm.conf /etc/php/7.4/fpm/pool.d/ && \ + chgrp -R 0 /etc/nginx/ /etc/php/7.4/fpm/php-fpm.conf /etc/php/7.4/fpm/pool.d/ && \ + chmod -R g=u /etc/nginx/ /etc/php/7.4/fpm/php-fpm.conf /etc/php/7.4/fpm/pool.d/ && \ chown --quiet -R zabbix:root /var/lib/php/session/ && \ chgrp -R 0 /var/lib/php/session/ && \ chmod -R g=u /var/lib/php/session/ && \ diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf deleted file mode 100644 index b1acf9ebd..000000000 --- a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf +++ /dev/null @@ -1,9 +0,0 @@ -include=/etc/php/7.2/fpm/pool.d/*.conf - -[global] - -pid = /tmp/php-fpm.pid - -error_log = /dev/fd/2 - -daemonize = no diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf deleted file mode 100644 index a4926f4ae..000000000 --- a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf +++ /dev/null @@ -1,25 +0,0 @@ -[zabbix] - -listen = /tmp/php-fpm.sock - -pm = dynamic -pm.max_children = 50 -pm.start_servers = 5 -pm.min_spare_servers = 5 -pm.max_spare_servers = 35 - -slowlog = /dev/fd/1 - -php_admin_value[error_log] = /dev/fd/2 -php_admin_flag[log_errors] = on - -php_value[session.save_handler] = files -php_value[session.save_path] = /var/lib/php/session - -php_value[max_execution_time]= 300 -php_value[memory_limit]= 128M -php_value[post_max_size]= 16M -php_value[upload_max_filesize]= 2M -php_value[max_input_time]= 300 -php_value[max_input_vars]= 10000 -; php_value[date.timezone]= Europe/Riga diff --git a/web-nginx-mysql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf b/web-nginx-mysql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf index f8968e5c6..af13db485 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf @@ -15,8 +15,8 @@ redirect_stderr=true stdout_logfile = /dev/stdout stdout_logfile_maxbytes = 0 -[program:php-fpm7.2] -command = /usr/sbin/%(program_name)s -F -y /etc/php/7.2/fpm/php-fpm.conf +[program:php-fpm7.4] +command = /usr/sbin/%(program_name)s -F -y /etc/php/7.4/fpm/php-fpm.conf auto_start = true autorestart = true diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 2a0b48763..66c266a19 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -228,7 +228,7 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - PHP_CONFIG_FILE="/etc/php/7.2/fpm/pool.d/zabbix.conf" + PHP_CONFIG_FILE="/etc/php/7.4/fpm/pool.d/zabbix.conf" update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}" update_config_var "$PHP_CONFIG_FILE" "php_value[memory_limit]" "${ZBX_MEMORYLIMIT:-"128M"}" diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 819f11c01..2321256a9 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index f1d4e9449..75af495f3 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:bionic +FROM ubuntu:focal LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -45,19 +45,19 @@ RUN set -eux && \ curl \ nginx \ locales \ - php7.2-bcmath \ - php7.2-fpm \ - php7.2-gd \ - php7.2-json \ - php7.2-ldap \ - php7.2-mbstring \ - php7.2-xml \ - php7.2-pgsql \ + php7.4-bcmath \ + php7.4-fpm \ + php7.4-gd \ + php7.4-json \ + php7.4-ldap \ + php7.4-mbstring \ + php7.4-xml \ + php7.4-pgsql \ postgresql-client \ supervisor && \ rm -f /etc/nginx/conf.d/*.conf && \ rm -rf /var/cache/nginx/ && \ - rm -f /etc/php/7.2/fpm/pool.d/www.conf && \ + rm -f /etc/php/7.4/fpm/pool.d/www.conf && \ ln -sf /dev/fd/2 /var/log/nginx/error.log && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge curl gpg dirmngr gpg-agent && \ apt-get -y autoremove && \ @@ -103,9 +103,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chmod -R g=u /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ - chown --quiet -R zabbix:root /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ - chgrp -R 0 /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ - chmod -R g=u /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/php/7.4/fpm/php-fpm.conf /etc/php/7.4/fpm/pool.d/ && \ + chgrp -R 0 /etc/nginx/ /etc/php/7.4/fpm/php-fpm.conf /etc/php/7.4/fpm/pool.d/ && \ + chmod -R g=u /etc/nginx/ /etc/php/7.4/fpm/php-fpm.conf /etc/php/7.4/fpm/pool.d/ && \ chown --quiet -R zabbix:root /var/lib/php/session/ && \ chgrp -R 0 /var/lib/php/session/ && \ chmod -R g=u /var/lib/php/session/ && \ diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf deleted file mode 100644 index b1acf9ebd..000000000 --- a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf +++ /dev/null @@ -1,9 +0,0 @@ -include=/etc/php/7.2/fpm/pool.d/*.conf - -[global] - -pid = /tmp/php-fpm.pid - -error_log = /dev/fd/2 - -daemonize = no diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf deleted file mode 100644 index a4926f4ae..000000000 --- a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf +++ /dev/null @@ -1,25 +0,0 @@ -[zabbix] - -listen = /tmp/php-fpm.sock - -pm = dynamic -pm.max_children = 50 -pm.start_servers = 5 -pm.min_spare_servers = 5 -pm.max_spare_servers = 35 - -slowlog = /dev/fd/1 - -php_admin_value[error_log] = /dev/fd/2 -php_admin_flag[log_errors] = on - -php_value[session.save_handler] = files -php_value[session.save_path] = /var/lib/php/session - -php_value[max_execution_time]= 300 -php_value[memory_limit]= 128M -php_value[post_max_size]= 16M -php_value[upload_max_filesize]= 2M -php_value[max_input_time]= 300 -php_value[max_input_vars]= 10000 -; php_value[date.timezone]= Europe/Riga diff --git a/web-nginx-pgsql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf b/web-nginx-pgsql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf index f8968e5c6..af13db485 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/supervisor/conf.d/supervisord_zabbix.conf @@ -15,8 +15,8 @@ redirect_stderr=true stdout_logfile = /dev/stdout stdout_logfile_maxbytes = 0 -[program:php-fpm7.2] -command = /usr/sbin/%(program_name)s -F -y /etc/php/7.2/fpm/php-fpm.conf +[program:php-fpm7.4] +command = /usr/sbin/%(program_name)s -F -y /etc/php/7.4/fpm/php-fpm.conf auto_start = true autorestart = true diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 9b5e8ca3a..53d8ae519 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -242,7 +242,7 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - PHP_CONFIG_FILE="/etc/php/7.2/fpm/pool.d/zabbix.conf" + PHP_CONFIG_FILE="/etc/php/7.4/fpm/pool.d/zabbix.conf" update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}" update_config_var "$PHP_CONFIG_FILE" "php_value[memory_limit]" "${ZBX_MEMORYLIMIT:-"128M"}" From e59d2aabee618732dde5e8b544a09f31658b1563 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 7 Aug 2020 08:13:35 -0400 Subject: [PATCH 016/253] Use libssh instead of libssh --- server-mysql/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 75bf7bd65..33ae86a45 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -40,7 +40,7 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ - libssh-4 \ + libssh \ libxml2 \ mariadb-client \ mariadb-connector-c \ From a23386310fa80dbfcf5164742cd0db3b6f2a9716 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 10 Aug 2020 08:12:46 -0400 Subject: [PATCH 017/253] All images updated to latest stable base images Alpine 3.12, Ubuntu 20 (focal), CentOS 8 --- .../etc/php/7.4/apache2/conf.d/99-zabbix.ini | 9 +++++++ .../{7.2 => 7.4}/apache2/conf.d/99-zabbix.ini | 0 .../ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf | 9 +++++++ .../conf/etc/php/7.4/fpm/pool.d/zabbix.conf | 25 +++++++++++++++++++ .../ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf | 9 +++++++ .../conf/etc/php/7.4/fpm/pool.d/zabbix.conf | 25 +++++++++++++++++++ 6 files changed, 77 insertions(+) create mode 100644 web-apache-mysql/ubuntu/conf/etc/php/7.4/apache2/conf.d/99-zabbix.ini rename web-apache-pgsql/ubuntu/conf/etc/php/{7.2 => 7.4}/apache2/conf.d/99-zabbix.ini (100%) create mode 100644 web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf create mode 100644 web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf create mode 100644 web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf create mode 100644 web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf diff --git a/web-apache-mysql/ubuntu/conf/etc/php/7.4/apache2/conf.d/99-zabbix.ini b/web-apache-mysql/ubuntu/conf/etc/php/7.4/apache2/conf.d/99-zabbix.ini new file mode 100644 index 000000000..be93bd73a --- /dev/null +++ b/web-apache-mysql/ubuntu/conf/etc/php/7.4/apache2/conf.d/99-zabbix.ini @@ -0,0 +1,9 @@ +max_execution_time=300 +memory_limit=128M +post_max_size=16M +upload_max_filesize=2M +max_input_time=300 +always_populate_raw_post_date=-1 +max_input_vars=10000 +; date.timezone=Europe/Riga +;session.save_path=/var/lib/php/session diff --git a/web-apache-pgsql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini b/web-apache-pgsql/ubuntu/conf/etc/php/7.4/apache2/conf.d/99-zabbix.ini similarity index 100% rename from web-apache-pgsql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini rename to web-apache-pgsql/ubuntu/conf/etc/php/7.4/apache2/conf.d/99-zabbix.ini diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf new file mode 100644 index 000000000..e2471b98b --- /dev/null +++ b/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf @@ -0,0 +1,9 @@ +include=/etc/php/7.4/fpm/pool.d/*.conf + +[global] + +pid = /tmp/php-fpm.pid + +error_log = /dev/fd/2 + +daemonize = no diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf new file mode 100644 index 000000000..a4926f4ae --- /dev/null +++ b/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf @@ -0,0 +1,25 @@ +[zabbix] + +listen = /tmp/php-fpm.sock + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 + +slowlog = /dev/fd/1 + +php_admin_value[error_log] = /dev/fd/2 +php_admin_flag[log_errors] = on + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/session + +php_value[max_execution_time]= 300 +php_value[memory_limit]= 128M +php_value[post_max_size]= 16M +php_value[upload_max_filesize]= 2M +php_value[max_input_time]= 300 +php_value[max_input_vars]= 10000 +; php_value[date.timezone]= Europe/Riga diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf new file mode 100644 index 000000000..e2471b98b --- /dev/null +++ b/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/php-fpm.conf @@ -0,0 +1,9 @@ +include=/etc/php/7.4/fpm/pool.d/*.conf + +[global] + +pid = /tmp/php-fpm.pid + +error_log = /dev/fd/2 + +daemonize = no diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf new file mode 100644 index 000000000..a4926f4ae --- /dev/null +++ b/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf @@ -0,0 +1,25 @@ +[zabbix] + +listen = /tmp/php-fpm.sock + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 + +slowlog = /dev/fd/1 + +php_admin_value[error_log] = /dev/fd/2 +php_admin_flag[log_errors] = on + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/session + +php_value[max_execution_time]= 300 +php_value[memory_limit]= 128M +php_value[post_max_size]= 16M +php_value[upload_max_filesize]= 2M +php_value[max_input_time]= 300 +php_value[max_input_vars]= 10000 +; php_value[date.timezone]= Europe/Riga From bb5cee87f08898603684b315457eccfcf69fe998 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 24 Aug 2020 16:08:18 -0400 Subject: [PATCH 018/253] Fixed params for Zabbix agent 2 --- agent2/alpine/README.md | 8 -------- agent2/alpine/docker-entrypoint.sh | 13 ++----------- 2 files changed, 2 insertions(+), 19 deletions(-) diff --git a/agent2/alpine/README.md b/agent2/alpine/README.md index 2df5ed256..6608c9551 100644 --- a/agent2/alpine/README.md +++ b/agent2/alpine/README.md @@ -103,10 +103,6 @@ This variable is boolean (``true`` or ``false``) and enables or disables feature The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - ### `ZBX_DEBUGLEVEL` The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: @@ -168,10 +164,6 @@ Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbi The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix agent 2 using ``LoadModule`` feature. - ### ``/var/lib/zabbix/enc`` The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. diff --git a/agent2/alpine/docker-entrypoint.sh b/agent2/alpine/docker-entrypoint.sh index 39d3540a0..5cad1e570 100755 --- a/agent2/alpine/docker-entrypoint.sh +++ b/agent2/alpine/docker-entrypoint.sh @@ -145,7 +145,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" : ${ZBX_ACTIVE_ALLOW:="true"} if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then @@ -167,8 +166,8 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999" fi - update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" - update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" +# update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" +# update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" @@ -183,8 +182,6 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" @@ -198,12 +195,6 @@ prepare_zbx_agent_config() { update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" - - if [ "$(id -u)" != '0' ]; then - update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" - else - update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1" - fi } prepare_agent() { From 85c4458f75dec6dab7fa73a9172e1878dbacfcc6 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 24 Aug 2020 16:52:32 -0400 Subject: [PATCH 019/253] Fixed escaping for DB certs in web images --- .gitignore | 3 +++ web-apache-mysql/ubuntu/docker-entrypoint.sh | 4 ++++ web-apache-pgsql/ubuntu/docker-entrypoint.sh | 4 ++++ web-nginx-mysql/ubuntu/docker-entrypoint.sh | 4 ++++ web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 4 ++++ 5 files changed, 19 insertions(+) diff --git a/.gitignore b/.gitignore index 3d63db5ec..03f34fddd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,5 @@ zbx_env/ zbx_env*/ +.*CERT_FILE +.*KEY_FILE +.*CA_FILE diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 4d1654ee7..153a87292 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -226,6 +226,10 @@ prepare_zbx_web_config() { history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 49d8268ec..d539e4727 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -246,6 +246,10 @@ prepare_zbx_web_config() { history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 66c266a19..adde0e72c 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -253,6 +253,10 @@ prepare_zbx_web_config() { history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 53d8ae519..dad9542a5 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -267,6 +267,10 @@ prepare_zbx_web_config() { history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ From 853ac73c0500847d40134c9573b84e6f1c56a65f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 25 Aug 2020 07:38:13 -0400 Subject: [PATCH 020/253] Fixed MySQL SSL options parsing for MySQL 8.0 client --- .env_srv | 2 +- agent/centos/Dockerfile | 4 ++-- java-gateway/centos/Dockerfile | 4 ++-- proxy-mysql/centos/Dockerfile | 6 +++--- proxy-mysql/ubuntu/docker-entrypoint.sh | 9 ++++++--- proxy-sqlite3/centos/Dockerfile | 4 ++-- server-mysql/centos/Dockerfile | 6 +++--- server-mysql/centos/docker-entrypoint.sh | 15 ++++++++++++--- server-mysql/ubuntu/docker-entrypoint.sh | 9 ++++++--- server-pgsql/centos/Dockerfile | 4 ++-- web-apache-mysql/centos/Dockerfile | 2 +- web-apache-mysql/ubuntu/docker-entrypoint.sh | 6 +++++- web-apache-pgsql/centos/Dockerfile | 2 +- web-nginx-mysql/centos/Dockerfile | 2 +- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 6 +++++- web-nginx-pgsql/centos/Dockerfile | 2 +- 16 files changed, 53 insertions(+), 30 deletions(-) diff --git a/.env_srv b/.env_srv index 8a6ddbb3b..45b034064 100644 --- a/.env_srv +++ b/.env_srv @@ -1,7 +1,7 @@ # ZBX_LISTENIP= # ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5 # ZBX_HISTORYSTORAGETYPES=uint,dbl,str,log,text # Available since 3.4.5 -# ZBX_DBTLSCONNECT=require # Available since 5.0.0 +# ZBX_DBTLSCONNECT=required # Available since 5.0.0 # ZBX_DBTLSCAFILE=/run/secrets/root-ca.pem # Available since 5.0.0 # ZBX_DBTLSCERTFILE=/run/secrets/client-cert.pem # Available since 5.0.0 # ZBX_DBTLSKEYFILE=/run/secrets/client-key.pem # Available since 5.0.0 diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 480448b91..7513604f0 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -23,7 +23,7 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ libcurl-minimal \ openssl-libs && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ @@ -56,7 +56,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati RUN set -eux && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ pcre-devel \ diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index 5cc3a0e6d..8976682b6 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -18,7 +18,7 @@ RUN set -eux && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ java-1.8.0-openjdk-headless && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ @@ -38,7 +38,7 @@ COPY ["conf/etc/", "/etc/"] RUN set -eux && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ java-1.8.0-openjdk-devel \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 591d02d72..cf71473f9 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -32,7 +32,7 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ dnf --quiet makecache && \ dnf -y install http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm --setopt=tsflags=nodocs && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ libcurl-minimal \ libevent \ libssh \ @@ -76,7 +76,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati RUN set -eux && \ sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ gcc \ @@ -86,7 +86,7 @@ RUN set -eux && \ libssh-devel \ libxml2-devel \ make \ - mariadb-devel \ + mariadb-connector-c-devel \ net-snmp-devel \ OpenIPMI-devel \ openldap-devel \ diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index ba066f813..3ff1f5c28 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -195,7 +195,8 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" fi while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ @@ -210,7 +211,8 @@ mysql_query() { local result="" if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" fi result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ @@ -260,7 +262,8 @@ create_db_schema_mysql() { echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" fi zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 59be1bc84..a27ac3432 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -32,7 +32,7 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-proxy-sqlite3 && \ dnf --quiet makecache && \ dnf -y install http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm --setopt=tsflags=nodocs && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ libcurl-minimal \ libevent \ libssh \ @@ -75,7 +75,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati RUN set -eux && \ sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ gcc \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index d0079ea7d..83ac26c11 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -34,7 +34,7 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ iputils \ traceroute \ libcurl-minimal \ @@ -80,7 +80,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati RUN set -eux && \ sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ gcc \ @@ -90,7 +90,7 @@ RUN set -eux && \ libssh-devel \ libxml2-devel \ make \ - mariadb-devel \ + mariadb-connector-c-devel \ net-snmp-devel \ OpenIPMI-devel \ openldap-devel \ diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index 755c64913..475135635 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -190,7 +190,10 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + verify_cert="--ssl-verify-server-cert" + fi + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert" fi while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ @@ -205,7 +208,10 @@ mysql_query() { local result="" if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + verify_cert="--ssl-verify-server-cert" + fi + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert" fi result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ @@ -255,7 +261,10 @@ create_db_schema_mysql() { echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + verify_cert="--ssl-verify-server-cert" + fi + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert" fi zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 22b595854..94aaef87d 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -190,7 +190,8 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" fi while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ @@ -205,7 +206,8 @@ mysql_query() { local result="" if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" fi result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ @@ -255,7 +257,8 @@ create_db_schema_mysql() { echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" fi zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 313e57e3f..7f30b71b0 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -34,7 +34,7 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-server-postgresql && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ iputils \ traceroute \ libcurl-minimal \ @@ -81,7 +81,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati RUN set -eux && \ sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ dnf --quiet makecache && \ - dnf -y install \ + dnf -y install -setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ gcc \ diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index 31d79ba78..d6b0a9d75 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -63,7 +63,7 @@ RUN set -eux && \ dnf --quiet makecache && \ dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ glibc-locale-source && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ gettext \ git && \ cd /usr/share/ && \ diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 153a87292..1e31fb18c 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -171,8 +171,12 @@ check_db_connect() { WAIT_TIMEOUT=5 + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + ssl_opts="--ssl-mode=required --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do + --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index d6eda9561..e397348a0 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -63,7 +63,7 @@ RUN set -eux && \ dnf --quiet makecache && \ dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ glibc-locale-source && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ gettext \ git && \ cd /usr/share/ && \ diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index fa7e37d80..83a77ecaa 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -55,7 +55,7 @@ RUN set -eux && \ dnf --quiet makecache && \ dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ glibc-locale-source && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ gettext \ git && \ cd /usr/share/ && \ diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index adde0e72c..50a6c0c29 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -190,8 +190,12 @@ check_db_connect() { WAIT_TIMEOUT=5 + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + ssl_opts="--ssl-mode=required --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do + --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index e16cb05d3..09124b65d 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -55,7 +55,7 @@ RUN set -eux && \ dnf --quiet makecache && \ dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ glibc-locale-source && \ - dnf -y install --setopt=tsflags=nodocs \ + dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ gettext \ git && \ cd /usr/share/ && \ From 4cb8a75def3043ea7ac648289ccd3576528343d3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 26 Aug 2020 22:11:29 +0300 Subject: [PATCH 021/253] Fixed params for Zabbix server PostgreSQL (CentOS) --- server-pgsql/centos/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 7f30b71b0..a97f81b61 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -33,7 +33,7 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-postgresql && \ dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ + dnf -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ iputils \ traceroute \ @@ -81,7 +81,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati RUN set -eux && \ sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ dnf --quiet makecache && \ - dnf -y install -setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ automake \ gcc \ From d5ed6498ddd0fcb1c247169f87241369c2454ed5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 27 Aug 2020 12:58:54 -0400 Subject: [PATCH 022/253] More flexible DB TLS params usage --- .env_web | 2 +- proxy-mysql/alpine/docker-entrypoint.sh | 38 ++++++++++++---- proxy-mysql/centos/docker-entrypoint.sh | 39 ++++++++++++---- proxy-mysql/ubuntu/docker-entrypoint.sh | 38 +++++++++++----- server-mysql/alpine/docker-entrypoint.sh | 38 ++++++++++++---- server-mysql/centos/docker-entrypoint.sh | 47 ++++++++++++-------- server-mysql/ubuntu/docker-entrypoint.sh | 38 +++++++++++----- web-apache-mysql/alpine/docker-entrypoint.sh | 26 +++++++++-- web-apache-mysql/centos/docker-entrypoint.sh | 26 +++++++++-- web-apache-mysql/ubuntu/docker-entrypoint.sh | 26 +++++++++-- web-nginx-mysql/alpine/docker-entrypoint.sh | 26 +++++++++-- web-nginx-mysql/centos/docker-entrypoint.sh | 26 +++++++++-- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 26 +++++++++-- 13 files changed, 308 insertions(+), 88 deletions(-) diff --git a/.env_web b/.env_web index 43a0b202f..4d9e27016 100644 --- a/.env_web +++ b/.env_web @@ -4,7 +4,7 @@ ZBX_SERVER_NAME=Composed installation # ZBX_DB_ENCRYPTION=true # Available since 5.0.0 # ZBX_DB_KEY_FILE=/run/secrets/client-key.pem # Available since 5.0.0 # ZBX_DB_CERT_FILE=/run/secrets/client-cert.pem # Available since 5.0.0 -# ZBX_DB_CA_FILE=/run/secrets/pgsql-ca.pem # Available since 5.0.0 +# ZBX_DB_CA_FILE=/run/secrets/root-ca.pem # Available since 5.0.0 # ZBX_DB_VERIFY_HOST=false # Available since 5.0.0 # ZBX_DB_CIPHER_LIST= # Available since 5.0.0 # ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5 diff --git a/proxy-mysql/alpine/docker-entrypoint.sh b/proxy-mysql/alpine/docker-entrypoint.sh index 6d8a1c2a6..96a1faccf 100755 --- a/proxy-mysql/alpine/docker-entrypoint.sh +++ b/proxy-mysql/alpine/docker-entrypoint.sh @@ -177,6 +177,32 @@ check_variables_mysql() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} } +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + result="--ssl" + + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + result="${result} --ssl-verify-server-cert" + fi + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + check_db_connect_mysql() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -194,9 +220,7 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do @@ -209,9 +233,7 @@ mysql_query() { query=$1 local result="" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) @@ -259,9 +281,7 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ diff --git a/proxy-mysql/centos/docker-entrypoint.sh b/proxy-mysql/centos/docker-entrypoint.sh index 6d8a1c2a6..de19cec28 100755 --- a/proxy-mysql/centos/docker-entrypoint.sh +++ b/proxy-mysql/centos/docker-entrypoint.sh @@ -177,6 +177,33 @@ check_variables_mysql() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} } +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + result="--ssl" + + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + result="${result} --ssl-verify-server-cert" + fi + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + + check_db_connect_mysql() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -194,9 +221,7 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do @@ -209,9 +234,7 @@ mysql_query() { query=$1 local result="" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) @@ -259,9 +282,7 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index 3ff1f5c28..e0e9e8015 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -177,6 +177,29 @@ check_variables_mysql() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} } +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + result="--ssl-mode=$ssl_mode" + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + check_db_connect_mysql() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -194,10 +217,7 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} - ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do @@ -210,10 +230,7 @@ mysql_query() { query=$1 local result="" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} - ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) @@ -261,10 +278,7 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} - ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ diff --git a/server-mysql/alpine/docker-entrypoint.sh b/server-mysql/alpine/docker-entrypoint.sh index 755c64913..45c7b8e09 100755 --- a/server-mysql/alpine/docker-entrypoint.sh +++ b/server-mysql/alpine/docker-entrypoint.sh @@ -172,6 +172,32 @@ check_variables_mysql() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + result="--ssl" + + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + result="${result} --ssl-verify-server-cert" + fi + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + check_db_connect_mysql() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -189,9 +215,7 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do @@ -204,9 +228,7 @@ mysql_query() { query=$1 local result="" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) @@ -254,9 +276,7 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index 475135635..45c7b8e09 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -172,6 +172,32 @@ check_variables_mysql() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + result="--ssl" + + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + result="${result} --ssl-verify-server-cert" + fi + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + check_db_connect_mysql() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -189,12 +215,7 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then - verify_cert="--ssl-verify-server-cert" - fi - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do @@ -207,12 +228,7 @@ mysql_query() { query=$1 local result="" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then - verify_cert="--ssl-verify-server-cert" - fi - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert" - fi + ssl_opts="$(db_tls_params)" result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) @@ -260,12 +276,7 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then - verify_cert="--ssl-verify-server-cert" - fi - ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert" - fi + ssl_opts="$(db_tls_params)" zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 94aaef87d..bbfad1511 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -172,6 +172,29 @@ check_variables_mysql() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + result="--ssl-mode=$ssl_mode" + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + check_db_connect_mysql() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -189,10 +212,7 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} - ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do @@ -205,10 +225,7 @@ mysql_query() { query=$1 local result="" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} - ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) @@ -256,10 +273,7 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - if [ -n "${ZBX_DBTLSCONNECT}" ]; then - ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} - ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" - fi + ssl_opts="$(db_tls_params)" zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index cc9d10176..50ceeaf0a 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -154,6 +154,28 @@ check_variables() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + result="--ssl" + + if [ -n "${ZBX_DB_CA_FILE}" ]; then + result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" + fi + + if [ -n "${ZBX_DB_KEY_FILE}" ]; then + result="${result} --ssl-key=${ZBX_DB_KEY_FILE}" + fi + + if [ -n "${ZBX_DB_CERT_FILE}" ]; then + result="${result} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + fi + + echo $result +} + check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -171,9 +193,7 @@ check_db_connect() { WAIT_TIMEOUT=5 - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index a781bf7d8..6ba3a7df3 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -154,6 +154,28 @@ check_variables() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + result="--ssl" + + if [ -n "${ZBX_DB_CA_FILE}" ]; then + result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" + fi + + if [ -n "${ZBX_DB_KEY_FILE}" ]; then + result="${result} --ssl-key=${ZBX_DB_KEY_FILE}" + fi + + if [ -n "${ZBX_DB_CERT_FILE}" ]; then + result="${result} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + fi + + echo $result +} + check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -171,9 +193,7 @@ check_db_connect() { WAIT_TIMEOUT=5 - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 1e31fb18c..f40f53f2a 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -154,6 +154,28 @@ check_variables() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + result="--ssl-mode=required" + + if [ -n "${ZBX_DB_CA_FILE}" ]; then + result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" + fi + + if [ -n "${ZBX_DB_KEY_FILE}" ]; then + result="${result} --ssl-key=${ZBX_DB_KEY_FILE}" + fi + + if [ -n "${ZBX_DB_CERT_FILE}" ]; then + result="${result} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + fi + + echo $result +} + check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -171,9 +193,7 @@ check_db_connect() { WAIT_TIMEOUT=5 - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then - ssl_opts="--ssl-mode=required --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index 92fa4f8e1..3cc566290 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -172,6 +172,28 @@ check_variables() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + result="--ssl" + + if [ -n "${ZBX_DB_CA_FILE}" ]; then + result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" + fi + + if [ -n "${ZBX_DB_KEY_FILE}" ]; then + result="${result} --ssl-key=${ZBX_DB_KEY_FILE}" + fi + + if [ -n "${ZBX_DB_CERT_FILE}" ]; then + result="${result} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + fi + + echo $result +} + check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -190,9 +212,7 @@ check_db_connect() { WAIT_TIMEOUT=5 - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index 5c0f07902..519dc608f 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -172,6 +172,28 @@ check_variables() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + result="--ssl" + + if [ -n "${ZBX_DB_CA_FILE}" ]; then + result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" + fi + + if [ -n "${ZBX_DB_KEY_FILE}" ]; then + result="${result} --ssl-key=${ZBX_DB_KEY_FILE}" + fi + + if [ -n "${ZBX_DB_CERT_FILE}" ]; then + result="${result} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + fi + + echo $result +} + check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -190,9 +212,7 @@ check_db_connect() { WAIT_TIMEOUT=5 - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then - ssl_opts="--ssl --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 50a6c0c29..f33a294c7 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -172,6 +172,28 @@ check_variables() { DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } +db_tls_params() { + local result="" + + if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + result="--ssl-mode=required" + + if [ -n "${ZBX_DB_CA_FILE}" ]; then + result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" + fi + + if [ -n "${ZBX_DB_KEY_FILE}" ]; then + result="${result} --ssl-key=${ZBX_DB_KEY_FILE}" + fi + + if [ -n "${ZBX_DB_CERT_FILE}" ]; then + result="${result} --ssl-cert=${ZBX_DB_CERT_FILE}" + fi + fi + + echo $result +} + check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" @@ -190,9 +212,7 @@ check_db_connect() { WAIT_TIMEOUT=5 - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then - ssl_opts="--ssl-mode=required --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}" - fi + ssl_opts="$(db_tls_params)" while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do From f6a70ac9d672ca70928dca65b4f9eb6e1f040333 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 27 Aug 2020 14:05:12 -0400 Subject: [PATCH 023/253] More flexible DB TLS params usage --- zabbix-appliance/alpine/README.md | 256 ----- zabbix-appliance/centos/README.md | 256 ----- zabbix-appliance/rhel/Dockerfile | 191 ++-- zabbix-appliance/rhel/README.md | 23 +- .../rhel/conf/etc/nginx/nginx.conf | 13 +- zabbix-appliance/rhel/conf/etc/php-fpm.conf | 536 +--------- .../rhel/conf/etc/php-fpm.d/zabbix.conf | 25 + .../rhel/conf/etc/php.d/99-zabbix.ini | 9 - .../conf.d/supervisord_java_gateway.conf | 2 +- .../supervisor/conf.d/supervisord_mysql.conf | 4 +- .../supervisor/conf.d/supervisord_server.conf | 2 +- .../rhel/conf/etc/supervisor/supervisord.conf | 8 +- .../rhel/conf/etc/yum.repo.d/nginx.repo | 13 +- .../rhel/conf/etc/zabbix/nginx.conf | 4 +- .../rhel/conf/etc/zabbix/nginx_ssl.conf | 4 +- .../rhel/conf/etc/zabbix/web/zabbix.conf.php | 16 +- .../rhel/conf/usr/sbin/zabbix_java_gateway | 2 +- zabbix-appliance/rhel/docker-entrypoint.sh | 938 ++++-------------- zabbix-appliance/ubuntu/README.md | 256 ----- 19 files changed, 392 insertions(+), 2166 deletions(-) delete mode 100644 zabbix-appliance/alpine/README.md delete mode 100644 zabbix-appliance/centos/README.md create mode 100644 zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf delete mode 100644 zabbix-appliance/rhel/conf/etc/php.d/99-zabbix.ini delete mode 100644 zabbix-appliance/ubuntu/README.md diff --git a/zabbix-appliance/alpine/README.md b/zabbix-appliance/alpine/README.md deleted file mode 100644 index 65ec46837..000000000 --- a/zabbix-appliance/alpine/README.md +++ /dev/null @@ -1,256 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix appliance? - -> **Important information:_** -Zabbix Docker Appliance image has been decommissioned and will not be available for [3.0.31](https://www.zabbix.com/documentation/3.0/manual/installation/upgrade_notes_3031), [4.0.19](https://www.zabbix.com/documentation/4.0/manual/installation/upgrade_notes_4020), 4.4.7, 5.0.0 and newer releases. Please use a separate Docker image for each component instead of the all-in-one solution. - -Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server. - -# Zabbix appliance images - -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic) and CentOS 7 images. The available versions of Zabbix appliance are: - - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) (unsupported) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. The image is very useful for testing purposes. - -# How to use this image - -## Start `zabbix-appliance` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag - -Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-appliance/tags/). - -## Container shell access and viewing Zabbix appliance logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-appliance` container: - -```console -$ docker exec -ti some-zabbix-appliance /bin/bash -``` - -The Zabbix appliance logs is available through Docker's container log: - -```console -$ docker logs some-zabbix-appliance -``` - -## Environment Variables - -When you start the `zabbix-appliance` image, you can adjust the configuration of the Zabbix appliance by passing one or more environment variables on the `docker run` command line. - -### `PHP_TZ` - -The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga'. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_SERVER_NAME` - -The variable is visible Zabbix installation name in right top corner of the web interface. - -### `ZBX_MAXEXECUTIONTIME` - -The varable is PHP ``max_execution_time`` option. By default, value is `300`. - -### `ZBX_MEMORYLIMIT` - -The varable is PHP ``memory_limit`` option. By default, value is `128M`. - -### `ZBX_POSTMAXSIZE` - -The varable is PHP ``post_max_size`` option. By default, value is `16M`. - -### `ZBX_UPLOADMAXFILESIZE` - -The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. - -### `ZBX_MAXINPUTTIME` - -The varable is PHP ``max_input_time`` option. By default, value is `300`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_LISTENIP= -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/etc/ssl/nginx`` - -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. - -Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. - -# The image variants - -The `zabbix-appliance` images come in many flavors, each designed for a specific use case. - -## `zabbix-appliance:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-appliance:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`zabbix-appliance/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/zabbix-appliance) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues -Some configuration environment variables are the same between multiple Zabbix components. Be careful when change these variables. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/zabbix-appliance/centos/README.md b/zabbix-appliance/centos/README.md deleted file mode 100644 index 65ec46837..000000000 --- a/zabbix-appliance/centos/README.md +++ /dev/null @@ -1,256 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix appliance? - -> **Important information:_** -Zabbix Docker Appliance image has been decommissioned and will not be available for [3.0.31](https://www.zabbix.com/documentation/3.0/manual/installation/upgrade_notes_3031), [4.0.19](https://www.zabbix.com/documentation/4.0/manual/installation/upgrade_notes_4020), 4.4.7, 5.0.0 and newer releases. Please use a separate Docker image for each component instead of the all-in-one solution. - -Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server. - -# Zabbix appliance images - -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic) and CentOS 7 images. The available versions of Zabbix appliance are: - - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) (unsupported) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. The image is very useful for testing purposes. - -# How to use this image - -## Start `zabbix-appliance` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag - -Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-appliance/tags/). - -## Container shell access and viewing Zabbix appliance logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-appliance` container: - -```console -$ docker exec -ti some-zabbix-appliance /bin/bash -``` - -The Zabbix appliance logs is available through Docker's container log: - -```console -$ docker logs some-zabbix-appliance -``` - -## Environment Variables - -When you start the `zabbix-appliance` image, you can adjust the configuration of the Zabbix appliance by passing one or more environment variables on the `docker run` command line. - -### `PHP_TZ` - -The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga'. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_SERVER_NAME` - -The variable is visible Zabbix installation name in right top corner of the web interface. - -### `ZBX_MAXEXECUTIONTIME` - -The varable is PHP ``max_execution_time`` option. By default, value is `300`. - -### `ZBX_MEMORYLIMIT` - -The varable is PHP ``memory_limit`` option. By default, value is `128M`. - -### `ZBX_POSTMAXSIZE` - -The varable is PHP ``post_max_size`` option. By default, value is `16M`. - -### `ZBX_UPLOADMAXFILESIZE` - -The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. - -### `ZBX_MAXINPUTTIME` - -The varable is PHP ``max_input_time`` option. By default, value is `300`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_LISTENIP= -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/etc/ssl/nginx`` - -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. - -Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. - -# The image variants - -The `zabbix-appliance` images come in many flavors, each designed for a specific use case. - -## `zabbix-appliance:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-appliance:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`zabbix-appliance/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/zabbix-appliance) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues -Some configuration environment variables are the same between multiple Zabbix components. Be careful when change these variables. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index c86908889..1919beabf 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -1,39 +1,32 @@ -FROM registry.access.redhat.com/rhel7 +FROM registry.access.redhat.com/ubi8/ubi MAINTAINER Alexey Pustovalov -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx \ - MYSQL_ALLOW_EMPTY_PASSWORD=true ZBX_ADD_SERVER=true ZBX_ADD_WEB=true DB_SERVER_HOST=localhost MYSQL_USER=zabbix ZBX_ADD_JAVA_GATEWAY=true ZBX_JAVAGATEWAY_ENABLE=true ZBX_JAVAGATEWAY=localhost - -ARG BUILD_DATE -ARG VCS_REF - -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG RELEASE=0 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 + ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL +ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-appliance" \ maintainer="alexey.pustovalov@zabbix.com" \ vendor="Zabbix LLC" \ version="${MAJOR_VERSION}" \ release="${RELEASE}" \ - summary="Zabbix appliance with MySQL database support and ${ZBX_OPT_TYPE} web-server" \ + summary="Zabbix appliance with MySQL database support and Nginx web-server" \ description="Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server." \ url="https://www.zabbix.com/" \ - run="docker run --name zabbix-appliance -p 80:80 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance:${ZBX_VERSION}" \ - io.k8s.description="Zabbix appliance with MySQL database support and ${ZBX_OPT_TYPE} web-server" \ + run="docker run --name zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance-52:${ZBX_VERSION}" \ + io.k8s.description="Zabbix appliance with MySQL database support and Nginx web-server" \ io.k8s.display-name="Zabbix Appliance" \ - io.openshift.expose-services="http:http,https:https,10051:10051" \ + io.openshift.expose-services="8080:http,8443:https,10051:10051" \ io.openshift.tags="zabbix,zabbix-appliance,mysql,nginx" \ org.label-schema.name="zabbix-appliance-rhel" \ org.label-schema.vendor="Zabbix LLC" \ org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix appliance with MySQL database support and ${ZBX_OPT_TYPE} web-server" \ + org.label-schema.description="Zabbix appliance with MySQL database support and Nginx web-server" \ org.label-schema.vcs-ref="${VCS_REF}" \ org.label-schema.build-date="${BUILD_DATE}" \ org.label-schema.schema-version="1.0" \ @@ -41,21 +34,20 @@ LABEL name="zabbix/zabbix-appliance" \ org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ org.label-schema.version="${ZBX_VERSION}" \ org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:80 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance:${ZBX_VERSION}" + org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance-52:${ZBX_VERSION}" STOPSIGNAL SIGTERM COPY ["conf/etc/yum.repo.d/nginx.repo", "/etc/yum.repos.d/nginx.repo"] - -### add licenses to this directory COPY ["licenses", "/licenses"] -### Add necessary Red Hat repos here -RUN INSTALL_PKGS="OpenIPMI-libs \ +RUN set -o xtrace && INSTALL_PKGS="OpenIPMI-libs \ curl \ fping \ java-1.8.0-openjdk-headless \ + pcre \ libcurl \ + libssh \ libevent \ libxml2 \ mariadb \ @@ -68,22 +60,26 @@ RUN INSTALL_PKGS="OpenIPMI-libs \ php-bcmath \ php-fpm \ php-gd \ + php-json \ php-ldap \ php-mbstring \ - python-setuptools \ - php-mysql \ + php-mysqlnd \ php-xml \ + python3-pip \ unixODBC" && \ - rpm -ivh https://repo.zabbix.com/zabbix/${MAJOR_VERSION}/rhel/7/x86_64/zabbix-release-${MAJOR_VERSION}-2.el7.noarch.rpm && \ - REPOLIST="rhel-7-server-rpms,rhel-7-server-optional-rpms,zabbix-non-supported,nginx" && \ - yum -y update-minimal --disablerepo "*" --enablerepo rhel-7-server-rpms --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ - echo ${REPOLIST} && \ - yum -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - groupadd --system zabbix && \ + dnf -y install --disableplugin=subscription-manager --disablerepo "*" \ + https://repo.zabbix.com/zabbix/${MAJOR_VERSION}/rhel/8/x86_64/zabbix-release-${MAJOR_VERSION}-1.el8.noarch.rpm && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,zabbix-non-supported,nginx-stable" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + pip3 install supervisor && \ + ln -s /usr/local/bin/supervisord /usr/bin/supervisord && \ + groupadd -g 1995 --system zabbix && \ adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout \ - -d /var/lib/zabbix/ \ + -g zabbix -G dialout -G root \ + -d /var/lib/zabbix/ -u 1997 \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ @@ -98,38 +94,54 @@ RUN INSTALL_PKGS="OpenIPMI-libs \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ - rm -f /etc/php-fpm.d/www.conf && \ + mkdir -p /usr/share/zabbix/ && \ + mkdir -p /usr/sbin/zabbix_java/ && \ mkdir -p /var/lib/php/ && \ - chown --quiet -R nginx:nginx /var/lib/php/ && \ - easy_install supervisor && \ - mkdir -p /etc/supervisor/conf.d/ && \ - yum ${YUM_FLAGS_COMMON} clean all && \ - rm -rf /var/cache/yum && \ - rm -rf /var/lib/yum/yumdb/* && \ - rm -rf /usr/lib/udev/hwdb.d/* + mkdir -p /usr/share/doc/zabbix-server-mysql/ && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -f /etc/php-fpm.d/www.conf /etc/nginx/conf.d/*.conf /etc/my.cnf.d/auth_gssapi.cnf && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -RUN REPOLIST="rhel-7-server-rpms,rhel-7-server-optional-rpms,zabbix-non-supported" && \ +COPY ["conf/etc/", "/etc/"] + +RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ INSTALL_PKGS="autoconf \ automake \ gcc \ gettext \ + glibc-locale-source \ java-1.8.0-openjdk-devel \ libcurl-devel \ libevent-devel \ - libssh2-devel \ + libssh-devel \ libxml2-devel \ make \ - mariadb-devel \ + mariadb-connector-c-devel \ + pcre-devel \ net-snmp-devel \ - OpenIPMI-devel \ +# OpenIPMI-devel \ openldap-devel \ git \ unixODBC-devel" && \ - yum -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ @@ -143,74 +155,67 @@ RUN REPOLIST="rhel-7-server-rpms,rhel-7-server-optional-rpms,zabbix-non-supporte --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-mysql \ --with-ldap \ --with-libcurl \ --with-libxml2 \ --enable-java \ --with-net-snmp \ - --with-openipmi \ +# --with-openipmi \ --with-openssl \ - --with-ssh2 \ + --with-ssh \ --with-unixodbc \ --enable-ipv6 \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ - mkdir -p /usr/sbin/zabbix_java/ && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ + cp -R /tmp/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ + rm -f /usr/share/zabbix/conf/zabbix.conf.php && \ + rm -rf /usr/share/zabbix/tests/ && \ cd /usr/share/zabbix/ && \ - rm -f conf/zabbix.conf.php && \ - rm -rf tests && \ ./locale/make_mo.sh && \ - yum ${YUM_FLAGS_COMMON} history undo `yum history | sed -n 4p |column -t | cut -d' ' -f1` && \ - yum ${YUM_FLAGS_COMMON} clean all && \ - rm -rf /var/cache/yum && \ - rm -rf /var/lib/yum/yumdb/* && \ - rm -rf /usr/lib/udev/hwdb.d/* && \ - rm -rf /etc/udev/hwdb.bin && \ - rm -rf /root/.pki + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ + cut -d"'" -f 2 | sort | \ + xargs -I '{}' bash -c 'echo "{}" && localedef -c -i {} -f UTF-8 {}.UTF-8 2>/dev/null' && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/my.cnf.d/ /etc/my.cnf /etc/php-fpm.d/ /etc/php-fpm.conf && \ + chgrp -R 0 /etc/nginx/ /etc/my.cnf.d/ /etc/my.cnf /etc/php-fpm.d/ /etc/php-fpm.conf && \ + chmod -R g=u /etc/nginx/ /etc/my.cnf.d/ /etc/my.cnf /etc/php-fpm.d/ /etc/php-fpm.conf && \ + chown --quiet -R zabbix:root /var/lib/mysql/ /var/lib/php/session/ && \ + chgrp -R 0 /var/lib/mysql/ /var/lib/php/session/ && \ + chmod -R g=u /var/lib/mysql/ /var/lib/php/session/ && \ + dnf -y history undo `dnf history list last -q | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -EXPOSE 80/TCP 443/TCP 10051/TCP +EXPOSE 8080/TCP 8443/TCP 10051/TCP WORKDIR /var/lib/zabbix -VOLUME ["/etc/ssl/nginx"] -VOLUME ["/usr/lib/zabbix/alertscripts", "/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/mibs", "/var/lib/zabbix/modules"] -VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] -VOLUME ["/var/lib/mysql/"] +VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php-fpm.conf", "/etc/php-fpm.conf"] -COPY ["conf/etc/php.d/99-zabbix.ini", "/etc/php.d/99-zabbix.ini"] -COPY ["conf/etc/zabbix/zabbix_java_gateway_logback.xml", "/etc/zabbix/"] COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENV ZBX_TYPE=appliance +USER 1997 -ENTRYPOINT ["docker-entrypoint.sh"] +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] diff --git a/zabbix-appliance/rhel/README.md b/zabbix-appliance/rhel/README.md index 45108f60c..1ddf003c3 100644 --- a/zabbix-appliance/rhel/README.md +++ b/zabbix-appliance/rhel/README.md @@ -14,23 +14,12 @@ Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gate # Zabbix appliance images -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic), CentOS 7 and Red Hat Enterprise Linux 7 images. The available versions of Zabbix appliance are: +These are the only official Zabbix appliance Docker images. They are based on Red Hat Enterprise Linux 8 images. The available versions of Zabbix appliance are: - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) - Zabbix appliance 5.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + Zabbix appliance 4.4 + Zabbix appliance 5.0 -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. +Images are updated when new releases are published. The image with ``latest`` tag is based on Red Hat Enterprise Linux 8. The image uses MySQL database. The image is very useful for testing purposes. @@ -40,7 +29,7 @@ The image uses MySQL database. The image is very useful for testing purposes. Start a Zabbix server container as follows: - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance:tag + docker run --name some-zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance:tag Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://access.redhat.com/containers/?tab=tags&platform=docker#/registry.connect.redhat.com/zabbix/zabbix-appliance). @@ -210,7 +199,7 @@ The volume allows to add new MIB files. It does not support subdirectories, all ### ``/etc/ssl/nginx`` -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. +The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains three files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. diff --git a/zabbix-appliance/rhel/conf/etc/nginx/nginx.conf b/zabbix-appliance/rhel/conf/etc/nginx/nginx.conf index 6e1ae33ce..3bed3cf89 100644 --- a/zabbix-appliance/rhel/conf/etc/nginx/nginx.conf +++ b/zabbix-appliance/rhel/conf/etc/nginx/nginx.conf @@ -1,10 +1,10 @@ -user nginx; +#user nginx; worker_processes 5; worker_rlimit_nofile 256000; -error_log /dev/fd/2 warn; +error_log /dev/fd/2 error; -pid /var/run/nginx.pid; +pid /tmp/nginx.pid; events { worker_connections 5120; @@ -21,6 +21,13 @@ http { '"$http_user_agent" "$http_x_forwarded_for"'; access_log /dev/fd/1 main; + error_log /dev/fd/2 error; + + client_body_temp_path /tmp/client_body 1 2; + proxy_temp_path /tmp/proxy 1 2; + fastcgi_temp_path /tmp/fastcgi 1 2; + uwsgi_temp_path /tmp/uwsgi 1 2; + scgi_temp_path /tmp/scgi 1 2; client_body_timeout 5m; send_timeout 5m; diff --git a/zabbix-appliance/rhel/conf/etc/php-fpm.conf b/zabbix-appliance/rhel/conf/etc/php-fpm.conf index 801c1ae13..ce0225346 100644 --- a/zabbix-appliance/rhel/conf/etc/php-fpm.conf +++ b/zabbix-appliance/rhel/conf/etc/php-fpm.conf @@ -1,537 +1,9 @@ -;;;;;;;;;;;;;;;;;;;;; -; FPM Configuration ; -;;;;;;;;;;;;;;;;;;;;; - -; All relative paths in this configuration file are relative to PHP's install -; prefix (/usr). This prefix can be dynamically changed by using the -; '-p' argument from the command line. - -; Include one or more files. If glob(3) exists, it is used to include a bunch of -; files from a glob(3) pattern. This directive can be used everywhere in the -; file. -; Relative path can also be used. They will be prefixed by: -; - the global prefix if it's been set (-p argument) -; - /usr otherwise -include = /etc/php-fpm.d/*.conf - -;;;;;;;;;;;;;;;;;; -; Global Options ; -;;;;;;;;;;;;;;;;;; +include=/etc/php-fpm.d/*.conf [global] -; Pid file -; Note: the default prefix is /var -; Default Value: none -;pid = run/php-fpm.pid -; Error log file -; If it's set to "syslog", log is sent to syslogd instead of being written -; in a local file. -; Note: the default prefix is /var -; Default Value: log/php-fpm.log -error_log = /var/log/php-fpm.log +pid = /tmp/php-fpm.pid -; syslog_facility is used to specify what type of program is logging the -; message. This lets syslogd specify that messages from different facilities -; will be handled differently. -; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) -; Default Value: daemon -;syslog.facility = daemon +error_log = /dev/fd/2 -; syslog_ident is prepended to every message. If you have multiple FPM -; instances running on the same server, you can change the default value -; which must suit common needs. -; Default Value: php-fpm -;syslog.ident = php-fpm - -; Log level -; Possible Values: alert, error, warning, notice, debug -; Default Value: notice -;log_level = notice - -; If this number of child processes exit with SIGSEGV or SIGBUS within the time -; interval set by emergency_restart_interval then FPM will restart. A value -; of '0' means 'Off'. -; Default Value: 0 -;emergency_restart_threshold = 0 - -; Interval of time used by emergency_restart_interval to determine when -; a graceful restart will be initiated. This can be useful to work around -; accidental corruptions in an accelerator's shared memory. -; Available Units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;emergency_restart_interval = 0 - -; Time limit for child processes to wait for a reaction on signals from master. -; Available units: s(econds), m(inutes), h(ours), or d(ays) -; Default Unit: seconds -; Default Value: 0 -;process_control_timeout = 0 - -; The maximum number of processes FPM will fork. This has been design to control -; the global number of processes when using dynamic PM within a lot of pools. -; Use it with caution. -; Note: A value of 0 indicates no limit -; Default Value: 0 -; process.max = 128 - -; Specify the nice(2) priority to apply to the master process (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool process will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. -; Default Value: yes -;daemonize = yes - -; Set open file descriptor rlimit for the master process. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit for the master process. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Specify the event mechanism FPM will use. The following is available: -; - select (any POSIX os) -; - poll (any POSIX os) -; - epoll (linux >= 2.5.44) -; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) -; - /dev/poll (Solaris >= 7) -; - port (Solaris >= 10) -; Default Value: not set (auto detection) -;events.mechanism = epoll - -; When FPM is build with systemd integration, specify the interval, -; in second, between health report notification to systemd. -; Set to 0 to disable. -; Available Units: s(econds), m(inutes), h(ours) -; Default Unit: seconds -; Default value: 10 -;systemd_interval = 10 - -;;;;;;;;;;;;;;;;;;;; -; Pool Definitions ; -;;;;;;;;;;;;;;;;;;;; - -; Multiple pools of child processes may be started with different listening -; ports and different management options. The name of the pool will be -; used in logs and stats. There is no limitation on the number of pools which -; FPM can handle. Your system will tell you anyway :) - -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = nginx -group = nginx - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -listen = /var/run/php5-fpm.sock - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 65535 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -listen.owner = nginx -listen.group = nginx -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 5 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 0 - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -;chdir = /var/www - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M +daemonize = no diff --git a/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf b/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf new file mode 100644 index 000000000..a4926f4ae --- /dev/null +++ b/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf @@ -0,0 +1,25 @@ +[zabbix] + +listen = /tmp/php-fpm.sock + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 + +slowlog = /dev/fd/1 + +php_admin_value[error_log] = /dev/fd/2 +php_admin_flag[log_errors] = on + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/session + +php_value[max_execution_time]= 300 +php_value[memory_limit]= 128M +php_value[post_max_size]= 16M +php_value[upload_max_filesize]= 2M +php_value[max_input_time]= 300 +php_value[max_input_vars]= 10000 +; php_value[date.timezone]= Europe/Riga diff --git a/zabbix-appliance/rhel/conf/etc/php.d/99-zabbix.ini b/zabbix-appliance/rhel/conf/etc/php.d/99-zabbix.ini deleted file mode 100644 index e87054b7d..000000000 --- a/zabbix-appliance/rhel/conf/etc/php.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -always_populate_raw_post_data=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -session.save_path=/var/lib/php/ diff --git a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf index df9514bd1..1d1f651b6 100644 --- a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf +++ b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_java_gateway.conf @@ -3,7 +3,7 @@ nodaemon = true [program:zabbix_java_gateway] command = /bin/bash /usr/sbin/%(program_name)s -user = zabbix +;user = zabbix auto_start = true autorestart = true diff --git a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_mysql.conf b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_mysql.conf index 7860463bd..4c3fd6bc5 100644 --- a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_mysql.conf +++ b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_mysql.conf @@ -2,8 +2,8 @@ nodaemon = true [program:mysqld] -command = /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid --socket=/var/lib/mysql/mysql.sock --port=3306 --console -user = mysql +command = /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=zabbix --log-output=none --pid-file=/var/lib/mysql/mysqld.pid --socket=/var/lib/mysql/mysql.sock --port=3306 --character-set-server=utf8 --collation-server=utf8_bin --console +;user = zabbix auto_start = true autorestart = true priority = 1 diff --git a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_server.conf b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_server.conf index b11628eb2..a24f4715f 100644 --- a/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_server.conf +++ b/zabbix-appliance/rhel/conf/etc/supervisor/conf.d/supervisord_server.conf @@ -3,7 +3,7 @@ nodaemon = true [program:zabbix_server] command = /usr/sbin/%(program_name)s --foreground -c /etc/zabbix/%(program_name)s.conf -user = zabbix +;user = zabbix auto_start = true autorestart = true diff --git a/zabbix-appliance/rhel/conf/etc/supervisor/supervisord.conf b/zabbix-appliance/rhel/conf/etc/supervisor/supervisord.conf index 925bb1838..7488a07f7 100644 --- a/zabbix-appliance/rhel/conf/etc/supervisor/supervisord.conf +++ b/zabbix-appliance/rhel/conf/etc/supervisor/supervisord.conf @@ -1,17 +1,17 @@ ; supervisor config file [unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) +file = /tmp/supervisor.sock ; (the path to the socket file) chmod = 0700 ; sockef file mode (default 0700) username = zbx password = password [supervisord] logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +pidfile = /tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) critical = critical -user = root +;user = zabbix logfile_maxbytes = 0 logfile_backupcount = 0 loglevel = info @@ -23,7 +23,7 @@ loglevel = info supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket +serverurl = unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or diff --git a/zabbix-appliance/rhel/conf/etc/yum.repo.d/nginx.repo b/zabbix-appliance/rhel/conf/etc/yum.repo.d/nginx.repo index 09cab6812..4a460fee8 100644 --- a/zabbix-appliance/rhel/conf/etc/yum.repo.d/nginx.repo +++ b/zabbix-appliance/rhel/conf/etc/yum.repo.d/nginx.repo @@ -1,5 +1,8 @@ -[nginx] -name=nginx repo -baseurl=http://nginx.org/packages/rhel/7/$basearch/ -gpgcheck=0 -enabled=1 +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true + diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf index 3bde42701..62c9be112 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf @@ -1,5 +1,5 @@ server { - listen 80; + listen 8080; server_name zabbix; index index.php; @@ -51,7 +51,7 @@ server { } location ~ .php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf index 42cd457d9..e50ea368d 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf @@ -1,5 +1,5 @@ server { - listen 443 ssl http2; + listen 8443 ssl http2; server_name zabbix; server_name_in_redirect off; @@ -75,7 +75,7 @@ server { } location ~ .php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php index a4c9fadab..29f041457 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php +++ b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php @@ -10,12 +10,26 @@ $DB['USER'] = '{DB_SERVER_USER}'; $DB['PASSWORD'] = '{DB_SERVER_PASS}'; // Schema name. Used for IBM DB2 and PostgreSQL. -$DB['SCHEMA'] = ''; +$DB['SCHEMA'] = '{DB_SERVER_SCHEMA}'; $ZBX_SERVER = '{ZBX_SERVER_HOST}'; $ZBX_SERVER_PORT = '{ZBX_SERVER_PORT}'; $ZBX_SERVER_NAME = '{ZBX_SERVER_NAME}'; +// Used for TLS connection. +$DB['ENCRYPTION'] = {ZBX_DB_ENCRYPTION}; +$DB['KEY_FILE'] = '{ZBX_DB_KEY_FILE}'; +$DB['CERT_FILE'] = '{ZBX_DB_CERT_FILE}'; +$DB['CA_FILE'] = '{ZBX_DB_CA_FILE}'; +$DB['VERIFY_HOST'] = {ZBX_DB_VERIFY_HOST}; +$DB['CIPHER_LIST'] = '{ZBX_DB_CIPHER_LIST}'; + +// Use IEEE754 compatible value range for 64-bit Numeric (float) history values. +// This option is enabled by default for new Zabbix installations. +// For upgraded installations, please read database upgrade notes before enabling this option. +$DB['DOUBLE_IEEE754'] = {DB_DOUBLE_IEEE754}; + + $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). diff --git a/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway b/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway index 2da696885..e77d407f6 100755 --- a/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway +++ b/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway @@ -7,7 +7,7 @@ JAVA_OPTIONS="$JAVA_OPTIONS -Dlogback.configurationFile=/etc/zabbix/zabbix_java_ cd $DAEMON CLASSPATH="$DAEMON/lib" -for jar in `find lib bin -name "*.jar"`; do +for jar in `find lib bin ext_lib -name "*.jar"`; do if [ $jar != *junit* ]; then CLASSPATH="$CLASSPATH:$DAEMON/$jar" fi diff --git a/zabbix-appliance/rhel/docker-entrypoint.sh b/zabbix-appliance/rhel/docker-entrypoint.sh index 20e78e0da..3dfa2d7f1 100755 --- a/zabbix-appliance/rhel/docker-entrypoint.sh +++ b/zabbix-appliance/rhel/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,29 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} +: ${ZBX_SERVER_NAME:="Zabbix docker"} # Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} +# Default MySQL instance location +: ${DB_SERVER_HOST:="localhost"} +: ${DB_SERVER_PORT:="3306"} # Default directories # User 'zabbix' home directory @@ -72,92 +59,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -181,12 +82,18 @@ update_config_var() { local var_value=$3 local is_multiple=$4 + local masklist=("DBPassword TLSPSKIdentity") + if [ ! -f "$config_path" ]; then echo "**** Configuration file '$config_path' does not exist" return fi - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi # Remove configuration parameter definition in case of unset parameter value if [ -z "$var_value" ]; then @@ -207,8 +114,9 @@ update_config_var() { var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value fi - # Escaping characters in parameter value + # Escaping characters in parameter value and name var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" @@ -239,20 +147,60 @@ update_config_multiple_var() { done } +configure_db_mysql() { + [ "${DB_SERVER_HOST}" != "localhost" ] && return + + echo "** Configuring local MySQL server" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + echo "**** Encryption with local MySQL instance is not supported" + unset ZBX_DBTLSCONNECT + fi + + MYSQL_ALLOW_EMPTY_PASSWORD=true + MYSQL_DATA_DIR="/var/lib/mysql" + + MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" + DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" + + MYSQLD=/usr/libexec/mysqld + + if [ "$(id -u)" == '0' ]; then + mysql_user="--user=zabbix" + fi + + sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" + + if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then + [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" + + echo "** Installing initial MySQL database schemas" + mysql_install_db $mysql_user --datadir="$MYSQL_DATA_DIR" 1>/dev/null + else + echo "**** MySQL data directory is not empty. Using already existing installation." + fi + + echo "** Starting MySQL server in background mode" + + nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ + --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ + --port=3306 --character-set-server=utf8 --collation-server=utf8_bin $mysql_user & +} + +prepare_system() { + echo "** Preparing the system" + + configure_db_mysql +} + # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -273,45 +221,41 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 +db_tls_params() { + local result="" - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + result="--ssl" - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} + if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then + result="${result} --ssl-verify-server-cert" + fi - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi fi + + echo $result } -check_db_connect_mysql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -323,92 +267,28 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" WAIT_TIMEOUT=5 + ssl_opts="$(db_tls_params)" + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do + --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" + ssl_opts="$(db_tls_params)" + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) echo $result } @@ -429,20 +309,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -456,22 +322,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -482,161 +333,18 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + ssl_opts="$(db_tls_params)" + + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { +prepare_web_server() { NGINX_CONFD_DIR="/etc/nginx/conf.d" NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" echo "** Disable default vhosts" rm -f $NGINX_CONFD_DIR/*.conf @@ -658,73 +366,29 @@ prepare_web_server_nginx() { else echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log } stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then + if [ "${DB_SERVER_HOST}" == "localhost" ]; then + echo "** Stopping MySQL instance after initial configuration" mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null + kill -TERM $(cat /var/lib/mysql/mysqld.pid) + else + rm -f /etc/supervisor/conf.d/supervisord_mysql.conf fi } clear_deploy() { - local type=$1 echo "** Cleaning the system" - [ "$type" != "appliance" ] && return - stop_databases } update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix server configuration file" - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -734,41 +398,28 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" fi - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" + update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" @@ -779,23 +430,18 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + + update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi + update_config_var $ZBX_CONFIG "JavaGateway" "localhost" + update_config_var $ZBX_CONFIG "JavaGatewayPort" "10052" + update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" @@ -803,7 +449,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -813,25 +459,19 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -842,26 +482,20 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" + if [ -n "${ZBX_EXPORTFILESIZE}" ]; then + update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" + update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" + update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -869,30 +503,30 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi } prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" @@ -900,42 +534,20 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi + PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf" - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" + update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[memory_limit]" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[post_max_size]" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[upload_max_filesize]" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[max_input_time]" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[date.timezone]" "${PHP_TZ}" - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" + if [ "$(id -u)" == '0' ]; then + echo "user = zabbix" >> "$PHP_CONFIG_FILE" + echo "group = zabbix" >> "$PHP_CONFIG_FILE" + echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" + echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" fi ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} @@ -947,6 +559,10 @@ prepare_zbx_web_config() { history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ @@ -954,88 +570,37 @@ prepare_zbx_web_config() { -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ -e "s/{DB_SERVER_USER}/$server_user/g" \ -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ + -e "s/{ZBX_SERVER_HOST}/localhost/g" \ + -e "s/{ZBX_SERVER_PORT}/10051/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ + -e "s/{ZBX_DB_ENCRYPTION}/${ZBX_DB_ENCRYPTION:-"false"}/g" \ + -e "s/{ZBX_DB_KEY_FILE}/${ZBX_DB_KEY_FILE}/g" \ + -e "s/{ZBX_DB_CERT_FILE}/${ZBX_DB_CERT_FILE}/g" \ + -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ + -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ + -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ + -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" + + if [ -n "${ZBX_SESSION_NAME}" ]; then + cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + rm -f "/tmp/defines.inc.php_tmp" fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" + + if [ "${ENABLE_WEB_ACCESS_LOG:-"true"}" == "false" ]; then + sed -ri \ + -e 's!^(\s*access_log).+\;!\1 off\;!g' \ + "/etc/nginx/nginx.conf" + sed -ri \ + -e 's!^(\s*access_log).+\;!\1 off\;!g' \ + "/etc/zabbix/nginx.conf" + sed -ri \ + -e 's!^(\s*access_log).+\;!\1 off\;!g' \ + "/etc/zabbix/nginx_ssl.conf" fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" } prepare_java_gateway_config() { @@ -1053,51 +618,25 @@ prepare_java_gateway_config() { fi } -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_mysql + check_db_connect + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type + update_zbx_config } prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables_mysql + check_db_connect + prepare_web_server + prepare_zbx_web_config } prepare_java_gateway() { @@ -1108,74 +647,23 @@ prepare_java_gateway() { ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix server (nginx) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_server -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} +prepare_web -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} +prepare_java_gateway -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi elif [ -f "/usr/bin/supervisord" ]; then echo "** Executing supervisord" exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf diff --git a/zabbix-appliance/ubuntu/README.md b/zabbix-appliance/ubuntu/README.md deleted file mode 100644 index 65ec46837..000000000 --- a/zabbix-appliance/ubuntu/README.md +++ /dev/null @@ -1,256 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix appliance? - -> **Important information:_** -Zabbix Docker Appliance image has been decommissioned and will not be available for [3.0.31](https://www.zabbix.com/documentation/3.0/manual/installation/upgrade_notes_3031), [4.0.19](https://www.zabbix.com/documentation/4.0/manual/installation/upgrade_notes_4020), 4.4.7, 5.0.0 and newer releases. Please use a separate Docker image for each component instead of the all-in-one solution. - -Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server. - -# Zabbix appliance images - -These are the only official Zabbix appliance Docker images. They are based on Alpine Linux v3.4, Ubuntu 18.04 (bionic) and CentOS 7 images. The available versions of Zabbix appliance are: - - Zabbix appliance 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) - Zabbix appliance 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) - Zabbix appliance 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2.*) (unsupported) - Zabbix appliance 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix appliance 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4.*) (unsupported) - Zabbix appliance 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix appliance 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix appliance 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix appliance 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2.*) (unsupported) - Zabbix appliance 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix appliance 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) (unsupported) - Zabbix appliance 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. The image is very useful for testing purposes. - -# How to use this image - -## Start `zabbix-appliance` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-appliance -p 80:80 -p 10051:10051 -d zabbix/zabbix-appliance:tag - -Where `some-zabbix-appliance` is the name you want to assign to your container. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-appliance/tags/). - -## Container shell access and viewing Zabbix appliance logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-appliance` container: - -```console -$ docker exec -ti some-zabbix-appliance /bin/bash -``` - -The Zabbix appliance logs is available through Docker's container log: - -```console -$ docker logs some-zabbix-appliance -``` - -## Environment Variables - -When you start the `zabbix-appliance` image, you can adjust the configuration of the Zabbix appliance by passing one or more environment variables on the `docker run` command line. - -### `PHP_TZ` - -The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga'. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_SERVER_NAME` - -The variable is visible Zabbix installation name in right top corner of the web interface. - -### `ZBX_MAXEXECUTIONTIME` - -The varable is PHP ``max_execution_time`` option. By default, value is `300`. - -### `ZBX_MEMORYLIMIT` - -The varable is PHP ``memory_limit`` option. By default, value is `128M`. - -### `ZBX_POSTMAXSIZE` - -The varable is PHP ``post_max_size`` option. By default, value is `16M`. - -### `ZBX_UPLOADMAXFILESIZE` - -The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. - -### `ZBX_MAXINPUTTIME` - -The varable is PHP ``max_input_time`` option. By default, value is `300`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_LISTENIP= -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/etc/ssl/nginx`` - -The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains two files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. - -Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. - -# The image variants - -The `zabbix-appliance` images come in many flavors, each designed for a specific use case. - -## `zabbix-appliance:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-appliance:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`zabbix-appliance/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/zabbix-appliance) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues -Some configuration environment variables are the same between multiple Zabbix components. Be careful when change these variables. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. From 99bb977661157fbf00c6c0f92da23aef00015ce4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 27 Aug 2020 14:07:49 -0400 Subject: [PATCH 024/253] Updated trunk version to 5.2 --- agent/alpine/Dockerfile | 2 +- agent/centos/Dockerfile | 2 +- agent/ubuntu/Dockerfile | 2 +- agent2/alpine/Dockerfile | 2 +- java-gateway/alpine/Dockerfile | 2 +- java-gateway/centos/Dockerfile | 2 +- java-gateway/ubuntu/Dockerfile | 2 +- proxy-mysql/alpine/Dockerfile | 2 +- proxy-mysql/centos/Dockerfile | 2 +- proxy-mysql/ubuntu/Dockerfile | 2 +- proxy-sqlite3/alpine/Dockerfile | 2 +- proxy-sqlite3/centos/Dockerfile | 2 +- proxy-sqlite3/ubuntu/Dockerfile | 2 +- server-mysql/alpine/Dockerfile | 2 +- server-mysql/centos/Dockerfile | 2 +- server-mysql/ubuntu/Dockerfile | 2 +- server-pgsql/alpine/Dockerfile | 2 +- server-pgsql/centos/Dockerfile | 2 +- server-pgsql/ubuntu/Dockerfile | 2 +- snmptraps/alpine/Dockerfile | 2 +- snmptraps/centos/Dockerfile | 2 +- snmptraps/ubuntu/Dockerfile | 2 +- web-apache-mysql/alpine/Dockerfile | 2 +- web-apache-mysql/centos/Dockerfile | 2 +- web-apache-mysql/ubuntu/Dockerfile | 2 +- web-apache-pgsql/alpine/Dockerfile | 2 +- web-apache-pgsql/centos/Dockerfile | 2 +- web-apache-pgsql/ubuntu/Dockerfile | 2 +- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-mysql/centos/Dockerfile | 2 +- web-nginx-mysql/ubuntu/Dockerfile | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- web-nginx-pgsql/centos/Dockerfile | 2 +- web-nginx-pgsql/ubuntu/Dockerfile | 2 +- 34 files changed, 34 insertions(+), 34 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 6ad8cf52e..ea965fa87 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -31,7 +31,7 @@ RUN set -eux && \ libldap && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 7513604f0..761387668 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -44,7 +44,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 87e4be68a..17c5239fa 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -34,7 +34,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index d06176a81..3a67bab72 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -29,7 +29,7 @@ RUN set -eux && \ iputils && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 6f360dd8b..cbc04eb74 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -22,7 +22,7 @@ RUN set -eux && \ openjdk8-jre-base && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index 8976682b6..e23a936f5 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -24,7 +24,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 340168a65..cfe362ff2 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -26,7 +26,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index eb853f6c0..b0f04d866 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ fping && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index cf71473f9..16674da6e 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -62,7 +62,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index 7022e59e3..e69192d0a 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -52,7 +52,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index fbf5adde8..180e185b8 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -45,7 +45,7 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index a27ac3432..95061ed6f 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -61,7 +61,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 386c476ee..88371ef79 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 33ae86a45..42df73f9a 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index 83ac26c11..489b2be82 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -66,7 +66,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index 90082df9f..20db0b749 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 0d96dae73..760d291cc 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index a97f81b61..0ae51faa0 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -67,7 +67,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index f694b7eaf..69d8ff496 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index 09c0edffe..61e23f8a6 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -1,6 +1,6 @@ FROM alpine:3.12 -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index daf3803b7..fc3c44325 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -1,6 +1,6 @@ FROM centos:centos7 -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index fc7cd28ee..3e95f1be3 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -1,6 +1,6 @@ FROM ubuntu:bionic -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index c3d0defa1..db1f752ba 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -55,7 +55,7 @@ RUN set -eux && \ rm -rf "/var/run/apache2/" && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index d6b0a9d75..c4b2b33d1 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index 68cf941c4..af0c08def 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -54,7 +54,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index bca989564..2071751ff 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -54,7 +54,7 @@ RUN set -eux && \ rm -rf "/var/run/apache2/" && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index e397348a0..5af0d7ee8 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index 1f0d7d000..d473162de 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -54,7 +54,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 2c77fb8f6..20186f20f 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -48,7 +48,7 @@ RUN set -eux && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index 83a77ecaa..14512971f 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -39,7 +39,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index e90fe9ae6..e610ec0e0 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -64,7 +64,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 2321256a9..1ae1448c5 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index 09124b65d..9045c142e 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -39,7 +39,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 75af495f3..b13957706 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -64,7 +64,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.0 +ARG MAJOR_VERSION=5.2 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git From d630970f0288db5c149acf9bd52a372b9074dc4a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 29 Aug 2020 05:23:51 -0400 Subject: [PATCH 025/253] Fixed image building on CentOS --- zabbix-appliance/rhel/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index 1919beabf..f82abb597 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -110,7 +110,7 @@ RUN set -o xtrace && INSTALL_PKGS="OpenIPMI-libs \ gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ done && \ gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ + rm -rf "$GNUPGHOME" /tmp/tini.asc && \ chmod +x /sbin/tini && \ dnf -y clean all && \ rm -f /etc/php-fpm.d/www.conf /etc/nginx/conf.d/*.conf /etc/my.cnf.d/auth_gssapi.cnf && \ From eeb1677c9be1b2ee0ca7eebf558e8cbcb872618c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 19:56:55 +0300 Subject: [PATCH 026/253] Update CI.yml --- .github/workflows/CI.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 9c4328d86..69b1d6625 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -117,7 +117,7 @@ jobs: RELEASE_VERSION=${RELEASE_VERSION:10} GIT_BRANCH=${RELEASE_VERSION%.*} - echo "::warning Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" + echo "::warning Release version - ${RELEASE_VERSION}. Branch - ${GIT_BRANCH}" TAGS="$TAGS --tag $IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}" @@ -125,8 +125,9 @@ jobs: TAGS="$TAGS --tag $IMAGE_NAME:latest" fi + echo "::warning Tags - ${TAGS}" + echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_version::${IMAGE_TAG_VERSION} echo ::set-output name=buildx_args::--platform "${{ steps.platform.outputs.list }}" \ --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \ --build-arg VCS_REF=${GITHUB_SHA::8} \ From 4ae75eb8f19d47857ec6bf38257b95d28a2293b6 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 21:41:39 +0300 Subject: [PATCH 027/253] Update CI.yml --- .github/workflows/CI.yml | 45 +++++++++++++++++++++++++++------------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 69b1d6625..6da24a351 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -51,10 +51,11 @@ jobs: - os: ubuntu build: agent2 + runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - + - name: Prepare platform list id: platform run: | @@ -79,29 +80,30 @@ jobs: if: github.event_name == 'push' id: prepare_push run: | + TAGS_ARRAY=() + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" GIT_BRANCH="${{ github.ref }}" GIT_BRANCH=${GIT_BRANCH:11} echo "::warning Branch - ${GIT_BRANCH}" - TAGS="--tag $IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}" + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS="$TAGS --tag $IMAGE_NAME:latest" + TAGS_ARRAY+=("$IMAGE_NAME:latest") fi if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS="$TAGS --tag $IMAGE_NAME:${{ matrix.os }}-latest" + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") fi - if [ "${GIT_BRANCH}" == "trunk" ]; then - TAGS="--tag $IMAGE_NAME:${{ matrix.os }}-trunk" - fi + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") echo "::warning Tags - ${TAGS}" echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "|%s" "${TAGS_ARRAY[@]}") echo ::set-output name=buildx_args::--platform "${{ steps.platform.outputs.list }}" \ --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \ --build-arg VCS_REF=${GITHUB_SHA::8} \ @@ -112,29 +114,44 @@ jobs: if: github.event_name == 'release' && github.event.action == 'created' id: prepare_release run: | + TAGS_ARRAY=() + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" RELEASE_VERSION="${{ github.ref }}" RELEASE_VERSION=${RELEASE_VERSION:10} GIT_BRANCH=${RELEASE_VERSION%.*} - echo "::warning Release version - ${RELEASE_VERSION}. Branch - ${GIT_BRANCH}" + echo "::warning Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" - TAGS="$TAGS --tag $IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}" + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS="$TAGS --tag $IMAGE_NAME:latest" + TAGS_ARRAY+=("$IMAGE_NAME:latest") fi - echo "::warning Tags - ${TAGS}" + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "|%s" "${TAGS_ARRAY[@]}") echo ::set-output name=buildx_args::--platform "${{ steps.platform.outputs.list }}" \ --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \ --build-arg VCS_REF=${GITHUB_SHA::8} \ - ${TAGS} \ + $TAGS \ --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} - name: Prepare environment output run: | - echo "::warning ${{ steps.prepare_push.outputs.buildx_args }}" - echo "::warning ${{ steps.prepare_release.outputs.buildx_args }}" + echo "::warning push - ${{ steps.prepare_push.outputs.buildx_args }}" + echo "::warning release - ${{ steps.prepare_release.outputs.buildx_args }}" + + if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then + IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_push.outputs.image_tag_versions }}" + echo "::warning tags raw - ${{ steps.prepare_push.outputs.image_tag_versions }}" + elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then + IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_release.outputs.image_tag_versions }}" + echo "::warning tags raw - ${{ steps.prepare_release.outputs.image_tag_versions }}" + fi + + for version in ${IMAGE_TAG_VERSIONS[@]}; do + echo "::warning tag value - $version" + done From f7bd28e47fa057de61e5a7843c999e42aaf107e0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 21:42:50 +0300 Subject: [PATCH 028/253] Update CI.yml --- .github/workflows/CI.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 6da24a351..adff27033 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -76,7 +76,7 @@ jobs: echo ::set-output name=list::${DOCKER_PLATFORM} - - name: Prepare environment + - name: Prepare environment (push) if: github.event_name == 'push' id: prepare_push run: | @@ -110,7 +110,7 @@ jobs: ${TAGS} \ --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} - - name: Prepare environment + - name: Prepare environment (release) if: github.event_name == 'release' && github.event.action == 'created' id: prepare_release run: | @@ -139,7 +139,7 @@ jobs: $TAGS \ --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} - - name: Prepare environment output + - name: Continue run: | echo "::warning push - ${{ steps.prepare_push.outputs.buildx_args }}" echo "::warning release - ${{ steps.prepare_release.outputs.buildx_args }}" From 5ffd08f665858407db669f957b4c3433ff291e0f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:12:42 +0300 Subject: [PATCH 029/253] Update CI.yml --- .github/workflows/CI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index adff27033..55ef7bfd0 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -151,7 +151,7 @@ jobs: IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_release.outputs.image_tag_versions }}" echo "::warning tags raw - ${{ steps.prepare_release.outputs.image_tag_versions }}" fi - + echo "::warning tag value - $IMAGE_TAG_VERSIONS" for version in ${IMAGE_TAG_VERSIONS[@]}; do echo "::warning tag value - $version" done From 026b7a77792667c20c7a5e80e2cfcc3ffabb48e3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:17:28 +0300 Subject: [PATCH 030/253] Update CI.yml --- .github/workflows/CI.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 55ef7bfd0..9865bb375 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -146,9 +146,11 @@ jobs: if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_push.outputs.image_tag_versions }}" + IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} echo "::warning tags raw - ${{ steps.prepare_push.outputs.image_tag_versions }}" elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_release.outputs.image_tag_versions }}" + IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} echo "::warning tags raw - ${{ steps.prepare_release.outputs.image_tag_versions }}" fi echo "::warning tag value - $IMAGE_TAG_VERSIONS" From f1db34b744619ce7e1fed38acd6de91ebe0907f8 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:18:38 +0300 Subject: [PATCH 031/253] Update CI.yml --- .github/workflows/CI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 9865bb375..e57ead7e6 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -155,5 +155,5 @@ jobs: fi echo "::warning tag value - $IMAGE_TAG_VERSIONS" for version in ${IMAGE_TAG_VERSIONS[@]}; do - echo "::warning tag value - $version" + echo "::warning tag value2 - $version" done From 822570402710d71f5c4e3fa7f238330eb386aef4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:25:42 +0300 Subject: [PATCH 032/253] Update CI.yml --- .github/workflows/CI.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index e57ead7e6..357a86996 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -145,15 +145,17 @@ jobs: echo "::warning release - ${{ steps.prepare_release.outputs.buildx_args }}" if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then - IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_push.outputs.image_tag_versions }}" - IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} - echo "::warning tags raw - ${{ steps.prepare_push.outputs.image_tag_versions }}" + IMAGE_TAG_VERSIONS="${{ steps.prepare_push.outputs.image_tag_versions }}" + echo "::warning tags push raw - $IMAGE_TAG_VERSIONS" elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then - IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< "${{ steps.prepare_release.outputs.image_tag_versions }}" - IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} - echo "::warning tags raw - ${{ steps.prepare_release.outputs.image_tag_versions }}" + IMAGE_TAG_VERSIONS="${{ steps.prepare_release.outputs.image_tag_versions }}" + echo "::warning tags release raw - $IMAGE_TAG_VERSIONS" fi + + IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} + IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< $IMAGE_TAG_VERSIONS echo "::warning tag value - $IMAGE_TAG_VERSIONS" + for version in ${IMAGE_TAG_VERSIONS[@]}; do echo "::warning tag value2 - $version" done From a7adff05b89effab1f1845324bfc284d6033eeaa Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:27:23 +0300 Subject: [PATCH 033/253] Update CI.yml --- .github/workflows/CI.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 357a86996..9c5d1937b 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -154,8 +154,7 @@ jobs: IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< $IMAGE_TAG_VERSIONS - echo "::warning tag value - $IMAGE_TAG_VERSIONS" for version in ${IMAGE_TAG_VERSIONS[@]}; do - echo "::warning tag value2 - $version" + docker buildx imagetools inspect $version done From 92a53fdef0ec3642285983e1c395805259b3f3af Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:30:39 +0300 Subject: [PATCH 034/253] Update CI.yml --- .github/workflows/CI.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 9c5d1937b..bc78ff48a 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -139,6 +139,19 @@ jobs: $TAGS \ --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} + - name: Build images + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + if [ ! -z "${{ steps.prepare_push.outputs.buildx_args }}" ]; then + BUILDX_ARGS=="${{ steps.prepare_push.outputs.buildx_args }}" + elif [ ! -z "${{ steps.prepare_release.outputs.buildx_args }}" ]; then + BUILDX_ARGS=="${{ steps.prepare_release.outputs.buildx_args }}" + fi + echo "docker buildx build --cache-to \"type=local,dest=/tmp/.buildx-cache\" \ + --output \"type=image,push=false\" \ + $BUILDX_ARGS" + - name: Continue run: | echo "::warning push - ${{ steps.prepare_push.outputs.buildx_args }}" @@ -156,5 +169,6 @@ jobs: IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< $IMAGE_TAG_VERSIONS for version in ${IMAGE_TAG_VERSIONS[@]}; do + echo "Checking \"$version\"... " docker buildx imagetools inspect $version done From 2fabe6078da5492d12cd2528b83e5571d76a2aad Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:36:52 +0300 Subject: [PATCH 035/253] Update CI.yml --- .github/workflows/CI.yml | 57 +++++++++++++++++++++++++++++++++++----- 1 file changed, 50 insertions(+), 7 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index bc78ff48a..e4cf72a7d 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -55,7 +55,27 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - + + - name: Install buildx + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + BUILDX_VERSION="0.4.2" + QEMU_TAG="latest" + mkdir -p ~/.docker/cli-plugins/ + curl -L https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION}/buildx-v${BUILDX_VERSION}.linux-amd64 \ + -o ~/.docker/cli-plugins/docker-buildx + chmod +x ~/.docker/cli-plugins/docker-buildx + docker pull -q multiarch/qemu-user-static:latest + docker run --rm --privileged multiarch/qemu-user-static:${QEMU_TAG} --reset -p yes --credential yes + docker buildx create --name builder-${GITHUB_SHA::8} --driver docker-container --use + docker buildx inspect --bootstrap + docker info + docker buildx inspect + + - name: Available platforms + run: docker buildx inspect | grep Platforms + - name: Prepare platform list id: platform run: | @@ -144,15 +164,38 @@ jobs: DOCKER_CLI_EXPERIMENTAL: enabled run: | if [ ! -z "${{ steps.prepare_push.outputs.buildx_args }}" ]; then - BUILDX_ARGS=="${{ steps.prepare_push.outputs.buildx_args }}" + BUILDX_ARGS="${{ steps.prepare_push.outputs.buildx_args }}" elif [ ! -z "${{ steps.prepare_release.outputs.buildx_args }}" ]; then - BUILDX_ARGS=="${{ steps.prepare_release.outputs.buildx_args }}" + BUILDX_ARGS="${{ steps.prepare_release.outputs.buildx_args }}" fi - echo "docker buildx build --cache-to \"type=local,dest=/tmp/.buildx-cache\" \ - --output \"type=image,push=false\" \ - $BUILDX_ARGS" + + docker buildx build --cache-to "type=local,dest=/tmp/.buildx-cache" \ + --output "type=image,push=false" \ + $BUILDX_ARGS - - name: Continue + - name: Docker Hub login + if: success() + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Push images from cache + if: success() + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + if [ ! -z "${{ steps.prepare_push.outputs.buildx_args }}" ]; then + BUILDX_ARGS="${{ steps.prepare_push.outputs.buildx_args }}" + elif [ ! -z "${{ steps.prepare_release.outputs.buildx_args }}" ]; then + BUILDX_ARGS="${{ steps.prepare_release.outputs.buildx_args }}" + fi + + docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ + --output "type=image,push=false" \ + $BUILDX_ARGS + + - name: Inspect images run: | echo "::warning push - ${{ steps.prepare_push.outputs.buildx_args }}" echo "::warning release - ${{ steps.prepare_release.outputs.buildx_args }}" From 5ebca7a176da9119781db955691a3006272c92db Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:37:18 +0300 Subject: [PATCH 036/253] Update CI.yml --- .github/workflows/CI.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index e4cf72a7d..ccd6f80c6 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -171,7 +171,7 @@ jobs: docker buildx build --cache-to "type=local,dest=/tmp/.buildx-cache" \ --output "type=image,push=false" \ - $BUILDX_ARGS + ${BUILDX_ARGS} - name: Docker Hub login if: success() @@ -193,7 +193,7 @@ jobs: docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ --output "type=image,push=false" \ - $BUILDX_ARGS + ${BUILDX_ARGS} - name: Inspect images run: | From ee48ff08eb41e5b2ed45e4f523eb025675915ebc Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 22:46:19 +0300 Subject: [PATCH 037/253] Update CI.yml --- .github/workflows/CI.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index ccd6f80c6..a8b0781bf 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -85,6 +85,10 @@ jobs: DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" fi + if [ "${{ matrix.os }}" == "ubuntu" ] && [ "${{ matrix.build }}" == "snmptraps" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" + fi + if [ "${{ matrix.os }}" == "centos" ]; then #DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" DOCKER_PLATFORM="linux/amd64" @@ -192,7 +196,7 @@ jobs: fi docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ - --output "type=image,push=false" \ + --output "type=image,push=true" \ ${BUILDX_ARGS} - name: Inspect images From 055fed9352e73ab8921a827306ec33035affcd15 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 23:12:42 +0300 Subject: [PATCH 038/253] Update CI.yml --- .github/workflows/CI.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index a8b0781bf..64fb82f82 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -79,14 +79,14 @@ jobs: - name: Prepare platform list id: platform run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le" + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x,linux/ppc64le" if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/s390x,linux/ppc64le" fi if [ "${{ matrix.os }}" == "ubuntu" ] && [ "${{ matrix.build }}" == "snmptraps" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" + DOCKER_PLATFORM="linux/amd64,linux/arm64" fi if [ "${{ matrix.os }}" == "centos" ]; then From af245467239c8cb4dd158914d3e095da860ef094 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 8 Sep 2020 00:49:43 +0300 Subject: [PATCH 039/253] Update CI.yml --- .github/workflows/CI.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index b2f241863..1dd772b14 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -89,8 +89,7 @@ jobs: fi if [ "${{ matrix.os }}" == "centos" ]; then - #DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" - DOCKER_PLATFORM="linux/amd64" + DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" fi if [ "${{ matrix.build }}" == "java-gateway" ]; then @@ -195,7 +194,7 @@ jobs: fi docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ - --output "type=image,push=false" \ + --output "type=image,push=true" \ ${BUILDX_ARGS} - name: Inspect images From 31f8d10a565e1378d04c1bab7bcd8736ae176c68 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Sep 2020 19:40:45 -0400 Subject: [PATCH 040/253] Replaced MariaDB library to MySQL 8 --- proxy-mysql/centos/Dockerfile | 6 ++++-- server-mysql/centos/Dockerfile | 6 ++++-- web-apache-mysql/centos/Dockerfile | 2 +- web-nginx-mysql/centos/Dockerfile | 2 +- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 3e6fd929b..570d8358a 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -32,13 +32,15 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ dnf --quiet makecache && \ dnf -y install epel-release && \ + dnf -y module enable mysql && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ libcurl-minimal \ libevent \ libssh \ fping \ libxml2 \ - mariadb \ + mysql \ + mysql-libs \ net-snmp-libs \ OpenIPMI-libs \ openldap \ @@ -87,7 +89,7 @@ RUN set -eux && \ libssh-devel \ libxml2-devel \ make \ - mariadb-connector-c-devel \ + mysql-devel \ net-snmp-devel \ OpenIPMI-devel \ openldap-devel \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index f902a5d1e..d56f1f88e 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -34,6 +34,7 @@ RUN set -eux && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ dnf --quiet makecache && \ dnf -y install epel-release && \ + dnf -y module enable mysql && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ fping \ tzdata \ @@ -43,7 +44,8 @@ RUN set -eux && \ libevent \ libxml2 \ libssh \ - mariadb \ + mysql \ + mysql-libs \ net-snmp-libs \ OpenIPMI-libs \ openldap \ @@ -92,7 +94,7 @@ RUN set -eux && \ libssh-devel \ libxml2-devel \ make \ - mariadb-connector-c-devel \ + mysql-devel \ net-snmp-devel \ OpenIPMI-devel \ openldap-devel \ diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index 454dd218a..5f9e7daa2 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -23,7 +23,7 @@ RUN set -eux && \ dejavu-sans-fonts \ curl \ httpd \ - mariadb \ + mysql \ mod_ssl \ php \ php-fpm \ diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index a67018552..6b74076ac 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -22,7 +22,7 @@ RUN set -eux && \ dnf -y install epel-release && \ dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ curl \ - mariadb \ + mysql \ nginx \ php-bcmath \ php-fpm \ From d5e3ef697438f612a354102ec72cf146650c326d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 8 Sep 2020 15:15:44 +0300 Subject: [PATCH 041/253] Update CI.yml --- .github/workflows/CI.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 1dd772b14..f8ea9f77f 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -89,7 +89,8 @@ jobs: fi if [ "${{ matrix.os }}" == "centos" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" + #DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" + DOCKER_PLATFORM="linux/amd64" fi if [ "${{ matrix.build }}" == "java-gateway" ]; then @@ -110,7 +111,11 @@ jobs: echo "::warning Branch - ${GIT_BRANCH}" - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") + if [ "${GIT_BRANCH}" == "trunk" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") + else + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") + fi if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then TAGS_ARRAY+=("$IMAGE_NAME:latest") From c3ecd898b1433ea56c034948a4c1908bf26bd24b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 8 Sep 2020 15:22:39 +0300 Subject: [PATCH 042/253] Update CI.yml --- .github/workflows/CI.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index f8ea9f77f..3382820c0 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -89,8 +89,7 @@ jobs: fi if [ "${{ matrix.os }}" == "centos" ]; then - #DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" - DOCKER_PLATFORM="linux/amd64" + DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" fi if [ "${{ matrix.build }}" == "java-gateway" ]; then From 8cb5cb6d8ee66bef7e4893c272a20b10bc1be49d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 8 Sep 2020 13:38:19 -0400 Subject: [PATCH 043/253] Fixed Ubuntu web based images --- web-apache-mysql/ubuntu/docker-entrypoint.sh | 4 ---- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 4 ---- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 4 ---- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 4 ---- 4 files changed, 16 deletions(-) diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index a77d4ff6d..f40f53f2a 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -254,10 +254,6 @@ prepare_zbx_web_config() { ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") - ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") - ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 151ae0f63..d539e4727 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -250,10 +250,6 @@ prepare_zbx_web_config() { ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") - ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") - ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index b0730bebd..f33a294c7 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -281,10 +281,6 @@ prepare_zbx_web_config() { ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") - ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") - ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 162852189..dad9542a5 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -271,10 +271,6 @@ prepare_zbx_web_config() { ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") - ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") - ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") - sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ From 2a80090f3760056f33019b9dce7710e1ad0b30b1 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 9 Sep 2020 01:37:13 +0300 Subject: [PATCH 044/253] Create nightly_build.yml --- .github/workflows/nightly_build.yml | 166 ++++++++++++++++++++++++++++ 1 file changed, 166 insertions(+) create mode 100644 .github/workflows/nightly_build.yml diff --git a/.github/workflows/nightly_build.yml b/.github/workflows/nightly_build.yml new file mode 100644 index 000000000..8921a3f24 --- /dev/null +++ b/.github/workflows/nightly_build.yml @@ -0,0 +1,166 @@ +name: NightlyBuild + +on: + schedule: + - cron: '*/15 * * * *' + +defaults: + run: + shell: bash + +jobs: + build: + env: + DOCKER_REPOSITORY: "zabbix" + strategy: + fail-fast: false + matrix: + build: + - agent + - agent2 + - java-gateway + - proxy-mysql + - proxy-sqlite3 + - server-mysql + - server-pgsql + - snmptraps + - web-apache-mysql + - web-apache-pgsql + - web-nginx-mysql + - web-nginx-pgsql + os: + - alpine + - ubuntu + - centos + exclude: + - os: centos + build: agent2 + - os: ubuntu + build: agent2 + + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + ref: trunk + + - name: Install buildx + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + BUILDX_VERSION="0.4.2" + QEMU_TAG="latest" + mkdir -p ~/.docker/cli-plugins/ + curl -L https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION}/buildx-v${BUILDX_VERSION}.linux-amd64 \ + -o ~/.docker/cli-plugins/docker-buildx + chmod +x ~/.docker/cli-plugins/docker-buildx + docker pull -q multiarch/qemu-user-static:latest + docker run --rm --privileged multiarch/qemu-user-static:${QEMU_TAG} --reset -p yes --credential yes + docker buildx create --name builder-${GITHUB_SHA::8} --driver docker-container --use + docker buildx inspect --bootstrap + docker info + docker buildx inspect + + - name: Available platforms + run: docker buildx inspect | grep Platforms + + - name: Prepare platform list + id: platform + run: | + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x,linux/ppc64le" + + if [ "${{ matrix.os }}" == "ubuntu" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/s390x,linux/ppc64le" + fi + + if [ "${{ matrix.os }}" == "ubuntu" ] && [ "${{ matrix.build }}" == "snmptraps" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm64" + fi + + if [ "${{ matrix.os }}" == "centos" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" + fi + + if [ "${{ matrix.build }}" == "java-gateway" ]; then + DOCKER_PLATFORM=${DOCKER_PLATFORM%",linux/ppc64le"} + fi + + echo ::set-output name=list::${DOCKER_PLATFORM} + + - name: Prepare environment (push) + id: prepare + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + GIT_BRANCH="${{ github.ref }}" + GIT_BRANCH=${GIT_BRANCH:11} + + echo "::debug::Branch - ${GIT_BRANCH}" + + if [ "${GIT_BRANCH}" == "trunk" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") + fi + + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") + + echo "::debug::Tags - ${TAGS}" + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "|%s" "${TAGS_ARRAY[@]}") + echo ::set-output name=buildx_args::--platform "${{ steps.platform.outputs.list }}" \ + --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \ + --build-arg VCS_REF=${GITHUB_SHA::8} \ + ${TAGS} \ + --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} + + - name: Build images + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + if [ ! -z "${{ steps.prepare.outputs.buildx_args }}" ]; then + BUILDX_ARGS="${{ steps.prepare.outputs.buildx_args }}" + else + exit 1 + fi + + docker buildx build --cache-to "type=local,dest=/tmp/.buildx-cache" \ + --output "type=image,push=false" \ + ${BUILDX_ARGS} + + - name: Docker Hub login + if: success() + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Push images from cache + if: success() + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + if [ ! -z "${{ steps.prepare.outputs.buildx_args }}" ]; then + BUILDX_ARGS="${{ steps.prepare.outputs.buildx_args }}" + fi + + docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ + --output "type=image,push=${{ secrets.AUTO_PUSH_IMAGES }}" \ + ${BUILDX_ARGS} + + - name: Inspect images + run: | + echo "::debug::schedule - ${{ steps.prepare.outputs.buildx_args }}" + + if [ ! -z "${{ steps.prepare.outputs.image_tag_versions }}" ]; then + IMAGE_TAG_VERSIONS="${{ steps.prepare.outputs.image_tag_versions }}" + echo "::debug::tags schedule raw - $IMAGE_TAG_VERSIONS" + fi + + IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} + IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< $IMAGE_TAG_VERSIONS + + for version in ${IMAGE_TAG_VERSIONS[@]}; do + echo "Checking \"$version\"... " + docker buildx imagetools inspect $version + done From 6179e2c825740d1982c7e0ba36a61322a59d0aa9 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 9 Sep 2020 01:46:15 +0300 Subject: [PATCH 045/253] Update nightly_build.yml --- .github/workflows/nightly_build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly_build.yml b/.github/workflows/nightly_build.yml index 8921a3f24..60b956328 100644 --- a/.github/workflows/nightly_build.yml +++ b/.github/workflows/nightly_build.yml @@ -87,7 +87,7 @@ jobs: echo ::set-output name=list::${DOCKER_PLATFORM} - - name: Prepare environment (push) + - name: Prepare environment (schedule) id: prepare run: | TAGS_ARRAY=() From ef0532587cbafffbc433f8dc2c3d4bb948ca24e4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 8 Sep 2020 19:03:07 -0400 Subject: [PATCH 046/253] Removed nightly build from trunk branch --- .github/workflows/nightly_build.yml | 166 ---------------------------- 1 file changed, 166 deletions(-) delete mode 100644 .github/workflows/nightly_build.yml diff --git a/.github/workflows/nightly_build.yml b/.github/workflows/nightly_build.yml deleted file mode 100644 index 60b956328..000000000 --- a/.github/workflows/nightly_build.yml +++ /dev/null @@ -1,166 +0,0 @@ -name: NightlyBuild - -on: - schedule: - - cron: '*/15 * * * *' - -defaults: - run: - shell: bash - -jobs: - build: - env: - DOCKER_REPOSITORY: "zabbix" - strategy: - fail-fast: false - matrix: - build: - - agent - - agent2 - - java-gateway - - proxy-mysql - - proxy-sqlite3 - - server-mysql - - server-pgsql - - snmptraps - - web-apache-mysql - - web-apache-pgsql - - web-nginx-mysql - - web-nginx-pgsql - os: - - alpine - - ubuntu - - centos - exclude: - - os: centos - build: agent2 - - os: ubuntu - build: agent2 - - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - ref: trunk - - - name: Install buildx - env: - DOCKER_CLI_EXPERIMENTAL: enabled - run: | - BUILDX_VERSION="0.4.2" - QEMU_TAG="latest" - mkdir -p ~/.docker/cli-plugins/ - curl -L https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION}/buildx-v${BUILDX_VERSION}.linux-amd64 \ - -o ~/.docker/cli-plugins/docker-buildx - chmod +x ~/.docker/cli-plugins/docker-buildx - docker pull -q multiarch/qemu-user-static:latest - docker run --rm --privileged multiarch/qemu-user-static:${QEMU_TAG} --reset -p yes --credential yes - docker buildx create --name builder-${GITHUB_SHA::8} --driver docker-container --use - docker buildx inspect --bootstrap - docker info - docker buildx inspect - - - name: Available platforms - run: docker buildx inspect | grep Platforms - - - name: Prepare platform list - id: platform - run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x,linux/ppc64le" - - if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/s390x,linux/ppc64le" - fi - - if [ "${{ matrix.os }}" == "ubuntu" ] && [ "${{ matrix.build }}" == "snmptraps" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - if [ "${{ matrix.os }}" == "centos" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64,linux/ppc64le" - fi - - if [ "${{ matrix.build }}" == "java-gateway" ]; then - DOCKER_PLATFORM=${DOCKER_PLATFORM%",linux/ppc64le"} - fi - - echo ::set-output name=list::${DOCKER_PLATFORM} - - - name: Prepare environment (schedule) - id: prepare - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - GIT_BRANCH="${{ github.ref }}" - GIT_BRANCH=${GIT_BRANCH:11} - - echo "::debug::Branch - ${GIT_BRANCH}" - - if [ "${GIT_BRANCH}" == "trunk" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") - fi - - TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") - - echo "::debug::Tags - ${TAGS}" - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- "|%s" "${TAGS_ARRAY[@]}") - echo ::set-output name=buildx_args::--platform "${{ steps.platform.outputs.list }}" \ - --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \ - --build-arg VCS_REF=${GITHUB_SHA::8} \ - ${TAGS} \ - --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} - - - name: Build images - env: - DOCKER_CLI_EXPERIMENTAL: enabled - run: | - if [ ! -z "${{ steps.prepare.outputs.buildx_args }}" ]; then - BUILDX_ARGS="${{ steps.prepare.outputs.buildx_args }}" - else - exit 1 - fi - - docker buildx build --cache-to "type=local,dest=/tmp/.buildx-cache" \ - --output "type=image,push=false" \ - ${BUILDX_ARGS} - - - name: Docker Hub login - if: success() - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Push images from cache - if: success() - env: - DOCKER_CLI_EXPERIMENTAL: enabled - run: | - if [ ! -z "${{ steps.prepare.outputs.buildx_args }}" ]; then - BUILDX_ARGS="${{ steps.prepare.outputs.buildx_args }}" - fi - - docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ - --output "type=image,push=${{ secrets.AUTO_PUSH_IMAGES }}" \ - ${BUILDX_ARGS} - - - name: Inspect images - run: | - echo "::debug::schedule - ${{ steps.prepare.outputs.buildx_args }}" - - if [ ! -z "${{ steps.prepare.outputs.image_tag_versions }}" ]; then - IMAGE_TAG_VERSIONS="${{ steps.prepare.outputs.image_tag_versions }}" - echo "::debug::tags schedule raw - $IMAGE_TAG_VERSIONS" - fi - - IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} - IFS='|' read -r -a IMAGE_TAG_VERSIONS <<< $IMAGE_TAG_VERSIONS - - for version in ${IMAGE_TAG_VERSIONS[@]}; do - echo "Checking \"$version\"... " - docker buildx imagetools inspect $version - done From 688cd4e8d6a8636b0a45831a62486125dda7f736 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 11 Sep 2020 10:59:04 -0400 Subject: [PATCH 047/253] Zabbix web-interface maintenance mode support (docs) --- web-nginx-mysql/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 4d420fe64..394035aac 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -76,7 +76,7 @@ RUN set -eux && \ rm -rf tests && \ ./locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ - web-nginx-mysql/alpine/Dockerfile + ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chmod -R g=u /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ From ca012425a41ff5d620cbca032555471361771806 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 12 Sep 2020 00:12:58 +0300 Subject: [PATCH 048/253] Update CI.yml --- .github/workflows/CI.yml | 20 +++----------------- 1 file changed, 3 insertions(+), 17 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 6f573fbc6..d412afe78 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -22,6 +22,7 @@ defaults: jobs: build: + timeout-minutes: 70 env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" DOCKER_REPOSITORY: "zabbix" @@ -51,28 +52,13 @@ jobs: - os: ubuntu build: agent2 - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: - uses: actions/checkout@v2 - - name: Install buildx + - name: Available platforms env: DOCKER_CLI_EXPERIMENTAL: enabled - run: | - BUILDX_VERSION="0.4.2" - QEMU_TAG="latest" - mkdir -p ~/.docker/cli-plugins/ - curl -L https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION}/buildx-v${BUILDX_VERSION}.linux-amd64 \ - -o ~/.docker/cli-plugins/docker-buildx - chmod +x ~/.docker/cli-plugins/docker-buildx - docker pull -q multiarch/qemu-user-static:latest - docker run --rm --privileged multiarch/qemu-user-static:${QEMU_TAG} --reset -p yes --credential yes - docker buildx create --name builder-${GITHUB_SHA::8} --driver docker-container --use - docker buildx inspect --bootstrap - docker info - docker buildx inspect - - - name: Available platforms run: docker buildx inspect | grep Platforms - name: Prepare platform list From 5d7570ad4c6952df8f9a4636f2b37b1bd8f68936 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 12 Sep 2020 00:15:29 +0300 Subject: [PATCH 049/253] Update CI.yml --- .github/workflows/CI.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index d412afe78..5bc5dc586 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -56,6 +56,15 @@ jobs: steps: - uses: actions/checkout@v2 + + - name: Install buildx + env: + DOCKER_CLI_EXPERIMENTAL: enabled + run: | + docker pull -q multiarch/qemu-user-static:latest + docker run --rm --privileged multiarch/qemu-user-static:${QEMU_TAG} --reset -p yes --credential yes + docker buildx create --name builder-${GITHUB_SHA::8} --driver docker-container --use + - name: Available platforms env: DOCKER_CLI_EXPERIMENTAL: enabled From e232cad1de4e32760399682fadb83e04325f17ba Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 12 Sep 2020 00:18:20 +0300 Subject: [PATCH 050/253] Update CI.yml --- .github/workflows/CI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 5bc5dc586..8f18f3413 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -62,7 +62,7 @@ jobs: DOCKER_CLI_EXPERIMENTAL: enabled run: | docker pull -q multiarch/qemu-user-static:latest - docker run --rm --privileged multiarch/qemu-user-static:${QEMU_TAG} --reset -p yes --credential yes + docker run --rm --privileged multiarch/qemu-user-static:latest --reset -p yes --credential yes docker buildx create --name builder-${GITHUB_SHA::8} --driver docker-container --use - name: Available platforms From c190f324cc83ca0431fc7ca73c92291836bd8859 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 12 Sep 2020 02:27:11 +0300 Subject: [PATCH 051/253] Use env variables in Zabbix web images --- web-apache-mysql/alpine/docker-entrypoint.sh | 4 ++-- web-apache-mysql/centos/docker-entrypoint.sh | 4 ++-- web-apache-mysql/ubuntu/docker-entrypoint.sh | 4 ++-- web-apache-pgsql/alpine/docker-entrypoint.sh | 4 ++-- web-apache-pgsql/centos/docker-entrypoint.sh | 4 ++-- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 4 ++-- web-nginx-mysql/alpine/docker-entrypoint.sh | 4 ++-- web-nginx-mysql/centos/docker-entrypoint.sh | 4 ++-- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 4 ++-- web-nginx-pgsql/alpine/docker-entrypoint.sh | 4 ++-- web-nginx-pgsql/centos/docker-entrypoint.sh | 4 ++-- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 4 ++-- zabbix-appliance/rhel/docker-entrypoint.sh | 4 ++-- 13 files changed, 26 insertions(+), 26 deletions(-) diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index 284b01832..fb6ce0de7 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -206,8 +206,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index 07a46e372..88dc1e526 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -215,8 +215,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 0c05947f1..1cf466675 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -206,8 +206,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-apache-pgsql/alpine/docker-entrypoint.sh b/web-apache-pgsql/alpine/docker-entrypoint.sh index 276658c5c..deae51655 100755 --- a/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -190,8 +190,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-apache-pgsql/centos/docker-entrypoint.sh b/web-apache-pgsql/centos/docker-entrypoint.sh index 39a59c850..8e9b6f84a 100755 --- a/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/web-apache-pgsql/centos/docker-entrypoint.sh @@ -202,8 +202,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 1e21015f6..6c53a035e 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -197,8 +197,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index ef18bec08..5a2c34400 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -219,8 +219,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index c47826b35..8372fe3c4 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -219,8 +219,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index dc8db00b9..b1723176a 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -219,8 +219,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index e346b60ce..06ef99376 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -203,8 +203,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index 674f173b6..028e821ac 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -203,8 +203,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 05dca7834..56ad24684 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -203,8 +203,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi diff --git a/zabbix-appliance/rhel/docker-entrypoint.sh b/zabbix-appliance/rhel/docker-entrypoint.sh index 1bc6c1d31..ba30ee500 100755 --- a/zabbix-appliance/rhel/docker-entrypoint.sh +++ b/zabbix-appliance/rhel/docker-entrypoint.sh @@ -574,8 +574,8 @@ prepare_zbx_web_config() { export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} if [ -n "${ZBX_SESSION_NAME}" ]; then - cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" - sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php" + cp "$ZBX_FRONTEND_PATH/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_FRONTEND_PATH/include/defines.inc.php" rm -f "/tmp/defines.inc.php_tmp" fi From 784739070cd94c7550a8ce3c60d6f42f5b00620f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 12 Sep 2020 15:15:07 +0300 Subject: [PATCH 052/253] Use assoc array instead of object --- .../alpine/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../centos/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../ubuntu/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../alpine/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../centos/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../ubuntu/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../alpine/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../centos/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../ubuntu/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../alpine/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../centos/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../ubuntu/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ .../rhel/conf/etc/zabbix/web/maintenance.inc.php | 2 +- .../rhel/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++------ 26 files changed, 91 insertions(+), 91 deletions(-) diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php b/web-apache-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-apache-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-apache-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php b/web-apache-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-apache-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php b/web-apache-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php b/web-apache-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-apache-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-nginx-mysql/centos/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/web/maintenance.inc.php b/zabbix-appliance/rhel/conf/etc/zabbix/web/maintenance.inc.php index 4bd4791e0..5f0e61e85 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/web/maintenance.inc.php +++ b/zabbix-appliance/rhel/conf/etc/zabbix/web/maintenance.inc.php @@ -25,7 +25,7 @@ if (getenv('ZBX_DENY_GUI_ACCESS') == 'true') { // IP range, who are allowed to connect to FrontEnd $ip_range = str_replace("'","\"",getenv('ZBX_GUI_ACCESS_IP_RANGE')); - $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range) : array(); + $ZBX_GUI_ACCESS_IP_RANGE = (json_decode($ip_range)) ? json_decode($ip_range, true) : array(); // MSG shown on Warning screen! $_REQUEST['warning_msg'] = getenv('ZBX_GUI_WARNING_MSG'); diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php index 920b8ab1c..cd83f4b59 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php +++ b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php @@ -34,17 +34,17 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; // Elasticsearch url (can be string if same url is used for all types). $history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL')); -$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url) : $history_url; +$HISTORY['url'] = (json_decode($history_url)) ? json_decode($history_url, true) : $history_url; // Value types stored in Elasticsearch. $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); -$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array(); +$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : ''; -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : ''; -$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : ''; +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); -$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings) : array(); +$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array(); From b931f68574f52342a56285ae4eb14c61bf7875e8 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 25 Sep 2020 12:24:18 +0300 Subject: [PATCH 053/253] Strip for Zabbix agent 2 --- agent2/alpine/Dockerfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 3a67bab72..619db0212 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -49,8 +49,7 @@ RUN set -eux && \ git \ pcre-dev \ openssl-dev \ - zlib-dev \ - coreutils && \ + zlib-dev && \ cd /tmp/ && \ git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ @@ -75,6 +74,9 @@ RUN set -eux && \ cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ + strip /usr/sbin/zabbix_agent2 && \ + strip /usr/bin/zabbix_get && \ + strip /usr/bin/zabbix_sender && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ From 819f97b06c19ee2c978ead6d3db03bc2de939482 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 6 Oct 2020 05:08:16 -0400 Subject: [PATCH 054/253] Fixed SSO key and cert --- web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php | 4 ++-- 13 files changed, 26 insertions(+), 26 deletions(-) diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php index cd83f4b59..72b99cfc1 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php +++ b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php @@ -42,8 +42,8 @@ $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, // Used for SAML authentication. // Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. -$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); -$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); +$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); $sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS')); From 8953ac2f7c67b5de0b1012cc91f5e1e8654da688 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 6 Oct 2020 06:11:53 -0400 Subject: [PATCH 055/253] Fixed image build on CentOS --- agent/centos/Dockerfile | 1 + proxy-mysql/centos/Dockerfile | 1 + proxy-sqlite3/centos/Dockerfile | 1 + server-mysql/centos/Dockerfile | 1 + server-pgsql/centos/Dockerfile | 1 + 5 files changed, 5 insertions(+) diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index cceb23962..57d0d3d4d 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -25,6 +25,7 @@ RUN set -eux && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ libcurl-minimal \ + zlib \ tzdata \ openssl-libs && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 570d8358a..99a6cb8bb 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -46,6 +46,7 @@ RUN set -eux && \ openldap \ openssl-libs \ pcre \ + zlib \ unixODBC && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 2a550aa2b..da3fb197a 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -43,6 +43,7 @@ RUN set -eux && \ openldap \ openssl-libs \ pcre \ + zlib \ unixODBC && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index d56f1f88e..dd34d3641 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -51,6 +51,7 @@ RUN set -eux && \ openldap \ openssl-libs \ pcre \ + zlib \ unixODBC && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 86c446a10..096341c1c 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -50,6 +50,7 @@ RUN set -eux && \ pcre \ postgresql \ postgresql-libs \ + zlib \ unixODBC && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ From 629747b954793c8c7bdbfd7318a57b42e3cea2b7 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 8 Oct 2020 05:05:12 -0400 Subject: [PATCH 056/253] Added Vault feature support --- .env_prx | 3 +++ .env_srv | 3 +++ .env_web | 3 +++ proxy-mysql/alpine/docker-entrypoint.sh | 14 ++++++++++++-- proxy-mysql/centos/docker-entrypoint.sh | 14 ++++++++++++-- proxy-mysql/ubuntu/docker-entrypoint.sh | 14 ++++++++++++-- proxy-sqlite3/alpine/docker-entrypoint.sh | 8 ++++++++ proxy-sqlite3/centos/docker-entrypoint.sh | 8 ++++++++ proxy-sqlite3/ubuntu/docker-entrypoint.sh | 8 ++++++++ server-mysql/alpine/docker-entrypoint.sh | 14 ++++++++++++-- server-mysql/centos/docker-entrypoint.sh | 14 ++++++++++++-- server-mysql/ubuntu/docker-entrypoint.sh | 14 ++++++++++++-- server-pgsql/alpine/docker-entrypoint.sh | 14 ++++++++++++-- server-pgsql/centos/docker-entrypoint.sh | 14 ++++++++++++-- server-pgsql/ubuntu/docker-entrypoint.sh | 14 ++++++++++++-- .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-apache-mysql/alpine/docker-entrypoint.sh | 4 ++++ .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-apache-mysql/centos/docker-entrypoint.sh | 4 ++++ .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-apache-mysql/ubuntu/docker-entrypoint.sh | 4 ++++ .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-apache-pgsql/alpine/docker-entrypoint.sh | 4 ++++ .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-apache-pgsql/centos/docker-entrypoint.sh | 4 ++++ .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 4 ++++ .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-nginx-mysql/alpine/docker-entrypoint.sh | 4 ++++ .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-nginx-mysql/centos/docker-entrypoint.sh | 4 ++++ .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 4 ++++ .../alpine/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-nginx-pgsql/alpine/docker-entrypoint.sh | 4 ++++ .../centos/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-nginx-pgsql/centos/docker-entrypoint.sh | 4 ++++ .../ubuntu/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 4 ++++ .../rhel/conf/etc/zabbix/web/zabbix.conf.php | 12 ++++++++---- zabbix-appliance/rhel/docker-entrypoint.sh | 18 ++++++++++++++++-- 41 files changed, 309 insertions(+), 72 deletions(-) diff --git a/.env_prx b/.env_prx index 3b16ef249..3bca1ca9e 100644 --- a/.env_prx +++ b/.env_prx @@ -58,3 +58,6 @@ # ZBX_TLSKEYFILE= # ZBX_TLSPSKIDENTITY= # ZBX_TLSPSKFILE= +# ZBX_VAULTDBPATH= +# ZBX_VAULTURL=https://127.0.0.1:8200 +# VAULT_TOKEN= diff --git a/.env_srv b/.env_srv index 45b034064..8fec3afae 100644 --- a/.env_srv +++ b/.env_srv @@ -55,3 +55,6 @@ ZBX_ENABLE_SNMP_TRAPS=true # ZBX_TLSCRLFILE= # ZBX_TLSCERTFILE= # ZBX_TLSKEYFILE= +# ZBX_VAULTDBPATH= +# ZBX_VAULTURL=https://127.0.0.1:8200 +# VAULT_TOKEN= diff --git a/.env_web b/.env_web index ad8fae6a3..d71c9a3ef 100644 --- a/.env_web +++ b/.env_web @@ -7,6 +7,9 @@ ZBX_SERVER_NAME=Composed installation # ZBX_DB_CA_FILE=/run/secrets/root-ca.pem # Available since 5.0.0 # ZBX_DB_VERIFY_HOST=false # Available since 5.0.0 # ZBX_DB_CIPHER_LIST= # Available since 5.0.0 +# ZBX_VAULTDBPATH= +# ZBX_VAULTURL=https://127.0.0.1:8200 +# VAULT_TOKEN= # ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5 # ZBX_HISTORYSTORAGETYPES=['uint', 'dbl', 'str', 'text', 'log'] # Available since 3.4.5 # ENABLE_WEB_ACCESS_LOG=true diff --git a/proxy-mysql/alpine/docker-entrypoint.sh b/proxy-mysql/alpine/docker-entrypoint.sh index 9082bfd81..e2e17fbf6 100755 --- a/proxy-mysql/alpine/docker-entrypoint.sh +++ b/proxy-mysql/alpine/docker-entrypoint.sh @@ -343,9 +343,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" diff --git a/proxy-mysql/centos/docker-entrypoint.sh b/proxy-mysql/centos/docker-entrypoint.sh index 7b26f123a..efb8d4e12 100755 --- a/proxy-mysql/centos/docker-entrypoint.sh +++ b/proxy-mysql/centos/docker-entrypoint.sh @@ -341,9 +341,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index ae04c987b..850ba6073 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -340,9 +340,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" diff --git a/proxy-sqlite3/alpine/docker-entrypoint.sh b/proxy-sqlite3/alpine/docker-entrypoint.sh index 5a068a347..ef13eb4bb 100755 --- a/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -143,6 +143,14 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPort" update_config_var $ZBX_CONFIG "DBPassword" + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" diff --git a/proxy-sqlite3/centos/docker-entrypoint.sh b/proxy-sqlite3/centos/docker-entrypoint.sh index 5a068a347..ef13eb4bb 100755 --- a/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/proxy-sqlite3/centos/docker-entrypoint.sh @@ -143,6 +143,14 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPort" update_config_var $ZBX_CONFIG "DBPassword" + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" diff --git a/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/proxy-sqlite3/ubuntu/docker-entrypoint.sh index e9a88482a..ed4815dae 100755 --- a/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -143,6 +143,14 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPort" update_config_var $ZBX_CONFIG "DBPassword" + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" diff --git a/server-mysql/alpine/docker-entrypoint.sh b/server-mysql/alpine/docker-entrypoint.sh index 5d05994b1..f63f76310 100755 --- a/server-mysql/alpine/docker-entrypoint.sh +++ b/server-mysql/alpine/docker-entrypoint.sh @@ -324,9 +324,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index fc1a18e05..d00d048fc 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -321,9 +321,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index fa199fdb1..271d2d72d 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -321,9 +321,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" diff --git a/server-pgsql/alpine/docker-entrypoint.sh b/server-pgsql/alpine/docker-entrypoint.sh index 568562bff..9877b18f7 100755 --- a/server-pgsql/alpine/docker-entrypoint.sh +++ b/server-pgsql/alpine/docker-entrypoint.sh @@ -357,9 +357,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index 568562bff..9877b18f7 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -357,9 +357,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index 27acf0933..9821c2151 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -357,9 +357,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index fb6ce0de7..0f770ab42 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -198,6 +198,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index 88dc1e526..41647aa2a 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -207,6 +207,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 1cf466675..b20e16ef3 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -198,6 +198,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-apache-pgsql/alpine/docker-entrypoint.sh b/web-apache-pgsql/alpine/docker-entrypoint.sh index deae51655..32be2bf07 100755 --- a/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -182,6 +182,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-apache-pgsql/centos/docker-entrypoint.sh b/web-apache-pgsql/centos/docker-entrypoint.sh index 8e9b6f84a..ca7eb0415 100755 --- a/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/web-apache-pgsql/centos/docker-entrypoint.sh @@ -194,6 +194,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 6c53a035e..db3c9bddc 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -189,6 +189,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index 5a2c34400..dc0011932 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -211,6 +211,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index 8372fe3c4..479ca9e1e 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -211,6 +211,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index b1723176a..200f94042 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -211,6 +211,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index 06ef99376..ee2b40aa2 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -197,6 +197,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index 028e821ac..5c130e38c 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -197,6 +197,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 56ad24684..a1e7e5975 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -197,6 +197,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php index 72b99cfc1..e3a21c62b 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php +++ b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php @@ -6,10 +6,10 @@ $DB['TYPE'] = getenv('DB_SERVER_TYPE'); $DB['SERVER'] = getenv('DB_SERVER_HOST'); $DB['PORT'] = getenv('DB_SERVER_PORT'); $DB['DATABASE'] = getenv('DB_SERVER_DBNAME'); -$DB['USER'] = getenv('DB_SERVER_USER'); -$DB['PASSWORD'] = getenv('DB_SERVER_PASS'); +$DB['USER'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_USER') : ''; +$DB['PASSWORD'] = ! getenv('VAULT_TOKEN') ? getenv('DB_SERVER_PASS') : ''; -// Schema name. Used for IBM DB2 and PostgreSQL. +// Schema name. Used for PostgreSQL. $DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA'); $ZBX_SERVER = getenv('ZBX_SERVER_HOST'); @@ -24,6 +24,11 @@ $DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE'); $DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false; $DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : ''; +// Vault configuration. Used if database credentials are stored in Vault secrets manager. +$DB['VAULT_URL'] = getenv('ZBX_VAULTURL'); +$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH'); +$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN'); + // Use IEEE754 compatible value range for 64-bit Numeric (float) history values. // This option is enabled by default for new Zabbix installations. // For upgraded installations, please read database upgrade notes before enabling this option. @@ -41,7 +46,6 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES')); $HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array(); // Used for SAML authentication. -// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings. $SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : ''); $SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : ''); $SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : ''); diff --git a/zabbix-appliance/rhel/docker-entrypoint.sh b/zabbix-appliance/rhel/docker-entrypoint.sh index ba30ee500..8b6a80aff 100755 --- a/zabbix-appliance/rhel/docker-entrypoint.sh +++ b/zabbix-appliance/rhel/docker-entrypoint.sh @@ -410,9 +410,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" @@ -566,6 +576,10 @@ prepare_zbx_web_config() { export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"} + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"} export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} From b0daef4f5a2b320f9ac055a800420d3ba1f5629c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 8 Oct 2020 05:26:16 -0400 Subject: [PATCH 057/253] Added Vault feature support --- web-apache-mysql/alpine/README.md | 2 +- web-apache-mysql/centos/README.md | 2 +- web-apache-mysql/ubuntu/README.md | 2 +- web-apache-pgsql/alpine/README.md | 2 +- web-apache-pgsql/centos/README.md | 2 +- web-apache-pgsql/ubuntu/README.md | 2 +- web-nginx-mysql/alpine/README.md | 2 +- web-nginx-mysql/centos/README.md | 2 +- web-nginx-mysql/ubuntu/README.md | 2 +- web-nginx-pgsql/alpine/README.md | 2 +- web-nginx-pgsql/centos/README.md | 2 +- web-nginx-pgsql/ubuntu/README.md | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/web-apache-mysql/alpine/README.md b/web-apache-mysql/alpine/README.md index 594c18f74..20f097575 100644 --- a/web-apache-mysql/alpine/README.md +++ b/web-apache-mysql/alpine/README.md @@ -164,7 +164,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-apache-mysql/centos/README.md b/web-apache-mysql/centos/README.md index 594c18f74..20f097575 100644 --- a/web-apache-mysql/centos/README.md +++ b/web-apache-mysql/centos/README.md @@ -164,7 +164,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-apache-mysql/ubuntu/README.md b/web-apache-mysql/ubuntu/README.md index 594c18f74..20f097575 100644 --- a/web-apache-mysql/ubuntu/README.md +++ b/web-apache-mysql/ubuntu/README.md @@ -164,7 +164,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-apache-pgsql/alpine/README.md b/web-apache-pgsql/alpine/README.md index eb92cdeb2..8dc333415 100644 --- a/web-apache-pgsql/alpine/README.md +++ b/web-apache-pgsql/alpine/README.md @@ -162,7 +162,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-apache-pgsql/centos/README.md b/web-apache-pgsql/centos/README.md index eb92cdeb2..8dc333415 100644 --- a/web-apache-pgsql/centos/README.md +++ b/web-apache-pgsql/centos/README.md @@ -162,7 +162,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-apache-pgsql/ubuntu/README.md b/web-apache-pgsql/ubuntu/README.md index eb92cdeb2..8dc333415 100644 --- a/web-apache-pgsql/ubuntu/README.md +++ b/web-apache-pgsql/ubuntu/README.md @@ -162,7 +162,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-nginx-mysql/alpine/README.md b/web-nginx-mysql/alpine/README.md index b9851ac05..0fe77290f 100644 --- a/web-nginx-mysql/alpine/README.md +++ b/web-nginx-mysql/alpine/README.md @@ -165,7 +165,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-nginx-mysql/centos/README.md b/web-nginx-mysql/centos/README.md index db5e17305..e477d78e7 100644 --- a/web-nginx-mysql/centos/README.md +++ b/web-nginx-mysql/centos/README.md @@ -164,7 +164,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-nginx-mysql/ubuntu/README.md b/web-nginx-mysql/ubuntu/README.md index b9851ac05..0fe77290f 100644 --- a/web-nginx-mysql/ubuntu/README.md +++ b/web-nginx-mysql/ubuntu/README.md @@ -165,7 +165,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-nginx-pgsql/alpine/README.md b/web-nginx-pgsql/alpine/README.md index 905f5fee4..91bc4d23b 100644 --- a/web-nginx-pgsql/alpine/README.md +++ b/web-nginx-pgsql/alpine/README.md @@ -162,7 +162,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-nginx-pgsql/centos/README.md b/web-nginx-pgsql/centos/README.md index 905f5fee4..91bc4d23b 100644 --- a/web-nginx-pgsql/centos/README.md +++ b/web-nginx-pgsql/centos/README.md @@ -162,7 +162,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` diff --git a/web-nginx-pgsql/ubuntu/README.md b/web-nginx-pgsql/ubuntu/README.md index 905f5fee4..91bc4d23b 100644 --- a/web-nginx-pgsql/ubuntu/README.md +++ b/web-nginx-pgsql/ubuntu/README.md @@ -162,7 +162,7 @@ The varable is PHP ``max_input_time`` option. By default, value is `300`. ### `ZBX_SESSION_NAME` -The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. ### `ZBX_DENY_GUI_ACCESS` From cc060568dbae4c085e9a0bc759553732e84d8e46 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 8 Oct 2020 09:29:10 -0400 Subject: [PATCH 058/253] Use system timezone by default --- web-apache-mysql/alpine/docker-entrypoint.sh | 5 +---- web-apache-mysql/centos/docker-entrypoint.sh | 5 +---- web-apache-mysql/ubuntu/docker-entrypoint.sh | 5 +---- web-apache-pgsql/alpine/docker-entrypoint.sh | 5 +---- web-apache-pgsql/centos/docker-entrypoint.sh | 5 +---- web-apache-pgsql/ubuntu/docker-entrypoint.sh | 5 +---- web-nginx-mysql/alpine/docker-entrypoint.sh | 5 +---- web-nginx-mysql/centos/docker-entrypoint.sh | 5 +---- web-nginx-mysql/ubuntu/docker-entrypoint.sh | 5 +---- web-nginx-pgsql/alpine/docker-entrypoint.sh | 5 +---- web-nginx-pgsql/centos/docker-entrypoint.sh | 5 +---- web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 5 +---- zabbix-appliance/rhel/docker-entrypoint.sh | 5 +---- 13 files changed, 13 insertions(+), 52 deletions(-) diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index 0f770ab42..6ff450c67 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -17,9 +17,6 @@ fi # Default Zabbix server port number : ${ZBX_SERVER_PORT:="10051"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -179,7 +176,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index 41647aa2a..0e64bdb55 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -17,9 +17,6 @@ fi # Default Zabbix server port number : ${ZBX_SERVER_PORT:="10051"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -188,7 +185,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index b20e16ef3..2b46916c8 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -17,9 +17,6 @@ fi # Default Zabbix server port number : ${ZBX_SERVER_PORT:="10051"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -179,7 +176,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-apache-pgsql/alpine/docker-entrypoint.sh b/web-apache-pgsql/alpine/docker-entrypoint.sh index 32be2bf07..b52d56d5c 100755 --- a/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -17,9 +17,6 @@ fi # Default Zabbix server port number : ${ZBX_SERVER_PORT:="10051"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -163,7 +160,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="POSTGRESQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-apache-pgsql/centos/docker-entrypoint.sh b/web-apache-pgsql/centos/docker-entrypoint.sh index ca7eb0415..b6684fafa 100755 --- a/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/web-apache-pgsql/centos/docker-entrypoint.sh @@ -17,9 +17,6 @@ fi # Default Zabbix server port number : ${ZBX_SERVER_PORT:="10051"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} @@ -175,7 +172,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="POSTGRESQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index db3c9bddc..e359a2014 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -17,9 +17,6 @@ fi # Default Zabbix server port number : ${ZBX_SERVER_PORT:="10051"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} @@ -170,7 +167,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="POSTGRESQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index dc0011932..d433dd373 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -17,9 +17,6 @@ ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} # Default Zabbix server port number ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" @@ -192,7 +189,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index 479ca9e1e..80a0c803a 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -17,9 +17,6 @@ ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} # Default Zabbix server port number ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" @@ -192,7 +189,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 200f94042..28bb9f710 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -17,9 +17,6 @@ ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} # Default Zabbix server port number ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" @@ -192,7 +189,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index ee2b40aa2..e7c95b40d 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -17,9 +17,6 @@ ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} # Default Zabbix server port number ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} @@ -178,7 +175,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="POSTGRESQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index 5c130e38c..81582c755 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -17,9 +17,6 @@ ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} # Default Zabbix server port number ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} @@ -178,7 +175,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="POSTGRESQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index a1e7e5975..7c2d2081c 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -17,9 +17,6 @@ ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} # Default Zabbix server port number ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} @@ -178,7 +175,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="POSTGRESQL" export DB_SERVER_HOST=${DB_SERVER_HOST} diff --git a/zabbix-appliance/rhel/docker-entrypoint.sh b/zabbix-appliance/rhel/docker-entrypoint.sh index 8b6a80aff..db228d0ca 100755 --- a/zabbix-appliance/rhel/docker-entrypoint.sh +++ b/zabbix-appliance/rhel/docker-entrypoint.sh @@ -13,9 +13,6 @@ fi # Used only by Zabbix web-interface : ${ZBX_SERVER_NAME:="Zabbix docker"} -# Default timezone for web interface -: ${PHP_TZ:="Europe/Riga"} - # Default MySQL instance location : ${DB_SERVER_HOST:="localhost"} : ${DB_SERVER_PORT:="3306"} @@ -557,7 +554,7 @@ prepare_zbx_web_config() { export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} - export PHP_TZ=${PHP_TZ:-"Europe/Riga"} + export PHP_TZ=${PHP_TZ} export DB_SERVER_TYPE="MYSQL" export DB_SERVER_HOST=${DB_SERVER_HOST} From d0035f417a93e765e39ff10f0730272e910145bd Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 14 Oct 2020 07:33:54 -0400 Subject: [PATCH 059/253] Proper PHP errors logging --- web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf | 2 +- web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf | 2 +- zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf index 1d19fd099..e2d27c28b 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf @@ -12,7 +12,7 @@ pm.max_spare_servers = 35 slowlog = /dev/fd/1 -php_admin_value[error_log] = /dev/fd/2 +; php_admin_value[error_log] = /dev/fd/2 php_admin_flag[log_errors] = on php_value[session.save_handler] = files diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf index 1d19fd099..e2d27c28b 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/php/7.4/fpm/pool.d/zabbix.conf @@ -12,7 +12,7 @@ pm.max_spare_servers = 35 slowlog = /dev/fd/1 -php_admin_value[error_log] = /dev/fd/2 +; php_admin_value[error_log] = /dev/fd/2 php_admin_flag[log_errors] = on php_value[session.save_handler] = files diff --git a/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf b/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf index 1d19fd099..e2d27c28b 100644 --- a/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf +++ b/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf @@ -12,7 +12,7 @@ pm.max_spare_servers = 35 slowlog = /dev/fd/1 -php_admin_value[error_log] = /dev/fd/2 +; php_admin_value[error_log] = /dev/fd/2 php_admin_flag[log_errors] = on php_value[session.save_handler] = files From 06bd90aaec558547b36b6d8ced305b337fc06494 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Oct 2020 17:40:47 -0400 Subject: [PATCH 060/253] Zabbix 5.4 release update --- agent/alpine/Dockerfile | 2 +- agent/centos/Dockerfile | 2 +- agent/ubuntu/Dockerfile | 2 +- agent2/alpine/Dockerfile | 2 +- java-gateway/alpine/Dockerfile | 2 +- java-gateway/centos/Dockerfile | 2 +- java-gateway/ubuntu/Dockerfile | 2 +- proxy-mysql/alpine/Dockerfile | 2 +- proxy-mysql/centos/Dockerfile | 2 +- proxy-mysql/ubuntu/Dockerfile | 2 +- proxy-sqlite3/alpine/Dockerfile | 2 +- proxy-sqlite3/centos/Dockerfile | 2 +- proxy-sqlite3/ubuntu/Dockerfile | 2 +- server-mysql/alpine/Dockerfile | 2 +- server-mysql/centos/Dockerfile | 2 +- server-mysql/ubuntu/Dockerfile | 2 +- server-pgsql/alpine/Dockerfile | 2 +- server-pgsql/centos/Dockerfile | 2 +- server-pgsql/ubuntu/Dockerfile | 2 +- snmptraps/alpine/Dockerfile | 2 +- snmptraps/centos/Dockerfile | 2 +- snmptraps/ubuntu/Dockerfile | 2 +- web-apache-mysql/alpine/Dockerfile | 2 +- web-apache-mysql/centos/Dockerfile | 2 +- web-apache-mysql/ubuntu/Dockerfile | 2 +- web-apache-pgsql/alpine/Dockerfile | 2 +- web-apache-pgsql/centos/Dockerfile | 2 +- web-apache-pgsql/ubuntu/Dockerfile | 2 +- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-mysql/centos/Dockerfile | 2 +- web-nginx-mysql/ubuntu/Dockerfile | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- web-nginx-pgsql/centos/Dockerfile | 2 +- web-nginx-pgsql/ubuntu/Dockerfile | 2 +- zabbix-appliance/rhel/Dockerfile | 4 ++-- 35 files changed, 36 insertions(+), 36 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index b74b4076d..6ddac02f8 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -32,7 +32,7 @@ RUN set -eux && \ libldap && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 57d0d3d4d..bd097f175 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -46,7 +46,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index feed741df..731370d0f 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -35,7 +35,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 619db0212..4246a0d07 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -29,7 +29,7 @@ RUN set -eux && \ iputils && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index b691866a4..ddb5d9cd1 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -24,7 +24,7 @@ RUN set -eux && \ openjdk8-jre-base && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index d15051ef1..4f26d57f6 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -25,7 +25,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 876d6e0cf..3da3688b4 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -28,7 +28,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index b0f04d866..169581768 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ fping && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 99a6cb8bb..b606a6f5c 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -66,7 +66,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index e69192d0a..98f2b2dd4 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -52,7 +52,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index 180e185b8..06c879529 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -45,7 +45,7 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index da3fb197a..6224f0d8e 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -63,7 +63,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 88371ef79..915ed18c6 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 0fa382b70..f9a39d4ce 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -51,7 +51,7 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index dd34d3641..a53b375a1 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -71,7 +71,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index e09285fbf..fc71a145c 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -57,7 +57,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index aad2aefc3..13f4671dd 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -51,7 +51,7 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 096341c1c..05dcf5d7a 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -70,7 +70,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 8453c1651..d98a91ae4 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -57,7 +57,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index 3dd06ddb0..98ce0fdce 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -1,6 +1,6 @@ FROM alpine:3.12 -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index 533317ab8..f836f36b8 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -1,6 +1,6 @@ FROM centos:centos7 -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index c3042492c..eef72fd0e 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -1,6 +1,6 @@ FROM ubuntu:bionic -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index 61b086073..af13ca841 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -55,7 +55,7 @@ RUN set -eux && \ rm -rf "/var/run/apache2/" && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index dbf2dbe42..585a926fc 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index 30dfd3c59..4ef90fd23 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -54,7 +54,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index b29deade3..1b936489b 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -54,7 +54,7 @@ RUN set -eux && \ rm -rf "/var/run/apache2/" && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index b578a158d..ff022cf54 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index 64e2a2fce..10ba027d3 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -54,7 +54,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 394035aac..25a82488c 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -48,7 +48,7 @@ RUN set -eux && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index a0ded9789..4ba3cf7c7 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -39,7 +39,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index 6410eee02..0fb90b4e4 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -64,7 +64,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index bb49d9f4a..0575ce9b6 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index f9820ca56..d8f6864f0 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -39,7 +39,7 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 08e6024b8..9c6961546 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -64,7 +64,7 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index f82abb597..391bf697c 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -1,9 +1,9 @@ FROM registry.access.redhat.com/ubi8/ubi MAINTAINER Alexey Pustovalov -ARG MAJOR_VERSION=5.2 +ARG MAJOR_VERSION=5.4 ARG RELEASE=0 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ From 71f833b2d7625531b10b5fba7d0de64c79b33838 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 18 Dec 2020 07:20:46 -0500 Subject: [PATCH 061/253] CentOS image fix. New name for PowerTools repo file --- proxy-mysql/centos/Dockerfile | 4 ++-- proxy-sqlite3/centos/Dockerfile | 4 ++-- server-mysql/centos/Dockerfile | 4 ++-- server-pgsql/centos/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index b606a6f5c..392793a45 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -78,7 +78,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ @@ -137,7 +137,7 @@ RUN set -eux && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 6224f0d8e..5a2e2543d 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -75,7 +75,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ @@ -134,7 +134,7 @@ RUN set -eux && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index a53b375a1..8307716e0 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -83,7 +83,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ @@ -144,7 +144,7 @@ RUN set -eux && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 05dcf5d7a..c264874a7 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -82,7 +82,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ dnf --quiet makecache && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ autoconf \ @@ -144,7 +144,7 @@ RUN set -eux && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \ + sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki From 5349b862dc22e6136dddfc29aa18fe5bdd28b746 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 19 Dec 2020 12:20:40 -0500 Subject: [PATCH 062/253] Updated base image versions --- docker-compose_v3_alpine_mysql_local.yaml | 16 ++++++++-------- docker-compose_v3_alpine_pgsql_local.yaml | 16 ++++++++-------- docker-compose_v3_centos_mysql_local.yaml | 12 ++++++------ docker-compose_v3_centos_pgsql_local.yaml | 12 ++++++------ docker-compose_v3_ubuntu_mysql_local.yaml | 16 ++++++++-------- docker-compose_v3_ubuntu_pgsql_local.yaml | 16 ++++++++-------- snmptraps/centos/Dockerfile | 2 +- 7 files changed, 45 insertions(+), 45 deletions(-) diff --git a/docker-compose_v3_alpine_mysql_local.yaml b/docker-compose_v3_alpine_mysql_local.yaml index 9f784a5e1..c0d8352d0 100644 --- a/docker-compose_v3_alpine_mysql_local.yaml +++ b/docker-compose_v3_alpine_mysql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-mysql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-server-mysql:alpine-local ports: - "10051:10051" @@ -76,7 +76,7 @@ services: build: context: ./proxy-sqlite3/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-proxy-sqlite3:alpine-local ports: - "10061:10051" @@ -130,7 +130,7 @@ services: build: context: ./proxy-mysql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-proxy-mysql:alpine-local ports: - "10071:10051" @@ -193,7 +193,7 @@ services: build: context: ./web-apache-mysql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-web-apache-mysql:alpine-local ports: - "80:8080" @@ -254,7 +254,7 @@ services: build: context: ./web-nginx-mysql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-web-nginx-mysql:alpine-local ports: - "8081:8080" @@ -315,7 +315,7 @@ services: build: context: ./agent/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-agent:alpine-local ports: - "10050:10050" @@ -358,7 +358,7 @@ services: build: context: ./java-gateway/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-java-gateway:alpine-local ports: - "10052:10052" @@ -388,7 +388,7 @@ services: build: context: ./snmptraps/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-snmptraps:alpine-local ports: - "162:1162/udp" diff --git a/docker-compose_v3_alpine_pgsql_local.yaml b/docker-compose_v3_alpine_pgsql_local.yaml index d47443bec..5dafc9cf1 100644 --- a/docker-compose_v3_alpine_pgsql_local.yaml +++ b/docker-compose_v3_alpine_pgsql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-pgsql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-server-pgsql:alpine-local ports: - "10051:10051" @@ -75,7 +75,7 @@ services: build: context: ./proxy-sqlite3/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-proxy-sqlite3:alpine-local ports: - "10061:10051" @@ -129,7 +129,7 @@ services: build: context: ./proxy-mysql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-proxy-mysql:alpine-local ports: - "10071:10051" @@ -189,7 +189,7 @@ services: build: context: ./web-apache-pgsql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-web-apache-pgsql:alpine-local ports: - "80:8080" @@ -250,7 +250,7 @@ services: build: context: ./web-nginx-pgsql/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-web-nginx-pgsql:alpine-local ports: - "8081:8080" @@ -311,7 +311,7 @@ services: build: context: ./agent/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-agent:alpine-local ports: - "10050:10050" @@ -354,7 +354,7 @@ services: build: context: ./java-gateway/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-java-gateway:alpine-local ports: - "10052:10052" @@ -384,7 +384,7 @@ services: build: context: ./snmptraps/alpine cache_from: - - alpine:3.11 + - alpine:3.12 image: zabbix-snmptraps:alpine-local ports: - "162:1162/udp" diff --git a/docker-compose_v3_centos_mysql_local.yaml b/docker-compose_v3_centos_mysql_local.yaml index 9ec354776..b163251cd 100644 --- a/docker-compose_v3_centos_mysql_local.yaml +++ b/docker-compose_v3_centos_mysql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-mysql/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-server-mysql:centos-local ports: - "10051:10051" @@ -76,7 +76,7 @@ services: build: context: ./proxy-sqlite3/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-proxy-sqlite3:centos-local ports: - "10061:10051" @@ -130,7 +130,7 @@ services: build: context: ./proxy-mysql/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-proxy-mysql:centos-local ports: - "10071:10051" @@ -315,7 +315,7 @@ services: build: context: ./agent/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-agent:centos-local ports: - "10050:10050" @@ -358,7 +358,7 @@ services: build: context: ./java-gateway/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-java-gateway:centos-local ports: - "10052:10052" @@ -388,7 +388,7 @@ services: build: context: ./snmptraps/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-snmptraps:centos-local ports: - "162:1162/udp" diff --git a/docker-compose_v3_centos_pgsql_local.yaml b/docker-compose_v3_centos_pgsql_local.yaml index dc33efe58..458460304 100644 --- a/docker-compose_v3_centos_pgsql_local.yaml +++ b/docker-compose_v3_centos_pgsql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-pgsql/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-server-pgsql:centos-local ports: - "10051:10051" @@ -75,7 +75,7 @@ services: build: context: ./proxy-sqlite3/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-proxy-sqlite3:centos-local ports: - "10061:10051" @@ -129,7 +129,7 @@ services: build: context: ./proxy-mysql/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-proxy-mysql:centos-local ports: - "10071:10051" @@ -311,7 +311,7 @@ services: build: context: ./agent/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-agent:centos-local ports: - "10050:10050" @@ -354,7 +354,7 @@ services: build: context: ./java-gateway/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-java-gateway:centos-local ports: - "10052:10052" @@ -384,7 +384,7 @@ services: build: context: ./snmptraps/centos cache_from: - - centos:centos7 + - centos:centos8 image: zabbix-snmptraps:centos-local ports: - "162:1162/udp" diff --git a/docker-compose_v3_ubuntu_mysql_local.yaml b/docker-compose_v3_ubuntu_mysql_local.yaml index d00d5a657..ada688b20 100644 --- a/docker-compose_v3_ubuntu_mysql_local.yaml +++ b/docker-compose_v3_ubuntu_mysql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-mysql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-server-mysql:ubuntu-local ports: - "10051:10051" @@ -75,7 +75,7 @@ services: build: context: ./proxy-sqlite3/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-proxy-sqlite3:ubuntu-local ports: - "10061:10051" @@ -128,7 +128,7 @@ services: build: context: ./proxy-mysql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-proxy-mysql:ubuntu-local ports: - "10071:10051" @@ -190,7 +190,7 @@ services: build: context: ./web-apache-mysql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-web-apache-mysql:ubuntu-local ports: - "80:8080" @@ -250,7 +250,7 @@ services: build: context: ./web-nginx-mysql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-web-nginx-mysql:ubuntu-local ports: - "8081:8080" @@ -310,7 +310,7 @@ services: build: context: ./agent/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-agent:ubuntu-local ports: - "10050:10050" @@ -352,7 +352,7 @@ services: build: context: ./java-gateway/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-java-gateway:ubuntu-local ports: - "10052:10052" @@ -382,7 +382,7 @@ services: build: context: ./snmptraps/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-snmptraps:ubuntu-local ports: - "162:1162/udp" diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index e1beecc56..ff6905264 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-pgsql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-server-pgsql:ubuntu-local ports: - "10051:10051" @@ -74,7 +74,7 @@ services: build: context: ./proxy-sqlite3/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-proxy-sqlite3:ubuntu-local ports: - "10061:10051" @@ -127,7 +127,7 @@ services: build: context: ./proxy-mysql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-proxy-mysql:ubuntu-local ports: - "10071:10051" @@ -186,7 +186,7 @@ services: build: context: ./web-apache-pgsql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-web-apache-pgsql:ubuntu-local ports: - "80:8080" @@ -246,7 +246,7 @@ services: build: context: ./web-nginx-pgsql/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-web-nginx-pgsql:ubuntu-local ports: - "8081:8080" @@ -306,7 +306,7 @@ services: build: context: ./agent/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-agent:ubuntu-local ports: - "10050:10050" @@ -348,7 +348,7 @@ services: build: context: ./java-gateway/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-java-gateway:ubuntu-local ports: - "10052:10052" @@ -378,7 +378,7 @@ services: build: context: ./snmptraps/ubuntu cache_from: - - ubuntu:bionic + - ubuntu:focal image: zabbix-snmptraps:ubuntu-local ports: - "162:1162/udp" diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index 12b47f55a..da503594e 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:centos7 +FROM centos:centos8 ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} From fe7c1440fdc88ba7c4c61d6eb6fe9972b3a8a38d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 19 Dec 2020 12:25:51 -0500 Subject: [PATCH 063/253] Review zabbix user and group configuration --- agent2/alpine/Dockerfile | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 4246a0d07..9c3e5ad2b 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix agent 2" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ From fe91d5d3fb5e0d96647ab52f11bb8e9f2a4b381f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 8 Feb 2021 20:02:15 -0500 Subject: [PATCH 064/253] Updated snmptraps image. Fixed source IP handling and trap format --- snmptraps/alpine/Dockerfile | 4 ++-- snmptraps/centos/Dockerfile | 9 ++++----- snmptraps/ubuntu/Dockerfile | 2 +- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index 64e104c6c..e4b042c73 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 ARG MAJOR_VERSION=5.4 ARG ZBX_VERSION=${MAJOR_VERSION} @@ -6,7 +6,7 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT=" " + ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT="\n" LABEL org.opencontainers.image.title="zabbix-snmptraps-alpine" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index c03e29825..ed6faa94a 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -6,7 +6,7 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT=" " + ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT="\n" LABEL org.opencontainers.image.title="zabbix-snmptraps-centos" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -28,9 +28,8 @@ RUN set -eux && \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - yum --quiet makecache && \ - yum -y install epel-release && \ - yum -y install --setopt=tsflags=nodocs \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs \ tzdata \ net-snmp && \ mkdir -p /var/lib/zabbix && \ @@ -40,7 +39,7 @@ RUN set -eux && \ chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ - yum -y clean all && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index 5f241c818..e560311bc 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -6,7 +6,7 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT=" " + ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT="\n" LABEL org.opencontainers.image.title="zabbix-snmptraps-ubuntu" \ org.opencontainers.image.authors="Alexey Pustovalov " \ From 9d5c28525a2f602b2dc0a78dca0a5c1ebc08f792 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 15 Feb 2021 04:51:35 -0500 Subject: [PATCH 065/253] Updated snmptraps image. Fixed source IP handling and trap format --- snmptraps/alpine/conf/usr/sbin/zabbix_trap_handler.sh | 2 +- snmptraps/centos/conf/usr/sbin/zabbix_trap_handler.sh | 2 +- snmptraps/ubuntu/conf/usr/sbin/zabbix_trap_handler.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/snmptraps/alpine/conf/usr/sbin/zabbix_trap_handler.sh b/snmptraps/alpine/conf/usr/sbin/zabbix_trap_handler.sh index 15c1aa6fa..ac8140c08 100644 --- a/snmptraps/alpine/conf/usr/sbin/zabbix_trap_handler.sh +++ b/snmptraps/alpine/conf/usr/sbin/zabbix_trap_handler.sh @@ -4,7 +4,7 @@ ZABBIX_TRAPS_FILE="/var/lib/zabbix/snmptraps/snmptraps.log" ZBX_SNMP_TRAP_DATE_FORMAT=${ZBX_SNMP_TRAP_DATE_FORMAT:-"+%Y%m%d.%H%M%S"} -ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-" "} +ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-"\n"} date=$(date "$ZBX_SNMP_TRAP_DATE_FORMAT") diff --git a/snmptraps/centos/conf/usr/sbin/zabbix_trap_handler.sh b/snmptraps/centos/conf/usr/sbin/zabbix_trap_handler.sh index 051c6f02d..aea0a853b 100644 --- a/snmptraps/centos/conf/usr/sbin/zabbix_trap_handler.sh +++ b/snmptraps/centos/conf/usr/sbin/zabbix_trap_handler.sh @@ -4,7 +4,7 @@ ZABBIX_TRAPS_FILE="/var/lib/zabbix/snmptraps/snmptraps.log" ZBX_SNMP_TRAP_DATE_FORMAT=${ZBX_SNMP_TRAP_DATE_FORMAT:-"+%Y%m%d.%H%M%S"} -ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-" "} +ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-"\n"} date=$(date "$ZBX_SNMP_TRAP_DATE_FORMAT") diff --git a/snmptraps/ubuntu/conf/usr/sbin/zabbix_trap_handler.sh b/snmptraps/ubuntu/conf/usr/sbin/zabbix_trap_handler.sh index 051c6f02d..aea0a853b 100644 --- a/snmptraps/ubuntu/conf/usr/sbin/zabbix_trap_handler.sh +++ b/snmptraps/ubuntu/conf/usr/sbin/zabbix_trap_handler.sh @@ -4,7 +4,7 @@ ZABBIX_TRAPS_FILE="/var/lib/zabbix/snmptraps/snmptraps.log" ZBX_SNMP_TRAP_DATE_FORMAT=${ZBX_SNMP_TRAP_DATE_FORMAT:-"+%Y%m%d.%H%M%S"} -ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-" "} +ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-"\n"} date=$(date "$ZBX_SNMP_TRAP_DATE_FORMAT") From 2f553c9a2e6bb8d6a8ed8e17d5e31b5711065d94 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 15 Feb 2021 11:36:46 -0500 Subject: [PATCH 066/253] Updated Alpine base image from 3.12 to 3.13 --- agent/alpine/Dockerfile | 2 +- agent2/alpine/Dockerfile | 2 +- java-gateway/alpine/Dockerfile | 2 +- proxy-mysql/alpine/Dockerfile | 2 +- proxy-sqlite3/alpine/Dockerfile | 2 +- server-mysql/alpine/Dockerfile | 2 +- server-pgsql/alpine/Dockerfile | 2 +- web-apache-mysql/alpine/Dockerfile | 2 +- web-apache-pgsql/alpine/Dockerfile | 2 +- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index f18d4ba91..32e06d6e1 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 9c3e5ad2b..2a82f76df 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix agent 2" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 0e1002186..00f12f993 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index cd7971d4c..c289ed309 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index f91b44593..81c9c66f8 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 821124919..4ee7e77cb 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 4a75ffd79..0390f8a56 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index dd850cf55..290c87e5b 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index 7310713c9..8632ebf57 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 6f88b09cd..0caf6c0da 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 8e6d6694c..39e7c2433 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.12 +FROM alpine:3.13 LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ From d5ca467297d356b8fec0662df3559aecc2dacc72 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 9 Apr 2021 23:57:54 -0400 Subject: [PATCH 067/253] Updated unsupported releases. Zabbix 3.0 --- agent2/alpine/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent2/alpine/README.md b/agent2/alpine/README.md index 6608c9551..43c571dfb 100644 --- a/agent2/alpine/README.md +++ b/agent2/alpine/README.md @@ -17,7 +17,7 @@ Zabbix agent 2 is deployed on a monitoring target to actively monitor local reso These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: Zabbix agent 2 4.4 (tags: alpine-4.4-latest, alpine-latest, latest) (unsupported) - Zabbix agent 2 4.4.* (tags: alpine-4.4.*) + Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) Zabbix agent 2 5.0 (tags: alpine-5.0-latest) Zabbix agent 2 5.0.* (tags: alpine-5.0.*) Zabbix agent 2 5.2 (tags: alpine-trunk) From 0176c8b573ba0f2eb23684484203fe7167628f6c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 10 Apr 2021 06:30:30 -0400 Subject: [PATCH 068/253] Added modbus support for Zabbix agent Ubuntu image --- agent/ubuntu/Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index a05b52c5d..333805ff9 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -41,6 +41,7 @@ RUN set -eux && \ ca-certificates \ libssl1.1 \ libcurl4 \ + libmodbus5 \ libldap-2.4 && \ apt-get -y autoremove && \ apt-get -y clean && \ @@ -63,6 +64,7 @@ RUN set -eux && \ automake \ libcurl4-openssl-dev \ libc6-dev \ + libmodbus-dev \ libldap2-dev \ libpcre3-dev \ libssl-dev \ @@ -84,6 +86,7 @@ RUN set -eux && \ --prefix=/usr \ --enable-agent \ --with-libcurl \ + --with-libmodbus \ --with-ldap \ --with-openssl \ --enable-ipv6 \ @@ -100,6 +103,7 @@ RUN set -eux && \ automake \ libcurl4-openssl-dev \ libc6-dev \ + libmodbus-dev \ libldap2-dev \ libssl-dev \ make \ From d316c8f6d8f327e085f4fea36d37c871fab2dd85 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 10 Apr 2021 06:38:02 -0400 Subject: [PATCH 069/253] Added Zabbix agent 2 Ubuntu image --- agent2/alpine/Dockerfile | 1 + agent2/alpine/README.md | 10 +- agent2/ubuntu/.dockerignore | 1 + agent2/ubuntu/Dockerfile | 128 +++++++++++++++++ agent2/ubuntu/README.md | 215 ++++++++++++++++++++++++++++ agent2/ubuntu/build.sh | 1 + agent2/ubuntu/docker-entrypoint.sh | 217 +++++++++++++++++++++++++++++ agent2/ubuntu/hooks/build | 13 ++ 8 files changed, 582 insertions(+), 4 deletions(-) create mode 100644 agent2/ubuntu/.dockerignore create mode 100644 agent2/ubuntu/Dockerfile create mode 100644 agent2/ubuntu/README.md create mode 120000 agent2/ubuntu/build.sh create mode 100755 agent2/ubuntu/docker-entrypoint.sh create mode 100755 agent2/ubuntu/hooks/build diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 2a82f76df..899346ae7 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -27,6 +27,7 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/modules && \ apk add --no-cache --clean-protected \ tini \ + tzdata \ bash \ pcre \ coreutils \ diff --git a/agent2/alpine/README.md b/agent2/alpine/README.md index 43c571dfb..0a2a5635b 100644 --- a/agent2/alpine/README.md +++ b/agent2/alpine/README.md @@ -16,11 +16,13 @@ Zabbix agent 2 is deployed on a monitoring target to actively monitor local reso These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: - Zabbix agent 2 4.4 (tags: alpine-4.4-latest, alpine-latest, latest) (unsupported) + Zabbix agent 2 4.4 (tags: alpine-4.4-latest) (unsupported) Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) - Zabbix agent 2 5.0 (tags: alpine-5.0-latest) - Zabbix agent 2 5.0.* (tags: alpine-5.0.*) - Zabbix agent 2 5.2 (tags: alpine-trunk) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, alpine-latest, ubuntu-latest, latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.0.*) + Zabbix agent 2 5.4 (tags: alpine-trunk, ubuntu-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. diff --git a/agent2/ubuntu/.dockerignore b/agent2/ubuntu/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/agent2/ubuntu/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile new file mode 100644 index 000000000..169296e2c --- /dev/null +++ b/agent2/ubuntu/Dockerfile @@ -0,0 +1,128 @@ +FROM ubuntu:focal + +LABEL org.opencontainers.image.title="Zabbix agent 2" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +RUN set -eux && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + i686) export ARCH_SUFFIX='i386' ;; \ + x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ + aarch64) export ARCH_SUFFIX='arm64' ;; \ + armv7l) export ARCH_SUFFIX='armhf' ;; \ + ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ + s390x) export ARCH_SUFFIX='s390x' ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + tini \ + tzdata \ + ca-certificates \ + libssl1.1 \ + libcurl4 \ + libldap-2.4 && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* + +ARG MAJOR_VERSION=5.4 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + autoconf \ + automake \ + libpcre3-dev \ + libssl-dev \ + zlib1g-dev \ + make \ + pkg-config \ + git \ + gcc \ + golang && \ + cd /tmp/ && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --with-openssl \ + --enable-ipv6 \ + --enable-agent2 \ + --enable-agent \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 /usr/sbin/zabbix_agent2 && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ + strip /usr/sbin/zabbix_agent2 && \ + strip /usr/bin/zabbix_get && \ + strip /usr/bin/zabbix_sender && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + apt-get -y purge \ + autoconf \ + automake \ + libpcre3-dev \ + libssl-dev \ + zlib1g-dev \ + make \ + pkg-config \ + git \ + gcc \ + golang && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* + +EXPOSE 10050/TCP + +WORKDIR /var/lib/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agent2", "--foreground", "-c", "/etc/zabbix/zabbix_agent2.conf"] diff --git a/agent2/ubuntu/README.md b/agent2/ubuntu/README.md new file mode 100644 index 000000000..0a2a5635b --- /dev/null +++ b/agent2/ubuntu/README.md @@ -0,0 +1,215 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent 2? + +Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent 2 images + +These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: + + Zabbix agent 2 4.4 (tags: alpine-4.4-latest) (unsupported) + Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, alpine-latest, ubuntu-latest, latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.0.*) + Zabbix agent 2 5.4 (tags: alpine-trunk, ubuntu-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent2` + +Start a Zabbix agent 2 container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent2:tag + +Where `some-zabbix-agent2` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent2/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent 2 port (``10050``) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent2 -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent2:latest +``` + +## Container shell access and viewing Zabbix agent 2 logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent2` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent 2 log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent2:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent2:latest +``` + +## Environment Variables + +When you start the `zabbix-agent2` image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agent2.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agent2.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 +ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 +ZBX_ENABLESTATUSPORT= +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agent2.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2) to get more information about the variables. + +## Allowed volumes for the Zabbix agent 2 container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/buffer`` + +The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. + +# The image variants + +The `zabbix-agent2` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/4.4/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/agent2/ubuntu/build.sh b/agent2/ubuntu/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/agent2/ubuntu/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/agent2/ubuntu/docker-entrypoint.sh b/agent2/ubuntu/docker-entrypoint.sh new file mode 100755 index 000000000..5cad1e570 --- /dev/null +++ b/agent2/ubuntu/docker-entrypoint.sh @@ -0,0 +1,217 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix installation name +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_agent_config() { + echo "** Preparing Zabbix agent configuration file" + ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf + + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} + + [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS + + ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS + + [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS + + ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS + + update_config_var $ZBX_AGENT_CONFIG "PidFile" + update_config_var $ZBX_AGENT_CONFIG "LogType" "console" + update_config_var $ZBX_AGENT_CONFIG "LogFile" + update_config_var $ZBX_AGENT_CONFIG "LogFileSize" + update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_AGENT_CONFIG "SourceIP" + update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + : ${ZBX_PASSIVE_ALLOW:="true"} + if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then + echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" + update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "Server" + fi + + update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" + + : ${ZBX_ACTIVE_ALLOW:="true"} + if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then + echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" + update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "ServerActive" + fi + + if [ "$ZBX_ENABLESTATUSPORT" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" + else + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" + fi + + if [ "$ZBX_ENABLESTATUSPORT" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999" + fi + +# update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" +# update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" + + update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" + update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" + update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" + update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" + update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" + update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} + update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" + update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" + update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" +} + +prepare_agent() { + echo "** Preparing Zabbix agent" + prepare_zbx_agent_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agent2 "$@" +fi + +if [ "$1" == '/usr/sbin/zabbix_agent2' ]; then + prepare_agent +fi + +exec "$@" + +################################################# diff --git a/agent2/ubuntu/hooks/build b/agent2/ubuntu/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/agent2/ubuntu/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . From d2db348009186f29bd8765788b673498b5b2dda2 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 13 Apr 2021 08:16:43 -0400 Subject: [PATCH 070/253] Ignore case for boolean vars --- web-apache-mysql/alpine/docker-entrypoint.sh | 4 ++-- web-apache-mysql/centos/docker-entrypoint.sh | 4 ++-- web-apache-mysql/ubuntu/docker-entrypoint.sh | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index 42b325f0f..9932f6d38 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -96,7 +96,7 @@ check_variables() { db_tls_params() { local result="" - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + if [ "${ZBX_DB_ENCRYPTION,,}" == "true" ]; then result="--ssl" if [ -n "${ZBX_DB_CA_FILE}" ]; then @@ -198,7 +198,7 @@ prepare_zbx_web_config() { export ZBX_DB_KEY_FILE=${ZBX_DB_KEY_FILE} export ZBX_DB_CERT_FILE=${ZBX_DB_CERT_FILE} export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} - : ${ZBX_DB_VERIFY_HOST="false"} + : ${ZBX_DB_VERIFY_HOST:="false"} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST,,} export ZBX_VAULTURL=${ZBX_VAULTURL} diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index ad515e169..bc8bdfe4f 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -96,7 +96,7 @@ check_variables() { db_tls_params() { local result="" - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + if [ "${ZBX_DB_ENCRYPTION,,}" == "true" ]; then result="--ssl-mode=required" if [ -n "${ZBX_DB_CA_FILE}" ]; then @@ -207,7 +207,7 @@ prepare_zbx_web_config() { export ZBX_DB_KEY_FILE=${ZBX_DB_KEY_FILE} export ZBX_DB_CERT_FILE=${ZBX_DB_CERT_FILE} export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} - : ${ZBX_DB_VERIFY_HOST="false"} + : ${ZBX_DB_VERIFY_HOST:="false"} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST,,} export ZBX_VAULTURL=${ZBX_VAULTURL} diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 0a955ebb7..6358508d4 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -96,7 +96,7 @@ check_variables() { db_tls_params() { local result="" - if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then + if [ "${ZBX_DB_ENCRYPTION,,}" == "true" ]; then result="--ssl-mode=required" if [ -n "${ZBX_DB_CA_FILE}" ]; then @@ -198,7 +198,7 @@ prepare_zbx_web_config() { export ZBX_DB_KEY_FILE=${ZBX_DB_KEY_FILE} export ZBX_DB_CERT_FILE=${ZBX_DB_CERT_FILE} export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} - : ${ZBX_DB_VERIFY_HOST="false"} + : ${ZBX_DB_VERIFY_HOST:="false"} export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST,,} export ZBX_VAULTURL=${ZBX_VAULTURL} From f6f9ea625cd78296fba10448423748beef3d770c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 23 Apr 2021 01:19:41 +0500 Subject: [PATCH 071/253] Added new parameter history pollers for server and proxies --- proxy-mysql/alpine/docker-entrypoint.sh | 1 + proxy-mysql/centos/docker-entrypoint.sh | 1 + proxy-mysql/ubuntu/docker-entrypoint.sh | 1 + proxy-sqlite3/alpine/docker-entrypoint.sh | 1 + proxy-sqlite3/centos/docker-entrypoint.sh | 1 + proxy-sqlite3/ubuntu/docker-entrypoint.sh | 1 + server-mysql/alpine/docker-entrypoint.sh | 1 + server-mysql/centos/docker-entrypoint.sh | 1 + server-mysql/ubuntu/docker-entrypoint.sh | 1 + server-pgsql/alpine/docker-entrypoint.sh | 1 + server-pgsql/centos/docker-entrypoint.sh | 1 + server-pgsql/ubuntu/docker-entrypoint.sh | 1 + 12 files changed, 12 insertions(+) diff --git a/proxy-mysql/alpine/docker-entrypoint.sh b/proxy-mysql/alpine/docker-entrypoint.sh index 548b52ccb..abcdfd445 100755 --- a/proxy-mysql/alpine/docker-entrypoint.sh +++ b/proxy-mysql/alpine/docker-entrypoint.sh @@ -375,6 +375,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-mysql/centos/docker-entrypoint.sh b/proxy-mysql/centos/docker-entrypoint.sh index 87ae89274..f3d6557c5 100755 --- a/proxy-mysql/centos/docker-entrypoint.sh +++ b/proxy-mysql/centos/docker-entrypoint.sh @@ -373,6 +373,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index ced972b18..c5cdcaa7f 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -372,6 +372,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-sqlite3/alpine/docker-entrypoint.sh b/proxy-sqlite3/alpine/docker-entrypoint.sh index 229d56a92..3f7008b95 100755 --- a/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -167,6 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-sqlite3/centos/docker-entrypoint.sh b/proxy-sqlite3/centos/docker-entrypoint.sh index 229d56a92..3f7008b95 100755 --- a/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/proxy-sqlite3/centos/docker-entrypoint.sh @@ -167,6 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/proxy-sqlite3/ubuntu/docker-entrypoint.sh index 5bc90dac0..48ae24346 100755 --- a/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -167,6 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/server-mysql/alpine/docker-entrypoint.sh b/server-mysql/alpine/docker-entrypoint.sh index ae23bc659..d54c93a2c 100755 --- a/server-mysql/alpine/docker-entrypoint.sh +++ b/server-mysql/alpine/docker-entrypoint.sh @@ -353,6 +353,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index 3aa594d5d..cf38019c9 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -350,6 +350,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 84a89d077..8c542490b 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -350,6 +350,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" diff --git a/server-pgsql/alpine/docker-entrypoint.sh b/server-pgsql/alpine/docker-entrypoint.sh index d0ac418ec..cdcf65b7b 100755 --- a/server-pgsql/alpine/docker-entrypoint.sh +++ b/server-pgsql/alpine/docker-entrypoint.sh @@ -386,6 +386,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index d0ac418ec..cdcf65b7b 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -386,6 +386,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index c250ce68b..eacec16dc 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -386,6 +386,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" From e9efde3ee5bdea783d3fa41ef6a2a2e49606da62 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 10:27:20 -0400 Subject: [PATCH 072/253] Added Zabbix web service image --- .env_web_service | 9 ++ web-service/alpine/.dockerignore | 1 + web-service/alpine/Dockerfile | 87 ++++++++++++++ web-service/alpine/README.md | 146 ++++++++++++++++++++++++ web-service/alpine/build.sh | 1 + web-service/alpine/docker-entrypoint.sh | 139 ++++++++++++++++++++++ web-service/alpine/hooks/build | 13 +++ 7 files changed, 396 insertions(+) create mode 100644 .env_web_service create mode 100644 web-service/alpine/.dockerignore create mode 100644 web-service/alpine/Dockerfile create mode 100644 web-service/alpine/README.md create mode 120000 web-service/alpine/build.sh create mode 100755 web-service/alpine/docker-entrypoint.sh create mode 100755 web-service/alpine/hooks/build diff --git a/.env_web_service b/.env_web_service new file mode 100644 index 000000000..30497743e --- /dev/null +++ b/.env_web_service @@ -0,0 +1,9 @@ +ZBX_DEBUGLEVEL=5 +ZBX_ALLOWEDIP=zabbix-server +# ZBX_LISTENPORT=10053 +# ZBX_LISTENIP= +# ZBX_TIMEOUT=3 +# ZBX_TLSACCEPT=unencrypted +# ZBX_TLSCAFILE= +# ZBX_TLSCERTFILE= +# ZBX_TLSKEYFILE= diff --git a/web-service/alpine/.dockerignore b/web-service/alpine/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/web-service/alpine/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile new file mode 100644 index 000000000..1fa030370 --- /dev/null +++ b/web-service/alpine/Dockerfile @@ -0,0 +1,87 @@ +FROM alpine:3.13 + +LABEL org.opencontainers.image.title="Zabbix web service" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +RUN set -eux && \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ + zabbix && \ + adduser zabbix root && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + apk add --no-cache --clean-protected \ + bash \ + chromium && \ + rm -rf /var/cache/apk/* + +ARG MAJOR_VERSION=5.4 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + apk add --no-cache --virtual build-dependencies \ + autoconf \ + automake \ + go \ + g++ \ + make \ + git \ + pkgconf && \ + cd /tmp/ && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-ipv6 \ + --enable-webservice \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + apk del --purge --no-network \ + build-dependencies && \ + rm -rf /var/cache/apk/* + +EXPOSE 10053/TCP + +WORKDIR /var/lib/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_web_service", "-c", "/etc/zabbix/zabbix_web_service.conf"] diff --git a/web-service/alpine/README.md b/web-service/alpine/README.md new file mode 100644 index 000000000..3e65d5f97 --- /dev/null +++ b/web-service/alpine/README.md @@ -0,0 +1,146 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix web service? + +Zabbix web servce for performing various tasks using headless web browser (for example, reporting). + +# Zabbix agent images + +These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: + + Zabbix agent 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-web-service` + +Start a Zabbix agent container as follows: + + docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag + +Where `some-zabbix-web-service` is the name you want to assign to your container, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-service/tags/). + +## Connects from Zabbix server in other containers + +This image exposes the standard Zabbix web service port (``10053``) to perform communication, so container linking makes Zabbix web service instance available to Zabbix server containers. Start your application container like this in order to link it to the Zabbix web service container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-web-service:zabbix-web-service -e ZBX_STARTREPORTWRITERS="2" -e ZBX_WEBSERVICEURL="http://some-zabbix-web-service:10053/report" -d zabbix/zabbix-server:latest +``` + +## Container shell access and viewing Zabbix web service logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-service` container: + +```console +$ docker exec -ti some-zabbix-web-service /bin/bash +``` + +The Zabbix web service log is available through Docker's container log: + +```console +$ docker logs some-zabbix-web-service +``` + +## Capaibilities + + + +## Environment Variables + +When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line. + +### `ZBX_ALLOWEDIP` + +This variable is IP or DNS name or list of IP / DNS names of Zabbix server. By default, value is `zabbix-server`. + +### `ZBX_LISTENPORT` + +Listen port for incoming request. By default, value is `10053`. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_web_service.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing requests. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +``` + +Default values of these variables are specified after equal sign. + +Please use official documentation for [``zabbix_web_service.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_web_service) to get more information about the variables. + +## Allowed volumes for the Zabbix web service container + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCERTFILE`` and ``ZBX_TLSKEY_FILE`` variables. + +# The image variants + +The `zabbix-web-service` images come in many flavors, each designed for a specific use case. + +## `zabbix-web-service:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-web-service:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`web-service/` directory](https://github.com/zabbix/zabbix-docker/tree/5.4/web-service) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/web-service/alpine/build.sh b/web-service/alpine/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/web-service/alpine/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/web-service/alpine/docker-entrypoint.sh b/web-service/alpine/docker-entrypoint.sh new file mode 100755 index 000000000..248e73c83 --- /dev/null +++ b/web-service/alpine/docker-entrypoint.sh @@ -0,0 +1,139 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_web_service_config() { + echo "** Preparing Zabbix web service configuration file" + ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console" + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile" + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize" + update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + : ${ZBX_ALLOWEDIP:="zabbix-server"} + update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" +} + +prepare_web_service() { + echo "** Preparing Zabbix web service" + prepare_zbx_web_service_config +} + +################################################# + +if [ "$1" == '/usr/sbin/zabbix_web_service' ]; then + prepare_web_service +fi + +exec "$@" + +################################################# diff --git a/web-service/alpine/hooks/build b/web-service/alpine/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/web-service/alpine/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . From 8c84de20eaff10129b68673058409c352cbb02a3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 10:30:54 -0400 Subject: [PATCH 073/253] Added Zabbix web service image --- web-service/alpine/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web-service/alpine/README.md b/web-service/alpine/README.md index 3e65d5f97..0bb55288b 100644 --- a/web-service/alpine/README.md +++ b/web-service/alpine/README.md @@ -12,11 +12,11 @@ For more information and related downloads for Zabbix components, please visit h Zabbix web servce for performing various tasks using headless web browser (for example, reporting). -# Zabbix agent images +# Zabbix web service images -These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: +These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: - Zabbix agent 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. @@ -24,7 +24,7 @@ Images are updated when new releases are published. The image with ``latest`` ta ## Start `zabbix-web-service` -Start a Zabbix agent container as follows: +Start a Zabbix web service container as follows: docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag From 5655cff50adb4c7396d3d2d755af45391a05655a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 16:27:37 -0400 Subject: [PATCH 074/253] Added Zabbix web service image --- .env_web_service | 2 +- web-service/centos/.dockerignore | 1 + web-service/centos/Dockerfile | 102 ++++++++++++ web-service/centos/README.md | 149 ++++++++++++++++++ web-service/centos/build.sh | 1 + web-service/centos/docker-entrypoint.sh | 139 ++++++++++++++++ web-service/centos/hooks/build | 13 ++ web-service/ubuntu/.dockerignore | 1 + web-service/ubuntu/Dockerfile | 118 ++++++++++++++ web-service/ubuntu/README.md | 149 ++++++++++++++++++ web-service/ubuntu/build.sh | 1 + .../conf/etc/apt/preferences.d/chromium.pref | 14 ++ .../conf/etc/apt/sources.list.d/debian.list | 3 + web-service/ubuntu/docker-entrypoint.sh | 139 ++++++++++++++++ web-service/ubuntu/hooks/build | 13 ++ 15 files changed, 844 insertions(+), 1 deletion(-) create mode 100644 web-service/centos/.dockerignore create mode 100644 web-service/centos/Dockerfile create mode 100644 web-service/centos/README.md create mode 120000 web-service/centos/build.sh create mode 100755 web-service/centos/docker-entrypoint.sh create mode 100755 web-service/centos/hooks/build create mode 100644 web-service/ubuntu/.dockerignore create mode 100644 web-service/ubuntu/Dockerfile create mode 100644 web-service/ubuntu/README.md create mode 120000 web-service/ubuntu/build.sh create mode 100644 web-service/ubuntu/conf/etc/apt/preferences.d/chromium.pref create mode 100644 web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list create mode 100755 web-service/ubuntu/docker-entrypoint.sh create mode 100755 web-service/ubuntu/hooks/build diff --git a/.env_web_service b/.env_web_service index 30497743e..1d473f108 100644 --- a/.env_web_service +++ b/.env_web_service @@ -1,4 +1,4 @@ -ZBX_DEBUGLEVEL=5 +# ZBX_DEBUGLEVEL=3 ZBX_ALLOWEDIP=zabbix-server # ZBX_LISTENPORT=10053 # ZBX_LISTENIP= diff --git a/web-service/centos/.dockerignore b/web-service/centos/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/web-service/centos/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/web-service/centos/Dockerfile b/web-service/centos/Dockerfile new file mode 100644 index 000000000..282248c4b --- /dev/null +++ b/web-service/centos/Dockerfile @@ -0,0 +1,102 @@ +FROM centos:centos8 + +LABEL org.opencontainers.image.title="Zabbix web service" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +RUN set -eux && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + i686) export ARCH_SUFFIX='i386' ;; \ + x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ + aarch64) export ARCH_SUFFIX='arm64' ;; \ + armv7l) export ARCH_SUFFIX='armhf' ;; \ + ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ + s390x) export ARCH_SUFFIX='s390x' ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + dnf --quiet makecache && \ + dnf -y install epel-release && \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ + chromium \ + openssl-libs \ + zlib && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +ARG MAJOR_VERSION=5.4 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + dnf --quiet makecache && \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ + autoconf \ + automake \ + gcc \ + make \ + golang \ + git && \ + cd /tmp/ && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-ipv6 \ + --enable-webservice \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10053/TCP + +WORKDIR /var/lib/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_web_service", "-c", "/etc/zabbix/zabbix_web_service.conf"] diff --git a/web-service/centos/README.md b/web-service/centos/README.md new file mode 100644 index 000000000..613a0bf32 --- /dev/null +++ b/web-service/centos/README.md @@ -0,0 +1,149 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix web service? + +Zabbix web servce for performing various tasks using headless web browser (for example, reporting). + +# Zabbix web service images + +These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: + + Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-web-service` + +Start a Zabbix web service container as follows: + + docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag + +Where `some-zabbix-web-service` is the name you want to assign to your container, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-service/tags/). + +## Connects from Zabbix server in other containers + +This image exposes the standard Zabbix web service port (``10053``) to perform communication, so container linking makes Zabbix web service instance available to Zabbix server containers. Start your application container like this in order to link it to the Zabbix web service container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-web-service:zabbix-web-service -e ZBX_STARTREPORTWRITERS="2" -e ZBX_WEBSERVICEURL="http://some-zabbix-web-service:10053/report" -d zabbix/zabbix-server:latest +``` + +## Container shell access and viewing Zabbix web service logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-service` container: + +```console +$ docker exec -ti some-zabbix-web-service /bin/bash +``` + +The Zabbix web service log is available through Docker's container log: + +```console +$ docker logs some-zabbix-web-service +``` + +## Environment Variables + +When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line. + +### `ZBX_ALLOWEDIP` + +This variable is IP or DNS name or list of IP / DNS names of Zabbix server. By default, value is `zabbix-server`. + +### `ZBX_LISTENPORT` + +Listen port for incoming request. By default, value is `10053`. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_web_service.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing requests. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +``` + +Default values of these variables are specified after equal sign. + +Please use official documentation for [``zabbix_web_service.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_web_service) to get more information about the variables. + +## Allowed volumes for the Zabbix web service container + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCERTFILE`` and ``ZBX_TLSKEY_FILE`` variables. + +# The image variants + +The `zabbix-web-service` images come in many flavors, each designed for a specific use case. + +## `zabbix-web-service:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-web-service:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`web-service/` directory](https://github.com/zabbix/zabbix-docker/tree/5.4/web-service) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Zabbix web services uses Google Chromium with headless mode. Because of restrictions you may see the following error during report generation: +``` +Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted +``` + +To avoid the issue it is required to add ``SYS_ADMIN`` capability for Zabbix web service. The capability is redundant and allow too much. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/web-service/centos/build.sh b/web-service/centos/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/web-service/centos/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/web-service/centos/docker-entrypoint.sh b/web-service/centos/docker-entrypoint.sh new file mode 100755 index 000000000..248e73c83 --- /dev/null +++ b/web-service/centos/docker-entrypoint.sh @@ -0,0 +1,139 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_web_service_config() { + echo "** Preparing Zabbix web service configuration file" + ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console" + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile" + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize" + update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + : ${ZBX_ALLOWEDIP:="zabbix-server"} + update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" +} + +prepare_web_service() { + echo "** Preparing Zabbix web service" + prepare_zbx_web_service_config +} + +################################################# + +if [ "$1" == '/usr/sbin/zabbix_web_service' ]; then + prepare_web_service +fi + +exec "$@" + +################################################# diff --git a/web-service/centos/hooks/build b/web-service/centos/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/web-service/centos/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . diff --git a/web-service/ubuntu/.dockerignore b/web-service/ubuntu/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/web-service/ubuntu/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile new file mode 100644 index 000000000..5822e7acc --- /dev/null +++ b/web-service/ubuntu/Dockerfile @@ -0,0 +1,118 @@ +FROM ubuntu:focal + +LABEL org.opencontainers.image.title="Zabbix web service" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +COPY ["conf/etc/apt/sources.list.d/debian.list", "/etc/apt/sources.list.d/debian.list"] +COPY ["conf/etc/apt/preferences.d/chromium.pref", "/etc/apt/preferences.d/chromium.pref"] + +RUN set -eux && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + i686) export ARCH_SUFFIX='i386' ;; \ + x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ + aarch64) export ARCH_SUFFIX='arm64' ;; \ + armv7l) export ARCH_SUFFIX='armhf' ;; \ + ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ + s390x) export ARCH_SUFFIX='s390x' ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + apt-get -y update | true && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + ca-certificates \ + gnupg && \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys DCC9EFBF77E11517 && \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 && \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys AA8E81B4331F7F50 && \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install chromium chromium-sandbox && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* + +ARG MAJOR_VERSION=5.4 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + autoconf \ + automake \ + make \ + pkg-config \ + git \ + g++ \ + golang && \ + cd /tmp/ && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-ipv6 \ + --enable-webservice \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + apt-get -y purge \ + autoconf \ + automake \ + make \ + pkg-config \ + git \ + g++ \ + golang && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* + +EXPOSE 10053/TCP + +WORKDIR /var/lib/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_web_service", "-c", "/etc/zabbix/zabbix_web_service.conf"] diff --git a/web-service/ubuntu/README.md b/web-service/ubuntu/README.md new file mode 100644 index 000000000..613a0bf32 --- /dev/null +++ b/web-service/ubuntu/README.md @@ -0,0 +1,149 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix web service? + +Zabbix web servce for performing various tasks using headless web browser (for example, reporting). + +# Zabbix web service images + +These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: + + Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-web-service` + +Start a Zabbix web service container as follows: + + docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag + +Where `some-zabbix-web-service` is the name you want to assign to your container, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-service/tags/). + +## Connects from Zabbix server in other containers + +This image exposes the standard Zabbix web service port (``10053``) to perform communication, so container linking makes Zabbix web service instance available to Zabbix server containers. Start your application container like this in order to link it to the Zabbix web service container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-web-service:zabbix-web-service -e ZBX_STARTREPORTWRITERS="2" -e ZBX_WEBSERVICEURL="http://some-zabbix-web-service:10053/report" -d zabbix/zabbix-server:latest +``` + +## Container shell access and viewing Zabbix web service logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-service` container: + +```console +$ docker exec -ti some-zabbix-web-service /bin/bash +``` + +The Zabbix web service log is available through Docker's container log: + +```console +$ docker logs some-zabbix-web-service +``` + +## Environment Variables + +When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line. + +### `ZBX_ALLOWEDIP` + +This variable is IP or DNS name or list of IP / DNS names of Zabbix server. By default, value is `zabbix-server`. + +### `ZBX_LISTENPORT` + +Listen port for incoming request. By default, value is `10053`. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_web_service.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing requests. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +``` + +Default values of these variables are specified after equal sign. + +Please use official documentation for [``zabbix_web_service.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_web_service) to get more information about the variables. + +## Allowed volumes for the Zabbix web service container + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCERTFILE`` and ``ZBX_TLSKEY_FILE`` variables. + +# The image variants + +The `zabbix-web-service` images come in many flavors, each designed for a specific use case. + +## `zabbix-web-service:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-web-service:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`web-service/` directory](https://github.com/zabbix/zabbix-docker/tree/5.4/web-service) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Zabbix web services uses Google Chromium with headless mode. Because of restrictions you may see the following error during report generation: +``` +Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted +``` + +To avoid the issue it is required to add ``SYS_ADMIN`` capability for Zabbix web service. The capability is redundant and allow too much. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/web-service/ubuntu/build.sh b/web-service/ubuntu/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/web-service/ubuntu/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/web-service/ubuntu/conf/etc/apt/preferences.d/chromium.pref b/web-service/ubuntu/conf/etc/apt/preferences.d/chromium.pref new file mode 100644 index 000000000..4c83dc746 --- /dev/null +++ b/web-service/ubuntu/conf/etc/apt/preferences.d/chromium.pref @@ -0,0 +1,14 @@ +# Note: 2 blank lines are required between entries +Package: * +Pin: release a=focal +Pin-Priority: 500 + +Package: * +Pin: origin "ftp.debian.org" +Pin-Priority: 300 + +# Pattern includes 'chromium', 'chromium-browser' and similarly +# named dependencies: +Package: chromium* +Pin: origin "ftp.debian.org" +Pin-Priority: 700 \ No newline at end of file diff --git a/web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list b/web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list new file mode 100644 index 000000000..48253a74e --- /dev/null +++ b/web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list @@ -0,0 +1,3 @@ +deb http://deb.debian.org/debian buster main +deb http://deb.debian.org/debian buster-updates main +deb http://deb.debian.org/debian-security buster/updates main diff --git a/web-service/ubuntu/docker-entrypoint.sh b/web-service/ubuntu/docker-entrypoint.sh new file mode 100755 index 000000000..248e73c83 --- /dev/null +++ b/web-service/ubuntu/docker-entrypoint.sh @@ -0,0 +1,139 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_web_service_config() { + echo "** Preparing Zabbix web service configuration file" + ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console" + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile" + update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize" + update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + : ${ZBX_ALLOWEDIP:="zabbix-server"} + update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" +} + +prepare_web_service() { + echo "** Preparing Zabbix web service" + prepare_zbx_web_service_config +} + +################################################# + +if [ "$1" == '/usr/sbin/zabbix_web_service' ]; then + prepare_web_service +fi + +exec "$@" + +################################################# diff --git a/web-service/ubuntu/hooks/build b/web-service/ubuntu/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/web-service/ubuntu/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . From d67206ebc31c2add13532751e50c7756e4d82454 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 16:43:44 -0400 Subject: [PATCH 075/253] Added Zabbix web service image --- web-service/alpine/Dockerfile | 2 +- web-service/alpine/README.md | 11 +++++++---- web-service/ubuntu/Dockerfile | 2 ++ 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index 1fa030370..df8992d8a 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ ./bootstrap.sh && \ export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ ./configure \ diff --git a/web-service/alpine/README.md b/web-service/alpine/README.md index 0bb55288b..613a0bf32 100644 --- a/web-service/alpine/README.md +++ b/web-service/alpine/README.md @@ -52,10 +52,6 @@ The Zabbix web service log is available through Docker's container log: $ docker logs some-zabbix-web-service ``` -## Capaibilities - - - ## Environment Variables When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line. @@ -139,6 +135,13 @@ If you have any problems with or questions about this image, please contact us t ### Known issues +Zabbix web services uses Google Chromium with headless mode. Because of restrictions you may see the following error during report generation: +``` +Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted +``` + +To avoid the issue it is required to add ``SYS_ADMIN`` capability for Zabbix web service. The capability is redundant and allow too much. + ## Contributing You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index 5822e7acc..c85fc0c21 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -45,6 +45,8 @@ RUN set -eux && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install chromium chromium-sandbox && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ + gnupg && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* From 4f5b47d35c2948212a060e4ab8e3a4213c054e4b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 16:47:11 -0400 Subject: [PATCH 076/253] Use g++ package instead of gcc --- agent2/ubuntu/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index 169296e2c..471b26f98 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -67,7 +67,7 @@ RUN set -eux && \ make \ pkg-config \ git \ - gcc \ + g++ \ golang && \ cd /tmp/ && \ git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ @@ -106,7 +106,7 @@ RUN set -eux && \ make \ pkg-config \ git \ - gcc \ + g++ \ golang && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ From 1bbe37282f2b7aef6835bbd1f4a14c1feb8e4c17 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 17:10:15 -0400 Subject: [PATCH 077/253] Added Zabbix web service image --- .env_srv | 2 ++ docker-compose_v3_alpine_mysql_latest.yaml | 31 +++++++++++++++++++ docker-compose_v3_alpine_mysql_local.yaml | 35 ++++++++++++++++++++++ docker-compose_v3_alpine_pgsql_latest.yaml | 31 +++++++++++++++++++ docker-compose_v3_alpine_pgsql_local.yaml | 35 ++++++++++++++++++++++ docker-compose_v3_centos_mysql_latest.yaml | 31 +++++++++++++++++++ docker-compose_v3_centos_mysql_local.yaml | 35 ++++++++++++++++++++++ docker-compose_v3_centos_pgsql_latest.yaml | 31 +++++++++++++++++++ docker-compose_v3_centos_pgsql_local.yaml | 35 ++++++++++++++++++++++ docker-compose_v3_ubuntu_mysql_latest.yaml | 31 +++++++++++++++++++ docker-compose_v3_ubuntu_mysql_local.yaml | 35 ++++++++++++++++++++++ docker-compose_v3_ubuntu_pgsql_latest.yaml | 31 +++++++++++++++++++ docker-compose_v3_ubuntu_pgsql_local.yaml | 35 ++++++++++++++++++++++ proxy-mysql/centos/Dockerfile | 1 + proxy-sqlite3/centos/Dockerfile | 1 + server-mysql/alpine/docker-entrypoint.sh | 4 +++ server-mysql/centos/Dockerfile | 1 + server-mysql/centos/docker-entrypoint.sh | 4 +++ server-mysql/ubuntu/docker-entrypoint.sh | 4 +++ server-pgsql/alpine/docker-entrypoint.sh | 4 +++ server-pgsql/centos/Dockerfile | 1 + server-pgsql/centos/docker-entrypoint.sh | 4 +++ server-pgsql/ubuntu/docker-entrypoint.sh | 4 +++ 23 files changed, 426 insertions(+) diff --git a/.env_srv b/.env_srv index 8fec3afae..13b15b716 100644 --- a/.env_srv +++ b/.env_srv @@ -58,3 +58,5 @@ ZBX_ENABLE_SNMP_TRAPS=true # ZBX_VAULTDBPATH= # ZBX_VAULTURL=https://127.0.0.1:8200 # VAULT_TOKEN= +# ZBX_STARTREPORTWRITERS=0 +# ZBX_WEBSERVICEURL=http://zabbix-web-service:10053/report diff --git a/docker-compose_v3_alpine_mysql_latest.yaml b/docker-compose_v3_alpine_mysql_latest.yaml index bd6eb8c15..ddccae4ce 100644 --- a/docker-compose_v3_alpine_mysql_latest.yaml +++ b/docker-compose_v3_alpine_mysql_latest.yaml @@ -378,6 +378,37 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "alpine" + zabbix-web-service: + image: zabbix/zabbix-web-service:alpine-trunk + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "alpine" + mysql-server: image: mysql:8.0 command: diff --git a/docker-compose_v3_alpine_mysql_local.yaml b/docker-compose_v3_alpine_mysql_local.yaml index 214b2f232..c4d64f4a0 100644 --- a/docker-compose_v3_alpine_mysql_local.yaml +++ b/docker-compose_v3_alpine_mysql_local.yaml @@ -410,6 +410,41 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "alpine" + zabbix-web-service: + build: + context: ./web-service/alpine + cache_from: + - alpine:3.13 + image: zabbix-web-service:alpine-local + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "alpine" + mysql-server: image: mysql:8.0 command: diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 31f520fb0..3703cafd7 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -374,6 +374,37 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "alpine" + zabbix-web-service: + image: zabbix/zabbix-web-service:alpine-trunk + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "alpine" + mysql-server: image: mysql:8.0 profiles: diff --git a/docker-compose_v3_alpine_pgsql_local.yaml b/docker-compose_v3_alpine_pgsql_local.yaml index b9bdf31d2..9c2604235 100644 --- a/docker-compose_v3_alpine_pgsql_local.yaml +++ b/docker-compose_v3_alpine_pgsql_local.yaml @@ -406,6 +406,41 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "alpine" + zabbix-web-service: + build: + context: ./web-service/alpine + cache_from: + - alpine:3.13 + image: zabbix-web-service:alpine-local + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "alpine" + mysql-server: image: mysql:8.0 profiles: diff --git a/docker-compose_v3_centos_mysql_latest.yaml b/docker-compose_v3_centos_mysql_latest.yaml index 2243f58b3..af84bc70f 100644 --- a/docker-compose_v3_centos_mysql_latest.yaml +++ b/docker-compose_v3_centos_mysql_latest.yaml @@ -378,6 +378,37 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "centos" + zabbix-web-service: + image: zabbix/zabbix-web-service:centos-trunk + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-centos + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "centos" + mysql-server: image: mysql:8.0 command: diff --git a/docker-compose_v3_centos_mysql_local.yaml b/docker-compose_v3_centos_mysql_local.yaml index d4a44cb7b..89209a6a2 100644 --- a/docker-compose_v3_centos_mysql_local.yaml +++ b/docker-compose_v3_centos_mysql_local.yaml @@ -410,6 +410,41 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "centos" + zabbix-web-service: + build: + context: ./web-service/centos + cache_from: + - centos:centos8 + image: zabbix-web-service:centos-local + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-centos + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "centos" + mysql-server: image: mysql:8.0 command: diff --git a/docker-compose_v3_centos_pgsql_latest.yaml b/docker-compose_v3_centos_pgsql_latest.yaml index 036fee95d..f9bafbb93 100644 --- a/docker-compose_v3_centos_pgsql_latest.yaml +++ b/docker-compose_v3_centos_pgsql_latest.yaml @@ -374,6 +374,37 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "centos" + zabbix-web-service: + image: zabbix/zabbix-web-service:centos-trunk + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-centos + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "centos" + mysql-server: image: mysql:8.0 profiles: diff --git a/docker-compose_v3_centos_pgsql_local.yaml b/docker-compose_v3_centos_pgsql_local.yaml index 3016f9228..1364c2b47 100644 --- a/docker-compose_v3_centos_pgsql_local.yaml +++ b/docker-compose_v3_centos_pgsql_local.yaml @@ -406,6 +406,41 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "centos" + zabbix-web-service: + build: + context: ./web-service/centos + cache_from: + - centos:centos8 + image: zabbix-web-service:centos-local + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-centos + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "centos" + mysql-server: image: mysql:8.0 profiles: diff --git a/docker-compose_v3_ubuntu_mysql_latest.yaml b/docker-compose_v3_ubuntu_mysql_latest.yaml index b5eb27776..6eb5612ff 100644 --- a/docker-compose_v3_ubuntu_mysql_latest.yaml +++ b/docker-compose_v3_ubuntu_mysql_latest.yaml @@ -370,6 +370,37 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "ubuntu" + zabbix-web-service: + image: zabbix/zabbix-web-service:ubuntu-trunk + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-ubuntu + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "ubuntu" + mysql-server: image: mysql:8.0 command: diff --git a/docker-compose_v3_ubuntu_mysql_local.yaml b/docker-compose_v3_ubuntu_mysql_local.yaml index 103da7a0a..ca2c37a34 100644 --- a/docker-compose_v3_ubuntu_mysql_local.yaml +++ b/docker-compose_v3_ubuntu_mysql_local.yaml @@ -404,6 +404,41 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "ubuntu" + zabbix-web-service: + build: + context: ./web-service/ubuntu + cache_from: + - ubuntu:focal + image: zabbix-web-service:ubuntu-local + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-ubuntu + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "ubuntu" + mysql-server: image: mysql:8.0 command: diff --git a/docker-compose_v3_ubuntu_pgsql_latest.yaml b/docker-compose_v3_ubuntu_pgsql_latest.yaml index c3922a3fc..dc8b8a704 100644 --- a/docker-compose_v3_ubuntu_pgsql_latest.yaml +++ b/docker-compose_v3_ubuntu_pgsql_latest.yaml @@ -368,6 +368,37 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "ubuntu" + zabbix-web-service: + image: zabbix/zabbix-web-service:ubuntu-trunk + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-ubuntu + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "ubuntu" + mysql-server: image: mysql:8.0 profiles: diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index d8b3708d8..9b8684c2e 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -400,6 +400,41 @@ services: com.zabbix.component: "snmptraps" com.zabbix.os: "ubuntu" + zabbix-web-service: + build: + context: ./web-service/ubuntu + cache_from: + - ubuntu:focal + image: zabbix-web-service:ubuntu-local + profiles: + - full + - all + ports: + - "10053:10053" + cap_add: + - SYS_ADMIN + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - .env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-ubuntu + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "ubuntu" + mysql-server: image: mysql:8.0 profiles: diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 200a52088..10d992e18 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -51,6 +51,7 @@ RUN set -eux && \ libevent \ libssh \ fping \ + file-libs \ libxml2 \ mysql \ mysql-libs \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index f51e76c23..e9a0423d6 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -50,6 +50,7 @@ RUN set -eux && \ libevent \ libssh \ fping \ + file-libs \ libxml2 \ net-snmp-libs \ OpenIPMI-libs \ diff --git a/server-mysql/alpine/docker-entrypoint.sh b/server-mysql/alpine/docker-entrypoint.sh index d54c93a2c..40fcea3ce 100755 --- a/server-mysql/alpine/docker-entrypoint.sh +++ b/server-mysql/alpine/docker-entrypoint.sh @@ -339,6 +339,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" fi + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index 27aba9143..d79fa12e2 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -65,6 +65,7 @@ RUN set -eux && \ openssl-libs \ pcre \ zlib \ + file-libs \ unixODBC && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index cf38019c9..fe615ed67 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -336,6 +336,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" fi + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 8c542490b..591df53f6 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -336,6 +336,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" fi + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" diff --git a/server-pgsql/alpine/docker-entrypoint.sh b/server-pgsql/alpine/docker-entrypoint.sh index cdcf65b7b..e61628ea4 100755 --- a/server-pgsql/alpine/docker-entrypoint.sh +++ b/server-pgsql/alpine/docker-entrypoint.sh @@ -372,6 +372,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" fi + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index e404ea809..f241c6252 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -49,6 +49,7 @@ RUN set -eux && \ dnf -y install epel-release && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ fping \ + file-libs \ iputils \ tzdata \ traceroute \ diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index cdcf65b7b..e61628ea4 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -372,6 +372,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" fi + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index eacec16dc..bde3e8aef 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -372,6 +372,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" fi + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" From 629d107e9147280601da722221844659d168df69 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 17:48:49 -0400 Subject: [PATCH 078/253] Added web service parameters and exporttype parameter --- proxy-mysql/alpine/docker-entrypoint.sh | 2 +- proxy-mysql/centos/docker-entrypoint.sh | 2 +- proxy-mysql/ubuntu/docker-entrypoint.sh | 2 +- proxy-sqlite3/alpine/docker-entrypoint.sh | 2 +- proxy-sqlite3/centos/docker-entrypoint.sh | 2 +- proxy-sqlite3/ubuntu/docker-entrypoint.sh | 2 +- server-mysql/alpine/docker-entrypoint.sh | 3 ++- server-mysql/centos/docker-entrypoint.sh | 3 ++- server-mysql/ubuntu/docker-entrypoint.sh | 3 ++- server-pgsql/alpine/docker-entrypoint.sh | 3 ++- server-pgsql/centos/docker-entrypoint.sh | 3 ++- server-pgsql/ubuntu/docker-entrypoint.sh | 3 ++- 12 files changed, 18 insertions(+), 12 deletions(-) diff --git a/proxy-mysql/alpine/docker-entrypoint.sh b/proxy-mysql/alpine/docker-entrypoint.sh index abcdfd445..c6e0eb07a 100755 --- a/proxy-mysql/alpine/docker-entrypoint.sh +++ b/proxy-mysql/alpine/docker-entrypoint.sh @@ -375,7 +375,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-mysql/centos/docker-entrypoint.sh b/proxy-mysql/centos/docker-entrypoint.sh index f3d6557c5..b5ec31189 100755 --- a/proxy-mysql/centos/docker-entrypoint.sh +++ b/proxy-mysql/centos/docker-entrypoint.sh @@ -373,7 +373,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index c5cdcaa7f..0d74aee4a 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -372,7 +372,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-sqlite3/alpine/docker-entrypoint.sh b/proxy-sqlite3/alpine/docker-entrypoint.sh index 3f7008b95..184e81919 100755 --- a/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -167,7 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-sqlite3/centos/docker-entrypoint.sh b/proxy-sqlite3/centos/docker-entrypoint.sh index 3f7008b95..184e81919 100755 --- a/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/proxy-sqlite3/centos/docker-entrypoint.sh @@ -167,7 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/proxy-sqlite3/ubuntu/docker-entrypoint.sh index 48ae24346..d53f698be 100755 --- a/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -167,7 +167,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" : ${ZBX_JAVAGATEWAY_ENABLE:="false"} diff --git a/server-mysql/alpine/docker-entrypoint.sh b/server-mysql/alpine/docker-entrypoint.sh index 40fcea3ce..29319b944 100755 --- a/server-mysql/alpine/docker-entrypoint.sh +++ b/server-mysql/alpine/docker-entrypoint.sh @@ -357,7 +357,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -422,6 +422,7 @@ update_zbx_config() { if [ -n "${ZBX_EXPORTFILESIZE}" ]; then update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" fi update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index fe615ed67..71973e137 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -354,7 +354,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -419,6 +419,7 @@ update_zbx_config() { if [ -n "${ZBX_EXPORTFILESIZE}" ]; then update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" fi update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 591df53f6..3caff1f6c 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -354,7 +354,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -419,6 +419,7 @@ update_zbx_config() { if [ -n "${ZBX_EXPORTFILESIZE}" ]; then update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" fi update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" diff --git a/server-pgsql/alpine/docker-entrypoint.sh b/server-pgsql/alpine/docker-entrypoint.sh index e61628ea4..9146061be 100755 --- a/server-pgsql/alpine/docker-entrypoint.sh +++ b/server-pgsql/alpine/docker-entrypoint.sh @@ -390,7 +390,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -457,6 +457,7 @@ update_zbx_config() { if [ -n "${ZBX_EXPORTFILESIZE}" ]; then update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" fi update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index e61628ea4..9146061be 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -390,7 +390,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -457,6 +457,7 @@ update_zbx_config() { if [ -n "${ZBX_EXPORTFILESIZE}" ]; then update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" fi update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index bde3e8aef..dbde756a2 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -390,7 +390,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_HISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -457,6 +457,7 @@ update_zbx_config() { if [ -n "${ZBX_EXPORTFILESIZE}" ]; then update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" fi update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" From 78719d212feb8c9465c0d24925faf6b433ef6138 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 18:56:12 -0400 Subject: [PATCH 079/253] Added Zabbix web service image --- web-service/centos/Dockerfile | 10 ---------- web-service/ubuntu/Dockerfile | 20 +++++++------------ .../conf/etc/apt/sources.list.d/debian.list | 3 --- 3 files changed, 7 insertions(+), 26 deletions(-) delete mode 100644 web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list diff --git a/web-service/centos/Dockerfile b/web-service/centos/Dockerfile index 282248c4b..fe28ce933 100644 --- a/web-service/centos/Dockerfile +++ b/web-service/centos/Dockerfile @@ -10,16 +10,6 @@ LABEL org.opencontainers.image.title="Zabbix web service" \ STOPSIGNAL SIGTERM RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index c85fc0c21..0ff6fa9ad 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -9,20 +9,9 @@ LABEL org.opencontainers.image.title="Zabbix web service" \ STOPSIGNAL SIGTERM -COPY ["conf/etc/apt/sources.list.d/debian.list", "/etc/apt/sources.list.d/debian.list"] COPY ["conf/etc/apt/preferences.d/chromium.pref", "/etc/apt/preferences.d/chromium.pref"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -35,7 +24,7 @@ RUN set -eux && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - apt-get -y update | true && \ + apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ ca-certificates \ gnupg && \ @@ -43,8 +32,13 @@ RUN set -eux && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys AA8E81B4331F7F50 && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A && \ + echo "deb http://deb.debian.org/debian buster main" > /etc/apt/sources.list.d/debian.list && \ + echo "deb http://deb.debian.org/debian buster-updates main" >> /etc/apt/sources.list.d/debian.list && \ + echo "deb http://deb.debian.org/debian-security buster/updates main" >> /etc/apt/sources.list.d/debian.list && \ apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install chromium chromium-sandbox && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + chromium \ + chromium-sandbox && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gnupg && \ apt-get -y autoremove && \ diff --git a/web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list b/web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list deleted file mode 100644 index 48253a74e..000000000 --- a/web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list +++ /dev/null @@ -1,3 +0,0 @@ -deb http://deb.debian.org/debian buster main -deb http://deb.debian.org/debian buster-updates main -deb http://deb.debian.org/debian-security buster/updates main From 867202beb452af5f1c5a66dc099020d324c154db Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 27 Apr 2021 23:56:40 -0400 Subject: [PATCH 080/253] Added Zabbix web service image --- docker-compose_v3_alpine_mysql_latest.yaml | 2 ++ docker-compose_v3_alpine_mysql_local.yaml | 2 ++ docker-compose_v3_alpine_pgsql_latest.yaml | 2 ++ docker-compose_v3_alpine_pgsql_local.yaml | 2 ++ docker-compose_v3_centos_mysql_latest.yaml | 2 ++ docker-compose_v3_centos_mysql_local.yaml | 2 ++ docker-compose_v3_centos_pgsql_latest.yaml | 2 ++ docker-compose_v3_centos_pgsql_local.yaml | 2 ++ docker-compose_v3_ubuntu_mysql_latest.yaml | 2 ++ docker-compose_v3_ubuntu_mysql_local.yaml | 2 ++ docker-compose_v3_ubuntu_pgsql_latest.yaml | 2 ++ docker-compose_v3_ubuntu_pgsql_local.yaml | 2 ++ web-service/alpine/Dockerfile | 1 - web-service/alpine/docker-entrypoint.sh | 40 +++++++--------------- web-service/centos/Dockerfile | 4 +-- web-service/centos/docker-entrypoint.sh | 40 +++++++--------------- web-service/ubuntu/Dockerfile | 1 - web-service/ubuntu/docker-entrypoint.sh | 40 +++++++--------------- 18 files changed, 62 insertions(+), 88 deletions(-) diff --git a/docker-compose_v3_alpine_mysql_latest.yaml b/docker-compose_v3_alpine_mysql_latest.yaml index ddccae4ce..c44739b53 100644 --- a/docker-compose_v3_alpine_mysql_latest.yaml +++ b/docker-compose_v3_alpine_mysql_latest.yaml @@ -385,6 +385,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_alpine_mysql_local.yaml b/docker-compose_v3_alpine_mysql_local.yaml index c4d64f4a0..71eda1d23 100644 --- a/docker-compose_v3_alpine_mysql_local.yaml +++ b/docker-compose_v3_alpine_mysql_local.yaml @@ -421,6 +421,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 3703cafd7..bd0a49319 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -381,6 +381,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_alpine_pgsql_local.yaml b/docker-compose_v3_alpine_pgsql_local.yaml index 9c2604235..b59ebb581 100644 --- a/docker-compose_v3_alpine_pgsql_local.yaml +++ b/docker-compose_v3_alpine_pgsql_local.yaml @@ -417,6 +417,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_centos_mysql_latest.yaml b/docker-compose_v3_centos_mysql_latest.yaml index af84bc70f..9b4df90a9 100644 --- a/docker-compose_v3_centos_mysql_latest.yaml +++ b/docker-compose_v3_centos_mysql_latest.yaml @@ -387,6 +387,8 @@ services: - "10053:10053" cap_add: - SYS_ADMIN + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro deploy: resources: limits: diff --git a/docker-compose_v3_centos_mysql_local.yaml b/docker-compose_v3_centos_mysql_local.yaml index 89209a6a2..00081b131 100644 --- a/docker-compose_v3_centos_mysql_local.yaml +++ b/docker-compose_v3_centos_mysql_local.yaml @@ -421,6 +421,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_centos_pgsql_latest.yaml b/docker-compose_v3_centos_pgsql_latest.yaml index f9bafbb93..491bfd24c 100644 --- a/docker-compose_v3_centos_pgsql_latest.yaml +++ b/docker-compose_v3_centos_pgsql_latest.yaml @@ -381,6 +381,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_centos_pgsql_local.yaml b/docker-compose_v3_centos_pgsql_local.yaml index 1364c2b47..a923c2f65 100644 --- a/docker-compose_v3_centos_pgsql_local.yaml +++ b/docker-compose_v3_centos_pgsql_local.yaml @@ -417,6 +417,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_ubuntu_mysql_latest.yaml b/docker-compose_v3_ubuntu_mysql_latest.yaml index 6eb5612ff..7a543360b 100644 --- a/docker-compose_v3_ubuntu_mysql_latest.yaml +++ b/docker-compose_v3_ubuntu_mysql_latest.yaml @@ -377,6 +377,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_ubuntu_mysql_local.yaml b/docker-compose_v3_ubuntu_mysql_local.yaml index ca2c37a34..7845fb56c 100644 --- a/docker-compose_v3_ubuntu_mysql_local.yaml +++ b/docker-compose_v3_ubuntu_mysql_local.yaml @@ -415,6 +415,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_ubuntu_pgsql_latest.yaml b/docker-compose_v3_ubuntu_pgsql_latest.yaml index dc8b8a704..076e1ce3a 100644 --- a/docker-compose_v3_ubuntu_pgsql_latest.yaml +++ b/docker-compose_v3_ubuntu_pgsql_latest.yaml @@ -375,6 +375,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index 9b8684c2e..6b369d983 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -411,6 +411,8 @@ services: - all ports: - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro cap_add: - SYS_ADMIN deploy: diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index df8992d8a..79c0159b6 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -59,7 +59,6 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ - --enable-ipv6 \ --enable-webservice \ --silent && \ make -j"$(nproc)" -s && \ diff --git a/web-service/alpine/docker-entrypoint.sh b/web-service/alpine/docker-entrypoint.sh index 248e73c83..81df4a689 100755 --- a/web-service/alpine/docker-entrypoint.sh +++ b/web-service/alpine/docker-entrypoint.sh @@ -84,43 +84,27 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - prepare_zbx_web_service_config() { echo "** Preparing Zabbix web service configuration file" - ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console" - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile" - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize" - update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" : ${ZBX_ALLOWEDIP:="zabbix-server"} - update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" } prepare_web_service() { diff --git a/web-service/centos/Dockerfile b/web-service/centos/Dockerfile index fe28ce933..f8e11f064 100644 --- a/web-service/centos/Dockerfile +++ b/web-service/centos/Dockerfile @@ -22,7 +22,8 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ dnf --quiet makecache && \ - dnf -y install epel-release && \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ + epel-release && \ dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ chromium \ openssl-libs \ @@ -63,7 +64,6 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ - --enable-ipv6 \ --enable-webservice \ --silent && \ make -j"$(nproc)" -s && \ diff --git a/web-service/centos/docker-entrypoint.sh b/web-service/centos/docker-entrypoint.sh index 248e73c83..81df4a689 100755 --- a/web-service/centos/docker-entrypoint.sh +++ b/web-service/centos/docker-entrypoint.sh @@ -84,43 +84,27 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - prepare_zbx_web_service_config() { echo "** Preparing Zabbix web service configuration file" - ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console" - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile" - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize" - update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" : ${ZBX_ALLOWEDIP:="zabbix-server"} - update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" } prepare_web_service() { diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index 0ff6fa9ad..9bb662d39 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -78,7 +78,6 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ - --enable-ipv6 \ --enable-webservice \ --silent && \ make -j"$(nproc)" -s && \ diff --git a/web-service/ubuntu/docker-entrypoint.sh b/web-service/ubuntu/docker-entrypoint.sh index 248e73c83..81df4a689 100755 --- a/web-service/ubuntu/docker-entrypoint.sh +++ b/web-service/ubuntu/docker-entrypoint.sh @@ -84,43 +84,27 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - prepare_zbx_web_service_config() { echo "** Preparing Zabbix web service configuration file" - ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console" - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile" - update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize" - update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" : ${ZBX_ALLOWEDIP:="zabbix-server"} - update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" } prepare_web_service() { From 461c6113dc9801d6f64c78e7b7ca2c36b7f29a36 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 17 May 2021 14:19:58 +0500 Subject: [PATCH 081/253] Prepare for Zabbix 5.4 release --- agent2/alpine/README.md | 8 +++++--- agent2/ubuntu/README.md | 8 +++++--- web-service/alpine/README.md | 4 +++- web-service/centos/README.md | 4 +++- web-service/ubuntu/README.md | 4 +++- zabbix-appliance/rhel/README.md | 2 +- 6 files changed, 20 insertions(+), 10 deletions(-) diff --git a/agent2/alpine/README.md b/agent2/alpine/README.md index 0a2a5635b..b7478871f 100644 --- a/agent2/alpine/README.md +++ b/agent2/alpine/README.md @@ -20,9 +20,11 @@ These are the only official Zabbix agent 2 Docker images. They are based on Alpi Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest) Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*) - Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, alpine-latest, ubuntu-latest, latest) - Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.0.*) - Zabbix agent 2 5.4 (tags: alpine-trunk, ubuntu-trunk) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*) + Zabbix agent 2 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, alpine-latest, ubuntu-latest, latest) + Zabbix agent 2 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*) + Zabbix agent 2 6.0 (tags: alpine-trunk, ubuntu-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. diff --git a/agent2/ubuntu/README.md b/agent2/ubuntu/README.md index 0a2a5635b..b7478871f 100644 --- a/agent2/ubuntu/README.md +++ b/agent2/ubuntu/README.md @@ -20,9 +20,11 @@ These are the only official Zabbix agent 2 Docker images. They are based on Alpi Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest) Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*) - Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, alpine-latest, ubuntu-latest, latest) - Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.0.*) - Zabbix agent 2 5.4 (tags: alpine-trunk, ubuntu-trunk) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*) + Zabbix agent 2 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, alpine-latest, ubuntu-latest, latest) + Zabbix agent 2 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*) + Zabbix agent 2 6.0 (tags: alpine-trunk, ubuntu-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. diff --git a/web-service/alpine/README.md b/web-service/alpine/README.md index 613a0bf32..bfbd3b7dd 100644 --- a/web-service/alpine/README.md +++ b/web-service/alpine/README.md @@ -16,7 +16,9 @@ Zabbix web servce for performing various tasks using headless web browser (for e These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: - Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + Zabbix web service 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, centos-5.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) + Zabbix web service 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, centos-5.4.*) + Zabbix web service 6.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. diff --git a/web-service/centos/README.md b/web-service/centos/README.md index 613a0bf32..bfbd3b7dd 100644 --- a/web-service/centos/README.md +++ b/web-service/centos/README.md @@ -16,7 +16,9 @@ Zabbix web servce for performing various tasks using headless web browser (for e These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: - Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + Zabbix web service 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, centos-5.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) + Zabbix web service 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, centos-5.4.*) + Zabbix web service 6.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. diff --git a/web-service/ubuntu/README.md b/web-service/ubuntu/README.md index 613a0bf32..bfbd3b7dd 100644 --- a/web-service/ubuntu/README.md +++ b/web-service/ubuntu/README.md @@ -16,7 +16,9 @@ Zabbix web servce for performing various tasks using headless web browser (for e These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are: - Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) + Zabbix web service 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, centos-5.4-latest, alpine-latest, ubuntu-latest, centos-latest, latest) + Zabbix web service 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, centos-5.4.*) + Zabbix web service 6.0 (tags: alpine-trunk, ubuntu-trunk, centos-trunk) Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. diff --git a/zabbix-appliance/rhel/README.md b/zabbix-appliance/rhel/README.md index eeda85620..621a91045 100644 --- a/zabbix-appliance/rhel/README.md +++ b/zabbix-appliance/rhel/README.md @@ -16,7 +16,7 @@ Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gate These are the only official Zabbix appliance Docker images. They are based on Red Hat Enterprise Linux 8 images. The available versions of Zabbix appliance are: - Zabbix appliance 5.0 + Zabbix appliance 6.0 Images are updated when new releases are published. The image with ``latest`` tag is based on Red Hat Enterprise Linux 8. From bd169b9ec9ed01a2a5019e6c00cabe5b1ca51a33 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 17 May 2021 14:22:56 +0500 Subject: [PATCH 082/253] Prepare for Zabbix 5.4 release --- agent/alpine/Dockerfile | 4 ++-- agent/centos/Dockerfile | 4 ++-- agent/ubuntu/Dockerfile | 4 ++-- agent2/alpine/Dockerfile | 4 ++-- agent2/ubuntu/Dockerfile | 4 ++-- docker-compose_v3_alpine_mysql_latest.yaml | 18 +++++++++--------- docker-compose_v3_alpine_pgsql_latest.yaml | 18 +++++++++--------- docker-compose_v3_centos_mysql_latest.yaml | 18 +++++++++--------- docker-compose_v3_centos_pgsql_latest.yaml | 18 +++++++++--------- docker-compose_v3_ubuntu_mysql_latest.yaml | 16 ++++++++-------- docker-compose_v3_ubuntu_pgsql_latest.yaml | 18 +++++++++--------- java-gateway/alpine/Dockerfile | 4 ++-- java-gateway/centos/Dockerfile | 4 ++-- java-gateway/ubuntu/Dockerfile | 4 ++-- kubernetes.yaml | 14 +++++++------- proxy-mysql/alpine/Dockerfile | 4 ++-- proxy-mysql/centos/Dockerfile | 4 ++-- proxy-mysql/ubuntu/Dockerfile | 4 ++-- proxy-sqlite3/alpine/Dockerfile | 4 ++-- proxy-sqlite3/centos/Dockerfile | 4 ++-- proxy-sqlite3/ubuntu/Dockerfile | 4 ++-- server-mysql/alpine/Dockerfile | 4 ++-- server-mysql/centos/Dockerfile | 4 ++-- server-mysql/ubuntu/Dockerfile | 4 ++-- server-pgsql/alpine/Dockerfile | 4 ++-- server-pgsql/centos/Dockerfile | 4 ++-- server-pgsql/ubuntu/Dockerfile | 4 ++-- web-apache-mysql/alpine/Dockerfile | 4 ++-- web-apache-mysql/centos/Dockerfile | 4 ++-- web-apache-mysql/ubuntu/Dockerfile | 4 ++-- web-apache-pgsql/alpine/Dockerfile | 4 ++-- web-apache-pgsql/centos/Dockerfile | 4 ++-- web-apache-pgsql/ubuntu/Dockerfile | 4 ++-- web-nginx-mysql/alpine/Dockerfile | 4 ++-- web-nginx-mysql/centos/Dockerfile | 4 ++-- web-nginx-mysql/ubuntu/Dockerfile | 4 ++-- web-nginx-pgsql/alpine/Dockerfile | 4 ++-- web-nginx-pgsql/centos/Dockerfile | 4 ++-- web-nginx-pgsql/ubuntu/Dockerfile | 4 ++-- web-service/alpine/Dockerfile | 4 ++-- web-service/centos/Dockerfile | 4 ++-- web-service/ubuntu/Dockerfile | 4 ++-- zabbix-appliance/rhel/Dockerfile | 4 ++-- 43 files changed, 132 insertions(+), 132 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 32e06d6e1..872f76834 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -37,7 +37,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -58,7 +58,7 @@ RUN set -eux && \ make \ git && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 84b4413d7..2d8319cb2 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -60,7 +60,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -82,7 +82,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 333805ff9..5c2838654 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -48,7 +48,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -73,7 +73,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 899346ae7..2834ea55e 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -35,7 +35,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -56,7 +56,7 @@ RUN set -eux && \ openssl-dev \ zlib-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index 471b26f98..229c9ebaa 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -70,7 +70,7 @@ RUN set -eux && \ g++ \ golang && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/docker-compose_v3_alpine_mysql_latest.yaml b/docker-compose_v3_alpine_mysql_latest.yaml index c44739b53..7eb3b1c07 100644 --- a/docker-compose_v3_alpine_mysql_latest.yaml +++ b/docker-compose_v3_alpine_mysql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-mysql:alpine-trunk + image: zabbix/zabbix-server-mysql:alpine-5.4-latest ports: - "10051:10051" volumes: @@ -64,7 +64,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:alpine-trunk + image: zabbix/zabbix-proxy-sqlite3:alpine-5.4-latest profiles: - all ports: @@ -113,7 +113,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:alpine-trunk + image: zabbix/zabbix-proxy-mysql:alpine-5.4-latest profiles: - all ports: @@ -171,7 +171,7 @@ services: com.zabbix.os: "alpine" zabbix-web-apache-mysql: - image: zabbix/zabbix-web-apache-mysql:alpine-trunk + image: zabbix/zabbix-web-apache-mysql:alpine-5.4-latest profiles: - all ports: @@ -227,7 +227,7 @@ services: com.zabbix.os: "alpine" zabbix-web-nginx-mysql: - image: zabbix/zabbix-web-nginx-mysql:alpine-trunk + image: zabbix/zabbix-web-nginx-mysql:alpine-5.4-latest ports: - "80:8080" - "443:8443" @@ -281,7 +281,7 @@ services: com.zabbix.os: "alpine" zabbix-agent: - image: zabbix/zabbix-agent:alpine-trunk + image: zabbix/zabbix-agent:alpine-5.4-latest profiles: - full - all @@ -321,7 +321,7 @@ services: com.zabbix.os: "alpine" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:alpine-trunk + image: zabbix/zabbix-java-gateway:alpine-5.4-latest profiles: - full - all @@ -350,7 +350,7 @@ services: com.zabbix.os: "alpine" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:alpine-trunk + image: zabbix/zabbix-snmptraps:alpine-5.4-latest profiles: - full - all @@ -379,7 +379,7 @@ services: com.zabbix.os: "alpine" zabbix-web-service: - image: zabbix/zabbix-web-service:alpine-trunk + image: zabbix/zabbix-web-service:alpine-5.4-latest profiles: - full - all diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index bd0a49319..492a15486 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-pgsql:alpine-trunk + image: zabbix/zabbix-server-pgsql:alpine-5.4-latest ports: - "10051:10051" volumes: @@ -63,7 +63,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:alpine-trunk + image: zabbix/zabbix-proxy-sqlite3:alpine-5.4-latest profiles: - all ports: @@ -112,7 +112,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:alpine-trunk + image: zabbix/zabbix-proxy-mysql:alpine-5.4-latest profiles: - all ports: @@ -167,7 +167,7 @@ services: com.zabbix.os: "alpine" zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:alpine-trunk + image: zabbix/zabbix-web-apache-pgsql:alpine-5.4-latest profiles: - all ports: @@ -223,7 +223,7 @@ services: com.zabbix.os: "alpine" zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:alpine-trunk + image: zabbix/zabbix-web-nginx-pgsql:alpine-5.4-latest ports: - "80:8080" - "443:8443" @@ -277,7 +277,7 @@ services: com.zabbix.os: "alpine" zabbix-agent: - image: zabbix/zabbix-agent:alpine-trunk + image: zabbix/zabbix-agent:alpine-5.4-latest profiles: - full - all @@ -317,7 +317,7 @@ services: com.zabbix.os: "alpine" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:alpine-trunk + image: zabbix/zabbix-java-gateway:alpine-5.4-latest profiles: - full - all @@ -346,7 +346,7 @@ services: com.zabbix.os: "alpine" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:alpine-trunk + image: zabbix/zabbix-snmptraps:alpine-5.4-latest profiles: - full - all @@ -375,7 +375,7 @@ services: com.zabbix.os: "alpine" zabbix-web-service: - image: zabbix/zabbix-web-service:alpine-trunk + image: zabbix/zabbix-web-service:alpine-5.4-latest profiles: - full - all diff --git a/docker-compose_v3_centos_mysql_latest.yaml b/docker-compose_v3_centos_mysql_latest.yaml index 9b4df90a9..9861503b3 100644 --- a/docker-compose_v3_centos_mysql_latest.yaml +++ b/docker-compose_v3_centos_mysql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-mysql:centos-trunk + image: zabbix/zabbix-server-mysql:centos-5.4-latest ports: - "10051:10051" volumes: @@ -64,7 +64,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:centos-trunk + image: zabbix/zabbix-proxy-sqlite3:centos-5.4-latest profiles: - all ports: @@ -113,7 +113,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:centos-trunk + image: zabbix/zabbix-proxy-mysql:centos-5.4-latest profiles: - all ports: @@ -171,7 +171,7 @@ services: com.zabbix.os: "centos" zabbix-web-apache-mysql: - image: zabbix/zabbix-web-apache-mysql:centos-trunk + image: zabbix/zabbix-web-apache-mysql:centos-5.4-latest profiles: - all ports: @@ -227,7 +227,7 @@ services: com.zabbix.os: "centos" zabbix-web-nginx-mysql: - image: zabbix/zabbix-web-nginx-mysql:centos-trunk + image: zabbix/zabbix-web-nginx-mysql:centos-5.4-latest ports: - "80:8080" - "443:8443" @@ -281,7 +281,7 @@ services: com.zabbix.os: "centos" zabbix-agent: - image: zabbix/zabbix-agent:centos-trunk + image: zabbix/zabbix-agent:centos-5.4-latest profiles: - full - all @@ -321,7 +321,7 @@ services: com.zabbix.os: "centos" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:centos-trunk + image: zabbix/zabbix-java-gateway:centos-5.4-latest profiles: - full - all @@ -350,7 +350,7 @@ services: com.zabbix.os: "centos" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:centos-trunk + image: zabbix/zabbix-snmptraps:centos-5.4-latest profiles: - full - all @@ -379,7 +379,7 @@ services: com.zabbix.os: "centos" zabbix-web-service: - image: zabbix/zabbix-web-service:centos-trunk + image: zabbix/zabbix-web-service:centos-5.4-latest profiles: - full - all diff --git a/docker-compose_v3_centos_pgsql_latest.yaml b/docker-compose_v3_centos_pgsql_latest.yaml index 491bfd24c..510927128 100644 --- a/docker-compose_v3_centos_pgsql_latest.yaml +++ b/docker-compose_v3_centos_pgsql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-pgsql:centos-trunk + image: zabbix/zabbix-server-pgsql:centos-5.4-latest ports: - "10051:10051" volumes: @@ -63,7 +63,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:centos-trunk + image: zabbix/zabbix-proxy-sqlite3:centos-5.4-latest profiles: - all ports: @@ -112,7 +112,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:centos-trunk + image: zabbix/zabbix-proxy-mysql:centos-5.4-latest profiles: - all ports: @@ -167,7 +167,7 @@ services: com.zabbix.os: "centos" zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:centos-trunk + image: zabbix/zabbix-web-apache-pgsql:centos-5.4-latest profiles: - all ports: @@ -223,7 +223,7 @@ services: com.zabbix.os: "centos" zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:centos-trunk + image: zabbix/zabbix-web-nginx-pgsql:centos-5.4-latest ports: - "80:8080" - "443:8443" @@ -277,7 +277,7 @@ services: com.zabbix.os: "centos" zabbix-agent: - image: zabbix/zabbix-agent:centos-trunk + image: zabbix/zabbix-agent:centos-5.4-latest profiles: - full - all @@ -317,7 +317,7 @@ services: com.zabbix.os: "centos" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:centos-trunk + image: zabbix/zabbix-java-gateway:centos-5.4-latest profiles: - full - all @@ -346,7 +346,7 @@ services: com.zabbix.os: "centos" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:centos-trunk + image: zabbix/zabbix-snmptraps:centos-5.4-latest profiles: - full - all @@ -375,7 +375,7 @@ services: com.zabbix.os: "centos" zabbix-web-service: - image: zabbix/zabbix-web-service:centos-trunk + image: zabbix/zabbix-web-service:centos-5.4-latest profiles: - full - all diff --git a/docker-compose_v3_ubuntu_mysql_latest.yaml b/docker-compose_v3_ubuntu_mysql_latest.yaml index 7a543360b..e341cdfa7 100644 --- a/docker-compose_v3_ubuntu_mysql_latest.yaml +++ b/docker-compose_v3_ubuntu_mysql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-mysql:ubuntu-trunk + image: zabbix/zabbix-server-mysql:ubuntu-5.4-latest ports: - "10051:10051" volumes: @@ -111,7 +111,7 @@ services: com.zabbix.os: "ubuntu" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:ubuntu-trunk + image: zabbix/zabbix-proxy-mysql:ubuntu-5.4-latest profiles: - all ports: @@ -166,7 +166,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-apache-mysql: - image: zabbix/zabbix-web-apache-mysql:ubuntu-trunk + image: zabbix/zabbix-web-apache-mysql:ubuntu-5.4-latest profiles: - all ports: @@ -221,7 +221,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-nginx-mysql: - image: zabbix/zabbix-web-nginx-mysql:ubuntu-trunk + image: zabbix/zabbix-web-nginx-mysql:ubuntu-5.4-latest ports: - "80:8080" - "443:8443" @@ -274,7 +274,7 @@ services: com.zabbix.os: "ubuntu" zabbix-agent: - image: zabbix/zabbix-agent:ubuntu-trunk + image: zabbix/zabbix-agent:ubuntu-5.4-latest profiles: - full - all @@ -313,7 +313,7 @@ services: com.zabbix.os: "ubuntu" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:ubuntu-trunk + image: zabbix/zabbix-java-gateway:ubuntu-5.4-latest profiles: - full - all @@ -342,7 +342,7 @@ services: com.zabbix.os: "ubuntu" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:ubuntu-trunk + image: zabbix/zabbix-snmptraps:ubuntu-5.4-latest profiles: - full - all @@ -371,7 +371,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-service: - image: zabbix/zabbix-web-service:ubuntu-trunk + image: zabbix/zabbix-web-service:ubuntu-5.4-latest profiles: - full - all diff --git a/docker-compose_v3_ubuntu_pgsql_latest.yaml b/docker-compose_v3_ubuntu_pgsql_latest.yaml index 076e1ce3a..9da381564 100644 --- a/docker-compose_v3_ubuntu_pgsql_latest.yaml +++ b/docker-compose_v3_ubuntu_pgsql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-pgsql:ubuntu-trunk + image: zabbix/zabbix-server-pgsql:ubuntu-5.4-latest ports: - "10051:10051" volumes: @@ -62,7 +62,7 @@ services: com.zabbix.os: "ubuntu" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:ubuntu-trunk + image: zabbix/zabbix-proxy-sqlite3:ubuntu-5.4-latest profiles: - all ports: @@ -110,7 +110,7 @@ services: com.zabbix.os: "ubuntu" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:ubuntu-trunk + image: zabbix/zabbix-proxy-mysql:ubuntu-5.4-latest profiles: - all ports: @@ -164,7 +164,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:ubuntu-trunk + image: zabbix/zabbix-web-apache-pgsql:ubuntu-5.4-latest profiles: - all ports: @@ -219,7 +219,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:ubuntu-trunk + image: zabbix/zabbix-web-nginx-pgsql:ubuntu-5.4-latest ports: - "80:8080" - "443:8443" @@ -272,7 +272,7 @@ services: com.zabbix.os: "ubuntu" zabbix-agent: - image: zabbix/zabbix-agent:ubuntu-trunk + image: zabbix/zabbix-agent:ubuntu-5.4-latest profiles: - full - all @@ -311,7 +311,7 @@ services: com.zabbix.os: "ubuntu" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:ubuntu-trunk + image: zabbix/zabbix-java-gateway:ubuntu-5.4-latest profiles: - full - all @@ -340,7 +340,7 @@ services: com.zabbix.os: "ubuntu" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:ubuntu-trunk + image: zabbix/zabbix-snmptraps:ubuntu-5.4-latest profiles: - full - all @@ -369,7 +369,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-service: - image: zabbix/zabbix-web-service:ubuntu-trunk + image: zabbix/zabbix-web-service:ubuntu-5.4-latest profiles: - full - all diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 00f12f993..1ff96c48b 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -29,7 +29,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ @@ -52,7 +52,7 @@ RUN set -eux && \ make \ openjdk8 && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index e7799326a..2a1ca5340 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -29,7 +29,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -50,7 +50,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 3086ba849..5662455c3 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -30,7 +30,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -53,7 +53,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/kubernetes.yaml b/kubernetes.yaml index 3f3df6626..c1f161262 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -148,7 +148,7 @@ spec: spec: containers: - name: zabbix-web - image: zabbix/zabbix-web-nginx-mysql:alpine-trunk + image: zabbix/zabbix-web-nginx-mysql:alpine-5.4-latest imagePullPolicy: Always ports: - containerPort: 8080 @@ -282,7 +282,7 @@ spec: spec: containers: - name: zabbix-server - image: zabbix/zabbix-server-mysql:alpine-trunk + image: zabbix/zabbix-server-mysql:alpine-5.4-latest imagePullPolicy: Always ports: - containerPort: 10051 @@ -331,7 +331,7 @@ spec: mountPath: /var/lib/zabbix/snmptraps/ readOnly: true - name: zabbix-snmptraps - image: zabbix/zabbix-snmptraps:alpine-trunk + image: zabbix/zabbix-snmptraps:alpine-5.4-latest imagePullPolicy: Always ports: - containerPort: 1162 @@ -364,7 +364,7 @@ spec: spec: containers: - name: zabbix-proxy-sqlite3 - image: zabbix/zabbix-proxy-sqlite3:alpine-trunk + image: zabbix/zabbix-proxy-sqlite3:alpine-5.4-latest imagePullPolicy: Always ports: - containerPort: 10051 @@ -396,7 +396,7 @@ spec: spec: containers: - name: zabbix-proxy-mysql - image: zabbix/zabbix-proxy-mysql:alpine-trunk + image: zabbix/zabbix-proxy-mysql:alpine-5.4-latest imagePullPolicy: Always ports: - containerPort: 10051 @@ -439,7 +439,7 @@ spec: spec: containers: - name: zabbix-java-gateway - image: zabbix/zabbix-java-gateway:alpine-trunk + image: zabbix/zabbix-java-gateway:alpine-5.4-latest imagePullPolicy: Always ports: - containerPort: 10052 @@ -473,7 +473,7 @@ spec: spec: containers: - name: zabbix-agent - image: zabbix/zabbix-agent:alpine-trunk + image: zabbix/zabbix-agent:alpine-5.4-latest imagePullPolicy: Always resources: limits: diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index c289ed309..b44a7c087 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -52,7 +52,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ @@ -81,7 +81,7 @@ RUN set -eux && \ pcre-dev \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 10d992e18..220a9bafb 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -81,7 +81,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -111,7 +111,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index 5e2be4271..2010f7267 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -64,7 +64,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -95,7 +95,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index 81c9c66f8..a98976caa 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -80,7 +80,7 @@ RUN set -eux && \ make \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index e9a0423d6..7bcf3b451 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -78,7 +78,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -108,7 +108,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index ea87fac81..3ec08e390 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -62,7 +62,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -93,7 +93,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 4ee7e77cb..7445c81a7 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ @@ -85,7 +85,7 @@ RUN set -eux && \ make \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index d79fa12e2..76d20587d 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -86,7 +86,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -116,7 +116,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index f35bc02a9..c8fa29fb6 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -69,7 +69,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -100,7 +100,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 0390f8a56..5dd96e614 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ @@ -86,7 +86,7 @@ RUN set -eux && \ make \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index f241c6252..5a15d2263 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -85,7 +85,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -115,7 +115,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index a430c040e..9bbb99443 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -69,7 +69,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ @@ -100,7 +100,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index 290c87e5b..bc7829ea0 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -59,7 +59,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -75,7 +75,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index 24410911e..541cc975f 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -51,7 +51,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -70,7 +70,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index a56ae8371..d861207e1 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -73,7 +73,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index 8632ebf57..c33abc1b3 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -58,7 +58,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -74,7 +74,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index 833bee1d0..9307313c9 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -51,7 +51,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -70,7 +70,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index 9f29287fc..cb85e8ff9 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -73,7 +73,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 0caf6c0da..206492d71 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -52,7 +52,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -69,7 +69,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index 4f0d909ad..8891f994a 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -43,7 +43,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -62,7 +62,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index 1289fd985..2b5f178f2 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -67,7 +67,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -84,7 +84,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 39e7c2433..5ca7e150d 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -51,7 +51,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -68,7 +68,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index 34ad2fea1..7730bb2f8 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -43,7 +43,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -62,7 +62,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index a8f8628fa..54de65fff 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -67,7 +67,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -84,7 +84,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index 79c0159b6..74fcc0b47 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -28,7 +28,7 @@ RUN set -eux && \ rm -rf /var/cache/apk/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -47,7 +47,7 @@ RUN set -eux && \ git \ pkgconf && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/web-service/centos/Dockerfile b/web-service/centos/Dockerfile index f8e11f064..2bb6682d0 100644 --- a/web-service/centos/Dockerfile +++ b/web-service/centos/Dockerfile @@ -33,7 +33,7 @@ RUN set -eux && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -52,7 +52,7 @@ RUN set -eux && \ golang \ git && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index 9bb662d39..37fa0edc9 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -46,7 +46,7 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} @@ -66,7 +66,7 @@ RUN set -eux && \ g++ \ golang && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index bcb021272..6f69cf802 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -3,7 +3,7 @@ MAINTAINER Alexey Pustovalov ARG MAJOR_VERSION=5.4 ARG RELEASE=0 -ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ @@ -144,7 +144,7 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ From cbf06bb6de39e80c8e88cd8cc53c4e5e7eda1a8c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 17 May 2021 14:37:01 +0500 Subject: [PATCH 083/253] Prepare for Zabbix 5.4 release --- agent/alpine/Dockerfile | 4 ++-- agent/centos/Dockerfile | 4 ++-- agent/ubuntu/Dockerfile | 4 ++-- agent2/alpine/Dockerfile | 4 ++-- agent2/ubuntu/Dockerfile | 4 ++-- java-gateway/alpine/Dockerfile | 4 ++-- java-gateway/centos/Dockerfile | 4 ++-- java-gateway/ubuntu/Dockerfile | 4 ++-- proxy-mysql/alpine/Dockerfile | 4 ++-- proxy-mysql/centos/Dockerfile | 4 ++-- proxy-mysql/ubuntu/Dockerfile | 4 ++-- proxy-sqlite3/alpine/Dockerfile | 4 ++-- proxy-sqlite3/centos/Dockerfile | 4 ++-- proxy-sqlite3/ubuntu/Dockerfile | 4 ++-- server-mysql/alpine/Dockerfile | 4 ++-- server-mysql/centos/Dockerfile | 4 ++-- server-mysql/ubuntu/Dockerfile | 4 ++-- server-pgsql/alpine/Dockerfile | 4 ++-- server-pgsql/centos/Dockerfile | 4 ++-- server-pgsql/ubuntu/Dockerfile | 4 ++-- web-apache-mysql/alpine/Dockerfile | 4 ++-- web-apache-mysql/centos/Dockerfile | 4 ++-- web-apache-mysql/ubuntu/Dockerfile | 4 ++-- web-apache-pgsql/alpine/Dockerfile | 4 ++-- web-apache-pgsql/centos/Dockerfile | 4 ++-- web-apache-pgsql/ubuntu/Dockerfile | 4 ++-- web-nginx-mysql/alpine/Dockerfile | 4 ++-- web-nginx-mysql/centos/Dockerfile | 4 ++-- web-nginx-mysql/ubuntu/Dockerfile | 4 ++-- web-nginx-pgsql/alpine/Dockerfile | 4 ++-- web-nginx-pgsql/centos/Dockerfile | 4 ++-- web-nginx-pgsql/ubuntu/Dockerfile | 4 ++-- web-service/alpine/Dockerfile | 4 ++-- web-service/centos/Dockerfile | 4 ++-- web-service/ubuntu/Dockerfile | 4 ++-- zabbix-appliance/rhel/Dockerfile | 4 ++-- 36 files changed, 72 insertions(+), 72 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 872f76834..eae8eef40 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -36,8 +36,8 @@ RUN set -eux && \ libldap && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 2d8319cb2..c6d033cb4 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -59,8 +59,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 5c2838654..a2097ac46 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -47,8 +47,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 2834ea55e..6d6a9830c 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -34,8 +34,8 @@ RUN set -eux && \ iputils && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index 229c9ebaa..60a0947a8 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -46,8 +46,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 1ff96c48b..37a9b399a 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -28,8 +28,8 @@ RUN set -eux && \ openjdk8-jre-base && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index 2a1ca5340..8f1e1aa62 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -28,8 +28,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 5662455c3..4391c9a67 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -29,8 +29,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index b44a7c087..55acf3a4f 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -51,8 +51,8 @@ RUN set -eux && \ fping && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 220a9bafb..af3b408fa 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -80,8 +80,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index 2010f7267..fba7da8ac 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -63,8 +63,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index a98976caa..6deec222e 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -49,8 +49,8 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 7bcf3b451..e45f6170e 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -77,8 +77,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 3ec08e390..060ab0bd4 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -61,8 +61,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 7445c81a7..2606d608f 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -55,8 +55,8 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index 76d20587d..67710d243 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -85,8 +85,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index c8fa29fb6..dcef343f7 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -68,8 +68,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 5dd96e614..f2439011b 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -55,8 +55,8 @@ RUN set -eux && \ unixodbc && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 5a15d2263..44faa7e22 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -84,8 +84,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 9bbb99443..e58c80d23 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -68,8 +68,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index bc7829ea0..0d77dc499 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -58,8 +58,8 @@ RUN set -eux && \ rm -rf "/var/run/apache2/" && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index 541cc975f..585d5762d 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -50,8 +50,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index d861207e1..c66695ef0 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -55,8 +55,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index c33abc1b3..0e19d6560 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -57,8 +57,8 @@ RUN set -eux && \ rm -rf "/var/run/apache2/" && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index 9307313c9..7039b7a4c 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -50,8 +50,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index cb85e8ff9..1268ea2e9 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -55,8 +55,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 206492d71..166f5da46 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -51,8 +51,8 @@ RUN set -eux && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index 8891f994a..191f7aeb8 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -42,8 +42,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index 2b5f178f2..95cf0bffe 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -66,8 +66,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 5ca7e150d..d6337c93a 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -50,8 +50,8 @@ RUN set -eux && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index 7730bb2f8..38c6b41f8 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -42,8 +42,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 54de65fff..323421db4 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -66,8 +66,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index 74fcc0b47..fbe416289 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -27,8 +27,8 @@ RUN set -eux && \ chromium && \ rm -rf /var/cache/apk/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-service/centos/Dockerfile b/web-service/centos/Dockerfile index 2bb6682d0..45342231b 100644 --- a/web-service/centos/Dockerfile +++ b/web-service/centos/Dockerfile @@ -32,8 +32,8 @@ RUN set -eux && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index 37fa0edc9..f70a53022 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -45,8 +45,8 @@ RUN set -eux && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -ARG MAJOR_VERSION=5.4 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index 6f69cf802..70bb425c8 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -1,9 +1,9 @@ FROM registry.access.redhat.com/ubi8/ubi MAINTAINER Alexey Pustovalov -ARG MAJOR_VERSION=5.4 +ARG MAJOR_VERSION=6.0 ARG RELEASE=0 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ From 84a0cc3227511bee40408f3d2c791ec7543f129a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 17 May 2021 15:04:07 +0500 Subject: [PATCH 084/253] Prepare for Zabbix 5.4 release --- agent/alpine/Dockerfile | 2 +- agent/centos/Dockerfile | 2 +- agent/ubuntu/Dockerfile | 2 +- agent2/alpine/Dockerfile | 2 +- agent2/ubuntu/Dockerfile | 2 +- docker-compose_v3_alpine_mysql_latest.yaml | 18 +++++++++--------- docker-compose_v3_alpine_pgsql_latest.yaml | 18 +++++++++--------- docker-compose_v3_centos_mysql_latest.yaml | 18 +++++++++--------- docker-compose_v3_centos_pgsql_latest.yaml | 18 +++++++++--------- docker-compose_v3_ubuntu_mysql_latest.yaml | 16 ++++++++-------- docker-compose_v3_ubuntu_pgsql_latest.yaml | 18 +++++++++--------- java-gateway/alpine/Dockerfile | 2 +- java-gateway/centos/Dockerfile | 2 +- java-gateway/ubuntu/Dockerfile | 2 +- kubernetes.yaml | 14 +++++++------- proxy-mysql/alpine/Dockerfile | 2 +- proxy-mysql/centos/Dockerfile | 2 +- proxy-mysql/ubuntu/Dockerfile | 2 +- proxy-sqlite3/alpine/Dockerfile | 2 +- proxy-sqlite3/centos/Dockerfile | 2 +- proxy-sqlite3/ubuntu/Dockerfile | 2 +- server-mysql/alpine/Dockerfile | 2 +- server-mysql/centos/Dockerfile | 2 +- server-mysql/ubuntu/Dockerfile | 2 +- server-pgsql/alpine/Dockerfile | 2 +- server-pgsql/centos/Dockerfile | 2 +- server-pgsql/ubuntu/Dockerfile | 2 +- snmptraps/alpine/Dockerfile | 2 +- snmptraps/centos/Dockerfile | 2 +- snmptraps/ubuntu/Dockerfile | 2 +- web-apache-mysql/alpine/Dockerfile | 2 +- web-apache-mysql/centos/Dockerfile | 2 +- web-apache-mysql/ubuntu/Dockerfile | 2 +- web-apache-pgsql/alpine/Dockerfile | 2 +- web-apache-pgsql/centos/Dockerfile | 2 +- web-apache-pgsql/ubuntu/Dockerfile | 2 +- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-mysql/centos/Dockerfile | 2 +- web-nginx-mysql/ubuntu/Dockerfile | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- web-nginx-pgsql/centos/Dockerfile | 2 +- web-nginx-pgsql/ubuntu/Dockerfile | 2 +- web-service/alpine/Dockerfile | 2 +- web-service/centos/Dockerfile | 2 +- web-service/ubuntu/Dockerfile | 2 +- zabbix-appliance/rhel/Dockerfile | 2 +- 46 files changed, 99 insertions(+), 99 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index eae8eef40..9a8be0544 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -58,7 +58,7 @@ RUN set -eux && \ make \ git && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index c6d033cb4..0bfca4e45 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -82,7 +82,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index a2097ac46..217d658bf 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -73,7 +73,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 6d6a9830c..e9cecba8e 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -56,7 +56,7 @@ RUN set -eux && \ openssl-dev \ zlib-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index 60a0947a8..a1477a1e9 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -70,7 +70,7 @@ RUN set -eux && \ g++ \ golang && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/docker-compose_v3_alpine_mysql_latest.yaml b/docker-compose_v3_alpine_mysql_latest.yaml index 7eb3b1c07..c44739b53 100644 --- a/docker-compose_v3_alpine_mysql_latest.yaml +++ b/docker-compose_v3_alpine_mysql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-mysql:alpine-5.4-latest + image: zabbix/zabbix-server-mysql:alpine-trunk ports: - "10051:10051" volumes: @@ -64,7 +64,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:alpine-5.4-latest + image: zabbix/zabbix-proxy-sqlite3:alpine-trunk profiles: - all ports: @@ -113,7 +113,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:alpine-5.4-latest + image: zabbix/zabbix-proxy-mysql:alpine-trunk profiles: - all ports: @@ -171,7 +171,7 @@ services: com.zabbix.os: "alpine" zabbix-web-apache-mysql: - image: zabbix/zabbix-web-apache-mysql:alpine-5.4-latest + image: zabbix/zabbix-web-apache-mysql:alpine-trunk profiles: - all ports: @@ -227,7 +227,7 @@ services: com.zabbix.os: "alpine" zabbix-web-nginx-mysql: - image: zabbix/zabbix-web-nginx-mysql:alpine-5.4-latest + image: zabbix/zabbix-web-nginx-mysql:alpine-trunk ports: - "80:8080" - "443:8443" @@ -281,7 +281,7 @@ services: com.zabbix.os: "alpine" zabbix-agent: - image: zabbix/zabbix-agent:alpine-5.4-latest + image: zabbix/zabbix-agent:alpine-trunk profiles: - full - all @@ -321,7 +321,7 @@ services: com.zabbix.os: "alpine" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:alpine-5.4-latest + image: zabbix/zabbix-java-gateway:alpine-trunk profiles: - full - all @@ -350,7 +350,7 @@ services: com.zabbix.os: "alpine" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:alpine-5.4-latest + image: zabbix/zabbix-snmptraps:alpine-trunk profiles: - full - all @@ -379,7 +379,7 @@ services: com.zabbix.os: "alpine" zabbix-web-service: - image: zabbix/zabbix-web-service:alpine-5.4-latest + image: zabbix/zabbix-web-service:alpine-trunk profiles: - full - all diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 492a15486..bd0a49319 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-pgsql:alpine-5.4-latest + image: zabbix/zabbix-server-pgsql:alpine-trunk ports: - "10051:10051" volumes: @@ -63,7 +63,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:alpine-5.4-latest + image: zabbix/zabbix-proxy-sqlite3:alpine-trunk profiles: - all ports: @@ -112,7 +112,7 @@ services: com.zabbix.os: "alpine" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:alpine-5.4-latest + image: zabbix/zabbix-proxy-mysql:alpine-trunk profiles: - all ports: @@ -167,7 +167,7 @@ services: com.zabbix.os: "alpine" zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:alpine-5.4-latest + image: zabbix/zabbix-web-apache-pgsql:alpine-trunk profiles: - all ports: @@ -223,7 +223,7 @@ services: com.zabbix.os: "alpine" zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:alpine-5.4-latest + image: zabbix/zabbix-web-nginx-pgsql:alpine-trunk ports: - "80:8080" - "443:8443" @@ -277,7 +277,7 @@ services: com.zabbix.os: "alpine" zabbix-agent: - image: zabbix/zabbix-agent:alpine-5.4-latest + image: zabbix/zabbix-agent:alpine-trunk profiles: - full - all @@ -317,7 +317,7 @@ services: com.zabbix.os: "alpine" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:alpine-5.4-latest + image: zabbix/zabbix-java-gateway:alpine-trunk profiles: - full - all @@ -346,7 +346,7 @@ services: com.zabbix.os: "alpine" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:alpine-5.4-latest + image: zabbix/zabbix-snmptraps:alpine-trunk profiles: - full - all @@ -375,7 +375,7 @@ services: com.zabbix.os: "alpine" zabbix-web-service: - image: zabbix/zabbix-web-service:alpine-5.4-latest + image: zabbix/zabbix-web-service:alpine-trunk profiles: - full - all diff --git a/docker-compose_v3_centos_mysql_latest.yaml b/docker-compose_v3_centos_mysql_latest.yaml index 9861503b3..9b4df90a9 100644 --- a/docker-compose_v3_centos_mysql_latest.yaml +++ b/docker-compose_v3_centos_mysql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-mysql:centos-5.4-latest + image: zabbix/zabbix-server-mysql:centos-trunk ports: - "10051:10051" volumes: @@ -64,7 +64,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:centos-5.4-latest + image: zabbix/zabbix-proxy-sqlite3:centos-trunk profiles: - all ports: @@ -113,7 +113,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:centos-5.4-latest + image: zabbix/zabbix-proxy-mysql:centos-trunk profiles: - all ports: @@ -171,7 +171,7 @@ services: com.zabbix.os: "centos" zabbix-web-apache-mysql: - image: zabbix/zabbix-web-apache-mysql:centos-5.4-latest + image: zabbix/zabbix-web-apache-mysql:centos-trunk profiles: - all ports: @@ -227,7 +227,7 @@ services: com.zabbix.os: "centos" zabbix-web-nginx-mysql: - image: zabbix/zabbix-web-nginx-mysql:centos-5.4-latest + image: zabbix/zabbix-web-nginx-mysql:centos-trunk ports: - "80:8080" - "443:8443" @@ -281,7 +281,7 @@ services: com.zabbix.os: "centos" zabbix-agent: - image: zabbix/zabbix-agent:centos-5.4-latest + image: zabbix/zabbix-agent:centos-trunk profiles: - full - all @@ -321,7 +321,7 @@ services: com.zabbix.os: "centos" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:centos-5.4-latest + image: zabbix/zabbix-java-gateway:centos-trunk profiles: - full - all @@ -350,7 +350,7 @@ services: com.zabbix.os: "centos" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:centos-5.4-latest + image: zabbix/zabbix-snmptraps:centos-trunk profiles: - full - all @@ -379,7 +379,7 @@ services: com.zabbix.os: "centos" zabbix-web-service: - image: zabbix/zabbix-web-service:centos-5.4-latest + image: zabbix/zabbix-web-service:centos-trunk profiles: - full - all diff --git a/docker-compose_v3_centos_pgsql_latest.yaml b/docker-compose_v3_centos_pgsql_latest.yaml index 510927128..491bfd24c 100644 --- a/docker-compose_v3_centos_pgsql_latest.yaml +++ b/docker-compose_v3_centos_pgsql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-pgsql:centos-5.4-latest + image: zabbix/zabbix-server-pgsql:centos-trunk ports: - "10051:10051" volumes: @@ -63,7 +63,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:centos-5.4-latest + image: zabbix/zabbix-proxy-sqlite3:centos-trunk profiles: - all ports: @@ -112,7 +112,7 @@ services: com.zabbix.os: "centos" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:centos-5.4-latest + image: zabbix/zabbix-proxy-mysql:centos-trunk profiles: - all ports: @@ -167,7 +167,7 @@ services: com.zabbix.os: "centos" zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:centos-5.4-latest + image: zabbix/zabbix-web-apache-pgsql:centos-trunk profiles: - all ports: @@ -223,7 +223,7 @@ services: com.zabbix.os: "centos" zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:centos-5.4-latest + image: zabbix/zabbix-web-nginx-pgsql:centos-trunk ports: - "80:8080" - "443:8443" @@ -277,7 +277,7 @@ services: com.zabbix.os: "centos" zabbix-agent: - image: zabbix/zabbix-agent:centos-5.4-latest + image: zabbix/zabbix-agent:centos-trunk profiles: - full - all @@ -317,7 +317,7 @@ services: com.zabbix.os: "centos" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:centos-5.4-latest + image: zabbix/zabbix-java-gateway:centos-trunk profiles: - full - all @@ -346,7 +346,7 @@ services: com.zabbix.os: "centos" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:centos-5.4-latest + image: zabbix/zabbix-snmptraps:centos-trunk profiles: - full - all @@ -375,7 +375,7 @@ services: com.zabbix.os: "centos" zabbix-web-service: - image: zabbix/zabbix-web-service:centos-5.4-latest + image: zabbix/zabbix-web-service:centos-trunk profiles: - full - all diff --git a/docker-compose_v3_ubuntu_mysql_latest.yaml b/docker-compose_v3_ubuntu_mysql_latest.yaml index e341cdfa7..7a543360b 100644 --- a/docker-compose_v3_ubuntu_mysql_latest.yaml +++ b/docker-compose_v3_ubuntu_mysql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-mysql:ubuntu-5.4-latest + image: zabbix/zabbix-server-mysql:ubuntu-trunk ports: - "10051:10051" volumes: @@ -111,7 +111,7 @@ services: com.zabbix.os: "ubuntu" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:ubuntu-5.4-latest + image: zabbix/zabbix-proxy-mysql:ubuntu-trunk profiles: - all ports: @@ -166,7 +166,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-apache-mysql: - image: zabbix/zabbix-web-apache-mysql:ubuntu-5.4-latest + image: zabbix/zabbix-web-apache-mysql:ubuntu-trunk profiles: - all ports: @@ -221,7 +221,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-nginx-mysql: - image: zabbix/zabbix-web-nginx-mysql:ubuntu-5.4-latest + image: zabbix/zabbix-web-nginx-mysql:ubuntu-trunk ports: - "80:8080" - "443:8443" @@ -274,7 +274,7 @@ services: com.zabbix.os: "ubuntu" zabbix-agent: - image: zabbix/zabbix-agent:ubuntu-5.4-latest + image: zabbix/zabbix-agent:ubuntu-trunk profiles: - full - all @@ -313,7 +313,7 @@ services: com.zabbix.os: "ubuntu" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:ubuntu-5.4-latest + image: zabbix/zabbix-java-gateway:ubuntu-trunk profiles: - full - all @@ -342,7 +342,7 @@ services: com.zabbix.os: "ubuntu" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:ubuntu-5.4-latest + image: zabbix/zabbix-snmptraps:ubuntu-trunk profiles: - full - all @@ -371,7 +371,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-service: - image: zabbix/zabbix-web-service:ubuntu-5.4-latest + image: zabbix/zabbix-web-service:ubuntu-trunk profiles: - full - all diff --git a/docker-compose_v3_ubuntu_pgsql_latest.yaml b/docker-compose_v3_ubuntu_pgsql_latest.yaml index 9da381564..076e1ce3a 100644 --- a/docker-compose_v3_ubuntu_pgsql_latest.yaml +++ b/docker-compose_v3_ubuntu_pgsql_latest.yaml @@ -1,7 +1,7 @@ version: '3.5' services: zabbix-server: - image: zabbix/zabbix-server-pgsql:ubuntu-5.4-latest + image: zabbix/zabbix-server-pgsql:ubuntu-trunk ports: - "10051:10051" volumes: @@ -62,7 +62,7 @@ services: com.zabbix.os: "ubuntu" zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:ubuntu-5.4-latest + image: zabbix/zabbix-proxy-sqlite3:ubuntu-trunk profiles: - all ports: @@ -110,7 +110,7 @@ services: com.zabbix.os: "ubuntu" zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:ubuntu-5.4-latest + image: zabbix/zabbix-proxy-mysql:ubuntu-trunk profiles: - all ports: @@ -164,7 +164,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:ubuntu-5.4-latest + image: zabbix/zabbix-web-apache-pgsql:ubuntu-trunk profiles: - all ports: @@ -219,7 +219,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:ubuntu-5.4-latest + image: zabbix/zabbix-web-nginx-pgsql:ubuntu-trunk ports: - "80:8080" - "443:8443" @@ -272,7 +272,7 @@ services: com.zabbix.os: "ubuntu" zabbix-agent: - image: zabbix/zabbix-agent:ubuntu-5.4-latest + image: zabbix/zabbix-agent:ubuntu-trunk profiles: - full - all @@ -311,7 +311,7 @@ services: com.zabbix.os: "ubuntu" zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:ubuntu-5.4-latest + image: zabbix/zabbix-java-gateway:ubuntu-trunk profiles: - full - all @@ -340,7 +340,7 @@ services: com.zabbix.os: "ubuntu" zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:ubuntu-5.4-latest + image: zabbix/zabbix-snmptraps:ubuntu-trunk profiles: - full - all @@ -369,7 +369,7 @@ services: com.zabbix.os: "ubuntu" zabbix-web-service: - image: zabbix/zabbix-web-service:ubuntu-5.4-latest + image: zabbix/zabbix-web-service:ubuntu-trunk profiles: - full - all diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 37a9b399a..85b503d30 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -52,7 +52,7 @@ RUN set -eux && \ make \ openjdk8 && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index 8f1e1aa62..62412c967 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -50,7 +50,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 4391c9a67..bbcb63478 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -53,7 +53,7 @@ RUN set -eux && \ git \ gcc && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/kubernetes.yaml b/kubernetes.yaml index c1f161262..3f3df6626 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -148,7 +148,7 @@ spec: spec: containers: - name: zabbix-web - image: zabbix/zabbix-web-nginx-mysql:alpine-5.4-latest + image: zabbix/zabbix-web-nginx-mysql:alpine-trunk imagePullPolicy: Always ports: - containerPort: 8080 @@ -282,7 +282,7 @@ spec: spec: containers: - name: zabbix-server - image: zabbix/zabbix-server-mysql:alpine-5.4-latest + image: zabbix/zabbix-server-mysql:alpine-trunk imagePullPolicy: Always ports: - containerPort: 10051 @@ -331,7 +331,7 @@ spec: mountPath: /var/lib/zabbix/snmptraps/ readOnly: true - name: zabbix-snmptraps - image: zabbix/zabbix-snmptraps:alpine-5.4-latest + image: zabbix/zabbix-snmptraps:alpine-trunk imagePullPolicy: Always ports: - containerPort: 1162 @@ -364,7 +364,7 @@ spec: spec: containers: - name: zabbix-proxy-sqlite3 - image: zabbix/zabbix-proxy-sqlite3:alpine-5.4-latest + image: zabbix/zabbix-proxy-sqlite3:alpine-trunk imagePullPolicy: Always ports: - containerPort: 10051 @@ -396,7 +396,7 @@ spec: spec: containers: - name: zabbix-proxy-mysql - image: zabbix/zabbix-proxy-mysql:alpine-5.4-latest + image: zabbix/zabbix-proxy-mysql:alpine-trunk imagePullPolicy: Always ports: - containerPort: 10051 @@ -439,7 +439,7 @@ spec: spec: containers: - name: zabbix-java-gateway - image: zabbix/zabbix-java-gateway:alpine-5.4-latest + image: zabbix/zabbix-java-gateway:alpine-trunk imagePullPolicy: Always ports: - containerPort: 10052 @@ -473,7 +473,7 @@ spec: spec: containers: - name: zabbix-agent - image: zabbix/zabbix-agent:alpine-5.4-latest + image: zabbix/zabbix-agent:alpine-trunk imagePullPolicy: Always resources: limits: diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index 55acf3a4f..9c05e5216 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -81,7 +81,7 @@ RUN set -eux && \ pcre-dev \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index af3b408fa..cdedbec76 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -111,7 +111,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index fba7da8ac..84c7ab40e 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -95,7 +95,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index 6deec222e..e0f4633b3 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -80,7 +80,7 @@ RUN set -eux && \ make \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index e45f6170e..12460b7d9 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -108,7 +108,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 060ab0bd4..ed8c51435 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -93,7 +93,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 2606d608f..baa4f88be 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -85,7 +85,7 @@ RUN set -eux && \ make \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index 67710d243..fefd62d60 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -116,7 +116,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index dcef343f7..8abd02b24 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -100,7 +100,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index f2439011b..7c87cabf1 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -86,7 +86,7 @@ RUN set -eux && \ make \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 44faa7e22..fbe69f928 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -115,7 +115,7 @@ RUN set -eux && \ git \ unixODBC-devel && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index e58c80d23..4d73be6c8 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -100,7 +100,7 @@ RUN set -eux && \ git \ unixodbc-dev && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index e4b042c73..d055f6a56 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -1,6 +1,6 @@ FROM alpine:3.13 -ARG MAJOR_VERSION=5.4 +ARG MAJOR_VERSION=6.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index ed6faa94a..60544f992 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -1,6 +1,6 @@ FROM centos:centos8 -ARG MAJOR_VERSION=5.4 +ARG MAJOR_VERSION=6.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index e560311bc..bb470cef6 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -1,6 +1,6 @@ FROM ubuntu:focal -ARG MAJOR_VERSION=5.4 +ARG MAJOR_VERSION=6.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index 0d77dc499..9b74d9cf5 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -75,7 +75,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index 585d5762d..02c4777be 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -70,7 +70,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index c66695ef0..8eb4cc24a 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -73,7 +73,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index 0e19d6560..a71d5baef 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -74,7 +74,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index 7039b7a4c..d91312252 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -70,7 +70,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index 1268ea2e9..d9389862f 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -73,7 +73,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 166f5da46..0fe350b4a 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -69,7 +69,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index 191f7aeb8..290d8cc23 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -62,7 +62,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index 95cf0bffe..7267cf39f 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -84,7 +84,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index d6337c93a..6d26455f2 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -68,7 +68,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index 38c6b41f8..976e8e66a 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -62,7 +62,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 323421db4..99f6fd362 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -84,7 +84,7 @@ RUN set -eux && \ gettext \ git && \ cd /usr/share/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ mkdir /usr/share/zabbix/ && \ cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index fbe416289..55dd4aba4 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ git \ pkgconf && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/web-service/centos/Dockerfile b/web-service/centos/Dockerfile index 45342231b..e0186d033 100644 --- a/web-service/centos/Dockerfile +++ b/web-service/centos/Dockerfile @@ -52,7 +52,7 @@ RUN set -eux && \ golang \ git && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index f70a53022..c147cd768 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -66,7 +66,7 @@ RUN set -eux && \ g++ \ golang && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index 70bb425c8..e0d638055 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -144,7 +144,7 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ From 0465d2befcd8d4e635d60631d7f9ab7a012f4128 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Jun 2021 07:24:08 -0400 Subject: [PATCH 085/253] Fixed permissions to vendor directory --- web-apache-mysql/alpine/conf/etc/zabbix/apache.conf | 8 ++++++++ web-apache-mysql/alpine/conf/etc/zabbix/apache_ssl.conf | 8 ++++++++ web-apache-mysql/centos/conf/etc/zabbix/apache.conf | 8 ++++++++ web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf | 8 ++++++++ web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf | 8 ++++++++ web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf | 8 ++++++++ web-apache-pgsql/alpine/conf/etc/zabbix/apache.conf | 8 ++++++++ web-apache-pgsql/alpine/conf/etc/zabbix/apache_ssl.conf | 8 ++++++++ web-apache-pgsql/centos/conf/etc/zabbix/apache.conf | 8 ++++++++ web-apache-pgsql/centos/conf/etc/zabbix/apache_ssl.conf | 8 ++++++++ web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf | 8 ++++++++ web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf | 8 ++++++++ web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf | 5 +++++ web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf | 5 +++++ web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf | 5 +++++ web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf | 5 +++++ web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf | 5 +++++ web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf | 5 +++++ web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf | 5 +++++ zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf | 5 +++++ 26 files changed, 166 insertions(+) diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/apache.conf b/web-apache-mysql/alpine/conf/etc/zabbix/apache.conf index 36def0c29..9a36c5002 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/apache.conf +++ b/web-apache-mysql/alpine/conf/etc/zabbix/apache.conf @@ -42,4 +42,12 @@ Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-mysql/alpine/conf/etc/zabbix/apache_ssl.conf b/web-apache-mysql/alpine/conf/etc/zabbix/apache_ssl.conf index 63005b0e1..4cb13d56f 100644 --- a/web-apache-mysql/alpine/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-mysql/alpine/conf/etc/zabbix/apache_ssl.conf @@ -65,5 +65,13 @@ Listen 8443 Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-mysql/centos/conf/etc/zabbix/apache.conf b/web-apache-mysql/centos/conf/etc/zabbix/apache.conf index 8f61ef1ef..a58c94c32 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/apache.conf +++ b/web-apache-mysql/centos/conf/etc/zabbix/apache.conf @@ -46,4 +46,12 @@ Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf b/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf index 758cd462c..ed3e546f1 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf @@ -68,4 +68,12 @@ Listen 8443 Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf index 36def0c29..9a36c5002 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf @@ -42,4 +42,12 @@ Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf index d18d08fde..0d4382cfd 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf @@ -64,5 +64,13 @@ LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/apache.conf b/web-apache-pgsql/alpine/conf/etc/zabbix/apache.conf index 36def0c29..9a36c5002 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/apache.conf +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/apache.conf @@ -42,4 +42,12 @@ Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-pgsql/alpine/conf/etc/zabbix/apache_ssl.conf b/web-apache-pgsql/alpine/conf/etc/zabbix/apache_ssl.conf index 63005b0e1..4cb13d56f 100644 --- a/web-apache-pgsql/alpine/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-pgsql/alpine/conf/etc/zabbix/apache_ssl.conf @@ -65,5 +65,13 @@ Listen 8443 Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/apache.conf b/web-apache-pgsql/centos/conf/etc/zabbix/apache.conf index 8f61ef1ef..a58c94c32 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/apache.conf +++ b/web-apache-pgsql/centos/conf/etc/zabbix/apache.conf @@ -46,4 +46,12 @@ Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-pgsql/centos/conf/etc/zabbix/apache_ssl.conf b/web-apache-pgsql/centos/conf/etc/zabbix/apache_ssl.conf index 758cd462c..ed3e546f1 100644 --- a/web-apache-pgsql/centos/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-pgsql/centos/conf/etc/zabbix/apache_ssl.conf @@ -68,4 +68,12 @@ Listen 8443 Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf index 36def0c29..9a36c5002 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf @@ -42,4 +42,12 @@ Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf index d18d08fde..0d4382cfd 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf @@ -64,5 +64,13 @@ LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so Deny from all + + + Require all denied + + Order deny,allow + Deny from all + + diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf b/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf b/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf +++ b/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf b/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf b/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf index fbc144486..b59f17552 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf @@ -50,6 +50,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf index 44594adb7..17ae63661 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf @@ -74,6 +74,11 @@ server { try_files $uri $uri/ /index.php?$args; } + location ~ /(api\/|conf[^\.]|include|locale|vendor) { + deny all; + return 404; + } + location ~ .php$ { fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; From 6dcae158f59472efe142f8e4ae0222f487de8f27 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Jun 2021 09:51:38 -0400 Subject: [PATCH 086/253] Fixed SSL warnings --- zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf | 4 +++- zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf | 6 ++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf index b59f17552..d3a9a85bb 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf @@ -1,5 +1,7 @@ server { - listen 8080; + listen 8080; + listen [::]:8080; + server_name zabbix; index index.php; diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf index 17ae63661..a53bad7df 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf @@ -1,5 +1,6 @@ server { - listen 8443 ssl http2; + listen 8443 ssl http2; + listen [::]:8443 ssl http2; server_name zabbix; server_name_in_redirect off; @@ -15,9 +16,6 @@ server { client_max_body_size 10M; - - ssl on; -# ssl_stapling on; ssl_certificate /etc/ssl/nginx/ssl.crt; ssl_certificate_key /etc/ssl/nginx/ssl.key; ssl_dhparam /etc/ssl/nginx/dhparam.pem; From 792bad901502811a3b0c71a30d2738e5e04ec988 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 7 Jun 2021 12:35:20 -0400 Subject: [PATCH 087/253] Removed orphaned files --- zabbix-appliance/rhel/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index e0d638055..fc8546729 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -192,6 +192,9 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr rm -rf /usr/share/zabbix/tests/ && \ cd /usr/share/zabbix/ && \ ./locale/make_mo.sh && \ + rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ + rm -rf tests && \ + rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ cut -d"'" -f 2 | sort | \ From fe0fbaeda64a9b647d30cfdc0bddab49747ba398 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 8 Jun 2021 17:57:17 -0400 Subject: [PATCH 088/253] Optimizations for Nginx configs --- .../rhel/conf/etc/zabbix/nginx.conf | 16 +++++++--------- .../rhel/conf/etc/zabbix/nginx_ssl.conf | 18 +++++++++--------- 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf index d3a9a85bb..f1074b94f 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx.conf @@ -15,7 +15,6 @@ server { large_client_header_buffers 8 8k; client_max_body_size 10M; - location = /favicon.ico { log_not_found off; } @@ -26,12 +25,6 @@ server { access_log off; } - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; - } - # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). location ~ /\. { deny all; @@ -40,14 +33,19 @@ server { } # caching of files - location ~* \.(ico|pdf|flv)$ { + location ~* \.ico$ { expires 1y; } - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { + location ~* \.(js|css|png|jpg|jpeg|gif|xml|txt)$ { expires 14d; } + location ~ /(app\/|conf[^\.]|include|locale) { + deny all; + return 404; + } + location / { try_files $uri $uri/ /index.php?$args; } diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf index a53bad7df..23417419a 100644 --- a/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf +++ b/zabbix-appliance/rhel/conf/etc/zabbix/nginx_ssl.conf @@ -1,6 +1,7 @@ server { listen 8443 ssl http2; listen [::]:8443 ssl http2; + server_name zabbix; server_name_in_redirect off; @@ -31,7 +32,7 @@ server { location =/nginx_status { stub_status on; - access_log off; + access_log off; allow 127.0.0.1; deny all; } @@ -44,12 +45,6 @@ server { allow all; log_not_found off; access_log off; - } - - # deny running scripts inside writable directories - location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { - return 403; - error_page 403 /403_error.html; } # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). @@ -60,14 +55,19 @@ server { } # caching of files - location ~* \.(ico|pdf|flv)$ { + location ~* \.ico$ { expires 1y; } - location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ { + location ~* \.(js|css|png|jpg|jpeg|gif|xml|txt)$ { expires 14d; } + location ~ /(app\/|conf[^\.]|include|locale) { + deny all; + return 404; + } + location / { try_files $uri $uri/ /index.php?$args; } From 4fcbe2a817fd43ac4853f90163a7f775b79c1b14 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 10 Jun 2021 17:39:00 -0400 Subject: [PATCH 089/253] Added Oracle Linux 8 images instead of CentOS 8 --- agent2/alpine/README.md | 4 ++-- agent2/ol/README.md | 4 ++-- agent2/ubuntu/README.md | 4 ++-- java-gateway/ol/README.md | 2 +- proxy-mysql/ol/README.md | 2 +- proxy-sqlite3/ol/README.md | 2 +- server-mysql/ol/README.md | 2 +- server-pgsql/ol/README.md | 6 +++--- snmptraps/ol/README.md | 6 +++--- web-apache-mysql/ol/README.md | 6 +++--- web-apache-pgsql/ol/README.md | 6 +++--- web-nginx-mysql/ol/README.md | 6 +++--- web-nginx-pgsql/ol/README.md | 6 +++--- 13 files changed, 28 insertions(+), 28 deletions(-) diff --git a/agent2/alpine/README.md b/agent2/alpine/README.md index 1e32848d1..ca33c13f5 100644 --- a/agent2/alpine/README.md +++ b/agent2/alpine/README.md @@ -188,11 +188,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-agent2:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-agent2:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/agent2/ol/README.md b/agent2/ol/README.md index 1e32848d1..ca33c13f5 100644 --- a/agent2/ol/README.md +++ b/agent2/ol/README.md @@ -188,11 +188,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-agent2:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-agent2:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/agent2/ubuntu/README.md b/agent2/ubuntu/README.md index 1e32848d1..ca33c13f5 100644 --- a/agent2/ubuntu/README.md +++ b/agent2/ubuntu/README.md @@ -188,11 +188,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-agent2:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-agent2:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/java-gateway/ol/README.md b/java-gateway/ol/README.md index 7897ada12..66b6e0d1e 100644 --- a/java-gateway/ol/README.md +++ b/java-gateway/ol/README.md @@ -112,7 +112,7 @@ To minimize image size, it's uncommon for additional related tools (such as `git This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-java-gateway:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice diff --git a/proxy-mysql/ol/README.md b/proxy-mysql/ol/README.md index f3db6d851..8f7bfb558 100644 --- a/proxy-mysql/ol/README.md +++ b/proxy-mysql/ol/README.md @@ -290,7 +290,7 @@ To minimize image size, it's uncommon for additional related tools (such as `git This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-proxy-mysql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/proxy-sqlite3/ol/README.md b/proxy-sqlite3/ol/README.md index a1b2cb423..bcd4c5b1a 100644 --- a/proxy-sqlite3/ol/README.md +++ b/proxy-sqlite3/ol/README.md @@ -248,7 +248,7 @@ To minimize image size, it's uncommon for additional related tools (such as `git This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-proxy-sqlite3:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/server-mysql/ol/README.md b/server-mysql/ol/README.md index 4253197e0..100ea342f 100644 --- a/server-mysql/ol/README.md +++ b/server-mysql/ol/README.md @@ -273,7 +273,7 @@ To minimize image size, it's uncommon for additional related tools (such as `git This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-server-mysql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/server-pgsql/ol/README.md b/server-pgsql/ol/README.md index 1eef69d3c..7a42c8df8 100644 --- a/server-pgsql/ol/README.md +++ b/server-pgsql/ol/README.md @@ -258,7 +258,7 @@ Directory for real-time export of events, history and trends in newline-delimite The `zabbix-server-pgsql` images come in many flavors, each designed for a specific use case. -## `zabbix-agent2:alpine-` +## `zabbix-server-pgsql:alpine-` This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. @@ -266,11 +266,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-server-pgsql:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-server-pgsql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/snmptraps/ol/README.md b/snmptraps/ol/README.md index b64578fd9..d638363c7 100644 --- a/snmptraps/ol/README.md +++ b/snmptraps/ol/README.md @@ -80,7 +80,7 @@ The volume allows to add new MIB files. It does not support subdirectories, all The `zabbix-snmptraps` images come in many flavors, each designed for a specific use case. -## `zabbix-agent2:alpine-` +## `zabbix-snmptraps:alpine-` This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. @@ -88,11 +88,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-snmptraps:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-snmptraps:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/web-apache-mysql/ol/README.md b/web-apache-mysql/ol/README.md index 67ee8fd2f..9220280ec 100644 --- a/web-apache-mysql/ol/README.md +++ b/web-apache-mysql/ol/README.md @@ -236,7 +236,7 @@ The volume allows to use custom certificates for SAML authentification. The volu The `zabbix-web-apache-mysql` images come in many flavors, each designed for a specific use case. -## `zabbix-agent2:alpine-` +## `zabbix-web-apache-mysql:alpine-` This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. @@ -244,11 +244,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-web-apache-mysql:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-web-apache-mysql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/web-apache-pgsql/ol/README.md b/web-apache-pgsql/ol/README.md index 6722f51f3..fa6fafcab 100644 --- a/web-apache-pgsql/ol/README.md +++ b/web-apache-pgsql/ol/README.md @@ -230,7 +230,7 @@ The volume allows to use custom certificates for SAML authentification. The volu The `zabbix-web-apache-pgsql` images come in many flavors, each designed for a specific use case. -## `zabbix-agent2:alpine-` +## `zabbix-web-apache-pgsql:alpine-` This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. @@ -238,11 +238,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-web-apache-pgsql:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-web-apache-pgsql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/web-nginx-mysql/ol/README.md b/web-nginx-mysql/ol/README.md index f19e88149..d9eba0f3d 100644 --- a/web-nginx-mysql/ol/README.md +++ b/web-nginx-mysql/ol/README.md @@ -237,7 +237,7 @@ The volume allows to use custom certificates for SAML authentification. The volu The `zabbix-web-nginx-mysql` images come in many flavors, each designed for a specific use case. -## `zabbix-agent2:alpine-` +## `zabbix-web-nginx-mysql:alpine-` This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. @@ -245,11 +245,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-web-nginx-mysql:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-web-nginx-mysql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/web-nginx-pgsql/ol/README.md b/web-nginx-pgsql/ol/README.md index 7309f684b..2bd3c3797 100644 --- a/web-nginx-pgsql/ol/README.md +++ b/web-nginx-pgsql/ol/README.md @@ -230,7 +230,7 @@ The volume allows to use custom certificates for SAML authentification. The volu The `zabbix-web-nginx-pgsql` images come in many flavors, each designed for a specific use case. -## `zabbix-agent2:alpine-` +## `zabbix-web-nginx-pgsql:alpine-` This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. @@ -238,11 +238,11 @@ This variant is highly recommended when final image size being as small as possi To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). -## `zabbix-agent:ubuntu-` +## `zabbix-web-nginx-pgsql:ubuntu-` This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-web-nginx-pgsql:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. From 73c0e3ce07c033b341e8c4ac280e95e478b27af8 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 10 Jun 2021 17:52:34 -0400 Subject: [PATCH 090/253] Added recommended version for PostgreSQL --- docker-compose_v3_alpine_pgsql_latest.yaml | 2 +- docker-compose_v3_alpine_pgsql_local.yaml | 2 +- docker-compose_v3_centos_pgsql_latest.yaml | 2 +- docker-compose_v3_centos_pgsql_local.yaml | 2 +- docker-compose_v3_ol_pgsql_latest.yaml | 2 +- docker-compose_v3_ol_pgsql_local.yaml | 2 +- docker-compose_v3_ubuntu_pgsql_latest.yaml | 2 +- docker-compose_v3_ubuntu_pgsql_local.yaml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index bd0a49319..d5af8e648 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -433,7 +433,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_alpine_pgsql_local.yaml b/docker-compose_v3_alpine_pgsql_local.yaml index b59ebb581..94afb51e6 100644 --- a/docker-compose_v3_alpine_pgsql_local.yaml +++ b/docker-compose_v3_alpine_pgsql_local.yaml @@ -469,7 +469,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_centos_pgsql_latest.yaml b/docker-compose_v3_centos_pgsql_latest.yaml index 491bfd24c..a4aac3e01 100644 --- a/docker-compose_v3_centos_pgsql_latest.yaml +++ b/docker-compose_v3_centos_pgsql_latest.yaml @@ -433,7 +433,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_centos_pgsql_local.yaml b/docker-compose_v3_centos_pgsql_local.yaml index a923c2f65..e6ef72dac 100644 --- a/docker-compose_v3_centos_pgsql_local.yaml +++ b/docker-compose_v3_centos_pgsql_local.yaml @@ -469,7 +469,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_ol_pgsql_latest.yaml b/docker-compose_v3_ol_pgsql_latest.yaml index 80e606731..4309f02f7 100644 --- a/docker-compose_v3_ol_pgsql_latest.yaml +++ b/docker-compose_v3_ol_pgsql_latest.yaml @@ -433,7 +433,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_ol_pgsql_local.yaml b/docker-compose_v3_ol_pgsql_local.yaml index e5a022872..48849d541 100644 --- a/docker-compose_v3_ol_pgsql_local.yaml +++ b/docker-compose_v3_ol_pgsql_local.yaml @@ -469,7 +469,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_ubuntu_pgsql_latest.yaml b/docker-compose_v3_ubuntu_pgsql_latest.yaml index 076e1ce3a..dc243f4f7 100644 --- a/docker-compose_v3_ubuntu_pgsql_latest.yaml +++ b/docker-compose_v3_ubuntu_pgsql_latest.yaml @@ -427,7 +427,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index 6b369d983..9bee33071 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -463,7 +463,7 @@ services: - mysql-database postgres-server: - image: postgres:alpine + image: postgres:13-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw From ddc58091eb5f2f6c59f131a3f04fbdaf680a839c Mon Sep 17 00:00:00 2001 From: root Date: Fri, 11 Jun 2021 17:07:45 -0400 Subject: [PATCH 091/253] Added RHEL images for trunk --- agent/rhel/.dockerignore | 1 + agent/rhel/Dockerfile | 139 +++++ agent/rhel/README.md | 244 +++++++++ agent/rhel/build.sh | 1 + agent/rhel/docker-entrypoint.sh | 220 ++++++++ agent/rhel/hooks/build | 13 + agent/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ agent2/rhel/.dockerignore | 1 + agent2/rhel/Dockerfile | 146 ++++++ agent2/rhel/README.md | 225 ++++++++ agent2/rhel/build.sh | 1 + agent2/rhel/docker-entrypoint.sh | 217 ++++++++ agent2/rhel/hooks/build | 13 + agent2/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ java-gateway/rhel/.dockerignore | 1 + java-gateway/rhel/Dockerfile | 115 +++++ java-gateway/rhel/README.md | 143 +++++ java-gateway/rhel/build.sh | 1 + .../zabbix/zabbix_java_gateway_logback.xml | 15 + .../rhel/conf/usr/sbin/zabbix_java_gateway | 35 ++ java-gateway/rhel/docker-entrypoint.sh | 46 ++ java-gateway/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ proxy-mysql/rhel/.dockerignore | 1 + proxy-mysql/rhel/Dockerfile | 178 +++++++ proxy-mysql/rhel/README.md | 321 ++++++++++++ proxy-mysql/rhel/build.sh | 1 + proxy-mysql/rhel/docker-entrypoint.sh | 486 +++++++++++++++++ proxy-mysql/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ proxy-sqlite3/rhel/.dockerignore | 1 + proxy-sqlite3/rhel/Dockerfile | 172 +++++++ proxy-sqlite3/rhel/README.md | 279 ++++++++++ proxy-sqlite3/rhel/build.sh | 1 + proxy-sqlite3/rhel/docker-entrypoint.sh | 272 ++++++++++ proxy-sqlite3/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ server-mysql/rhel/.dockerignore | 1 + server-mysql/rhel/Dockerfile | 182 +++++++ server-mysql/rhel/README.md | 304 +++++++++++ server-mysql/rhel/build.sh | 1 + server-mysql/rhel/docker-entrypoint.sh | 487 ++++++++++++++++++ server-mysql/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ snmptraps/rhel/.dockerignore | 1 + snmptraps/rhel/Dockerfile | 83 +++ snmptraps/rhel/README.md | 123 +++++ snmptraps/rhel/build.sh | 1 + .../conf/etc/logrotate.d/zabbix_snmptraps | 8 + snmptraps/rhel/conf/etc/snmp/snmptrapd.conf | 31 ++ .../rhel/conf/usr/sbin/zabbix_trap_handler.sh | 43 ++ snmptraps/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ web-nginx-mysql/rhel/.dockerignore | 1 + web-nginx-mysql/rhel/Dockerfile | 130 +++++ web-nginx-mysql/rhel/README.md | 280 ++++++++++ web-nginx-mysql/rhel/build.sh | 1 + .../rhel/conf/etc/nginx/nginx.conf | 71 +++ web-nginx-mysql/rhel/conf/etc/php-fpm.conf | 9 + .../rhel/conf/etc/php-fpm.d/zabbix.conf | 27 + .../conf.d/supervisord_web_nginx.conf | 30 ++ .../rhel/conf/etc/supervisor/supervisord.conf | 35 ++ .../rhel/conf/etc/yum.repo.d/nginx.repo | 0 .../rhel/conf/etc/zabbix/nginx.conf | 74 +++ .../rhel/conf/etc/zabbix/nginx_ssl.conf | 101 ++++ .../conf/etc/zabbix/web/maintenance.inc.php | 32 ++ .../rhel/conf/etc/zabbix/web/zabbix.conf.php | 54 ++ web-nginx-mysql/rhel/docker-entrypoint.sh | 280 ++++++++++ web-nginx-mysql/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ web-service/rhel/.dockerignore | 1 + web-service/rhel/Dockerfile | 114 ++++ web-service/rhel/README.md | 155 ++++++ web-service/rhel/build.sh | 1 + web-service/rhel/docker-entrypoint.sh | 123 +++++ web-service/rhel/hooks/build | 13 + web-service/rhel/licenses/gpl-2.0.txt | 339 ++++++++++++ zabbix-appliance/rhel/Dockerfile | 45 +- .../rhel/conf/usr/sbin/zabbix_java_gateway | 24 +- 73 files changed, 9170 insertions(+), 36 deletions(-) create mode 100644 agent/rhel/.dockerignore create mode 100644 agent/rhel/Dockerfile create mode 100644 agent/rhel/README.md create mode 120000 agent/rhel/build.sh create mode 100755 agent/rhel/docker-entrypoint.sh create mode 100755 agent/rhel/hooks/build create mode 100644 agent/rhel/licenses/gpl-2.0.txt create mode 100644 agent2/rhel/.dockerignore create mode 100644 agent2/rhel/Dockerfile create mode 100644 agent2/rhel/README.md create mode 120000 agent2/rhel/build.sh create mode 100755 agent2/rhel/docker-entrypoint.sh create mode 100755 agent2/rhel/hooks/build create mode 100644 agent2/rhel/licenses/gpl-2.0.txt create mode 100644 java-gateway/rhel/.dockerignore create mode 100644 java-gateway/rhel/Dockerfile create mode 100644 java-gateway/rhel/README.md create mode 120000 java-gateway/rhel/build.sh create mode 100644 java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml create mode 100755 java-gateway/rhel/conf/usr/sbin/zabbix_java_gateway create mode 100755 java-gateway/rhel/docker-entrypoint.sh create mode 100644 java-gateway/rhel/licenses/gpl-2.0.txt create mode 100644 proxy-mysql/rhel/.dockerignore create mode 100644 proxy-mysql/rhel/Dockerfile create mode 100644 proxy-mysql/rhel/README.md create mode 120000 proxy-mysql/rhel/build.sh create mode 100755 proxy-mysql/rhel/docker-entrypoint.sh create mode 100644 proxy-mysql/rhel/licenses/gpl-2.0.txt create mode 100644 proxy-sqlite3/rhel/.dockerignore create mode 100644 proxy-sqlite3/rhel/Dockerfile create mode 100644 proxy-sqlite3/rhel/README.md create mode 120000 proxy-sqlite3/rhel/build.sh create mode 100755 proxy-sqlite3/rhel/docker-entrypoint.sh create mode 100644 proxy-sqlite3/rhel/licenses/gpl-2.0.txt create mode 100644 server-mysql/rhel/.dockerignore create mode 100644 server-mysql/rhel/Dockerfile create mode 100644 server-mysql/rhel/README.md create mode 120000 server-mysql/rhel/build.sh create mode 100755 server-mysql/rhel/docker-entrypoint.sh create mode 100644 server-mysql/rhel/licenses/gpl-2.0.txt create mode 100644 snmptraps/rhel/.dockerignore create mode 100644 snmptraps/rhel/Dockerfile create mode 100644 snmptraps/rhel/README.md create mode 120000 snmptraps/rhel/build.sh create mode 100644 snmptraps/rhel/conf/etc/logrotate.d/zabbix_snmptraps create mode 100644 snmptraps/rhel/conf/etc/snmp/snmptrapd.conf create mode 100644 snmptraps/rhel/conf/usr/sbin/zabbix_trap_handler.sh create mode 100644 snmptraps/rhel/licenses/gpl-2.0.txt create mode 100644 web-nginx-mysql/rhel/.dockerignore create mode 100644 web-nginx-mysql/rhel/Dockerfile create mode 100644 web-nginx-mysql/rhel/README.md create mode 120000 web-nginx-mysql/rhel/build.sh create mode 100644 web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf create mode 100644 web-nginx-mysql/rhel/conf/etc/php-fpm.conf create mode 100644 web-nginx-mysql/rhel/conf/etc/php-fpm.d/zabbix.conf create mode 100644 web-nginx-mysql/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf create mode 100644 web-nginx-mysql/rhel/conf/etc/supervisor/supervisord.conf rename {zabbix-appliance => web-nginx-mysql}/rhel/conf/etc/yum.repo.d/nginx.repo (100%) create mode 100644 web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf create mode 100644 web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf create mode 100644 web-nginx-mysql/rhel/conf/etc/zabbix/web/maintenance.inc.php create mode 100644 web-nginx-mysql/rhel/conf/etc/zabbix/web/zabbix.conf.php create mode 100755 web-nginx-mysql/rhel/docker-entrypoint.sh create mode 100644 web-nginx-mysql/rhel/licenses/gpl-2.0.txt create mode 100644 web-service/rhel/.dockerignore create mode 100644 web-service/rhel/Dockerfile create mode 100644 web-service/rhel/README.md create mode 120000 web-service/rhel/build.sh create mode 100755 web-service/rhel/docker-entrypoint.sh create mode 100755 web-service/rhel/hooks/build create mode 100644 web-service/rhel/licenses/gpl-2.0.txt diff --git a/agent/rhel/.dockerignore b/agent/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/agent/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/agent/rhel/Dockerfile b/agent/rhel/Dockerfile new file mode 100644 index 000000000..cc1c6e91c --- /dev/null +++ b/agent/rhel/Dockerfile @@ -0,0 +1,139 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-agent-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix agent" \ + description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-agent --link zabbix-server:zabbix-server -p 10050:10050 -d registry.connect.redhat.com/zabbix/zabbix-agent-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ + io.k8s.display-name="Zabbix Agent" \ + io.openshift.expose-services="10050:10050" \ + io.openshift.tags="zabbix,zabbix-agent" \ + org.label-schema.name="zabbix-agent-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-agent --link zabbix-server:zabbix-server -p 10050:10050 -d registry.connect.redhat.com/zabbix/zabbix-agent-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + tzdata \ + iputils \ + pcre \ + libcurl" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + INSTALL_PKGS="autoconf \ + automake \ + libcurl-devel \ + openssl-devel \ + openldap-devel \ + gcc \ + pcre-devel \ + make \ + git" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-agent \ + --with-libcurl \ + --with-ldap \ + --with-openssl \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo last && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10050/TCP + +WORKDIR /var/lib/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agentd", "--foreground", "-c", "/etc/zabbix/zabbix_agentd.conf"] diff --git a/agent/rhel/README.md b/agent/rhel/README.md new file mode 100644 index 000000000..4cc642f18 --- /dev/null +++ b/agent/rhel/README.md @@ -0,0 +1,244 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent? + +Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent images + +These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix agent are: + + Zabbix agent 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix agent 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix agent 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix agent 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix agent 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix agent 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix agent 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix agent 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix agent 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix agent 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix agent 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix agent 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix agent 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix agent 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix agent 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix agent 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix agent 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix agent 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix agent 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent` + +Start a Zabbix agent container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent:tag + +Where `some-zabbix-agent` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent port (``10050``) to perform passive checks, so container linking makes Zabbix agent instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent instance. Start your application container like this in order to link Zabbix agent to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent:latest +``` + +## Container shell access and viewing Zabbix agent logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent is designed to monitor system resources, to do that Zabbix agent container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent:latest +``` + +## Environment Variables + +When you start the `zabbix-agent` image, you can adjust the configuration of the Zabbix agent by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agentd.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agentd.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_LOADMODULE` + +The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agentd.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_HOSTINTERFACE= # Available since 4.4.0 +ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_TLSCIPHERALL= # Available since 4.4.7 +ZBX_TLSCIPHERALL13= # Available since 4.4.7 +ZBX_TLSCIPHERCERT= # Available since 4.4.7 +ZBX_TLSCIPHERCERT13= # Available since 4.4.7 +ZBX_TLSCIPHERPSK= # Available since 4.4.7 +ZBX_TLSCIPHERPSK13= # Available since 4.4.7 +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agentd.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agentd.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agentd) to get more information about the variables. + +## Allowed volumes for the Zabbix agent container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent using ``UserParameter`` feature. + +### ``/var/lib/zabbix/modules`` + +The volume allows load additional modules and extend Zabbix agent using ``LoadModule`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +# The image variants + +The `zabbix-agent` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/agent) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/agent/rhel/build.sh b/agent/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/agent/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/agent/rhel/docker-entrypoint.sh b/agent/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..4306b3d9a --- /dev/null +++ b/agent/rhel/docker-entrypoint.sh @@ -0,0 +1,220 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix installation name +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_agent_config() { + echo "** Preparing Zabbix agent configuration file" + ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf + + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} + + [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS + + ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS + + [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS + + ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS + + update_config_var $ZBX_AGENT_CONFIG "PidFile" + update_config_var $ZBX_AGENT_CONFIG "LogType" "console" + update_config_var $ZBX_AGENT_CONFIG "LogFile" + update_config_var $ZBX_AGENT_CONFIG "LogFileSize" + update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_AGENT_CONFIG "SourceIP" + update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + : ${ZBX_PASSIVE_ALLOW:="true"} + if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then + echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" + update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "Server" + fi + + update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" + update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" + + : ${ZBX_ACTIVE_ALLOW:="true"} + if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then + echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" + update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "ServerActive" + fi + + update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" + update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" + + update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" + update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" + update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" + update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" + update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" + update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} + update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" + update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" + update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" + update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" + update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" + update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" + + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1" + fi +} + +prepare_agent() { + echo "** Preparing Zabbix agent" + prepare_zbx_agent_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agentd "$@" +fi + +if [ "$1" == '/usr/sbin/zabbix_agentd' ]; then + prepare_agent +fi + +exec "$@" + +################################################# diff --git a/agent/rhel/hooks/build b/agent/rhel/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/agent/rhel/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . diff --git a/agent/rhel/licenses/gpl-2.0.txt b/agent/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/agent/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/agent2/rhel/.dockerignore b/agent2/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/agent2/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/agent2/rhel/Dockerfile b/agent2/rhel/Dockerfile new file mode 100644 index 000000000..7f9795989 --- /dev/null +++ b/agent2/rhel/Dockerfile @@ -0,0 +1,146 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-agent2-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix agent" \ + description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-agent2 --link zabbix-server:zabbix-server -p 10050:10050 -d registry.connect.redhat.com/zabbix/zabbix-agent2-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + io.k8s.display-name="Zabbix Agent 2" \ + io.openshift.expose-services="10050:10050" \ + io.openshift.tags="zabbix,zabbix-agent" \ + org.label-schema.name="zabbix-agent2-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-agent2 --link zabbix-server:zabbix-server -p 10050:10050 -d registry.connect.redhat.com/zabbix/zabbix-agent2-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + tzdata \ + iputils \ + pcre \ + libcurl" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + INSTALL_PKGS="autoconf \ + automake \ + libcurl-devel \ + openssl-devel \ + openldap-devel \ + golang \ + gcc \ + pcre-devel \ + make \ + git \ + binutils" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + export GOPATH=/tmp/zabbix-${ZBX_VERSION}/go && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --with-openssl \ + --enable-ipv6 \ + --enable-agent2 \ + --enable-agent \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 /usr/sbin/zabbix_agent2 && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ + strip /usr/sbin/zabbix_agent2 && \ + strip /usr/bin/zabbix_get && \ + strip /usr/bin/zabbix_sender && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo last && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10050/TCP 31999/TCP + +WORKDIR /var/lib/zabbix + +VOLUME ["/var/lib/zabbix/enc"] + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agent2", "--foreground", "-c", "/etc/zabbix/zabbix_agent2.conf"] diff --git a/agent2/rhel/README.md b/agent2/rhel/README.md new file mode 100644 index 000000000..1e32848d1 --- /dev/null +++ b/agent2/rhel/README.md @@ -0,0 +1,225 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent 2? + +Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent 2 images + +These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: + + Zabbix agent 2 4.4 (tags: alpine-4.4-latest) (unsupported) + Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix agent 2 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix agent 2 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix agent 2 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent2` + +Start a Zabbix agent 2 container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent2:tag + +Where `some-zabbix-agent2` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent2/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent 2 port (``10050``) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent2 -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent2:latest +``` + +## Container shell access and viewing Zabbix agent 2 logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent2` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent 2 log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent2:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent2:latest +``` + +## Environment Variables + +When you start the `zabbix-agent2` image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agent2.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agent2.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 +ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 +ZBX_ENABLESTATUSPORT= +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agent2.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2) to get more information about the variables. + +## Allowed volumes for the Zabbix agent 2 container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/buffer`` + +The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. + +# The image variants + +The `zabbix-agent2` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/5.0/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/agent2/rhel/build.sh b/agent2/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/agent2/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/agent2/rhel/docker-entrypoint.sh b/agent2/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..1476e10a4 --- /dev/null +++ b/agent2/rhel/docker-entrypoint.sh @@ -0,0 +1,217 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix installation name +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_agent_config() { + echo "** Preparing Zabbix agent configuration file" + ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf + + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} + + [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS + + ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS + + [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS + + ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS + + update_config_var $ZBX_AGENT_CONFIG "PidFile" + update_config_var $ZBX_AGENT_CONFIG "LogType" "console" + update_config_var $ZBX_AGENT_CONFIG "LogFile" + update_config_var $ZBX_AGENT_CONFIG "LogFileSize" + update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_AGENT_CONFIG "SourceIP" + update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + : ${ZBX_PASSIVE_ALLOW:="true"} + if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then + echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" + update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "Server" + fi + + update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" + + : ${ZBX_ACTIVE_ALLOW:="true"} + if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then + echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" + update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "ServerActive" + fi + + if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" + else + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" + fi + + if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999" + fi + +# update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" +# update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" + + update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" + update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" + update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" + update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" + update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" + update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} + update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" + update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" + update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" +} + +prepare_agent() { + echo "** Preparing Zabbix agent" + prepare_zbx_agent_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agent2 "$@" +fi + +if [ "$1" == '/usr/sbin/zabbix_agent2' ]; then + prepare_agent +fi + +exec "$@" + +################################################# diff --git a/agent2/rhel/hooks/build b/agent2/rhel/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/agent2/rhel/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . diff --git a/agent2/rhel/licenses/gpl-2.0.txt b/agent2/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/agent2/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/java-gateway/rhel/.dockerignore b/java-gateway/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/java-gateway/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/java-gateway/rhel/Dockerfile b/java-gateway/rhel/Dockerfile new file mode 100644 index 000000000..1ec5ca3cf --- /dev/null +++ b/java-gateway/rhel/Dockerfile @@ -0,0 +1,115 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL name="zabbix/zabbix-java-gateway-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix Java Gateway" \ + description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-java-gateway -p 10052:10052 -d registry.connect.redhat.com/zabbix/zabbix-java-gateway-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ + io.k8s.display-name="Zabbix Java Gateway" \ + io.openshift.expose-services="10052:10052" \ + io.openshift.tags="gateway,zabbix-java,java" \ + org.label-schema.name="zabbix-java-gateway-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-java-gateway -p 10052:10052 -d registry.connect.redhat.com/zabbix/zabbix-java-gateway-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + java-1.8.0-openjdk-headless" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix/ && \ + mkdir -p /usr/sbin/zabbix_java/ && \ + mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +COPY ["conf/etc/", "/etc/"] + +RUN set -eux && INSTALL_PKGS="autoconf \ + automake \ + pkgconf \ + git \ + gcc \ + make \ + java-1.8.0-openjdk-devel" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-java \ + --silent && \ + make -j"$(nproc)" -s && \ + mkdir -p /usr/sbin/zabbix_java/ && \ + cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ + cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ + rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo last && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10052/TCP + +WORKDIR /var/lib/zabbix + +COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_java_gateway"] diff --git a/java-gateway/rhel/README.md b/java-gateway/rhel/README.md new file mode 100644 index 000000000..7897ada12 --- /dev/null +++ b/java-gateway/rhel/README.md @@ -0,0 +1,143 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix Java Gateway? + +Zabbix Java Gateway performs native support for monitoring JMX applications. Java gateway accepts incoming connection from Zabbix server or Zabbix proxy and can only be used as a "passive proxy". + +# Zabbix Java Gateway images + +These are the only official Zabbix Java Gateway Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix Java Gateway are: + + Zabbix Java Gateway 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix Java Gateway 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix Java Gateway 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix Java Gateway 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix Java Gateway 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix Java Gateway 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix Java Gateway 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix Java Gateway 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix Java Gateway 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix Java Gateway 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix Java Gateway 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix Java Gateway 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix Java Gateway 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix Java Gateway 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix Java Gateway 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix Java Gateway 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix Java Gateway 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix Java Gateway 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix Java Gateway 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-java-gateway` + +Start a Zabbix Java Gateway container as follows: + + docker run --name some-zabbix-java-gateway -d zabbix/zabbix-java-gateway:tag + +Where `some-zabbix-java-gateway` is the name you want to assign to your container and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-java-gateway/tags/). + +## Linking the container to Zabbix server or Zabbix proxy + + docker run --name some-zabbix-java-gateway --link some-zabbix-server:zabbix-server -d zabbix/zabbix-java-gateway:tag + +## Container shell access and viewing Zabbix Java Gateway logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-java-gateway` container: + +```console +$ docker exec -ti some-zabbix-java-gateway /bin/bash +``` + +The Zabbix Java Gateway log is available through Docker's container log: + +```console +$ docker logs some-zabbix-java-gateway +``` + +## Environment Variables + +When you start the `zabbix-java-gateway` image, you can adjust the configuration of the Zabbix Java Gateway by passing one or more environment variables on the `docker run` command line. + +### `ZBX_START_POLLERS` + +This variable is specified amount of pollers. By default, value is `5`. + +### `ZBX_TIMEOUT` + +This variable is used to specify timeout for outgoing connections. By default, value is `3`. + +### `ZBX_DEBUGLEVEL` + +This variable is used to specify log level. By default, value is `info`. The variable allows next values: ``trace``, ``debug``, ``info``, ``want``, ``error``, ``all``, ``off`` + +### `ZBX_PROPERTIES_FILE` + +Name of properties file. Can be used to set additional properties using a key-value format in such a way that they are not visible on a command line or to overwrite existing ones. + +### `ZABBIX_OPTIONS` + +Additional arguments for Zabbix Java Gateway. Useful to enable additional libraries and features. + +## Allowed volumes for the Zabbix Java Gateway container + +### ``/usr/sbin/zabbix_java/ext_lib`` + +The volume allows include additional JAR files to extend allowed protocols for Zabbix Java Gateway. + +# The image variants + +The `zabbix-java-gateway` images come in many flavors, each designed for a specific use case. + +## `zabbix-java-gateway:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-java-gateway:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`java-gateway/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/java-gateway) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/java-gateway/rhel/build.sh b/java-gateway/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/java-gateway/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml b/java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml new file mode 100644 index 000000000..750f3506f --- /dev/null +++ b/java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml @@ -0,0 +1,15 @@ + + + + + + %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + diff --git a/java-gateway/rhel/conf/usr/sbin/zabbix_java_gateway b/java-gateway/rhel/conf/usr/sbin/zabbix_java_gateway new file mode 100755 index 000000000..00bab5546 --- /dev/null +++ b/java-gateway/rhel/conf/usr/sbin/zabbix_java_gateway @@ -0,0 +1,35 @@ + +JAVA=${JAVA:-"/usr/bin/java"} + +JAVA_OPTIONS="-server $JAVA_OPTIONS" +JAVA_OPTIONS="$JAVA_OPTIONS -Dlogback.configurationFile=/etc/zabbix/zabbix_java_gateway_logback.xml" + +cd /usr/sbin/zabbix_java + +CLASSPATH="lib" +for jar in `find lib bin ext_lib -name "*.jar"`; do + CLASSPATH="$CLASSPATH:$jar" +done + +if [ -n "$ZBX_LISTEN_IP" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.listenIP=$ZBX_LISTEN_IP" +fi +if [ -n "$ZBX_LISTEN_PORT" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.listenPort=$ZBX_LISTEN_PORT" +fi +if [ -n "$ZBX_START_POLLERS" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.startPollers=$ZBX_START_POLLERS" +fi +if [ -n "$ZBX_TIMEOUT" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.timeout=$ZBX_TIMEOUT" +fi +if [ -n "$ZBX_PROPERTIES_FILE" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.propertiesFile=$ZBX_PROPERTIES_FILE" +fi + +tcp_timeout=${ZBX_TIMEOUT:=3}000 +ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dsun.rmi.transport.tcp.responseTimeout=$tcp_timeout" + +COMMAND_LINE="$JAVA $JAVA_OPTIONS -classpath $CLASSPATH $ZABBIX_OPTIONS com.zabbix.gateway.JavaGateway" + +exec $COMMAND_LINE diff --git a/java-gateway/rhel/docker-entrypoint.sh b/java-gateway/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..01ac14cd1 --- /dev/null +++ b/java-gateway/rhel/docker-entrypoint.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +prepare_java_gateway_config() { + echo "** Preparing Zabbix Java Gateway log configuration file" + + ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml + + if [ -n "${ZBX_DEBUGLEVEL}" ]; then + echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" + if [ -f "$ZBX_GATEWAY_CONFIG" ]; then + sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" + else + echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" + fi + fi +} + +prepare_java_gateway() { + echo "** Preparing Zabbix Java Gateway" + + prepare_java_gateway_config +} + +################################################# + +if [ "$1" == '/usr/sbin/zabbix_java_gateway' ]; then + prepare_java_gateway +fi + +exec "$@" + + +################################################# diff --git a/java-gateway/rhel/licenses/gpl-2.0.txt b/java-gateway/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/java-gateway/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/proxy-mysql/rhel/.dockerignore b/proxy-mysql/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/proxy-mysql/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/proxy-mysql/rhel/Dockerfile b/proxy-mysql/rhel/Dockerfile new file mode 100644 index 000000000..25296b0d7 --- /dev/null +++ b/proxy-mysql/rhel/Dockerfile @@ -0,0 +1,178 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-proxy-mysql-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix proxy (MySQL)" \ + description="Zabbix proxy with MySQL database support" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-proxy --link mysql-server:mysql-server -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-proxy-mysql-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix proxy with MySQL database support" \ + io.k8s.display-name="Zabbix proxy (MySQL)" \ + io.openshift.expose-services="10051:10051" \ + io.openshift.tags="zabbix,zabbix-proxy,mysql" \ + org.label-schema.name="zabbix-proxy-mysql-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix proxy with MySQL database support" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-proxy --link mysql-server:mysql-server -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-proxy-mysql-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + fping \ + iputils \ + libcurl \ + libevent \ + openldap \ + libssh \ + libxml2 \ + mysql \ + mysql-libs \ + net-snmp-agent-libs \ + OpenIPMI-libs \ + pcre \ + unixODBC" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ + dnf -y module enable mysql && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ + curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ + curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && INSTALL_PKGS="autoconf \ + automake \ + libcurl-devel \ + libevent-devel \ + libssh-devel \ + libxml2-devel \ + mysql-devel \ + net-snmp-devel \ + openldap-devel \ + OpenIPMI-devel \ + pcre-devel \ + git \ + gcc \ + make \ + unixODBC-devel" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-agent \ + --enable-proxy \ + --with-mysql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo last && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + + +EXPOSE 10051/TCP + +WORKDIR /var/lib/zabbix + +VOLUME ["/var/lib/zabbix/snmptraps"] + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-mysql/rhel/README.md b/proxy-mysql/rhel/README.md new file mode 100644 index 000000000..f3db6d851 --- /dev/null +++ b/proxy-mysql/rhel/README.md @@ -0,0 +1,321 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix proxy? + +Zabbix proxy is a process that may collect monitoring data from one or more monitored devices and send the information to the Zabbix server, essentially working on behalf of the server. All collected data is buffered locally and then transferred to the Zabbix server the proxy belongs to. + +# Zabbix proxy images + +These are the only official Zabbix proxy Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix proxy are: + + Zabbix proxy 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix proxy 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix proxy 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix proxy 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix proxy 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix proxy 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix proxy 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix proxy 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix proxy 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix proxy 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix proxy 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix proxy 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix proxy 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix proxy 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix proxy 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix proxy 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix proxy 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix proxy 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix proxy 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +The image uses MySQL database to store collected data before sending it to Zabbix server. It uses the next procedure to start: +- Checking database availability +- If ``MYSQL_ROOT_PASSWORD`` or ``MYSQL_ALLOW_EMPTY_PASSWORD`` are specified, the instance tries to create ``MYSQL_USER`` user with ``MYSQL_PASSWORD`` to use these credentials then for Zabbix server. +- Checking of having `MYSQL_DATABASE` database. Creating `MYSQL_DATABASE` database name if it does not exist +- Checking of having `dbversion` table. Creating Zabbix proxy database schema if no `dbversion` table + +# How to use this image + +## Start `zabbix-proxy-mysql` + +Start a Zabbix proxy container as follows: + + docker run --name some-zabbix-proxy-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -e ZBX_HOSTNAME=some-hostname -e ZBX_SERVER_HOST=some-zabbix-server -d zabbix/zabbix-proxy-mysql:tag + +Where `some-zabbix-proxy-mysql` is the name you want to assign to your container, `some-mysql-server` is IP or DNS name of MySQL server, `some-user` is user to connect to Zabbix database on MySQL server, `some-password` is the password to connect to MySQL server, `some-hostname` is the hostname, it is Hostname parameter in Zabbix proxy configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-proxy-mysql/tags/). + +## Connects from Zabbix server (Passive proxy) + +This image exposes the standard Zabbix proxy port (10051) and can operate as Passive proxy in case `ZBX_PROXYMODE` = `1`. Start Zabbix server container like this in order to link it to the Zabbix proxy container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-proxy-mysql:zabbix-proxy-mysql -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server (Active proxy) + +This image can operate as Active proxy (`default` mode). Start your application container like this in order to link Zabbix proxy to Zabbix server containters: + +```console +$ docker run --name some-zabbix-proxy-mysql --link some-zabbix-server:zabbix-server -d zabbix/zabbix-proxy-mysql:latest +``` + +## Container shell access and viewing Zabbix proxy logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-proxy-mysql` container: + +```console +$ docker exec -ti some-zabbix-proxy-mysql /bin/bash +``` + +The Zabbix proxy log is available through Docker's container log: + +```console +$ docker logs some-zabbix-proxy-mysql +``` + +## Environment Variables + +When you start the `zabbix-proxy-mysql` image, you can adjust the configuration of the Zabbix proxy by passing one or more environment variables on the `docker run` command line. + +### `ZBX_PROXYMODE` + +The variable allows to switch Zabbix proxy mode. Bu default, value is `0` - active proxy. Allowed values are `0` - active proxy and `1` - passive proxy. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `zabbix-proxy-mysql` of the container. It is ``Hostname`` parameter in ``zabbix_proxy.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_proxy.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_SERVER_PORT` + +This variable is port Zabbix server listening on. By default, value is `10051`. + +### `DB_SERVER_HOST` + +This variable is IP or DNS name of MySQL server. By default, value is 'mysql-server' + +### `DB_SERVER_PORT` + +This variable is port of MySQL server. By default, value is '3306'. + +### `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_USER_FILE`, `MYSQL_PASSWORD_FILE` + +These variables are used by Zabbix proxy to connect to Zabbix database. With the `_FILE` variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either `MYSQL_USER` or `MYSQL_USER_FILE`! + +```console +docker run --name some-zabbix-proxy-mysql -e DB_SERVER_HOST="some-mysql-server" -v ./.MYSQL_USER:/run/secrets/MYSQL_USER -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -v ./.MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/var/run/secrets/MYSQL_PASSWORD -e ZBX_HOSTNAME=some-hostname -e ZBX_SERVER_HOST=some-zabbix-server -d zabbix/zabbix-proxy-mysql:tag +``` + +With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster! + +```console +printf "zabbix" | docker secret create MYSQL_USER - +printf "zabbix" | docker secret create MYSQL_PASSWORD - +docker run --name some-zabbix-proxy-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -e MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD -e ZBX_SERVER_HOST="some-zabbix-server" -e ZBX_HOSTNAME=some-hostname -e ZBX_SERVER_HOST=some-zabbix-server -d zabbix/zabbix-proxy-mysql:tag +``` + +This method is also applicable for `MYSQL_ROOT_PASSWORD` with `MYSQL_ROOT_PASSWORD_FILE`. + +By default, values for `MYSQL_USER` and `MYSQL_PASSWORD` are `zabbix`, `zabbix`. + +### `MYSQL_DATABASE` + +The variable is Zabbix database name. By default, value is `zabbix_proxy`. + +### `ZBX_LOADMODULE` + +The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. + +### ``ZBX_DEBUGLEVEL`` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``4``. + +### `ZBX_JAVAGATEWAY_ENABLE` + +The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is `false`. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_DBTLSCONNECT= # Available since 5.0.0 +ZBX_DBTLSCAFILE= # Available since 5.0.0 +ZBX_DBTLSCERTFILE= # Available since 5.0.0 +ZBX_DBTLSKEYFILE= # Available since 5.0.0 +ZBX_DBTLSCIPHER= # Available since 5.0.0 +ZBX_DBTLSCIPHER13= # Available since 5.0.0 +ZBX_VAULTDBPATH= # Available since 5.2.0 +ZBX_VAULTURL=https://127.0.0.1:8200 # Available since 5.2.0 +VAULT_TOKEN= # Available since 5.2.0 +ZBX_ENABLEREMOTECOMMANDS=0 # Available since 3.4.0 +ZBX_LOGREMOTECOMMANDS=0 # Available since 3.4.0 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_SOURCEIP= +ZBX_PROXYLOCALBUFFER=0 +ZBX_PROXYOFFLINEBUFFER=1 +ZBX_PROXYHEARTBEATFREQUENCY=60 +ZBX_CONFIGFREQUENCY=3600 +ZBX_DATASENDERFREQUENCY=1 +ZBX_STARTPOLLERS=5 +ZBX_STARTPREPROCESSORS=3 # Available since 4.2.0 +ZBX_IPMIPOLLERS=0 +ZBX_STARTPOLLERSUNREACHABLE=1 +ZBX_STARTTRAPPERS=5 +ZBX_STARTPINGERS=1 +ZBX_STARTDISCOVERERS=1 +ZBX_STARTHISTORYPOLLERS=1 # Available since 5.4.0 +ZBX_STARTHTTPPOLLERS=1 +ZBX_JAVAGATEWAY=zabbix-java-gateway +ZBX_JAVAGATEWAYPORT=10052 +ZBX_STARTJAVAPOLLERS=0 +ZBX_STATSALLOWEDIP= # Available since 4.0.5 +ZBX_STARTVMWARECOLLECTORS=0 +ZBX_VMWAREFREQUENCY=60 +ZBX_VMWAREPERFFREQUENCY=60 +ZBX_VMWARECACHESIZE=8M +ZBX_VMWARETIMEOUT=10 +ZBX_ENABLE_SNMP_TRAPS=false +ZBX_LISTENIP= +ZBX_HOUSEKEEPINGFREQUENCY=1 +ZBX_CACHESIZE=8M +ZBX_STARTDBSYNCERS=4 +ZBX_HISTORYCACHESIZE=16M +ZBX_HISTORYINDEXCACHESIZE=4M +ZBX_TRAPPERIMEOUT=300 +ZBX_UNREACHABLEPERIOD=45 +ZBX_UNAVAILABLEDELAY=60 +ZBX_UNREACHABLEDELAY=15 +ZBX_LOGSLOWQUERIES=3000 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_TLSCIPHERALL= # Available since 4.4.7 +ZBX_TLSCIPHERALL13= # Available since 4.4.7 +ZBX_TLSCIPHERCERT= # Available since 4.4.7 +ZBX_TLSCIPHERCERT13= # Available since 4.4.7 +ZBX_TLSCIPHERPSK= # Available since 4.4.7 +ZBX_TLSCIPHERPSK13= # Available since 4.4.7 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_proxy.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. + +Please use official documentation for [``zabbix_proxy.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_proxy) to get more information about the variables. + +## Allowed volumes for the Zabbix proxy container + +### ``/usr/lib/zabbix/externalscripts`` + +The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/modules`` + +The volume allows load additional modules and extend Zabbix proxy using ``LoadModule`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/ssh_keys`` + +The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/ssl/certs`` + +The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/ssl/keys`` + +The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/ssl/ssl_ca`` + +The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/snmptraps`` + +The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix proxy. +SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. + +### ``/var/lib/zabbix/mibs`` + +The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. + +# The image variants + +The `zabbix-proxy-mysql` images come in many flavors, each designed for a specific use case. + +## `zabbix-proxy-mysql:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-proxy-mysql:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`proxy-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/proxy-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/proxy-mysql/rhel/build.sh b/proxy-mysql/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/proxy-mysql/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/proxy-mysql/rhel/docker-entrypoint.sh b/proxy-mysql/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..eb9578336 --- /dev/null +++ b/proxy-mysql/rhel/docker-entrypoint.sh @@ -0,0 +1,486 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +# usage: file_env VAR [DEFAULT] +# as example: file_env 'MYSQL_PASSWORD' 'zabbix' +# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) +# unsets the VAR_FILE afterwards and just leaving VAR +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local defaultValue="${2:-}" + + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo "**** Both variables $var and $fileVar are set (but are exclusive)" + exit 1 + fi + + local val="$defaultValue" + + if [ "${!var:-}" ]; then + val="${!var}" + echo "** Using ${var} variable from ENV" + elif [ "${!fileVar:-}" ]; then + if [ ! -f "${!fileVar}" ]; then + echo "**** Secret file \"${!fileVar}\" is not found" + exit 1 + fi + val="$(< "${!fileVar}")" + echo "** Using ${var} variable from secret file" + fi + export "$var"="$val" + unset "$fileVar" +} + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("DBPassword TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + else + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +# Check prerequisites for MySQL database +check_variables_mysql() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} + USE_DB_ROOT_USER=false + CREATE_ZBX_DB_USER=false + file_env MYSQL_USER + file_env MYSQL_PASSWORD + + file_env MYSQL_ROOT_PASSWORD + + if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD,,}" == "true" ]; then + echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" + exit 1 + fi + + if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" != "true" ]; then + echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" + exit 1 + fi + + if [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then + USE_DB_ROOT_USER=true + DB_SERVER_ROOT_USER="root" + DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} + fi + + [ -n "${MYSQL_USER}" ] && [ "${USE_DB_ROOT_USER}" == "true" ] && CREATE_ZBX_DB_USER=true + + # If root password is not specified use provided credentials + DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} + DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} + DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} + + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} +} + +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + result="--ssl-mode=$ssl_mode" + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + + +check_db_connect_mysql() { + echo "********************" + echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" + echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" + echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" + if [ "${DEBUG_MODE,,}" == "true" ]; then + if [ "${USE_DB_ROOT_USER}" == "true" ]; then + echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" + echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" + fi + echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" + echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" + fi + echo "********************" + + WAIT_TIMEOUT=5 + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ + --silent --connect_timeout=10 $ssl_opts)" ]; do + echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." + sleep $WAIT_TIMEOUT + done + + unset MYSQL_PWD +} + +mysql_query() { + query=$1 + local result="" + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ + -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts) + + unset MYSQL_PWD + + echo $result +} + +create_db_user_mysql() { + [ "${CREATE_ZBX_DB_USER}" == "true" ] || return + + echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" + + USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") + + if [ -z "$USER_EXISTS" ]; then + mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null + else + mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null + fi + + mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null + mysql_query "GRANT SESSION_VARIABLES_ADMIN ON *. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null +} + +create_db_database_mysql() { + DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") + + if [ -z ${DB_EXISTS} ]; then + echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." + mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null + # better solution? + mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null + else + echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" + fi +} + +create_db_schema_mysql() { + DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") + + if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then + echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." + ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") + fi + + if [ -z "${ZBX_DB_VERSION}" ]; then + echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ + -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ + -u ${DB_SERVER_ROOT_USER} $ssl_opts \ + ${DB_SERVER_DBNAME} 1>/dev/null + + unset MYSQL_PWD + fi +} + +update_zbx_config() { + echo "** Preparing Zabbix proxy configuration file" + + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf + + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + else + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + fi + + update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "PidFile" + + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" + fi + + update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" + update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi + + update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" + + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" + + update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + + update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" + update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" + update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" + update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" + update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" + update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" + + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} + if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" + update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" + update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" + else + update_config_var $ZBX_CONFIG "JavaGateway" + update_config_var $ZBX_CONFIG "JavaGatewayPort" + update_config_var $ZBX_CONFIG "StartJavaPollers" + fi + + update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" + update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" + update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" + + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} + if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" + else + update_config_var $ZBX_CONFIG "SNMPTrapperFile" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" + fi + + update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" + + update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" + + update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" + update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" + update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" + + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" + update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" + update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" + update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" + + update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" + update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" + + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" + + update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" + update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" + + update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" + update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" + update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" + update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" + update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" + + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_CONFIG "AllowRoot" "1" + fi +} + +prepare_proxy() { + echo "Preparing Zabbix proxy" + + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql + + update_zbx_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" + fi + +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy +fi + +exec "$@" + +################################################# diff --git a/proxy-mysql/rhel/licenses/gpl-2.0.txt b/proxy-mysql/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/proxy-mysql/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/proxy-sqlite3/rhel/.dockerignore b/proxy-sqlite3/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/proxy-sqlite3/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/proxy-sqlite3/rhel/Dockerfile b/proxy-sqlite3/rhel/Dockerfile new file mode 100644 index 000000000..0e222be14 --- /dev/null +++ b/proxy-sqlite3/rhel/Dockerfile @@ -0,0 +1,172 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-proxy-sqlite-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix proxy (SQLite3)" \ + description="Zabbix proxy with SQLite3 database support" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-proxy -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-proxy-sqlite-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix proxy with SQLite3 database support" \ + io.k8s.display-name="Zabbix proxy (SQLite3)" \ + io.openshift.expose-services="10051:10051" \ + io.openshift.tags="zabbix,zabbix-proxy,sqlite" \ + org.label-schema.name="zabbix-proxy-sqlite-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix proxy with SQLite3 database support" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-proxy -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-proxy-sqlite3-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + fping \ + iputils \ + libcurl \ + libevent \ + openldap \ + libssh \ + libxml2 \ + net-snmp-agent-libs \ + OpenIPMI-libs \ + pcre \ + sqlite-libs \ + unixODBC" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ + curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && INSTALL_PKGS="autoconf \ + automake \ + libcurl-devel \ + libevent-devel \ + libssh-devel \ + libxml2-devel \ + sqlite-devel \ + net-snmp-devel \ + openldap-devel \ + OpenIPMI-devel \ + pcre-devel \ + git \ + gcc \ + make \ + unixODBC-devel" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-agent \ + --enable-proxy \ + --with-sqlite3 \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ + chown --quiet -R zabbix:root /etc/zabbix && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo last && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10051/TCP + +WORKDIR /var/lib/zabbix + +VOLUME ["/var/lib/zabbix/snmptraps"] + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-sqlite3/rhel/README.md b/proxy-sqlite3/rhel/README.md new file mode 100644 index 000000000..a1b2cb423 --- /dev/null +++ b/proxy-sqlite3/rhel/README.md @@ -0,0 +1,279 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix proxy? + +Zabbix proxy is a process that may collect monitoring data from one or more monitored devices and send the information to the Zabbix server, essentially working on behalf of the server. All collected data is buffered locally and then transferred to the Zabbix server the proxy belongs to. + +# Zabbix proxy images + +These are the only official Zabbix proxy Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix proxy are: + + Zabbix proxy 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix proxy 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix proxy 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix proxy 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix proxy 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix proxy 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix proxy 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix proxy 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix proxy 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix proxy 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix proxy 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix proxy 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix proxy 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix proxy 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix proxy 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix proxy 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix proxy 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix proxy 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix proxy 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +The image uses SQLite3 database to store collected data before sending it to Zabbix server. + +# How to use this image + +## Start `zabbix-proxy-sqlite3` + +Start a Zabbix proxy container as follows: + + docker run --name some-zabbix-proxy-sqlite3 -e ZBX_HOSTNAME=some-hostname -e ZBX_SERVER_HOST=some-zabbix-server -d zabbix/zabbix-proxy-sqlite3:tag + +Where `some-zabbix-proxy-sqlite3` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix proxy configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-proxy-sqlite3/tags/). + +## Connects from Zabbix server (Passive proxy) + +This image exposes the standard Zabbix proxy port (10051) and can operate as Passive proxy in case `ZBX_PROXYMODE` = `1`. Start Zabbix server container like this in order to link it to the Zabbix proxy container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-proxy-sqlite3:zabbix-proxy-sqlite3 -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server (Active proxy) + +This image can operate as Active proxy (`default` mode). Start your application container like this in order to link Zabbix proxy to Zabbix server containters: + +```console +$ docker run --name some-zabbix-proxy-sqlite3 --link some-zabbix-server:zabbix-server -d zabbix/zabbix-proxy-sqlite3:latest +``` + +## Container shell access and viewing Zabbix proxy logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-proxy-sqlite3` container: + +```console +$ docker exec -ti some-zabbix-proxy-sqlite3 /bin/bash +``` + +The Zabbix proxy log is available through Docker's container log: + +```console +$ docker logs some-zabbix-proxy-sqlite3 +``` + +## Environment Variables + +When you start the `zabbix-proxy-sqlite3` image, you can adjust the configuration of the Zabbix proxy by passing one or more environment variables on the `docker run` command line. + +### `ZBX_PROXYMODE` + +The variable allows to switch Zabbix proxy mode. Bu default, value is `0` - active proxy. Allowed values are `0` - active proxy and `1` - passive proxy. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `zabbix-proxy-sqlite3` of the container. It is ``Hostname`` parameter in ``zabbix_proxy.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_proxy.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_SERVER_PORT` + +This variable is port Zabbix server listening on. By default, value is `10051`. + +### `ZBX_LOADMODULE` + +The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``4``. + +### `ZBX_JAVAGATEWAY_ENABLE` + +The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is `false`. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_VAULTDBPATH= # Available since 5.2.0 +ZBX_VAULTURL=https://127.0.0.1:8200 # Available since 5.2.0 +VAULT_TOKEN= # Available since 5.2.0 +ZBX_ENABLEREMOTECOMMANDS=0 # Available since 3.4.0 +ZBX_LOGREMOTECOMMANDS=0 # Available since 3.4.0 +ZBX_SOURCEIP= +ZBX_HOSTNAMEITEM=system.hostname +ZBX_PROXYLOCALBUFFER=0 +ZBX_PROXYOFFLINEBUFFER=1 +ZBX_PROXYHEARTBEATFREQUENCY=60 +ZBX_CONFIGFREQUENCY=3600 +ZBX_DATASENDERFREQUENCY=1 +ZBX_STARTPOLLERS=5 +ZBX_STARTPREPROCESSORS=3 # Available since 4.2.0 +ZBX_IPMIPOLLERS=0 +ZBX_STARTPOLLERSUNREACHABLE=1 +ZBX_STARTTRAPPERS=5 +ZBX_STARTPINGERS=1 +ZBX_STARTDISCOVERERS=1 +ZBX_STARTHISTORYPOLLERS=1 # Available since 5.4.0 +ZBX_STARTHTTPPOLLERS=1 +ZBX_JAVAGATEWAY=zabbix-java-gateway +ZBX_JAVAGATEWAYPORT=10052 +ZBX_STARTJAVAPOLLERS=0 +ZBX_STATSALLOWEDIP= # Available since 4.0.5 +ZBX_STARTVMWARECOLLECTORS=0 +ZBX_VMWAREFREQUENCY=60 +ZBX_VMWAREPERFFREQUENCY=60 +ZBX_VMWARECACHESIZE=8M +ZBX_VMWARETIMEOUT=10 +ZBX_ENABLE_SNMP_TRAPS=false +ZBX_LISTENIP= +ZBX_HOUSEKEEPINGFREQUENCY=1 +ZBX_CACHESIZE=8M +ZBX_STARTDBSYNCERS=4 +ZBX_HISTORYCACHESIZE=16M +ZBX_HISTORYINDEXCACHESIZE=4M +ZBX_TRAPPERIMEOUT=300 +ZBX_UNREACHABLEPERIOD=45 +ZBX_UNAVAILABLEDELAY=60 +ZBX_UNREACHABLEDELAY=15 +ZBX_LOGSLOWQUERIES=3000 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_TLSCIPHERALL= # Available since 4.4.7 +ZBX_TLSCIPHERALL13= # Available since 4.4.7 +ZBX_TLSCIPHERCERT= # Available since 4.4.7 +ZBX_TLSCIPHERCERT13= # Available since 4.4.7 +ZBX_TLSCIPHERPSK= # Available since 4.4.7 +ZBX_TLSCIPHERPSK13= # Available since 4.4.7 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_proxy.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. + +Please use official documentation for [``zabbix_proxy.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_proxy) to get more information about the variables. + +## Allowed volumes for the Zabbix proxy container + +### ``/usr/lib/zabbix/externalscripts`` + +The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/modules`` + +The volume allows load additional modules and extend Zabbix proxy using ``LoadModule`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/ssh_keys`` + +The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/ssl/certs`` + +The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/ssl/keys`` + +The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/ssl/ssl_ca`` + +The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_proxy.conf``. + +### ``/var/lib/zabbix/snmptraps`` + +The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix proxy. +SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. + +### ``/var/lib/zabbix/mibs`` + +The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. + +# The image variants + +The `zabbix-proxy-sqlite3` images come in many flavors, each designed for a specific use case. + +## `zabbix-proxy-sqlite3:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-proxy-sqlite3:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`proxy-sqlite3/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/proxy-sqlite3) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/proxy-sqlite3/rhel/build.sh b/proxy-sqlite3/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/proxy-sqlite3/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/proxy-sqlite3/rhel/docker-entrypoint.sh b/proxy-sqlite3/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..184e81919 --- /dev/null +++ b/proxy-sqlite3/rhel/docker-entrypoint.sh @@ -0,0 +1,272 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + else + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +update_zbx_config() { + echo "** Preparing Zabbix proxy configuration file" + + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf + + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + else + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + fi + + update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "PidFile" + + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" + update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + update_config_var $ZBX_CONFIG "DBHost" + update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPort" + update_config_var $ZBX_CONFIG "DBPassword" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + fi + + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" + + update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + + update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" + update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" + update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" + update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" + update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" + update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" + + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} + if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" + update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" + update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" + else + update_config_var $ZBX_CONFIG "JavaGateway" + update_config_var $ZBX_CONFIG "JavaGatewayPort" + update_config_var $ZBX_CONFIG "StartJavaPollers" + fi + + update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" + update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" + update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" + + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} + if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" + else + update_config_var $ZBX_CONFIG "SNMPTrapperFile" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" + fi + + update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" + + update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" + + update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" + update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" + update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" + + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" + update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" + update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" + update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" + + update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" + update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" + + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" + + update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" + update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" + + update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" + update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" + update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" + update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" + update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" + + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_CONFIG "AllowRoot" "1" + fi +} + +prepare_proxy() { + echo "Preparing Zabbix proxy" + + update_zbx_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" +fi + +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy +fi + +exec "$@" + +################################################# diff --git a/proxy-sqlite3/rhel/licenses/gpl-2.0.txt b/proxy-sqlite3/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/proxy-sqlite3/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/server-mysql/rhel/.dockerignore b/server-mysql/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/server-mysql/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/server-mysql/rhel/Dockerfile b/server-mysql/rhel/Dockerfile new file mode 100644 index 000000000..91091e414 --- /dev/null +++ b/server-mysql/rhel/Dockerfile @@ -0,0 +1,182 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-server-mysql-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix server (MySQL)" \ + description="Zabbix server with MySQL database support" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-server --link mysql-server:mysql-server -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-server-mysql-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix server with MySQL database support" \ + io.k8s.display-name="Zabbix server (MySQL)" \ + io.openshift.expose-services="10051:10051" \ + io.openshift.tags="zabbix,zabbix-server,mysql" \ + org.label-schema.name="zabbix-server-mysql-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix server with MySQL database support" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-server --link mysql-server:mysql-server -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-server-mysql-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + fping \ + tzdata \ + iputils \ + libcurl \ + libevent \ + openldap \ + libssh \ + libxml2 \ + mysql \ + mysql-libs \ + net-snmp-agent-libs \ + OpenIPMI-libs \ + pcre \ + unixODBC" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ + dnf -y module enable mysql && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + mkdir -p /usr/share/doc/zabbix-server-mysql && \ + curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ + curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && INSTALL_PKGS="autoconf \ + automake \ + libcurl-devel \ + libevent-devel \ + libssh-devel \ + libxml2-devel \ + mysql-devel \ + net-snmp-devel \ + openldap-devel \ + OpenIPMI-devel \ + pcre-devel \ + git \ + gcc \ + make \ + unixODBC-devel" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-server \ + --with-mysql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + chown --quiet -R zabbix:root /etc/zabbix && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo last && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10051/TCP + +WORKDIR /var/lib/zabbix + +VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-mysql/rhel/README.md b/server-mysql/rhel/README.md new file mode 100644 index 000000000..4253197e0 --- /dev/null +++ b/server-mysql/rhel/README.md @@ -0,0 +1,304 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix server? + +Zabbix server is the central process of Zabbix software. + +The server performs the polling and trapping of data, it calculates triggers, sends notifications to users. It is the central component to which Zabbix agents and proxies report data on availability and integrity of systems. The server can itself remotely check networked services (such as web servers and mail servers) using simple service checks. + +# Zabbix server images + +These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix server are: + + Zabbix server 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix server 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix server 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix server 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix server 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix server 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix server 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix server 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix server 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix server 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix server 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix server 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix server 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix server 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix server 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix server 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix server 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix server 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix server 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +The image uses MySQL database. It uses the next procedure to start: +- Checking database availability +- If ``MYSQL_ROOT_PASSWORD`` or ``MYSQL_ALLOW_EMPTY_PASSWORD`` are specified, the instance tries to create ``MYSQL_USER`` user with ``MYSQL_PASSWORD`` to use these credentials then for Zabbix server. +- Checking of having `MYSQL_DATABASE` database. Creating `MYSQL_DATABASE` database name if it does not exist +- Checking of having `dbversion` table. Creating Zabbix server database schema and upload initial data sample if no `dbversion` table + +# How to use this image + +## Start `zabbix-server-mysql` + +Start a Zabbix server container as follows: + + docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -d zabbix/zabbix-server-mysql:tag + +Where `some-zabbix-server-mysql` is the name you want to assign to your container, `some-mysql-server` is IP or DNS name of MySQL server, `some-user` is user to connect to Zabbix database on MySQL server, `some-password` is the password to connect to MySQL server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-server-mysql/tags/). + +## Container shell access and viewing Zabbix server logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-server-mysql` container: + +```console +$ docker exec -ti some-zabbix-server-mysql /bin/bash +``` + +The Zabbix server log is available through Docker's container log: + +```console +$ docker logs some-zabbix-server-mysql +``` + +## Environment Variables + +When you start the `zabbix-server-mysql` image, you can adjust the configuration of the Zabbix server by passing one or more environment variables on the `docker run` command line. + +### `DB_SERVER_HOST` + +This variable is IP or DNS name of MySQL server. By default, value is 'mysql-server' + +### `DB_SERVER_PORT` + +This variable is port of MySQL server. By default, value is '3306'. + +### `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_USER_FILE`, `MYSQL_PASSWORD_FILE` + +These variables are used by Zabbix server to connect to Zabbix database. With the `_FILE` variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either `MYSQL_USER` or `MYSQL_USER_FILE`! + +```console +docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -v ./.MYSQL_USER:/run/secrets/MYSQL_USER -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -v ./.MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/var/run/secrets/MYSQL_PASSWORD -d zabbix/zabbix-server-mysql:tag +``` + +With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster! + +```console +printf "zabbix" | docker secret create MYSQL_USER - +printf "zabbix" | docker secret create MYSQL_PASSWORD - +docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -e MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD -d zabbix/zabbix-server-mysql:tag +``` + +This method is also applicable for `MYSQL_ROOT_PASSWORD` with `MYSQL_ROOT_PASSWORD_FILE`. + +By default, values for `MYSQL_USER` and `MYSQL_PASSWORD` are `zabbix`, `zabbix`. + +### `MYSQL_DATABASE` + +The variable is Zabbix database name. By default, value is `zabbix`. + +### `ZBX_LOADMODULE` + +The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``4``. + +### `ZBX_JAVAGATEWAY_ENABLE` + +The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is `false`. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_DBTLSCONNECT= # Available since 5.0.0 +ZBX_DBTLSCAFILE= # Available since 5.0.0 +ZBX_DBTLSCERTFILE= # Available since 5.0.0 +ZBX_DBTLSKEYFILE= # Available since 5.0.0 +ZBX_DBTLSCIPHER= # Available since 5.0.0 +ZBX_DBTLSCIPHER13= # Available since 5.0.0 +ZBX_VAULTDBPATH= # Available since 5.2.0 +ZBX_VAULTURL=https://127.0.0.1:8200 # Available since 5.2.0 +VAULT_TOKEN= # Available since 5.2.0 +ZBX_LISTENIP= +ZBX_STARTREPORTWRITERS=0 # Available since 5.4.0 +ZBX_WEBSERVICEURL=http://zabbix-web-service:10053/report # Available since 5.4.0 +ZBX_HISTORYSTORAGEURL= # Available since 3.4.0 +ZBX_HISTORYSTORAGETYPES=uint,dbl,str,log,text # Available since 3.4.0 +ZBX_STARTPOLLERS=5 +ZBX_IPMIPOLLERS=0 +ZBX_STARTPREPROCESSORS=3 # Available since 3.4.0 +ZBX_STARTPOLLERSUNREACHABLE=1 +ZBX_STARTTRAPPERS=5 +ZBX_STARTPINGERS=1 +ZBX_STARTDISCOVERERS=1 +ZBX_STARTHISTORYPOLLERS=5 # Available since 5.4.0 +ZBX_STARTHTTPPOLLERS=1 +ZBX_STARTTIMERS=1 +ZBX_STARTESCALATORS=1 +ZBX_STARTALERTERS=3 # Available since 3.4.0 +ZBX_JAVAGATEWAY=zabbix-java-gateway +ZBX_JAVAGATEWAYPORT=10052 +ZBX_STARTJAVAPOLLERS=5 +ZBX_STARTLLDPROCESSORS=2 # Available since 4.2.0 +ZBX_STATSALLOWEDIP= # Available since 4.0.5 +ZBX_STARTVMWARECOLLECTORS=0 +ZBX_VMWAREFREQUENCY=60 +ZBX_VMWAREPERFFREQUENCY=60 +ZBX_VMWARECACHESIZE=8M +ZBX_VMWARETIMEOUT=10 +ZBX_ENABLE_SNMP_TRAPS=false +ZBX_SOURCEIP= +ZBX_HOUSEKEEPINGFREQUENCY=1 +ZBX_MAXHOUSEKEEPERDELETE=5000 +ZBX_SENDERFREQUENCY=30 +ZBX_CACHESIZE=8M +ZBX_CACHEUPDATEFREQUENCY=60 +ZBX_STARTDBSYNCERS=4 +ZBX_EXPORTFILESIZE=1G # Available since 4.0.0 +ZBX_EXPORTTYPE= # Available since 5.0.10 and 5.2.6 +ZBX_HISTORYCACHESIZE=16M +ZBX_HISTORYINDEXCACHESIZE=4M +ZBX_HISTORYSTORAGEDATEINDEX=0 # Available since 4.0.0 +ZBX_TRENDCACHESIZE=4M +ZBX_VALUECACHESIZE=8M +ZBX_TRAPPERIMEOUT=300 +ZBX_UNREACHABLEPERIOD=45 +ZBX_UNAVAILABLEDELAY=60 +ZBX_UNREACHABLEDELAY=15 +ZBX_LOGSLOWQUERIES=3000 +ZBX_STARTPROXYPOLLERS=1 +ZBX_PROXYCONFIGFREQUENCY=3600 +ZBX_PROXYDATAFREQUENCY=1 +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSCIPHERALL= # Available since 4.4.7 +ZBX_TLSCIPHERALL13= # Available since 4.4.7 +ZBX_TLSCIPHERCERT= # Available since 4.4.7 +ZBX_TLSCIPHERCERT13= # Available since 4.4.7 +ZBX_TLSCIPHERPSK= # Available since 4.4.7 +ZBX_TLSCIPHERPSK13= # Available since 4.4.7 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. + +Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. + +## Allowed volumes for the Zabbix server container + +### ``/usr/lib/zabbix/alertscripts`` + +The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. + +### ``/usr/lib/zabbix/externalscripts`` + +The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/modules`` + +The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/ssh_keys`` + +The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/ssl/certs`` + +The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/ssl/keys`` + +The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/ssl/ssl_ca`` + +The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/snmptraps`` + +The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. +SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. + +### ``/var/lib/zabbix/mibs`` + +The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. + +### ``/var/lib/zabbix/export`` + +Directory for real-time export of events, history and trends in newline-delimited JSON format. Could be enabled using ``ZBX_EXPORTFILESIZE`` environment variable. + +# The image variants + +The `zabbix-server-mysql` images come in many flavors, each designed for a specific use case. + +## `zabbix-server-mysql:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-server-mysql:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`server-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/server-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/server-mysql/rhel/build.sh b/server-mysql/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/server-mysql/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/server-mysql/rhel/docker-entrypoint.sh b/server-mysql/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..71973e137 --- /dev/null +++ b/server-mysql/rhel/docker-entrypoint.sh @@ -0,0 +1,487 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +# usage: file_env VAR [DEFAULT] +# as example: file_env 'MYSQL_PASSWORD' 'zabbix' +# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) +# unsets the VAR_FILE afterwards and just leaving VAR +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local defaultValue="${2:-}" + + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo "**** Both variables $var and $fileVar are set (but are exclusive)" + exit 1 + fi + + local val="$defaultValue" + + if [ "${!var:-}" ]; then + val="${!var}" + echo "** Using ${var} variable from ENV" + elif [ "${!fileVar:-}" ]; then + if [ ! -f "${!fileVar}" ]; then + echo "**** Secret file \"${!fileVar}\" is not found" + exit 1 + fi + val="$(< "${!fileVar}")" + echo "** Using ${var} variable from secret file" + fi + export "$var"="$val" + unset "$fileVar" +} + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("DBPassword TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + else + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +# Check prerequisites for MySQL database +check_variables_mysql() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} + USE_DB_ROOT_USER=false + CREATE_ZBX_DB_USER=false + file_env MYSQL_USER + file_env MYSQL_PASSWORD + + file_env MYSQL_ROOT_PASSWORD + + if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD,,}" == "true" ]; then + echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" + exit 1 + fi + + if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" != "true" ]; then + echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" + exit 1 + fi + + if [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then + USE_DB_ROOT_USER=true + DB_SERVER_ROOT_USER="root" + DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} + fi + + [ -n "${MYSQL_USER}" ] && [ "${USE_DB_ROOT_USER}" == "true" ] && CREATE_ZBX_DB_USER=true + + # If root password is not specified use provided credentials + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} + [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} + DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} + DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} + + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} +} + +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + result="--ssl-mode=$ssl_mode" + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + +check_db_connect_mysql() { + echo "********************" + echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" + echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" + echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" + if [ "${DEBUG_MODE,,}" == "true" ]; then + if [ "${USE_DB_ROOT_USER}" == "true" ]; then + echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" + echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" + fi + echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" + echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" + fi + echo "********************" + + WAIT_TIMEOUT=5 + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ + --silent --connect_timeout=10 $ssl_opts)" ]; do + echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." + sleep $WAIT_TIMEOUT + done + + unset MYSQL_PWD +} + +mysql_query() { + query=$1 + local result="" + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ + -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts) + + unset MYSQL_PWD + + echo $result +} + +create_db_user_mysql() { + [ "${CREATE_ZBX_DB_USER}" == "true" ] || return + + echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" + + USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") + + if [ -z "$USER_EXISTS" ]; then + mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null + else + mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null + fi + + mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null +} + +create_db_database_mysql() { + DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") + + if [ -z ${DB_EXISTS} ]; then + echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." + mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null + # better solution? + mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null + else + echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" + fi +} + +create_db_schema_mysql() { + DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") + + if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then + echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." + ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") + fi + + if [ -z "${ZBX_DB_VERSION}" ]; then + echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ + -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ + -u ${DB_SERVER_ROOT_USER} $ssl_opts \ + ${DB_SERVER_DBNAME} 1>/dev/null + + unset MYSQL_PWD + fi +} + +update_zbx_config() { + echo "** Preparing Zabbix server configuration file" + + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf + + update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "PidFile" + + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" + fi + + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi + + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" + update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" + + update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" + + update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" + + update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" + update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" + update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" + update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" + update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" + update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" + + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + + update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" + + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} + if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" + update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" + update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" + else + update_config_var $ZBX_CONFIG "JavaGateway" + update_config_var $ZBX_CONFIG "JavaGatewayPort" + update_config_var $ZBX_CONFIG "StartJavaPollers" + fi + + update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" + update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" + update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" + + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} + if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" + else + update_config_var $ZBX_CONFIG "SNMPTrapperFile" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" + fi + + update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" + + update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" + + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" + + update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" + update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" + update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" + + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" + + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" + update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" + update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" + update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" + + update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" + update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" + + if [ -n "${ZBX_EXPORTFILESIZE}" ]; then + update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" + update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" + fi + + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" + + update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" + update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" + + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" + + update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" + update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" + update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" + update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" + update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" + + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_CONFIG "AllowRoot" "1" + fi +} + +prepare_server() { + echo "** Preparing Zabbix server" + + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql + + update_zbx_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" + fi + +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server +fi + +exec "$@" + +################################################# diff --git a/server-mysql/rhel/licenses/gpl-2.0.txt b/server-mysql/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/server-mysql/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/snmptraps/rhel/.dockerignore b/snmptraps/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/snmptraps/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/snmptraps/rhel/Dockerfile b/snmptraps/rhel/Dockerfile new file mode 100644 index 000000000..18b39f078 --- /dev/null +++ b/snmptraps/rhel/Dockerfile @@ -0,0 +1,83 @@ +FROM registry.access.redhat.com/ubi8/ubi-minimal +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_SNMP_TRAP_DATE_FORMAT=+%Y%m%d.%H%M%S ZBX_SNMP_TRAP_FORMAT=" " + +LABEL name="zabbix/zabbix-snmptraps-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix SNMP traps receiver" \ + description="Zabbix SNMP traps receiver" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-snmptraps --link zabbix-server:zabbix-server -p 162:1162/udp -d registry.connect.redhat.com/zabbix/zabbix-snmptraps-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix SNMP traps receiver" \ + io.k8s.display-name="Zabbix SNMP traps receiver" \ + io.openshift.expose-services="162:1162" \ + io.openshift.tags="zabbix,zabbix-snmp,snmp-traps" \ + org.label-schema.name="zabbix-snmptraps-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix SNMP traps receiver" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-snmptraps --link zabbix-server:zabbix-server -p 162:1162/udp -d registry.connect.redhat.com/zabbix/zabbix-snmptraps-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && \ + INSTALL_PKGS="shadow-utils \ + tzdata \ + net-snmp" && \ + microdnf -y --disablerepo="*" --enablerepo="rhel-8-for-x86_64-baseos-rpms" \ + --enablerepo="rhel-8-for-x86_64-appstream-rpms" \ + install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/mibs && \ + touch /var/lib/net-snmp/snmptrapd.conf && \ + chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + microdnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 1162/UDP + +WORKDIR /var/lib/zabbix/snmptraps/ + +VOLUME ["/var/lib/zabbix/snmptraps"] + +COPY ["conf/etc/logrotate.d/zabbix_snmptraps", "/etc/logrotate.d/"] +COPY ["conf/etc/snmp/snmptrapd.conf", "/etc/snmp/"] +COPY ["conf/usr/sbin/zabbix_trap_handler.sh", "/usr/sbin/"] + +USER 1997 + +CMD ["/usr/sbin/snmptrapd", "-n", "-C", "-c", "/etc/snmp/snmptrapd.conf", "-Lo", "-A"] diff --git a/snmptraps/rhel/README.md b/snmptraps/rhel/README.md new file mode 100644 index 000000000..b64578fd9 --- /dev/null +++ b/snmptraps/rhel/README.md @@ -0,0 +1,123 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is the image? + +The image is used to receive SNMP traps, store them to a log file and provide access to Zabbix to collected SNMP trap messsages. + +# Zabbix snmptraps images + +These are the only official Zabbix snmptraps Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix snmptraps are: + + Zabbix snmptraps 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix snmptraps 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix snmptraps 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix snmptraps 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix snmptraps 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix snmptraps 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix snmptraps 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix snmptraps 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix snmptraps 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix snmptraps 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix snmptraps 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix snmptraps 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix snmptraps 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix snmptraps 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix snmptraps 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix snmptraps 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix snmptraps 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix snmptraps 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix snmptraps 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. + +# How to use this image + +## Start `zabbix-snmptraps` + +Start a Zabbix snmptraps container as follows: + + docker run --name some-zabbix-snmptraps -p 162:1162/udp -d zabbix/zabbix-snmptraps:tag + +Where `some-zabbix-snmptraps` is the name you want to assign to your container and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-snmptraps/tags/). + +## Linking Zabbix server or Zabbix proxy with the container + + docker run --name some-zabbix-server --link some-zabbix-snmptraps:zabbix-snmptraps --volumes-from some-zabbix-snmptraps -d zabbix/zabbix-server:tag + +## Container shell access and viewing Zabbix snmptraps logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-snmptraps` container: + +```console +$ docker exec -ti some-zabbix-snmptraps /bin/bash +``` + +The Zabbix snmptraps log is available through Docker's container log: + +```console +$ docker logs some-zabbix-snmptraps +``` + +## Allowed volumes for the Zabbix snmptraps container + +### ``/var/lib/zabbix/snmptraps`` + +The volume contains log file ``snmptraps.log`` named with received SNMP traps. + +### ``/var/lib/zabbix/mibs`` + +The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. + +# The image variants + +The `zabbix-snmptraps` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`snmptraps/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/snmptraps) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/snmptraps/rhel/build.sh b/snmptraps/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/snmptraps/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/snmptraps/rhel/conf/etc/logrotate.d/zabbix_snmptraps b/snmptraps/rhel/conf/etc/logrotate.d/zabbix_snmptraps new file mode 100644 index 000000000..70d611eee --- /dev/null +++ b/snmptraps/rhel/conf/etc/logrotate.d/zabbix_snmptraps @@ -0,0 +1,8 @@ +# https://support.zabbix.com/browse/ZBX-9858 +/var/lib/zabbix/snmptraps/snmptraps.log { + missingok + daily + rotate 0 + minsize 50M notifempty + su zabbix zabbix +} diff --git a/snmptraps/rhel/conf/etc/snmp/snmptrapd.conf b/snmptraps/rhel/conf/etc/snmp/snmptrapd.conf new file mode 100644 index 000000000..aa3bbf1dd --- /dev/null +++ b/snmptraps/rhel/conf/etc/snmp/snmptrapd.conf @@ -0,0 +1,31 @@ +# A list of listening addresses, on which to receive incoming SNMP notifications +snmpTrapdAddr udp:1162 +snmpTrapdAddr udp6:1162 + +# Do not fork from the calling shell +doNotFork yes +# File in which to store the process ID of the notification receiver +pidFile /tmp/snmptrapd.pid +# Disables support for the NOTIFICATION-LOG-MIB +doNotRetainNotificationLogs yes + +authCommunity log,execute,net public +disableAuthorization yes +ignoreAuthFailure yes + +# Specify the format used for trap handle location +#format execute %B\n%b\n%V\n%v\n + +# o - Log messages to the standard output stream. +# logOption o + +# S - Display the name of the MIB, as well as the object name (This is the default OID output format) +# T - If values are printed as Hex strings, display a printable version as well +# t - Display TimeTicks values as raw numbers +# e - Removes the symbolic labels from enumeration values +# +outputOption STte + +# Invokes the specified program (with the given arguments) whenever a notification +# is received that matches the OID token +traphandle default /bin/bash /usr/sbin/zabbix_trap_handler.sh diff --git a/snmptraps/rhel/conf/usr/sbin/zabbix_trap_handler.sh b/snmptraps/rhel/conf/usr/sbin/zabbix_trap_handler.sh new file mode 100644 index 000000000..051c6f02d --- /dev/null +++ b/snmptraps/rhel/conf/usr/sbin/zabbix_trap_handler.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +ZABBIX_TRAPS_FILE="/var/lib/zabbix/snmptraps/snmptraps.log" + +ZBX_SNMP_TRAP_DATE_FORMAT=${ZBX_SNMP_TRAP_DATE_FORMAT:-"+%Y%m%d.%H%M%S"} + +ZBX_SNMP_TRAP_FORMAT=${ZBX_SNMP_TRAP_FORMAT:-" "} + +date=$(date "$ZBX_SNMP_TRAP_DATE_FORMAT") + +# The name of the host that sent the notification, as determined by gethostbyaddr(3). +# In fact this line is irrelevant and useless since snmptrapd basically attempts to +# perform reverse name lookup for the transport address (see below). +# In case of failure it will print "" +read host +# The transport address, like "[UDP: [172.16.10.12]:23456->[10.150.0.8]]" +read sender +# The first OID should always be SNMPv2-MIB::sysUpTime.0 +#read uptime +# the second should be SNMPv2-MIB::snmpTrapOID.0 +#read trapoid + +# The remaining lines will contain the payload varbind list. For SNMPv1 traps, the final OID will be SNMPv2-MIB::snmpTrapEnterprise.0. +vars= +while read oid val +do + if [ "$vars" = "" ] + then + vars="$oid = $val" + else + vars="$vars$ZBX_SNMP_TRAP_FORMAT$oid = $val" + fi + + if [[ "$oid" =~ snmpTrapAddress\.0 ]] || [[ "$oid" =~ 1\.3\.6\.1\.6\.3\.18\.1\.3\.0 ]]; then + trap_address=$val + fi +done + +[[ ${sender} =~ \[(.*?)\].*\-\> ]] && sender_addr=${BASH_REMATCH[1]} + +! [ -z $trap_address ] && sender_addr=$trap_address + +echo -e "$date ZBXTRAP $sender_addr$ZBX_SNMP_TRAP_FORMAT$vars" >> $ZABBIX_TRAPS_FILE diff --git a/snmptraps/rhel/licenses/gpl-2.0.txt b/snmptraps/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/snmptraps/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/web-nginx-mysql/rhel/.dockerignore b/web-nginx-mysql/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/web-nginx-mysql/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/web-nginx-mysql/rhel/Dockerfile b/web-nginx-mysql/rhel/Dockerfile new file mode 100644 index 000000000..ff4522d5d --- /dev/null +++ b/web-nginx-mysql/rhel/Dockerfile @@ -0,0 +1,130 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL name="zabbix/zabbix-web-mysql" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix web-interface based on Nginx web server with MySQL database support" \ + description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-web-nginx --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d registry.connect.redhat.com/zabbix/zabbix-web-nginx-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + io.k8s.display-name="Zabbix Frontend (Nginx)" \ + io.openshift.expose-services="8080:http,8443:https" \ + io.openshift.tags="zabbix,zabbix-web,mysql,nginx" \ + org.label-schema.name="zabbix-web-mysql-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-web-nginx --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d registry.connect.redhat.com/zabbix/zabbix-web-nginx-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["conf/etc/yum.repo.d/nginx.repo", "/etc/yum.repos.d/nginx.repo"] + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + curl \ + supervisor \ + mysql \ + nginx \ + php-bcmath \ + php-fpm \ + php-gd \ + php-json \ + php-ldap \ + php-mbstring \ + php-mysqlnd \ + php-xml" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y module enable mysql && \ + dnf -y module enable php:7.4 nginx:1.18 && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/web && \ + mkdir -p /etc/zabbix/web/certs && \ + mkdir -p /var/lib/php/session && \ + rm -f /etc/nginx/conf.d/*.conf && \ + rm -f /etc/php-fpm.d/www.conf && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +COPY ["conf/etc/", "/etc/"] + +RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + INSTALL_PKGS="glibc-locale-source gettext \ + git" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /usr/share/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + mkdir /usr/share/zabbix/ && \ + cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ + rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ + cd /usr/share/zabbix/ && \ + ./locale/make_mo.sh && \ + rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ + rm -rf tests && \ + rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ + cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ + cut -d"'" -f 2 | sort | \ + xargs -I '{}' bash -c 'echo "{}" && localedef -c -i {} -f UTF-8 {}.UTF-8 2>/dev/null' && \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ /usr/share/zabbix/modules/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ /usr/share/zabbix/modules/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ /usr/share/zabbix/modules/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/php-fpm.d/ /etc/php-fpm.conf && \ + chgrp -R 0 /etc/nginx/ /etc/php-fpm.d/ /etc/php-fpm.conf && \ + chmod -R g=u /etc/nginx/ /etc/php-fpm.d/ /etc/php-fpm.conf && \ + chown --quiet -R zabbix:root /var/lib/php/session/ && \ + chgrp -R 0 /var/lib/php/session/ && \ + chmod -R g=u /var/lib/php/session/ && \ + chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ + chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ + chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ + dnf -y history undo last && \ + dnf -y autoremove glibc-langpack-en && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 8080/TCP 8443/TCP + +WORKDIR /usr/share/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +USER 1997 + +ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/web-nginx-mysql/rhel/README.md b/web-nginx-mysql/rhel/README.md new file mode 100644 index 000000000..f19e88149 --- /dev/null +++ b/web-nginx-mysql/rhel/README.md @@ -0,0 +1,280 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix web interface? + +Zabbix web interface is a part of Zabbix software. It is used to manage resources under monitoring and view monitoring statistics. + +# Zabbix web interface images + +These are the only official Zabbix web interface Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix web interface are: + + Zabbix web interface 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix web interface 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix web interface 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix web interface 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix web interface 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix web interface 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix web interface 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix web interface 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix web interface 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix web interface 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix web interface 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix web interface 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix web interface 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix web interface 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix web interface 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix web interface 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix web interface 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix web interface 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix web interface 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +Zabbix web interface available in three editions: +- Zabbix web-interface based on Apache2 web server with MySQL database support +- Zabbix web-interface based on Apache2 web server with PostgreSQL database support +- Zabbix web-interface based on Nginx web server with MySQL database support +- Zabbix web-interface based on Nginx web server with PostgreSQL database support + +The image based on Nginx web server with MySQL database support. + +# How to use this image + +## Start `zabbix-web-nginx-mysql` + +Start a Zabbix web-interface container as follows: + + docker run --name some-zabbix-web-nginx-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -e ZBX_SERVER_HOST="some-zabbix-server" -e PHP_TZ="some-timezone" -d zabbix/zabbix-web-nginx-mysql:tag + +Where `some-zabbix-web-nginx-mysql` is the name you want to assign to your container, `some-mysql-server` is IP or DNS name of MySQL server, `some-user` is user to connect to Zabbix database on MySQL server, `some-password` is the password to connect to MySQL server, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy, `some-timezone` is PHP like timezone name and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-nginx-mysql/tags/). + +## Linking the container to Zabbix server + + docker run --name some-zabbix-web-nginx-mysql --link some-zabbix-server:zabbix-server -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -e ZBX_SERVER_HOST="some-zabbix-server" -e PHP_TZ="some-timezone" -d zabbix/zabbix-web-nginx-mysql:tag + +## Linking the container to MySQL database + + docker run --name some-zabbix-web-nginx-mysql --link some-mysql-server:mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -e ZBX_SERVER_HOST="some-zabbix-server" -e PHP_TZ="some-timezone" -d zabbix/zabbix-web-nginx-mysql:tag + +## Container shell access and viewing Zabbix web interface logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-nginx-mysql` container: + +```console +$ docker exec -ti some-zabbix-web-nginx-mysql /bin/bash +``` + +The Zabbix web interface log is available through Docker's container log: + +```console +$ docker logs some-zabbix-web-nginx-mysql +``` + +## Environment Variables + +When you start the `zabbix-web-nginx-mysql` image, you can adjust the configuration of the Zabbix web interface by passing one or more environment variables on the `docker run` command line. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server. By default, value is `zabbix-server`. + +### `ZBX_SERVER_PORT` + +This variable is port Zabbix server listening on. By default, value is `10051`. + +### `DB_SERVER_HOST` + +This variable is IP or DNS name of MySQL server. By default, value is 'mysql-server' + +### `DB_SERVER_PORT` + +This variable is port of MySQL server. By default, value is '3306'. + +### `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_USER_FILE`, `MYSQL_PASSWORD_FILE` + +These variables are used by Zabbix web-interface to connect to Zabbix database. With the `_FILE` variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either `MYSQL_USER` or `MYSQL_USER_FILE`! + +```console +docker run --name some-zabbix-web-nginx-mysql -e DB_SERVER_HOST="some-mysql-server" -v ./.MYSQL_USER:/run/secrets/MYSQL_USER -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -v ./.MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/var/run/secrets/MYSQL_PASSWORD -e PHP_TZ="some-timezone" -d zabbix/zabbix-web-nginx-mysql:tag +``` + +With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster! + +```console +printf "zabbix" | docker secret create MYSQL_USER - +printf "zabbix" | docker secret create MYSQL_PASSWORD - +docker run --name some-zabbix-web-nginx-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -e MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD -e ZBX_SERVER_HOST="some-zabbix-server" -e PHP_TZ="some-timezone" -d zabbix/zabbix-web-nginx-mysql:tag +``` + +This method is also applicable for `MYSQL_ROOT_PASSWORD` with `MYSQL_ROOT_PASSWORD_FILE`. + +By default, values for `MYSQL_USER` and `MYSQL_PASSWORD` are `zabbix`, `zabbix`. + +### `MYSQL_DATABASE` + +The variable is Zabbix database name. By default, value is `zabbix`. + +### `ZBX_HISTORYSTORAGEURL` + +History storage HTTP[S] URL. This parameter is used for Elasticsearch setup. Available since 3.4.5. + +### `ZBX_HISTORYSTORAGETYPES` + +Array of value types to be sent to the history storage. An example: ['uint', 'dbl']. This parameter is used for Elasticsearch setup. Available since 3.4.5. + +### `PHP_TZ` + +The variable is timezone in PHP format. Full list of supported timezones are available on [`php.net`](http://php.net/manual/en/timezones.php). By default, value is 'Europe/Riga' and system timezone since Zabbix 5.2.0. + +### `ZBX_SERVER_NAME` + +The variable is visible Zabbix installation name in right top corner of the web interface. + + +### `DB_DOUBLE_IEEE754` + +Use IEEE754 compatible value range for 64-bit Numeric (float) history values. Available since 5.0.0. Enabled by default. + +### `ENABLE_WEB_ACCESS_LOG` + +The variable sets the Access Log directive for Web-server. By default, value corresponds to standard output. + +### `ZBX_MAXEXECUTIONTIME` + +The varable is PHP ``max_execution_time`` option. By default, value is `300`. + +### `ZBX_MEMORYLIMIT` + +The varable is PHP ``memory_limit`` option. By default, value is `128M`. + +### `ZBX_POSTMAXSIZE` + +The varable is PHP ``post_max_size`` option. By default, value is `16M`. + +### `ZBX_UPLOADMAXFILESIZE` + +The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`. + +### `ZBX_MAXINPUTTIME` + +The varable is PHP ``max_input_time`` option. By default, value is `300`. + +### `ZBX_SESSION_NAME` + +The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/current/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`. + +### `ZBX_DENY_GUI_ACCESS` + +Enable (``true``) maintenance mode for Zabbix web-interface. + +### `ZBX_GUI_ACCESS_IP_RANGE` + +Array of IP addresses which are allowed for accessing to Zabbix web-interface during maintenance period. + +### `ZBX_GUI_WARNING_MSG` + +Information message about maintenance period for Zabbix web-interface. + +### `ZBX_DB_ENCRYPTION` + +The variable allows to activate encryption for connections to Zabbix database. Even if no other environment variables are specified, connections will be TLS-encrypted if `ZBX_DB_ENCRYPTION=true` specified. Available since 5.0.0. Disabled by default. + +### `ZBX_DB_KEY_FILE` + +The variable allows to specify the full path to a valid TLS key file. Available since 5.0.0. + +### `ZBX_DB_CERT_FILE` + +The variable allows to specify the full path to a valid TLS certificate file. Available since 5.0.0. + +### `ZBX_DB_CA_FILE` + +The variable allows to specify the full path to a valid TLS certificate authority file. Available since 5.0.0. + +### `ZBX_DB_VERIFY_HOST` + +The variable allows to activate host verification. Available since 5.0.0. + +### `ZBX_DB_CIPHER_LIST` + +The variable allows to specify a custom list of valid ciphers. The format of the cipher list must conform to the OpenSSL standard. Available since 5.0.0. + +## `ZBX_SSO_SETTINGS` + +The variable allows to specify custom SSO settings in JSON format. Available since 5.0.0. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_VAULTDBPATH= # Available since 5.2.0 +ZBX_VAULTURL=https://127.0.0.1:8200 # Available since 5.2.0 +VAULT_TOKEN= # Available since 5.2.0 +``` + +## Allowed volumes for the Zabbix web interface container + +### ``/etc/ssl/nginx`` + +The volume allows to enable HTTPS for the Zabbix web interface. The volume must contains three files ``ssl.crt``, ``ssl.key`` and ``dhparam.pem`` prepared for Nginx SSL connections. + +Please follow official Nginx [documentation](http://nginx.org/en/docs/http/configuring_https_servers.html) to get more details about how to create certificate files. + +### ``/etc/zabbix/web/certs`` + +The volume allows to use custom certificates for SAML authentification. The volume must contains three files ``sp.key``, ``sp.crt`` and ``idp.crt``. Available since 5.0.0. + +# The image variants + +The `zabbix-web-nginx-mysql` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`web-nginx-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/web-nginx-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/web-nginx-mysql/rhel/build.sh b/web-nginx-mysql/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/web-nginx-mysql/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf b/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf new file mode 100644 index 000000000..3bed3cf89 --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf @@ -0,0 +1,71 @@ +#user nginx; +worker_processes 5; +worker_rlimit_nofile 256000; + +error_log /dev/fd/2 error; + +pid /tmp/nginx.pid; + +events { + worker_connections 5120; + use epoll; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /dev/fd/1 main; + error_log /dev/fd/2 error; + + client_body_temp_path /tmp/client_body 1 2; + proxy_temp_path /tmp/proxy 1 2; + fastcgi_temp_path /tmp/fastcgi 1 2; + uwsgi_temp_path /tmp/uwsgi 1 2; + scgi_temp_path /tmp/scgi 1 2; + + client_body_timeout 5m; + send_timeout 5m; + + connection_pool_size 4096; + client_header_buffer_size 4k; + large_client_header_buffers 4 4k; + request_pool_size 4k; + reset_timedout_connection on; + + + gzip on; + gzip_min_length 100; + gzip_buffers 4 8k; + gzip_comp_level 5; + gzip_types text/plain; + gzip_types application/x-javascript; + gzip_types text/css; + + output_buffers 128 512k; + postpone_output 1460; + aio on; + directio 512; + + sendfile on; + client_max_body_size 8m; + client_body_buffer_size 256k; + fastcgi_intercept_errors on; + + tcp_nopush on; + tcp_nodelay on; + + keepalive_timeout 75 20; + + ignore_invalid_headers on; + + index index.php; + server_tokens off; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/web-nginx-mysql/rhel/conf/etc/php-fpm.conf b/web-nginx-mysql/rhel/conf/etc/php-fpm.conf new file mode 100644 index 000000000..ce0225346 --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/php-fpm.conf @@ -0,0 +1,9 @@ +include=/etc/php-fpm.d/*.conf + +[global] + +pid = /tmp/php-fpm.pid + +error_log = /dev/fd/2 + +daemonize = no diff --git a/web-nginx-mysql/rhel/conf/etc/php-fpm.d/zabbix.conf b/web-nginx-mysql/rhel/conf/etc/php-fpm.d/zabbix.conf new file mode 100644 index 000000000..e2d27c28b --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/php-fpm.d/zabbix.conf @@ -0,0 +1,27 @@ +[zabbix] + +listen = /tmp/php-fpm.sock + +clear_env = no + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 + +slowlog = /dev/fd/1 + +; php_admin_value[error_log] = /dev/fd/2 +php_admin_flag[log_errors] = on + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/session + +php_value[max_execution_time] = ${ZBX_MAXEXECUTIONTIME} +php_value[memory_limit] = ${ZBX_MEMORYLIMIT} +php_value[post_max_size] = ${ZBX_POSTMAXSIZE} +php_value[upload_max_filesize] = ${ZBX_UPLOADMAXFILESIZE} +php_value[max_input_time] = ${ZBX_MAXINPUTTIME} +php_value[max_input_vars] = 10000 +php_value[date.timezone] = ${PHP_TZ} diff --git a/web-nginx-mysql/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf b/web-nginx-mysql/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf new file mode 100644 index 000000000..5b10705cf --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/supervisor/conf.d/supervisord_web_nginx.conf @@ -0,0 +1,30 @@ +[supervisord] +nodaemon = true + +[program:nginx] +command = /usr/sbin/%(program_name)s -g "daemon off;error_log /dev/stdout info;" -c /etc/nginx/%(program_name)s.conf +auto_start = true +autorestart = true + +startsecs=2 +startretries=3 +stopsignal=TERM +stopwaitsecs=2 + +redirect_stderr=true +stdout_logfile = /dev/stdout +stdout_logfile_maxbytes = 0 + +[program:php-fpm] +command = /usr/sbin/%(program_name)s -F -y /etc/%(program_name)s.conf +auto_start = true +autorestart = true + +startsecs=2 +startretries=3 +stopsignal=TERM +stopwaitsecs=2 + +redirect_stderr=true +stdout_logfile = /dev/stdout +stdout_logfile_maxbytes = 0 diff --git a/web-nginx-mysql/rhel/conf/etc/supervisor/supervisord.conf b/web-nginx-mysql/rhel/conf/etc/supervisor/supervisord.conf new file mode 100644 index 000000000..7488a07f7 --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/supervisor/supervisord.conf @@ -0,0 +1,35 @@ +; supervisor config file + +[unix_http_server] +file = /tmp/supervisor.sock ; (the path to the socket file) +chmod = 0700 ; sockef file mode (default 0700) +username = zbx +password = password + +[supervisord] +logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) +pidfile = /tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) +critical = critical +;user = zabbix +logfile_maxbytes = 0 +logfile_backupcount = 0 +loglevel = info + +; the below section must remain in the config file for RPC +; (supervisorctl/web interface) to work, additional interfaces may be +; added by defining them in separate rpcinterface: sections +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl = unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket + +; The [include] section can just contain the "files" setting. This +; setting can list multiple files (separated by whitespace or +; newlines). It can also contain wildcards. The filenames are +; interpreted as relative to this file. Included files *cannot* +; include files themselves. + +[include] +files = /etc/supervisor/conf.d/*.conf diff --git a/zabbix-appliance/rhel/conf/etc/yum.repo.d/nginx.repo b/web-nginx-mysql/rhel/conf/etc/yum.repo.d/nginx.repo similarity index 100% rename from zabbix-appliance/rhel/conf/etc/yum.repo.d/nginx.repo rename to web-nginx-mysql/rhel/conf/etc/yum.repo.d/nginx.repo diff --git a/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf b/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf new file mode 100644 index 000000000..da6769355 --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf @@ -0,0 +1,74 @@ +server { + listen 8080; + listen [::]:8080; + + server_name zabbix; + index index.php; + + access_log /dev/fd/1 main; + error_log /dev/fd/2 notice; + + set $webroot '/usr/share/zabbix'; + + root $webroot; + + large_client_header_buffers 8 8k; + client_max_body_size 10M; + + location = /favicon.ico { + log_not_found off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). + location ~ /\. { + deny all; + access_log off; + log_not_found off; + } + + # caching of files + location ~* \.ico$ { + expires 1y; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|xml|txt)$ { + expires 14d; + } + + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + deny all; + return 404; + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ .php$ { + fastcgi_pass unix:/tmp/php-fpm.sock; + fastcgi_index index.php; + + fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; + + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout {FCGI_READ_TIMEOUT}; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_temp_file_write_size 256k; + } +} diff --git a/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf new file mode 100644 index 000000000..f3a6d6534 --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf @@ -0,0 +1,101 @@ +server { + listen 8443 ssl http2; + listen [::]:8443 ssl http2; + + server_name zabbix; + server_name_in_redirect off; + + index index.php; + access_log /dev/fd/1 main; + error_log /dev/fd/2 error; + + set $webroot '/usr/share/zabbix'; + + root $webroot; + + large_client_header_buffers 8 8k; + + client_max_body_size 10M; + + ssl_certificate /etc/ssl/nginx/ssl.crt; + ssl_certificate_key /etc/ssl/nginx/ssl.key; + ssl_dhparam /etc/ssl/nginx/dhparam.pem; + + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; + ssl_session_tickets off; + + # intermediate configuration + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + # HSTS (ngx_http_headers_module is required) (63072000 seconds) + add_header Strict-Transport-Security "max-age=63072000" always; + + add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report"; + + location =/nginx_status { + stub_status on; + access_log off; + allow 127.0.0.1; + deny all; + } + + location = /favicon.ico { + log_not_found off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). + location ~ /\. { + deny all; + access_log off; + log_not_found off; + } + + # caching of files + location ~* \.ico$ { + expires 1y; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|xml|txt)$ { + expires 14d; + } + + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + deny all; + return 404; + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ .php$ { + fastcgi_pass unix:/tmp/php-fpm.sock; + fastcgi_index index.php; + + fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; + + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout {FCGI_READ_TIMEOUT}; + fastcgi_buffer_size 128k; + fastcgi_buffers 4 256k; + fastcgi_busy_buffers_size 256k; + fastcgi_temp_file_write_size 256k; + } +} diff --git a/web-nginx-mysql/rhel/conf/etc/zabbix/web/maintenance.inc.php b/web-nginx-mysql/rhel/conf/etc/zabbix/web/maintenance.inc.php new file mode 100644 index 000000000..5f0e61e85 --- /dev/null +++ b/web-nginx-mysql/rhel/conf/etc/zabbix/web/maintenance.inc.php @@ -0,0 +1,32 @@ +> "$PHP_CONFIG_FILE" + echo "group = zabbix" >> "$PHP_CONFIG_FILE" + echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" + echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + fi + + : ${ZBX_DENY_GUI_ACCESS:="false"} + export ZBX_DENY_GUI_ACCESS=${ZBX_DENY_GUI_ACCESS,,} + export ZBX_GUI_ACCESS_IP_RANGE=${ZBX_GUI_ACCESS_IP_RANGE:-"['127.0.0.1']"} + export ZBX_GUI_WARNING_MSG=${ZBX_GUI_WARNING_MSG:-"Zabbix is under maintenance."} + + export ZBX_MAXEXECUTIONTIME=${ZBX_MAXEXECUTIONTIME:-"600"} + export ZBX_MEMORYLIMIT=${ZBX_MEMORYLIMIT:-"128M"} + export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"} + export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"} + export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"} + export PHP_TZ=${PHP_TZ} + + export DB_SERVER_TYPE="MYSQL" + export DB_SERVER_HOST=${DB_SERVER_HOST} + export DB_SERVER_PORT=${DB_SERVER_PORT} + export DB_SERVER_DBNAME=${DB_SERVER_DBNAME} + export DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA} + export DB_SERVER_USER=${DB_SERVER_ZBX_USER} + export DB_SERVER_PASS=${DB_SERVER_ZBX_PASS} + export ZBX_SERVER_HOST=${ZBX_SERVER_HOST} + export ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} + export ZBX_SERVER_NAME=${ZBX_SERVER_NAME} + + : ${ZBX_DB_ENCRYPTION:="false"} + export ZBX_DB_ENCRYPTION=${ZBX_DB_ENCRYPTION,,} + export ZBX_DB_KEY_FILE=${ZBX_DB_KEY_FILE} + export ZBX_DB_CERT_FILE=${ZBX_DB_CERT_FILE} + export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE} + : ${ZBX_DB_VERIFY_HOST:="false"} + export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST,,} + + export ZBX_VAULTURL=${ZBX_VAULTURL} + export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH} + export VAULT_TOKEN=${VAULT_TOKEN} + + : ${DB_DOUBLE_IEEE754:="true"} + export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754,,} + + export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} + export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} + + export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} + + if [ -n "${ZBX_SESSION_NAME}" ]; then + cp "$ZABBIX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" + sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZABBIX_WWW_ROOT/include/defines.inc.php" + rm -f "/tmp/defines.inc.php_tmp" + fi + + FCGI_READ_TIMEOUT=$(expr ${ZBX_MAXEXECUTIONTIME} + 1) + sed -i \ + -e "s/{FCGI_READ_TIMEOUT}/${FCGI_READ_TIMEOUT}/g" \ + "$ZABBIX_ETC_DIR/nginx.conf" + + if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then + sed -i \ + -e "s/{FCGI_READ_TIMEOUT}/${FCGI_READ_TIMEOUT}/g" \ + "$ZABBIX_ETC_DIR/nginx_ssl.conf" + fi + + : ${ENABLE_WEB_ACCESS_LOG:="true"} + + if [ "${ENABLE_WEB_ACCESS_LOG,,}" == "false" ]; then + sed -ri \ + -e 's!^(\s*access_log).+\;!\1 off\;!g' \ + "/etc/nginx/nginx.conf" + sed -ri \ + -e 's!^(\s*access_log).+\;!\1 off\;!g' \ + "/etc/zabbix/nginx.conf" + sed -ri \ + -e 's!^(\s*access_log).+\;!\1 off\;!g' \ + "/etc/zabbix/nginx_ssl.conf" + fi +} + +################################################# + +echo "** Deploying Zabbix web-interface (Nginx) with MySQL database" + +check_variables +check_db_connect +prepare_web_server +prepare_zbx_web_config + +echo "########################################################" + +if [ "$1" != "" ]; then + echo "** Executing '$@'" + exec "$@" +elif [ -f "/usr/bin/supervisord" ]; then + echo "** Executing supervisord" + exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +else + echo "Unknown instructions. Exiting..." + exit 1 +fi + +################################################# diff --git a/web-nginx-mysql/rhel/licenses/gpl-2.0.txt b/web-nginx-mysql/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/web-nginx-mysql/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/web-service/rhel/.dockerignore b/web-service/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/web-service/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/web-service/rhel/Dockerfile b/web-service/rhel/Dockerfile new file mode 100644 index 000000000..b2c74656b --- /dev/null +++ b/web-service/rhel/Dockerfile @@ -0,0 +1,114 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=6.0 +ARG RELEASE= +ARG ZBX_VERSION=${MAJOR_VERSION} + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-web-service-trunk" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix web service" \ + description="Zabbix web servce for performing various tasks using headless web browser" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-web-service --link zabbix-server:zabbix-server -p 10053:10053 -d registry.connect.redhat.com/zabbix/zabbix-web-service-trunk:${ZBX_VERSION}" \ + io.k8s.description="Zabbix web servce for performing various tasks using headless web browser" \ + io.k8s.display-name="Zabbix web service" \ + io.openshift.expose-services="10053:10053" \ + io.openshift.tags="zabbix,zabbix-web-service" \ + org.label-schema.name="zabbix-web-service-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix web servce for performing various tasks using headless web browser" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-web-service --link zabbix-server:zabbix-server -p 10053:10053 -d registry.connect.redhat.com/zabbix/zabbix-web-service-trunk:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + chromium \ + openssl-libs \ + zlib" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + INSTALL_PKGS="autoconf \ + automake \ + gcc \ + make \ + golang \ + git" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --enable-webservice \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10053/TCP + +WORKDIR /var/lib/zabbix + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_web_service", "-c", "/etc/zabbix/zabbix_web_service.conf"] diff --git a/web-service/rhel/README.md b/web-service/rhel/README.md new file mode 100644 index 000000000..9f6769ba2 --- /dev/null +++ b/web-service/rhel/README.md @@ -0,0 +1,155 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix web service? + +Zabbix web servce for performing various tasks using headless web browser (for example, reporting). + +# Zabbix web service images + +These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and Oracle Linux 8 images. The available versions of Zabbix web service are: + + Zabbix web service 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix web service 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix web service 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-web-service` + +Start a Zabbix web service container as follows: + + docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag + +Where `some-zabbix-web-service` is the name you want to assign to your container, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-service/tags/). + +## Connects from Zabbix server in other containers + +This image exposes the standard Zabbix web service port (``10053``) to perform communication, so container linking makes Zabbix web service instance available to Zabbix server containers. Start your application container like this in order to link it to the Zabbix web service container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-web-service:zabbix-web-service -e ZBX_STARTREPORTWRITERS="2" -e ZBX_WEBSERVICEURL="http://some-zabbix-web-service:10053/report" -d zabbix/zabbix-server:latest +``` + +## Container shell access and viewing Zabbix web service logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-service` container: + +```console +$ docker exec -ti some-zabbix-web-service /bin/bash +``` + +The Zabbix web service log is available through Docker's container log: + +```console +$ docker logs some-zabbix-web-service +``` + +## Environment Variables + +When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line. + +### `ZBX_ALLOWEDIP` + +This variable is IP or DNS name or list of IP / DNS names of Zabbix server. By default, value is `zabbix-server`. + +### `ZBX_LISTENPORT` + +Listen port for incoming request. By default, value is `10053`. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_web_service.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing requests. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +``` + +Default values of these variables are specified after equal sign. + +Please use official documentation for [``zabbix_web_service.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_web_service) to get more information about the variables. + +## Allowed volumes for the Zabbix web service container + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCERTFILE`` and ``ZBX_TLSKEY_FILE`` variables. + +# The image variants + +The `zabbix-web-service` images come in many flavors, each designed for a specific use case. + +## `zabbix-web-service:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-web-service:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-web-service:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`web-service/` directory](https://github.com/zabbix/zabbix-docker/tree/5.4/web-service) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Zabbix web services uses Google Chromium with headless mode. Because of restrictions you may see the following error during report generation: +``` +Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted +``` + +To avoid the issue it is required to add ``SYS_ADMIN`` capability for Zabbix web service. The capability is redundant and allow too much. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/web-service/rhel/build.sh b/web-service/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/web-service/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/web-service/rhel/docker-entrypoint.sh b/web-service/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..81df4a689 --- /dev/null +++ b/web-service/rhel/docker-entrypoint.sh @@ -0,0 +1,123 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +prepare_zbx_web_service_config() { + echo "** Preparing Zabbix web service configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf + + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + : ${ZBX_ALLOWEDIP:="zabbix-server"} + update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}" + + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" + + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" +} + +prepare_web_service() { + echo "** Preparing Zabbix web service" + prepare_zbx_web_service_config +} + +################################################# + +if [ "$1" == '/usr/sbin/zabbix_web_service' ]; then + prepare_web_service +fi + +exec "$@" + +################################################# diff --git a/web-service/rhel/hooks/build b/web-service/rhel/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/web-service/rhel/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . diff --git a/web-service/rhel/licenses/gpl-2.0.txt b/web-service/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/web-service/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index 2b6ad738d..5be573929 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -2,13 +2,12 @@ FROM registry.access.redhat.com/ubi8/ubi MAINTAINER Alexey Pustovalov ARG MAJOR_VERSION=6.0 -ARG RELEASE=0 +ARG RELEASE= ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-appliance" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -18,7 +17,7 @@ LABEL name="zabbix/zabbix-appliance" \ summary="Zabbix appliance with MySQL database support and Nginx web-server" \ description="Zabbix appliance contains MySQL database server, Zabbix server, Zabbix Java Gateway and Zabbix frontend based on Nginx web-server." \ url="https://www.zabbix.com/" \ - run="docker run --name zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance-52:${ZBX_VERSION}" \ + run="docker run --name zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance-trunk:${ZBX_VERSION}" \ io.k8s.description="Zabbix appliance with MySQL database support and Nginx web-server" \ io.k8s.display-name="Zabbix Appliance" \ io.openshift.expose-services="8080:http,8443:https,10051:10051" \ @@ -34,14 +33,14 @@ LABEL name="zabbix/zabbix-appliance" \ org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ org.label-schema.version="${ZBX_VERSION}" \ org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance-52:${ZBX_VERSION}" + org.label-schema.docker.cmd="docker run --name zabbix-appliance -p 80:8080 -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-appliance-trunk:${ZBX_VERSION}" STOPSIGNAL SIGTERM -COPY ["conf/etc/yum.repo.d/nginx.repo", "/etc/yum.repos.d/nginx.repo"] COPY ["licenses", "/licenses"] RUN set -o xtrace && INSTALL_PKGS="OpenIPMI-libs \ + tzdata \ curl \ fping \ java-1.8.0-openjdk-headless \ @@ -65,17 +64,15 @@ RUN set -o xtrace && INSTALL_PKGS="OpenIPMI-libs \ php-mbstring \ php-mysqlnd \ php-xml \ - python3-pip \ + supervisor \ unixODBC" && \ - dnf -y install --disableplugin=subscription-manager --disablerepo "*" \ - https://repo.zabbix.com/zabbix/${MAJOR_VERSION}/rhel/8/x86_64/zabbix-release-${MAJOR_VERSION}-1.el8.noarch.rpm && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,zabbix-non-supported,nginx-stable" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y module enable php:7.4 nginx:1.18 && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - pip3 install supervisor && \ - ln -s /usr/local/bin/supervisord /usr/bin/supervisord && \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -85,6 +82,8 @@ RUN set -o xtrace && INSTALL_PKGS="OpenIPMI-libs \ --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/web && \ + mkdir -p /etc/zabbix/web/certs && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /var/lib/zabbix/enc && \ @@ -99,22 +98,9 @@ RUN set -o xtrace && INSTALL_PKGS="OpenIPMI-libs \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/share/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ + mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \ mkdir -p /var/lib/php/ && \ mkdir -p /usr/share/doc/zabbix-server-mysql/ && \ - curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ - curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ dnf -y clean all && \ rm -f /etc/php-fpm.d/www.conf /etc/nginx/conf.d/*.conf /etc/my.cnf.d/auth_gssapi.cnf && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ @@ -148,7 +134,6 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ ./bootstrap.sh && \ export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ @@ -196,6 +181,7 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ cut -d"'" -f 2 | sort | \ xargs -I '{}' bash -c 'echo "{}" && localedef -c -i {} -f UTF-8 {}.UTF-8 2>/dev/null' && \ @@ -208,7 +194,10 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr chown --quiet -R zabbix:root /var/lib/mysql/ /var/lib/php/session/ && \ chgrp -R 0 /var/lib/mysql/ /var/lib/php/session/ && \ chmod -R g=u /var/lib/mysql/ /var/lib/php/session/ && \ - dnf -y history undo `dnf history list last -q | sed -n 3p |column -t | cut -d' ' -f1` && \ + chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ + chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ + chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ + dnf -y history undo last && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -224,4 +213,4 @@ COPY ["docker-entrypoint.sh", "/usr/bin/"] USER 1997 -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/docker-entrypoint.sh"] diff --git a/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway b/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway index e77d407f6..00bab5546 100755 --- a/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway +++ b/zabbix-appliance/rhel/conf/usr/sbin/zabbix_java_gateway @@ -1,26 +1,34 @@ + JAVA=${JAVA:-"/usr/bin/java"} -DAEMON=${DAEMON:-"/usr/sbin/zabbix_java"} JAVA_OPTIONS="-server $JAVA_OPTIONS" JAVA_OPTIONS="$JAVA_OPTIONS -Dlogback.configurationFile=/etc/zabbix/zabbix_java_gateway_logback.xml" -cd $DAEMON +cd /usr/sbin/zabbix_java -CLASSPATH="$DAEMON/lib" +CLASSPATH="lib" for jar in `find lib bin ext_lib -name "*.jar"`; do - if [ $jar != *junit* ]; then - CLASSPATH="$CLASSPATH:$DAEMON/$jar" - fi + CLASSPATH="$CLASSPATH:$jar" done -ZABBIX_OPTIONS="" +if [ -n "$ZBX_LISTEN_IP" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.listenIP=$ZBX_LISTEN_IP" +fi +if [ -n "$ZBX_LISTEN_PORT" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.listenPort=$ZBX_LISTEN_PORT" +fi if [ -n "$ZBX_START_POLLERS" ]; then ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.startPollers=$ZBX_START_POLLERS" fi if [ -n "$ZBX_TIMEOUT" ]; then - ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.timeout=$ZBX_TIMEOUT -Dsun.rmi.transport.tcp.responseTimeout=${ZBX_TIMEOUT}000" + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.timeout=$ZBX_TIMEOUT" +fi +if [ -n "$ZBX_PROPERTIES_FILE" ]; then + ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dzabbix.propertiesFile=$ZBX_PROPERTIES_FILE" fi +tcp_timeout=${ZBX_TIMEOUT:=3}000 +ZABBIX_OPTIONS="$ZABBIX_OPTIONS -Dsun.rmi.transport.tcp.responseTimeout=$tcp_timeout" COMMAND_LINE="$JAVA $JAVA_OPTIONS -classpath $CLASSPATH $ZABBIX_OPTIONS com.zabbix.gateway.JavaGateway" From d72fd9ecbe34c6e9cafa67fbcca66af0ad57141a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 16 Jun 2021 22:01:51 +0300 Subject: [PATCH 092/253] Fixed ZBX_SSO_SETTINGS in PostgreSQL / Nginx images --- web-nginx-pgsql/alpine/docker-entrypoint.sh | 2 ++ web-nginx-pgsql/centos/docker-entrypoint.sh | 2 ++ web-nginx-pgsql/ol/docker-entrypoint.sh | 2 ++ web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 2 ++ 4 files changed, 8 insertions(+) diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index bad623167..23dbc5321 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -205,6 +205,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} + export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} + if [ -n "${ZBX_SESSION_NAME}" ]; then cp "$ZABBIX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZABBIX_WWW_ROOT/include/defines.inc.php" diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index b55273be8..c8fced82b 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -205,6 +205,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} + export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} + if [ -n "${ZBX_SESSION_NAME}" ]; then cp "$ZABBIX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZABBIX_WWW_ROOT/include/defines.inc.php" diff --git a/web-nginx-pgsql/ol/docker-entrypoint.sh b/web-nginx-pgsql/ol/docker-entrypoint.sh index b55273be8..c8fced82b 100755 --- a/web-nginx-pgsql/ol/docker-entrypoint.sh +++ b/web-nginx-pgsql/ol/docker-entrypoint.sh @@ -205,6 +205,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} + export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} + if [ -n "${ZBX_SESSION_NAME}" ]; then cp "$ZABBIX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZABBIX_WWW_ROOT/include/defines.inc.php" diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index f85688177..6200182ed 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -205,6 +205,8 @@ prepare_zbx_web_config() { export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL} export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} + export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""} + if [ -n "${ZBX_SESSION_NAME}" ]; then cp "$ZABBIX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp" sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZABBIX_WWW_ROOT/include/defines.inc.php" From ea6fe8fbab2555fa99271c73e28c4754186430c6 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 25 Jun 2021 08:05:40 -0400 Subject: [PATCH 093/253] Updated Alpine version to 3.14 --- agent/alpine/Dockerfile | 2 +- agent2/alpine/Dockerfile | 2 +- java-gateway/alpine/Dockerfile | 2 +- proxy-mysql/alpine/Dockerfile | 2 +- proxy-sqlite3/alpine/Dockerfile | 2 +- server-mysql/alpine/Dockerfile | 2 +- server-pgsql/alpine/Dockerfile | 2 +- snmptraps/alpine/Dockerfile | 2 +- web-apache-mysql/alpine/Dockerfile | 2 +- web-apache-pgsql/alpine/Dockerfile | 2 +- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- web-service/alpine/Dockerfile | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index d2407c0bf..755cca6a2 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index 52069eb20..f8dd5bf4c 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix agent 2" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index f88fc0f1c..032cbdcbe 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index ad9b9f9c0..fd8cf8623 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index a39497bf9..f5ff19ec2 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 664725a24..0671b91fa 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 20815b255..696550356 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index d055f6a56..17d3d4720 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 ARG MAJOR_VERSION=6.0 ARG ZBX_VERSION=${MAJOR_VERSION} diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index 616f2657a..a17762ecc 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index d97da419b..7a9d2c56c 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 3b124ee0e..aa51874df 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index 2ae2385c1..f6f7d4406 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index c89ce1887..a52613cd7 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 LABEL org.opencontainers.image.title="Zabbix web service" \ org.opencontainers.image.authors="Alexey Pustovalov " \ From 76edafeb241de2f26665d4f4c96da15c65dfb258 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 1 Jul 2021 04:25:15 -0400 Subject: [PATCH 094/253] Fixed Nginx configuration on Alpine 3.14 --- web-nginx-mysql/alpine/Dockerfile | 2 +- web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf | 2 +- web-nginx-mysql/alpine/docker-entrypoint.sh | 2 +- web-nginx-pgsql/alpine/Dockerfile | 2 +- web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf | 2 +- web-nginx-pgsql/alpine/docker-entrypoint.sh | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index aa51874df..18c526bb1 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -47,7 +47,7 @@ RUN set -eux && \ php7-openssl \ supervisor && \ rm -rf /etc/php7/php-fpm.d/www.conf && \ - rm -f /etc/nginx/conf.d/*.conf && \ + rm -f /etc/nginx/http.d/*.conf && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* diff --git a/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf b/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf index 3bed3cf89..770522adf 100644 --- a/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf +++ b/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf @@ -67,5 +67,5 @@ http { index index.php; server_tokens off; - include /etc/nginx/conf.d/*.conf; + include /etc/nginx/http.d/*.conf; } diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index 6a638ab15..b53e296e6 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -146,7 +146,7 @@ check_db_connect() { } prepare_web_server() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" + NGINX_CONFD_DIR="/etc/nginx/http.d" NGINX_SSL_CONFIG="/etc/ssl/nginx" echo "** Adding Zabbix virtual host (HTTP)" diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index f6f7d4406..fdced34c4 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -46,7 +46,7 @@ RUN set -eux && \ postgresql-client \ supervisor && \ rm -rf /etc/php7/php-fpm.d/www.conf && \ - rm -f /etc/nginx/conf.d/*.conf && \ + rm -f /etc/nginx/http.d/*.conf && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ rm -rf /var/cache/apk/* diff --git a/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf b/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf index 3bed3cf89..770522adf 100644 --- a/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf +++ b/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf @@ -67,5 +67,5 @@ http { index index.php; server_tokens off; - include /etc/nginx/conf.d/*.conf; + include /etc/nginx/http.d/*.conf; } diff --git a/web-nginx-pgsql/alpine/docker-entrypoint.sh b/web-nginx-pgsql/alpine/docker-entrypoint.sh index 23dbc5321..f19dae20e 100755 --- a/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -130,7 +130,7 @@ check_db_connect() { } prepare_web_server() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" + NGINX_CONFD_DIR="/etc/nginx/http.d" NGINX_SSL_CONFIG="/etc/ssl/nginx" echo "** Adding Zabbix virtual host (HTTP)" From c1b7ee2ac9ffcdb214489601fdcab13e7a605762 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 4 Aug 2021 17:47:46 +0200 Subject: [PATCH 095/253] Allow custom DB name for Proxy SQLite3 variant --- proxy-sqlite3/ol/Dockerfile | 1 + proxy-sqlite3/ol/README.md | 4 ++++ proxy-sqlite3/ol/docker-entrypoint.sh | 2 +- proxy-sqlite3/rhel/Dockerfile | 1 + proxy-sqlite3/rhel/README.md | 6 +++++- proxy-sqlite3/rhel/docker-entrypoint.sh | 2 +- 6 files changed, 13 insertions(+), 3 deletions(-) diff --git a/proxy-sqlite3/ol/Dockerfile b/proxy-sqlite3/ol/Dockerfile index f7a7000a8..8cdee0407 100644 --- a/proxy-sqlite3/ol/Dockerfile +++ b/proxy-sqlite3/ol/Dockerfile @@ -34,6 +34,7 @@ RUN set -eux && \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/db_data && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ diff --git a/proxy-sqlite3/ol/README.md b/proxy-sqlite3/ol/README.md index 79b7319e4..72cce7e2d 100644 --- a/proxy-sqlite3/ol/README.md +++ b/proxy-sqlite3/ol/README.md @@ -199,6 +199,10 @@ Please use official documentation for [``zabbix_proxy.conf``](https://www.zabbix The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_proxy.conf``. +### ``/var/lib/zabbix/db_data`` + +The volume stores SQLite3 database file and could be used for external database file storage. + ### ``/var/lib/zabbix/modules`` The volume allows load additional modules and extend Zabbix proxy using ``LoadModule`` feature. diff --git a/proxy-sqlite3/ol/docker-entrypoint.sh b/proxy-sqlite3/ol/docker-entrypoint.sh index 7e933ec53..ee04cdd17 100755 --- a/proxy-sqlite3/ol/docker-entrypoint.sh +++ b/proxy-sqlite3/ol/docker-entrypoint.sh @@ -139,7 +139,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" + update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite" update_config_var $ZBX_CONFIG "DBUser" update_config_var $ZBX_CONFIG "DBPort" update_config_var $ZBX_CONFIG "DBPassword" diff --git a/proxy-sqlite3/rhel/Dockerfile b/proxy-sqlite3/rhel/Dockerfile index 0e222be14..63952f13e 100644 --- a/proxy-sqlite3/rhel/Dockerfile +++ b/proxy-sqlite3/rhel/Dockerfile @@ -69,6 +69,7 @@ RUN set -eux && INSTALL_PKGS="bash \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/db_data && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ diff --git a/proxy-sqlite3/rhel/README.md b/proxy-sqlite3/rhel/README.md index a36d873db..72cce7e2d 100644 --- a/proxy-sqlite3/rhel/README.md +++ b/proxy-sqlite3/rhel/README.md @@ -199,6 +199,10 @@ Please use official documentation for [``zabbix_proxy.conf``](https://www.zabbix The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_proxy.conf``. +### ``/var/lib/zabbix/db_data`` + +The volume stores SQLite3 database file and could be used for external database file storage. + ### ``/var/lib/zabbix/modules`` The volume allows load additional modules and extend Zabbix proxy using ``LoadModule`` feature. @@ -248,7 +252,7 @@ To minimize image size, it's uncommon for additional related tools (such as `git This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. -## `zabbix-agent:ol-` +## `zabbix-proxy-sqlite3:ol-` Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. diff --git a/proxy-sqlite3/rhel/docker-entrypoint.sh b/proxy-sqlite3/rhel/docker-entrypoint.sh index 7e933ec53..ee04cdd17 100755 --- a/proxy-sqlite3/rhel/docker-entrypoint.sh +++ b/proxy-sqlite3/rhel/docker-entrypoint.sh @@ -139,7 +139,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" + update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite" update_config_var $ZBX_CONFIG "DBUser" update_config_var $ZBX_CONFIG "DBPort" update_config_var $ZBX_CONFIG "DBPassword" From 230c326a1ac9b566d964f068d6c7224e523d396b Mon Sep 17 00:00:00 2001 From: dotneft Date: Wed, 25 Aug 2021 15:13:11 +0300 Subject: [PATCH 096/253] Added Azure registry build action --- .github/workflows/Azure.yml | 145 ++++++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 .github/workflows/Azure.yml diff --git a/.github/workflows/Azure.yml b/.github/workflows/Azure.yml new file mode 100644 index 000000000..a0b48adbf --- /dev/null +++ b/.github/workflows/Azure.yml @@ -0,0 +1,145 @@ +name: Azure + +on: + release: + types: + - published + push: + branches: + - '5.0' + - '5.4' + - 'trunk' + paths-ignore: + - '.env*' + - 'docker-compose*.yaml' + - '*/rhel/*' + - "**.md" + +defaults: + run: + shell: bash + +jobs: + build: + timeout-minutes: 70 + strategy: + fail-fast: false + matrix: + build: + - agent + - agent2 + - java-gateway + - proxy-mysql + - proxy-sqlite3 + - server-mysql + - server-pgsql + - snmptraps + - web-apache-mysql + - web-apache-pgsql + - web-nginx-mysql + - web-nginx-pgsql + os: + - alpine + - ubuntu + - ol + + runs-on: ubuntu-20.04 + steps: + - + uses: actions/checkout@v2 + + - + name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - + name: Login to Azure Container Registry + uses: docker/login-action@v1 + with: + registry: ${{ secrets.azure_registry }}.azurecr.io + username: ${{ secrets.AZURE_USERNAME }} + password: ${{ secrets.AZURE_PASSWORD }} + + - name: Prepare platform list + id: platform + run: | + DOCKER_PLATFORM="linux/amd64,linux/arm64" + echo ::set-output name=list::${DOCKER_PLATFORM} + + - name: Prepare environment (push) + if: github.event_name == 'push' + id: prepare_push + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ secrets.azure_registry }}.azurecr.io/${{ matrix.os }}/zabbix-${{ matrix.build }}" + GIT_BRANCH="${GITHUB_REF##*/}" + GIT_BRANCH=`expr "${GIT_BRANCH}" : '\([0-9]*\.[0-9]*\).*'` + + echo "::debug::Branch - ${GIT_BRANCH}" + + if [ "${GIT_BRANCH}" == "trunk" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:trunk") + else + TAGS_ARRAY+=("$IMAGE_NAME:v${GIT_BRANCH}") + fi + + TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") + + echo "::debug::Tags - ${TAGS}" + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") + + - name: Prepare environment (release) + if: github.event_name == 'release' && github.event.action == 'published' + id: prepare_release + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ secrets.azure_registry }}.azurecr.io/${{ matrix.os }}/zabbix-${{ matrix.build }}" + RELEASE_VERSION=${GITHUB_REF##*/} + GIT_BRANCH="${GITHUB_REF##*/}" + GIT_BRANCH=`expr "${GIT_BRANCH}" : '\([0-9]*\.[0-9]*\).*'` + + echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" + + TAGS_ARRAY+=("$IMAGE_NAME:v${RELEASE_VERSION}") + + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") + + - name: Prepare tags + id: prepare_tags + run: | + if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" + elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" + else + exit 1 + fi + + echo ::set-output name=image_tag_versions::${TAGS} + echo ::set-output name=image_name::${IMAGE_NAME} + + - + name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./${{ matrix.build }}/${{ matrix.os }} + file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: ${{ secrets.AUTO_PUSH_IMAGES }} + tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} + + - + name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} From f9d45a586ccf58d37ca03943db2b050d1a6c756f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 25 Aug 2021 15:00:35 +0200 Subject: [PATCH 097/253] Fixed persistent storage location for agent2 --- agent2/alpine/Dockerfile | 1 + agent2/alpine/docker-entrypoint.sh | 2 +- agent2/ol/Dockerfile | 1 + agent2/ol/docker-entrypoint.sh | 2 +- agent2/rhel/Dockerfile | 1 + agent2/rhel/docker-entrypoint.sh | 2 +- agent2/ubuntu/Dockerfile | 1 + agent2/ubuntu/docker-entrypoint.sh | 2 +- 8 files changed, 8 insertions(+), 4 deletions(-) diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index f8dd5bf4c..f2768b809 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -25,6 +25,7 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/buffer && \ apk add --no-cache --clean-protected \ tini \ tzdata \ diff --git a/agent2/alpine/docker-entrypoint.sh b/agent2/alpine/docker-entrypoint.sh index 1476e10a4..14229d7ab 100755 --- a/agent2/alpine/docker-entrypoint.sh +++ b/agent2/alpine/docker-entrypoint.sh @@ -156,7 +156,7 @@ prepare_zbx_agent_config() { if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" - update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db" update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" else update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" diff --git a/agent2/ol/Dockerfile b/agent2/ol/Dockerfile index 8fab2cd7a..c071ef503 100644 --- a/agent2/ol/Dockerfile +++ b/agent2/ol/Dockerfile @@ -35,6 +35,7 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/buffer && \ mkdir -p /etc/yum/vars/ && \ echo "" > /etc/yum/vars/ociregion && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ diff --git a/agent2/ol/docker-entrypoint.sh b/agent2/ol/docker-entrypoint.sh index 1476e10a4..14229d7ab 100755 --- a/agent2/ol/docker-entrypoint.sh +++ b/agent2/ol/docker-entrypoint.sh @@ -156,7 +156,7 @@ prepare_zbx_agent_config() { if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" - update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db" update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" else update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" diff --git a/agent2/rhel/Dockerfile b/agent2/rhel/Dockerfile index 7f9795989..2753fc5c9 100644 --- a/agent2/rhel/Dockerfile +++ b/agent2/rhel/Dockerfile @@ -62,6 +62,7 @@ RUN set -eux && INSTALL_PKGS="bash \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/buffer && \ curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ export GNUPGHOME="$(mktemp -d)" && \ diff --git a/agent2/rhel/docker-entrypoint.sh b/agent2/rhel/docker-entrypoint.sh index 1476e10a4..14229d7ab 100755 --- a/agent2/rhel/docker-entrypoint.sh +++ b/agent2/rhel/docker-entrypoint.sh @@ -156,7 +156,7 @@ prepare_zbx_agent_config() { if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" - update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db" update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" else update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index eae3713d2..0a102b5af 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -34,6 +34,7 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/buffer && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ tini \ diff --git a/agent2/ubuntu/docker-entrypoint.sh b/agent2/ubuntu/docker-entrypoint.sh index 1476e10a4..14229d7ab 100755 --- a/agent2/ubuntu/docker-entrypoint.sh +++ b/agent2/ubuntu/docker-entrypoint.sh @@ -156,7 +156,7 @@ prepare_zbx_agent_config() { if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" - update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db" update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" else update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" From ba1197a9df8f07f0e5c2bef6b9f492c17c26bd29 Mon Sep 17 00:00:00 2001 From: dotneft Date: Wed, 25 Aug 2021 16:05:17 +0300 Subject: [PATCH 098/253] Added Azure registry build action --- .github/workflows/Azure.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/Azure.yml b/.github/workflows/Azure.yml index a0b48adbf..57da239be 100644 --- a/.github/workflows/Azure.yml +++ b/.github/workflows/Azure.yml @@ -76,16 +76,16 @@ jobs: IMAGE_NAME="${{ secrets.azure_registry }}.azurecr.io/${{ matrix.os }}/zabbix-${{ matrix.build }}" GIT_BRANCH="${GITHUB_REF##*/}" - GIT_BRANCH=`expr "${GIT_BRANCH}" : '\([0-9]*\.[0-9]*\).*'` - - echo "::debug::Branch - ${GIT_BRANCH}" if [ "${GIT_BRANCH}" == "trunk" ]; then TAGS_ARRAY+=("$IMAGE_NAME:trunk") else + GIT_BRANCH=`expr "${GIT_BRANCH}" : '\([0-9]*\.[0-9]*\).*'` TAGS_ARRAY+=("$IMAGE_NAME:v${GIT_BRANCH}") fi + echo "::debug::Branch - ${GIT_BRANCH}" + TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") echo "::debug::Tags - ${TAGS}" From 0dc7a1c327b67824b002a77c987a7ac074ff6c53 Mon Sep 17 00:00:00 2001 From: dotneft Date: Wed, 25 Aug 2021 16:06:16 +0300 Subject: [PATCH 099/253] Added Azure registry build action --- .github/workflows/Azure.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/Azure.yml b/.github/workflows/Azure.yml index 57da239be..331513beb 100644 --- a/.github/workflows/Azure.yml +++ b/.github/workflows/Azure.yml @@ -38,6 +38,7 @@ jobs: - web-apache-pgsql - web-nginx-mysql - web-nginx-pgsql + - web-service os: - alpine - ubuntu From 31fc0008e56aec6cb5ec916176e8b382ec4fd4d8 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 3 Sep 2021 15:53:20 -0400 Subject: [PATCH 100/253] Review RHEL repositories --- agent/rhel/Dockerfile | 8 ++++---- agent2/rhel/Dockerfile | 8 ++++---- java-gateway/rhel/Dockerfile | 8 ++++---- proxy-mysql/rhel/Dockerfile | 8 ++++---- proxy-sqlite3/rhel/Dockerfile | 8 ++++---- server-mysql/rhel/Dockerfile | 8 ++++---- web-nginx-mysql/rhel/Dockerfile | 8 ++++---- 7 files changed, 28 insertions(+), 28 deletions(-) diff --git a/agent/rhel/Dockerfile b/agent/rhel/Dockerfile index cc1c6e91c..f60656bad 100644 --- a/agent/rhel/Dockerfile +++ b/agent/rhel/Dockerfile @@ -44,9 +44,9 @@ RUN set -eux && INSTALL_PKGS="bash \ iputils \ pcre \ libcurl" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ groupadd --system --gid 1995 zabbix && \ @@ -80,7 +80,7 @@ RUN set -eux && INSTALL_PKGS="bash \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ +RUN set -eux && REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ INSTALL_PKGS="autoconf \ automake \ libcurl-devel \ diff --git a/agent2/rhel/Dockerfile b/agent2/rhel/Dockerfile index 2753fc5c9..93827180e 100644 --- a/agent2/rhel/Dockerfile +++ b/agent2/rhel/Dockerfile @@ -44,9 +44,9 @@ RUN set -eux && INSTALL_PKGS="bash \ iputils \ pcre \ libcurl" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ groupadd --system --gid 1995 zabbix && \ @@ -81,7 +81,7 @@ RUN set -eux && INSTALL_PKGS="bash \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ +RUN set -eux && REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ INSTALL_PKGS="autoconf \ automake \ libcurl-devel \ diff --git a/java-gateway/rhel/Dockerfile b/java-gateway/rhel/Dockerfile index 1ec5ca3cf..59d6b4aab 100644 --- a/java-gateway/rhel/Dockerfile +++ b/java-gateway/rhel/Dockerfile @@ -40,9 +40,9 @@ COPY ["licenses", "/licenses"] RUN set -eux && INSTALL_PKGS="bash \ java-1.8.0-openjdk-headless" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ groupadd --system --gid 1995 zabbix && \ @@ -69,7 +69,7 @@ RUN set -eux && INSTALL_PKGS="autoconf \ gcc \ make \ java-1.8.0-openjdk-devel" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ diff --git a/proxy-mysql/rhel/Dockerfile b/proxy-mysql/rhel/Dockerfile index 25296b0d7..83a84167d 100644 --- a/proxy-mysql/rhel/Dockerfile +++ b/proxy-mysql/rhel/Dockerfile @@ -54,9 +54,9 @@ RUN set -eux && INSTALL_PKGS="bash \ OpenIPMI-libs \ pcre \ unixODBC" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ dnf -y module enable mysql && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ @@ -115,7 +115,7 @@ RUN set -eux && INSTALL_PKGS="autoconf \ gcc \ make \ unixODBC-devel" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ diff --git a/proxy-sqlite3/rhel/Dockerfile b/proxy-sqlite3/rhel/Dockerfile index 63952f13e..b51f2e4dc 100644 --- a/proxy-sqlite3/rhel/Dockerfile +++ b/proxy-sqlite3/rhel/Dockerfile @@ -53,9 +53,9 @@ RUN set -eux && INSTALL_PKGS="bash \ pcre \ sqlite-libs \ unixODBC" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ @@ -113,7 +113,7 @@ RUN set -eux && INSTALL_PKGS="autoconf \ gcc \ make \ unixODBC-devel" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ diff --git a/server-mysql/rhel/Dockerfile b/server-mysql/rhel/Dockerfile index 91091e414..ce7a4aabc 100644 --- a/server-mysql/rhel/Dockerfile +++ b/server-mysql/rhel/Dockerfile @@ -55,9 +55,9 @@ RUN set -eux && INSTALL_PKGS="bash \ OpenIPMI-libs \ pcre \ unixODBC" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ dnf -y module enable mysql && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ @@ -117,7 +117,7 @@ RUN set -eux && INSTALL_PKGS="autoconf \ gcc \ make \ unixODBC-devel" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,codeready-builder-for-rhel-8-x86_64-rpms" && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ cd /tmp/ && \ diff --git a/web-nginx-mysql/rhel/Dockerfile b/web-nginx-mysql/rhel/Dockerfile index ff4522d5d..0a69187b7 100644 --- a/web-nginx-mysql/rhel/Dockerfile +++ b/web-nginx-mysql/rhel/Dockerfile @@ -53,9 +53,9 @@ RUN set -eux && INSTALL_PKGS="bash \ php-mbstring \ php-mysqlnd \ php-xml" && \ - REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ - dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms,epel" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ + --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ dnf -y module enable mysql && \ dnf -y module enable php:7.4 nginx:1.18 && \ dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ @@ -81,7 +81,7 @@ RUN set -eux && INSTALL_PKGS="bash \ COPY ["conf/etc/", "/etc/"] -RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ +RUN set -eux && REPOLIST="ubi-8-baseos,ubi-8-appstream,rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ INSTALL_PKGS="glibc-locale-source gettext \ git" && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ From 8241dc034cc61c626662404fa845366adfd865dc Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 3 Sep 2021 23:46:01 +0300 Subject: [PATCH 101/253] Windows docker images for Agent and Agent2 components --- .github/workflows/Azure.yml | 1 + .github/workflows/CI.yml | 1 + agent/windows/Dockerfile | 206 +++++++++++++++++ agent/windows/README.md | 244 ++++++++++++++++++++ agent/windows/docker-entrypoint.ps1 | 227 ++++++++++++++++++ agent/windows/modbus.vs16.sln | 31 +++ agent/windows/modbus.vs16.vcxproj | 265 ++++++++++++++++++++++ agent/windows/modbus.vs16.vcxproj.filters | 62 +++++ agent2/windows/Dockerfile | 196 ++++++++++++++++ agent2/windows/README.md | 225 ++++++++++++++++++ agent2/windows/docker-entrypoint.ps1 | 246 ++++++++++++++++++++ 11 files changed, 1704 insertions(+) create mode 100644 agent/windows/Dockerfile create mode 100644 agent/windows/README.md create mode 100644 agent/windows/docker-entrypoint.ps1 create mode 100644 agent/windows/modbus.vs16.sln create mode 100644 agent/windows/modbus.vs16.vcxproj create mode 100644 agent/windows/modbus.vs16.vcxproj.filters create mode 100644 agent2/windows/Dockerfile create mode 100644 agent2/windows/README.md create mode 100644 agent2/windows/docker-entrypoint.ps1 diff --git a/.github/workflows/Azure.yml b/.github/workflows/Azure.yml index 331513beb..f903e2ae0 100644 --- a/.github/workflows/Azure.yml +++ b/.github/workflows/Azure.yml @@ -13,6 +13,7 @@ on: - '.env*' - 'docker-compose*.yaml' - '*/rhel/*' + - '*/windows/*' - "**.md" defaults: diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 54fce93a8..178dd766e 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -15,6 +15,7 @@ on: - '.env*' - 'docker-compose*.yaml' - '*/rhel/*' + - '*/windows/*' - "**.md" defaults: diff --git a/agent/windows/Dockerfile b/agent/windows/Dockerfile new file mode 100644 index 000000000..11492f477 --- /dev/null +++ b/agent/windows/Dockerfile @@ -0,0 +1,206 @@ +# escape=` +ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 +ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 +FROM $BUILD_BASE_IMAGE as builder_base + +ARG PCRE_VERSION=8.45 +ARG OPENSSL_VERSION=1.1.1l +ARG LIBMODBUS_VERSION=master + +ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe +ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-installer-x64.exe +ARG PERL_URL=https://strawberryperl.com/download/5.32.1.1/strawberry-perl-5.32.1.1-64bit.msi +ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/Git-2.33.0.2-64-bit.exe +ARG LIBMODBUS_URL=https://github.com/stephane/libmodbus.git + +ARG VS_DEV_CMD_LOCATION="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\VsDevCmd.bat" +ARG VC_VARS_ALL_LOCATION="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Auxiliary\Build\vcvarsall.bat" + +ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` + PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION LIBMODBUS_VERSION=$LIBMODBUS_VERSION ` + GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL ` + VS_DEV_CMD_LOCATION=$VS_DEV_CMD_LOCATION VC_VARS_ALL_LOCATION=$VC_VARS_ALL_LOCATION + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +RUN Set-Location -Path "$env:SystemDrive"; ` + Write-Verbose -Message 'Visual Studio components installing...'; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` + Start-Process -FilePath "$env:SystemDrive\git-installer.exe" -argumentlist '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /NOCANCEL /SP- /LOG /COMPONENTS="icons,assoc,assoc_sh,ext,ext\shellhere,gitlfs' -wait; ` + Remove-Item -Force -Path "$env:SystemDrive\git-installer.exe"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\nasm-installer.exe" $env:NASM_URL; ` + Start-Process -FilePath "$env:SystemDrive\nasm-installer.exe" -argumentlist '/S'; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\perl-installer.msi" $env:PERL_URL; ` + Start-Process -FilePath "msiexec.exe" -argumentlist """/i C:\perl-installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" -wait; ` + $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin"""; ` + cpan Text::Template; ` + Remove-Item -Force -Path "$env:SystemDrive\nasm-installer.exe"; ` + Remove-Item -Force -Path "$env:SystemDrive\perl-installer.msi"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + Write-Host "Visual Studio components installing..."; ` + cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` + --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` + # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 + --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` + --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 ` + --add Microsoft.VisualStudio.Component.VC.CMake.Project ` + --add Microsoft.VisualStudio.Workload.MSBuildTools ` + --add Microsoft.VisualStudio.Workload.NetCoreBuildTools ` + --add Microsoft.Net.Component.4.8.SDK ` + --remove Microsoft.VisualStudio.Component.Windows10SDK.10240 ` + --remove Microsoft.VisualStudio.Component.Windows10SDK.10586 ` + --remove Microsoft.VisualStudio.Component.Windows10SDK.14393 ` + --remove Microsoft.VisualStudio.Component.Windows81SDK ` + --remove Microsoft.VisualStudio.Component.WebDeploy ` + --remove Microsoft.Component.ClickOnce.MSBuild; ` + if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` + throw $err; ` + }; ` + Write-Host "Visual Studio components installed"; ` + Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` + Remove-Item -Force -Recurse "$env:TEMP\*"; + +RUN Set-Location -Path "$env:SystemDrive"; ` + Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` + Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` + Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive ; ` + Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build"; ` + New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` + Set-Location -Path "$env:SystemDrive\pcre_build\build"; ` + cmake -G """Visual Studio 16 2019""" -A $env:BUILD_ARCH -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON -DPCRE_SUPPORT_UTF=ON -DCMAKE_C_FLAGS_RELEASE:string="/MT" ..; ` + msbuild PCRE.sln ` + -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /property:Configuration="Release" ` + /property:Platform="$env:BUILD_ARCH" ` + /target:pcre; ` + Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" + +RUN Set-Location -Path "$env:SystemDrive"; ` + $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin;$env:SystemDrive\Program Files\NASM"""; ` + Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` + Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" https://www.openssl.org/source/openssl-$env:OPENSSL_VERSION.tar.gz; ` + tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` + Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build"; ` + Set-Location -Path "$env:SystemDrive\openssl_build"; ` + perl $env:SystemDrive\openssl_build\Configure ` + VC-WIN64A ` + no-shared ` + no-ui-console ` + no-tests ` +# enable-capieng ` + no-capieng ` + --api=1.1.0 ` + --prefix="$env:SystemDrive\openssl_output_$env:BUILD_ARCH ` + --openssldir="$env:SystemDrive\openssl_output_ssl"; ` + set CL=/MP; ` + nmake; ` + nmake install_sw; ` + Remove-Item -Force -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" + +COPY modbus.vs16.vcxproj c:\ +COPY modbus.vs16.sln c:\ +COPY modbus.vs16.vcxproj.filters c:\ + +RUN Set-Location -Path "$env:SystemDrive"; ` + Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` + Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch libmodbus"""; ` + Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj"; ` + Copy-Item -Path "$env:SystemDrive\modbus.vs16.sln" $env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln"; ` + Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj.filters" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters"; ` + Set-Location -Path "$env:SystemDrive\libmodbus\src\win32"; ` + cscript .\configure.js; ` + msbuild modbus.vs16.sln ` + -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /property:Configuration="Release" ` + /property:Platform="$env:BUILD_ARCH" + +FROM builder_base as builder_zabbix + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +ARG MAJOR_VERSION=6,0 +ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZABBIX_VERSION_RC_NUM=2400 +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ARG ZBX_COMPONENT=all +ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM + +RUN Set-Location -Path "$env:SystemDrive"; ` + Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` + Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` + Write-Host "Building Zabbix $env:ZBX_VERSION version"; ` + Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION"; ` + $ZbxRevision=(git rev-parse --short HEAD); ` + (Get-Content include/version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include/version.h; ` + Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project"; ` + set CL=/MP; ` + nmake -f Makefile ` + CPU=$env:CPU_MODEL ` + CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` + PCREINCDIR="$env:SystemDrive\pcre_build\build" ` + PCRELIBDIR="$env:SystemDrive\pcre_build\build\Release" TLS=openssl ` + RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` +# LIBS="Crypt32.lib" ` + TLSINCDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\include" ` + TLSLIBDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\lib" ` + MODBINCDIR="$env:SystemDrive\libmodbus\src" ` + MODBLIBDIR="$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release" ` + $env:ZBX_COMPONENT; ` + New-Item -ItemType directory -Path "$env:SystemDrive\zabbix" | Out-Null; ` + New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\sbin" | Out-Null; ` + New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\conf" | Out-Null; ` + & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe" "$env:SystemDrive\zabbix\sbin"; ` + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe" "$env:SystemDrive\zabbix\sbin"; ` + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe" "$env:SystemDrive\zabbix\sbin"; ` + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf" "$env:SystemDrive\zabbix\conf" + +FROM $BASE_IMAGE + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix agent" ` + org.opencontainers.image.authors="Alexey Pustovalov " ` + org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.url="https://zabbix.com/" ` + org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" ` + org.opencontainers.image.licenses="GPL v2.0" ` + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" ` + org.opencontainers.image.version="${ZBX_VERSION}" ` + org.opencontainers.image.source="${ZBX_SOURCES}" + +SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop';"] + +WORKDIR C:\zabbix\ + +COPY --from=builder_zabbix ["C:\\zabbix", "C:\\zabbix"] +COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] + +USER ContainerAdministrator + +RUN setx /M PATH """$env:PATH;C:\zabbix\sbin;C:\zabbix\bin;"""; ` + setx /M ZbxDir """C:\zabbix""" + +RUN Set-Location -Path "$env:SystemDrive"; ` + New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` + net user /add zabbix; ` + $acl = Get-Acl -Path $env:ZbxDir; ` + $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` + $acl.AddAccessRule($ace); ` + Set-Acl -AclObject $acl -Path $env:ZbxDir + +USER zabbix + +EXPOSE 10050/TCP + +CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agentd.exe -c C:\zabbix\conf\zabbix_agentd.win.conf -f diff --git a/agent/windows/README.md b/agent/windows/README.md new file mode 100644 index 000000000..4cc642f18 --- /dev/null +++ b/agent/windows/README.md @@ -0,0 +1,244 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent? + +Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent images + +These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix agent are: + + Zabbix agent 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix agent 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix agent 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix agent 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix agent 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix agent 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix agent 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix agent 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix agent 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix agent 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix agent 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix agent 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix agent 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix agent 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix agent 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix agent 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix agent 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix agent 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix agent 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent` + +Start a Zabbix agent container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent:tag + +Where `some-zabbix-agent` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent port (``10050``) to perform passive checks, so container linking makes Zabbix agent instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent instance. Start your application container like this in order to link Zabbix agent to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent:latest +``` + +## Container shell access and viewing Zabbix agent logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent is designed to monitor system resources, to do that Zabbix agent container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent:latest +``` + +## Environment Variables + +When you start the `zabbix-agent` image, you can adjust the configuration of the Zabbix agent by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agentd.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agentd.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_LOADMODULE` + +The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agentd.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_HOSTINTERFACE= # Available since 4.4.0 +ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_TLSCIPHERALL= # Available since 4.4.7 +ZBX_TLSCIPHERALL13= # Available since 4.4.7 +ZBX_TLSCIPHERCERT= # Available since 4.4.7 +ZBX_TLSCIPHERCERT13= # Available since 4.4.7 +ZBX_TLSCIPHERPSK= # Available since 4.4.7 +ZBX_TLSCIPHERPSK13= # Available since 4.4.7 +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agentd.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agentd.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agentd) to get more information about the variables. + +## Allowed volumes for the Zabbix agent container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent using ``UserParameter`` feature. + +### ``/var/lib/zabbix/modules`` + +The volume allows load additional modules and extend Zabbix agent using ``LoadModule`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +# The image variants + +The `zabbix-agent` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/agent) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/agent/windows/docker-entrypoint.ps1 b/agent/windows/docker-entrypoint.ps1 new file mode 100644 index 000000000..7a2a06fd6 --- /dev/null +++ b/agent/windows/docker-entrypoint.ps1 @@ -0,0 +1,227 @@ + +# Script trace mode +if ($env:DEBUG_MODE -eq "true") { + Set-PSDebug -trace 1 +} + +# Default Zabbix installation name +# Default Zabbix server host +if ([string]::IsNullOrWhitespace($env:ZBX_SERVER_HOST)) { + $env:ZBX_SERVER_HOST="zabbix-server" +} +# Default Zabbix server port number +if ([string]::IsNullOrWhitespace($env:ZBX_SERVER_PORT)) { + $env:ZBX_SERVER_PORT="10051" +} + + +# Default directories +# User 'zabbix' home directory +$ZabbixUserHomeDir="C:\zabbix" +# Configuration files directory +$ZabbixConfigDir="C:\zabbix\conf" + +function Update-Config-Var { + Param ( + [Parameter(Mandatory=$true, Position=0)] + [ValidateNotNullOrEmpty()] + [string] $ConfigPath, + [Parameter(Mandatory=$true, Position=1)] + [ValidateNotNullOrEmpty()] + [string]$VarName, + [Parameter(Mandatory=$false, Position=2)] + [string]$VarValue = $null, + [Parameter(Mandatory=$false, Position=3)] + [bool]$IsMultiple + ) + + $MaskList = "TLSPSKIdentity" + + if (-not(Test-Path -Path $ConfigPath -PathType Leaf)) { + throw "**** Configuration file '$ConfigPath' does not exist" + } + + if ($MaskList.Contains($VarName) -eq $true -And [string]::IsNullOrWhitespace($VarValue) -ne $true) { + Write-Host -NoNewline "** Updating '$ConfigPath' parameter ""$VarName"": '****'. Enable DEBUG_MODE to view value ..." + } + else { + Write-Host -NoNewline "** Updating '$ConfigPath' parameter ""$VarName"": '$VarValue'..." + } + + if ([string]::IsNullOrWhitespace($VarValue)) { + if ((Get-Content $ConfigPath | %{$_ -match "^$VarName="}) -contains $true) { + (Get-Content $ConfigPath) | + Where-Object {$_ -notmatch "^$VarName=" } | + Set-Content $ConfigPath + } + + Write-Host "removed" + return + } + + if ($VarValue -eq '""') { + (Get-Content $ConfigPath) | Foreach-Object { $_ -Replace "^($VarName=)(.*)", '$1' } | Set-Content $ConfigPath + Write-Host "undefined" + return + } + + if ($VarName -match '^TLS.*File$') { + $VarValue="$ZabbixUserHomeDir\enc\$VarValue" + } + + if ((Get-Content $ConfigPath | %{$_ -match "^$VarName="}) -contains $true -And $IsMultiple -ne $true) { + (Get-Content $ConfigPath) | Foreach-Object { $_ -Replace "^$VarName=.+", "$VarName=$VarValue" } | Set-Content $ConfigPath + + Write-Host updated + } + elseif ((Get-Content $ConfigPath | select-string -pattern "^[#;] $VarName=").length -gt 0) { + (Get-Content $ConfigPath) | + Foreach-Object { + $_ + if ($_ -match "^[#;] $VarName=") { + "$VarName=$VarValue" + } + } | Set-Content $ConfigPath + + Write-Host "added" + } + else { + Add-Content -Path $ConfigPath -Value "$VarName=$VarValue" + Write-Host "added at the end" + } +} + +function Update-Config-Multiple-Var { + Param ( + [Parameter(Mandatory=$true, Position=0)] + [ValidateNotNullOrEmpty()] + [string] $ConfigPath, + [Parameter(Mandatory=$true, Position=1)] + [ValidateNotNullOrEmpty()] + [string]$VarName, + [Parameter(Mandatory=$false, Position=2)] + [string]$VarValue = $null + ) + + foreach ($value in $VarValue.split(',')) { + Update-Config-Var $ConfigPath $VarName $value $true + } +} + +function Prepare-Zbx-Agent-Config { + Write-Host "** Preparing Zabbix agent configuration file" + + $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agentd.win.conf" + + if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) { + $env:ZBX_PASSIVESERVERS="" + } + else { + $env:ZBX_PASSIVESERVERS=",$env:ZBX_PASSIVESERVERS" + } + + $env:ZBX_PASSIVESERVERS=$env:ZBX_SERVER_HOST + $env:ZBX_PASSIVESERVERS + + if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVESERVERS)) { + $env:ZBX_ACTIVESERVERS="" + } + else { + $env:ZBX_ACTIVESERVERS=",$env:ZBX_ACTIVESERVERS" + } + + $env:ZBX_ACTIVESERVERS=$env:ZBX_SERVER_HOST + ":" + $env:ZBX_SERVER_PORT + $env:ZBX_ACTIVESERVERS + + Update-Config-Var $ZbxAgentConfig "LogType" "console" + Update-Config-Var $ZbxAgentConfig "LogFile" + Update-Config-Var $ZbxAgentConfig "LogFileSize" + Update-Config-Var $ZbxAgentConfig "DebugLevel" "$env:ZBX_DEBUGLEVEL" + Update-Config-Var $ZbxAgentConfig "SourceIP" + Update-Config-Var $ZbxAgentConfig "LogRemoteCommands" "$env:ZBX_LOGREMOTECOMMANDS" + + if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVE_ALLOW)) { + $env:ZBX_PASSIVE_ALLOW="true" + } + + if ($env:ZBX_PASSIVE_ALLOW -eq "true") { + Write-Host "** Using '$env:ZBX_PASSIVESERVERS' servers for passive checks" + Update-Config-Var $ZbxAgentConfig "Server" "$env:ZBX_PASSIVESERVERS" + } + else { + Update-Config-Var $ZbxAgentConfig "Server" + } + + Update-Config-Var $ZbxAgentConfig "ListenPort" "$env:ZBX_LISTENPORT" + Update-Config-Var $ZbxAgentConfig "ListenIP" "$env:ZBX_LISTENIP" + Update-Config-Var $ZbxAgentConfig "StartAgents" "$env:ZBX_STARTAGENTS" + + if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVE_ALLOW)) { + $env:ZBX_ACTIVE_ALLOW="true" + } + + if ($env:ZBX_PASSIVE_ALLOW -eq "true") { + Write-Host "** Using '$env:ZBX_ACTIVESERVERS' servers for active checks" + Update-Config-Var $ZbxAgentConfig "ServerActive" "$env:ZBX_ACTIVESERVERS" + } + else { + Update-Config-Var $ZbxAgentConfig "ServerActive" + } + + Update-Config-Var $ZbxAgentConfig "HostInterface" "$env:ZBX_HOSTINTERFACE" + Update-Config-Var $ZbxAgentConfig "HostInterfaceItem" "$env:ZBX_HOSTINTERFACEITEM" + + Update-Config-Var $ZbxAgentConfig "Hostname" "$env:ZBX_HOSTNAME" + Update-Config-Var $ZbxAgentConfig "HostnameItem" "$env:ZBX_HOSTNAMEITEM" + Update-Config-Var $ZbxAgentConfig "HostMetadata" "$env:ZBX_METADATA" + Update-Config-Var $ZbxAgentConfig "HostMetadataItem" "$env:ZBX_METADATAITEM" + Update-Config-Var $ZbxAgentConfig "RefreshActiveChecks" "$env:ZBX_REFRESHACTIVECHECKS" + Update-Config-Var $ZbxAgentConfig "BufferSend" "$env:ZBX_BUFFERSEND" + Update-Config-Var $ZbxAgentConfig "BufferSize" "$env:ZBX_BUFFERSIZE" + Update-Config-Var $ZbxAgentConfig "MaxLinesPerSecond" "$env:ZBX_MAXLINESPERSECOND" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" $env:ZBX_ALIAS + # Please use include to enable Perfcounter feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "PerfCounter" $env:ZBX_PERFCOUNTER + Update-Config-Var $ZbxAgentConfig "Timeout" "$env:ZBX_TIMEOUT" + Update-Config-Var $ZbxAgentConfig "Include" "$ZabbixConfigDir\zabbix_agentd.d\" + Update-Config-Var $ZbxAgentConfig "UnsafeUserParameters" "$env:ZBX_UNSAFEUSERPARAMETERS" + Update-Config-Var $ZbxAgentConfig "UserParameterDir" "$ZabbixUserHomeDir\user_scripts\" + Update-Config-Var $ZbxAgentConfig "TLSConnect" "$env:ZBX_TLSCONNECT" + Update-Config-Var $ZbxAgentConfig "TLSAccept" "$env:ZBX_TLSACCEPT" + Update-Config-Var $ZbxAgentConfig "TLSCAFile" "$env:ZBX_TLSCAFILE" + Update-Config-Var $ZbxAgentConfig "TLSCRLFile" "$env:ZBX_TLSCRLFILE" + Update-Config-Var $ZbxAgentConfig "TLSServerCertIssuer" "$env:ZBX_TLSSERVERCERTISSUER" + Update-Config-Var $ZbxAgentConfig "TLSServerCertSubject" "$env:ZBX_TLSSERVERCERTSUBJECT" + Update-Config-Var $ZbxAgentConfig "TLSCertFile" "$env:ZBX_TLSCERTFILE" + Update-Config-Var $ZbxAgentConfig "TLSCipherAll" "$env:ZBX_TLSCIPHERALL" + Update-Config-Var $ZbxAgentConfig "TLSCipherAll13" "$env:ZBX_TLSCIPHERALL13" + Update-Config-Var $ZbxAgentConfig "TLSCipherCert" "$env:ZBX_TLSCIPHERCERT" + Update-Config-Var $ZbxAgentConfig "TLSCipherCert13" "$env:ZBX_TLSCIPHERCERT13" + Update-Config-Var $ZbxAgentConfig "TLSCipherPSK" "$env:ZBX_TLSCIPHERPSK" + Update-Config-Var $ZbxAgentConfig "TLSCipherPSK13" "$env:ZBX_TLSCIPHERPSK13" + Update-Config-Var $ZbxAgentConfig "TLSKeyFile" "$env:ZBX_TLSKEYFILE" + Update-Config-Var $ZbxAgentConfig "TLSPSKIdentity" "$env:ZBX_TLSPSKIDENTITY" + Update-Config-Var $ZbxAgentConfig "TLSPSKFile" "$env:ZBX_TLSPSKFILE" + + Update-Config-Multiple-Var $ZbxAgentConfig "DenyKey" "$env:ZBX_DENYKEY" + Update-Config-Multiple-Var $ZbxAgentConfig "AllowKey" "$env:ZBX_ALLOWKEY" + +} + +function PrepareAgent { + Write-Host "** Preparing Zabbix agent" + Prepare-Zbx-Agent-Config +} + +$commandArgs=$args + +if ($args.length -gt 0 -And $args[0].Substring(0, 1) -eq '-') { + $commandArgs = "C:\zabbix\sbin\zabbix_agentd.exe " + $commandArgs +} + +if ($args.length -gt 0 -And $args[0] -eq "C:\zabbix\sbin\zabbix_agentd.exe") { + PrepareAgent +} + +if ($args.length -gt 0) { + Invoke-Expression "$CommandArgs" +} diff --git a/agent/windows/modbus.vs16.sln b/agent/windows/modbus.vs16.sln new file mode 100644 index 000000000..19ce76466 --- /dev/null +++ b/agent/windows/modbus.vs16.sln @@ -0,0 +1,31 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.29613.14 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "modbus", "modbus.vs16.vcxproj", "{498E0845-C7F4-438B-8EDE-EF7FC9A74430}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Debug|x64.ActiveCfg = Debug|x64 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Debug|x64.Build.0 = Debug|x64 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Debug|x86.ActiveCfg = Debug|Win32 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Debug|x86.Build.0 = Debug|Win32 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Release|x64.ActiveCfg = Release|x64 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Release|x64.Build.0 = Release|x64 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Release|x86.ActiveCfg = Release|Win32 + {498E0845-C7F4-438B-8EDE-EF7FC9A74430}.Release|x86.Build.0 = Release|Win32 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {6CF51673-664F-4C9F-B3FE-991FF423F3B6} + EndGlobalSection +EndGlobal \ No newline at end of file diff --git a/agent/windows/modbus.vs16.vcxproj b/agent/windows/modbus.vs16.vcxproj new file mode 100644 index 000000000..9cf530ccf --- /dev/null +++ b/agent/windows/modbus.vs16.vcxproj @@ -0,0 +1,265 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + modbus + {498E0845-C7F4-438B-8EDE-EF7FC9A74430} + modbus + Win32Proj + 10.0 + + + + StaticLibrary + v142 + MultiByte + true + + + StaticLibrary + v142 + MultiByte + + + StaticLibrary + v142 + MultiByte + true + + + StaticLibrary + v142 + MultiByte + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>16.0.29511.113 + + + $(SolutionDir)$(Platform)\$(Configuration)\ + $(Platform)\$(Configuration)\ + False + false + true + + + $(SolutionDir)$(Platform)\$(Configuration)\ + $(Platform)\$(Configuration)\ + False + false + true + + + $(SolutionDir)$(Platform)\$(Configuration)\ + $(Platform)\$(Configuration)\ + false + + + $(SolutionDir)$(Platform)\$(Configuration)\ + $(Platform)\$(Configuration)\ + false + + + + + + + + + + + Disabled + true + false + .;.. + W32DEBUG;HAVE_CONFIG_H;DLLBUILD;_CRT_SECURE_NO_DEPRECATE=1;_CRT_NONSTDC_NO_DEPRECATE=1;%(PreprocessorDefinitions) + false + + UninitializedLocalUsageCheck + MultiThreadedDebug + Fast + + Level3 + ProgramDatabase + CompileAsC + + + _MSC_VER;%(PreprocessorDefinitions) + $(SolutionDir)/modbus.res + + + ws2_32.lib;%(AdditionalDependencies) + + + true + true + Console + + + MachineX86 + + + + + + + + + + + + MaxSpeed + true + false + .;.. + HAVE_CONFIG_H;DLLBUILD;_CRT_SECURE_NO_DEPRECATE=1;_CRT_NONSTDC_NO_DEPRECATE=1;%(PreprocessorDefinitions) + + MultiThreaded + false + Fast + + Level3 + ProgramDatabase + CompileAsC + + + ws2_32.lib;%(AdditionalDependencies) + true + Console + 1048576 + 524288 + true + true + + + false + + MachineX86 + + + + + + + + + + + + X64 + + + Disabled + false + .;.. + false + EnableFastChecks + MultiThreaded + + Level3 + ProgramDatabase + CompileAsC + 4244;4267;%(DisableSpecificWarnings) + W32DEBUG;_WINDLL;HAVE_CONFIG_H;DLLBUILD;_CRT_SECURE_NO_DEPRECATE=1;_CRT_NONSTDC_NO_DEPRECATE=1;%(PreprocessorDefinitions) + + + true + Console + 1048576 + 524288 + MachineX64 + ws2_32.lib;%(AdditionalDependencies) + + + + + + + + + + + + X64 + + + MaxSpeed + true + false + .;.. + MultiThreaded + true + + Level3 + ProgramDatabase + CompileAsC + 4244;4267;%(DisableSpecificWarnings) + _WINDLL;HAVE_CONFIG_H;DLLBUILD;_CRT_SECURE_NO_DEPRECATE=1;_CRT_NONSTDC_NO_DEPRECATE=1;%(PreprocessorDefinitions) + + + true + Console + 1048576 + 524288 + true + true + + MachineX64 + ws2_32.lib;%(AdditionalDependencies) + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/agent/windows/modbus.vs16.vcxproj.filters b/agent/windows/modbus.vs16.vcxproj.filters new file mode 100644 index 000000000..819f877e5 --- /dev/null +++ b/agent/windows/modbus.vs16.vcxproj.filters @@ -0,0 +1,62 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hpp;hxx;hm;inl;inc;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav + + + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + + + Resource Files + + + \ No newline at end of file diff --git a/agent2/windows/Dockerfile b/agent2/windows/Dockerfile new file mode 100644 index 000000000..77e49cef4 --- /dev/null +++ b/agent2/windows/Dockerfile @@ -0,0 +1,196 @@ +# escape=` +ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 +ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 +FROM $BUILD_BASE_IMAGE as builder_base + +ARG PCRE_VERSION=8.45 +ARG OPENSSL_VERSION=1.1.1l +ARG ZLIB_VERSION=1.2.11 +ARG GOLANG_VERSION=1.17 +ARG SEVEN_ZIP_VERSION=1900 + +ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe + +ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/Git-2.33.0.2-64-bit.exe +ARG MINGW_URL=https://deac-riga.dl.sourceforge.net/project/mingw-w64/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z +ARG CYGWIN_URL=https://cygwin.com/setup-x86_64.exe + +ARG VS_DEV_CMD_LOCATION="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\VsDevCmd.bat" + +ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` + PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION ZLIB_VERSION=$ZLIB_VERSION ` + GOLANG_VERSION=$GOLANG_VERSION SEVEN_ZIP_VERSION=$SEVEN_ZIP_VERSION ` + GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL ` + VS_DEV_CMD_LOCATION=$VS_DEV_CMD_LOCATION + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +RUN Set-Location -Path "$env:SystemDrive"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` + $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` + if ((Get-FileHash "$env:SystemDrive\git-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum failed!"; ` + exit 1; ` + }; ` + Start-Process -FilePath "$env:SystemDrive\git-installer.exe" -ArgumentList '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /NOCANCEL /SP- /LOG /COMPONENTS="icons,assoc,assoc_sh,ext,ext\shellhere,gitlfs' -wait; ` + Remove-Item -Force -Path "$env:SystemDrive\git-installer.exe"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" https://golang.org/dl/go$env:GOLANG_VERSION.windows-amd64.msi; ` + $sha256 = '705254e0a459edae2c6bf4c88be0b4a14ac1cbbf9607a379112235f0271e6c4b'; ` + if ((Get-FileHash "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum failed!"; ` + exit 1; ` + }; ` + Start-Process -FilePath "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Wait -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" https://www.7-zip.org/a/7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi; ` + Start-Process -FilePath "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Wait -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\mingw.7z" $env:MINGW_URL; ` + Start-Process -FilePath "${env:ProgramFiles}\7-Zip\7z.exe" -Wait -ArgumentList """x $env:SystemDrive\mingw.7z"""; ` + Remove-Item -Force -Path "$env:SystemDrive\mingw.7z"; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + Write-Host "Visual Studio components installing..."; ` + cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` + --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` + # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 + --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` + --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 ` + --add Microsoft.VisualStudio.Component.VC.CMake.Project ` + --add Microsoft.VisualStudio.Workload.MSBuildTools ` + --add Microsoft.VisualStudio.Workload.NetCoreBuildTools ` + --add Microsoft.Net.Component.4.8.SDK ` + --remove Microsoft.VisualStudio.Component.Windows10SDK.10240 ` + --remove Microsoft.VisualStudio.Component.Windows10SDK.10586 ` + --remove Microsoft.VisualStudio.Component.Windows10SDK.14393 ` + --remove Microsoft.VisualStudio.Component.Windows81SDK ` + --remove Microsoft.VisualStudio.Component.WebDeploy ` + --remove Microsoft.Component.ClickOnce.MSBuild; ` + if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` + throw $err; ` + }; ` + Write-Host "Visual Studio components installed"; ` + Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` + Remove-Item -Force -Recurse "$env:TEMP\*"; + +RUN Set-Location -Path "$env:SystemDrive"; ` + Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` + Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` + Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive ; ` + Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build_mingw"; ` + Set-Location -Path "$env:SystemDrive\pcre_build_mingw"; ` + cmake ` + -G """MinGW Makefiles""" ` + -DBUILD_SHARED_LIBS=OFF ` + -DCMAKE_C_COMPILER=gcc ` + -DCMAKE_C_FLAGS="""-O2 -g""" ` + -DCMAKE_CXX_FLAGS="""-O2 -g""" ` + -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output_mingw""" . ; ` + mingw32-make -j"""$env:NUMBER_OF_PROCESSORS"""; ` + mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install; ` + Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" + +RUN Set-Location -Path "$env:SystemDrive"; ` + (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup-x86_64.exe"""); ` + Start-Process "$env:SystemDrive\setup-x86_64.exe" -ArgumentList """-qnNdO -R $env:SystemDrive\Cygwin64 --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin64\var\cache\setup --packages perl""" -Wait -NoNewWindow; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" https://www.openssl.org/source/openssl-$env:OPENSSL_VERSION.tar.gz; ` + tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` + Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build_mingw"; ` + Set-Location -Path "$env:SystemDrive\openssl_build_mingw"; ` + $env:PATH+=""";$env:SystemDrive\mingw64\bin;$env:SystemDrive\Cygwin64\bin"""; ` + perl Configure ` + mingw64 ` + no-shared ` + no-ui-console ` + no-tests ` +# enable-capieng ` + no-capieng ` + --api=1.1.0 ` + --prefix="$env:SystemDrive\openssl_output_mingw" ` + --openssldir="$env:SystemDrive\openssl_output_ssl_mingw"; ` + mingw32-make -j"""$env:NUMBER_OF_PROCESSORS"""; ` + mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` + Remove-Item -Recurse -Force -Path "$env:SystemDrive\Cygwin64"; ` + Remove-Item -Force -Path "$env:SystemDrive\setup-x86_64.exe" + +FROM builder_base as builder_zabbix + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZABBIX_VERSION_RC_NUM=2400 +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ARG ZBX_COMPONENT=all +ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION + +RUN Set-Location -Path "$env:SystemDrive"; ` + Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` + Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` + Write-Host "Building Zabbix $env:ZBX_VERSION version"; ` + Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION"; ` + $ZbxRevision=(git rev-parse --short HEAD); ` + (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` + $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` + Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw"; ` + mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" ` + PCRE="$env:SystemDrive\pcre_output_mingw" ` + OPENSSL="$env:SystemDrive\openssl_output_mingw" ` + RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` +# CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output_mingw\lib -L$env:SystemDrive\pcre_output_mingw\lib""" ` + OPENSSL="$env:SystemDrive\openssl_output_mingw"; ` + New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2" | Out-Null; ` + New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\sbin" | Out-Null; ` + New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\conf" | Out-Null; ` + & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe" "$env:SystemDrive\zabbix2\sbin"; ` + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf" "$env:SystemDrive\zabbix2\conf" + +FROM $BASE_IMAGE + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix agent 2" ` + org.opencontainers.image.authors="Alexey Pustovalov " ` + org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.url="https://zabbix.com/" ` + org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" ` + org.opencontainers.image.licenses="GPL v2.0" ` + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" ` + org.opencontainers.image.version="${ZBX_VERSION}" ` + org.opencontainers.image.source="${ZBX_SOURCES}" + +SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop';"] + +WORKDIR C:\zabbix\ + +COPY --from=builder_zabbix ["C:\\zabbix2", "C:\\zabbix"] +COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] + +USER ContainerAdministrator + +RUN setx /M PATH """$env:PATH;C:\zabbix\sbin;C:\zabbix\bin;"""; ` + setx /M ZbxDir """C:\zabbix""" + +RUN Set-Location -Path "$env:SystemDrive"; ` + New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\buffer" | Out-Null; ` + net user /add zabbix; ` + $acl = Get-Acl -Path $env:ZbxDir; ` + $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` + $acl.AddAccessRule($ace); ` + Set-Acl -AclObject $acl -Path $env:ZbxDir + +USER zabbix + +EXPOSE 10050/TCP 31999/TCP + +CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agent2.exe -c c:\zabbix\conf\zabbix_agent2.win.conf -f diff --git a/agent2/windows/README.md b/agent2/windows/README.md new file mode 100644 index 000000000..ca33c13f5 --- /dev/null +++ b/agent2/windows/README.md @@ -0,0 +1,225 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent 2? + +Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent 2 images + +These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: + + Zabbix agent 2 4.4 (tags: alpine-4.4-latest) (unsupported) + Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix agent 2 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix agent 2 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix agent 2 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent2` + +Start a Zabbix agent 2 container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent2:tag + +Where `some-zabbix-agent2` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent2/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent 2 port (``10050``) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent2 -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent2:latest +``` + +## Container shell access and viewing Zabbix agent 2 logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent2` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent 2 log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent2:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent2:latest +``` + +## Environment Variables + +When you start the `zabbix-agent2` image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agent2.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agent2.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 +ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 +ZBX_ENABLESTATUSPORT= +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agent2.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2) to get more information about the variables. + +## Allowed volumes for the Zabbix agent 2 container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/buffer`` + +The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. + +# The image variants + +The `zabbix-agent2` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent2:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent2:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/5.0/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/agent2/windows/docker-entrypoint.ps1 b/agent2/windows/docker-entrypoint.ps1 new file mode 100644 index 000000000..f6db991f1 --- /dev/null +++ b/agent2/windows/docker-entrypoint.ps1 @@ -0,0 +1,246 @@ + +# Script trace mode +if ($env:DEBUG_MODE -eq "true") { + Set-PSDebug -trace 1 +} + +# Default Zabbix installation name +# Default Zabbix server host +if ([string]::IsNullOrWhitespace($env:ZBX_SERVER_HOST)) { + $env:ZBX_SERVER_HOST="zabbix-server" +} +# Default Zabbix server port number +if ([string]::IsNullOrWhitespace($env:ZBX_SERVER_PORT)) { + $env:ZBX_SERVER_PORT="10051" +} + + +# Default directories +# User 'zabbix' home directory +$ZabbixUserHomeDir="C:\zabbix" +# Configuration files directory +$ZabbixConfigDir="C:\zabbix\conf" + +function Update-Config-Var { + Param ( + [Parameter(Mandatory=$true, Position=0)] + [ValidateNotNullOrEmpty()] + [string] $ConfigPath, + [Parameter(Mandatory=$true, Position=1)] + [ValidateNotNullOrEmpty()] + [string]$VarName, + [Parameter(Mandatory=$false, Position=2)] + [string]$VarValue = $null, + [Parameter(Mandatory=$false, Position=3)] + [bool]$IsMultiple + ) + + $MaskList = "TLSPSKIdentity" + + if (-not(Test-Path -Path $ConfigPath -PathType Leaf)) { + throw "**** Configuration file '$ConfigPath' does not exist" + } + + if ($MaskList.Contains($VarName) -eq $true -And [string]::IsNullOrWhitespace($VarValue) -ne $true) { + Write-Host -NoNewline "** Updating '$ConfigPath' parameter ""$VarName"": '****'. Enable DEBUG_MODE to view value ..." + } + else { + Write-Host -NoNewline "** Updating '$ConfigPath' parameter ""$VarName"": '$VarValue'..." + } + + if ([string]::IsNullOrWhitespace($VarValue)) { + if ((Get-Content $ConfigPath | %{$_ -match "^$VarName="}) -contains $true) { + (Get-Content $ConfigPath) | + Where-Object {$_ -notmatch "^$VarName=" } | + Set-Content $ConfigPath + } + + Write-Host "removed" + return + } + + if ($VarValue -eq '""') { + (Get-Content $ConfigPath) | Foreach-Object { $_ -Replace "^($VarName=)(.*)", '$1' } | Set-Content $ConfigPath + Write-Host "undefined" + return + } + + if ($VarName -match '^TLS.*File$') { + $VarValue="$ZabbixUserHomeDir\enc\$VarValue" + } + + if ((Get-Content $ConfigPath | %{$_ -match "^$VarName="}) -contains $true -And $IsMultiple -ne $true) { + (Get-Content $ConfigPath) | Foreach-Object { $_ -Replace "^$VarName=.+", "$VarName=$VarValue" } | Set-Content $ConfigPath + + Write-Host updated + } + elseif ((Get-Content $ConfigPath | select-string -pattern "^[#;] $VarName=").length -gt 0) { + (Get-Content $ConfigPath) | + Foreach-Object { + $_ + if ($_ -match "^[#;] $VarName=") { + "$VarName=$VarValue" + } + } | Set-Content $ConfigPath + + Write-Host "added" + } + else { + Add-Content -Path $ConfigPath -Value "$VarName=$VarValue" + Write-Host "added at the end" + } +} + +function Update-Config-Multiple-Var { + Param ( + [Parameter(Mandatory=$true, Position=0)] + [ValidateNotNullOrEmpty()] + [string] $ConfigPath, + [Parameter(Mandatory=$true, Position=1)] + [ValidateNotNullOrEmpty()] + [string]$VarName, + [Parameter(Mandatory=$false, Position=2)] + [string]$VarValue = $null + ) + + foreach ($value in $VarValue.split(',')) { + Update-Config-Var $ConfigPath $VarName $value $true + } +} + +function Prepare-Zbx-Agent-Config { + Write-Host "** Preparing Zabbix agent configuration file" + + $ZbxAgentConfig="$ZabbixConfigDir\zabbix_agent2.win.conf" + + if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) { + $env:ZBX_PASSIVESERVERS="" + } + else { + $env:ZBX_PASSIVESERVERS=",$env:ZBX_PASSIVESERVERS" + } + + $env:ZBX_PASSIVESERVERS=$env:ZBX_SERVER_HOST + $env:ZBX_PASSIVESERVERS + + if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVESERVERS)) { + $env:ZBX_ACTIVESERVERS="" + } + else { + $env:ZBX_ACTIVESERVERS=",$env:ZBX_ACTIVESERVERS" + } + + $env:ZBX_ACTIVESERVERS=$env:ZBX_SERVER_HOST + ":" + $env:ZBX_SERVER_PORT + $env:ZBX_ACTIVESERVERS + + Update-Config-Var $ZbxAgentConfig "LogType" "console" + Update-Config-Var $ZbxAgentConfig "LogFile" + Update-Config-Var $ZbxAgentConfig "LogFileSize" + Update-Config-Var $ZbxAgentConfig "DebugLevel" "$env:ZBX_DEBUGLEVEL" + Update-Config-Var $ZbxAgentConfig "SourceIP" + Update-Config-Var $ZbxAgentConfig "LogRemoteCommands" "$env:ZBX_LOGREMOTECOMMANDS" + + if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVE_ALLOW)) { + $env:ZBX_PASSIVE_ALLOW="true" + } + + if ($env:ZBX_PASSIVE_ALLOW -eq "true") { + Write-Host "** Using '$env:ZBX_PASSIVESERVERS' servers for passive checks" + Update-Config-Var $ZbxAgentConfig "Server" "$env:ZBX_PASSIVESERVERS" + } + else { + Update-Config-Var $ZbxAgentConfig "Server" + } + + Update-Config-Var $ZbxAgentConfig "ListenPort" "$env:ZBX_LISTENPORT" + Update-Config-Var $ZbxAgentConfig "ListenIP" "$env:ZBX_LISTENIP" + + if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVE_ALLOW)) { + $env:ZBX_ACTIVE_ALLOW="true" + } + + if ($env:ZBX_PASSIVE_ALLOW -eq "true") { + Write-Host "** Using '$env:ZBX_ACTIVESERVERS' servers for active checks" + Update-Config-Var $ZbxAgentConfig "ServerActive" "$env:ZBX_ACTIVESERVERS" + } + else { + Update-Config-Var $ZbxAgentConfig "ServerActive" + } + + if ([string]::IsNullOrWhitespace($env:ZBX_ENABLEPERSISTENTBUFFER)) { + $env:ZBX_ENABLEPERSISTENTBUFFER="true" + } + + if ($env:ZBX_ENABLEPERSISTENTBUFFER -eq "true") { + Update-Config-Var $ZbxAgentConfig "EnablePersistentBuffer" "1" + Update-Config-Var $ZbxAgentConfig "PersistentBufferFile" "$ZabbixUserHomeDir\buffer\agent2.db" + Update-Config-Var $ZbxAgentConfig "PersistentBufferPeriod" "$env:ZBX_PERSISTENTBUFFERPERIOD" + } + else { + Update-Config-Var $ZbxAgentConfig "EnablePersistentBuffer" "0" + } + + if ([string]::IsNullOrWhitespace($env:ZBX_ENABLESTATUSPORT)) { + $env:ZBX_ENABLESTATUSPORT="true" + } + + if ($env:ZBX_ENABLESTATUSPORT -eq "true") { + Update-Config-Var $ZbxAgentConfig "StatusPort" "31999" + } + + Update-Config-Var $ZbxAgentConfig "Hostname" "$env:ZBX_HOSTNAME" + Update-Config-Var $ZbxAgentConfig "HostnameItem" "$env:ZBX_HOSTNAMEITEM" + Update-Config-Var $ZbxAgentConfig "HostMetadata" "$env:ZBX_METADATA" + Update-Config-Var $ZbxAgentConfig "HostMetadataItem" "$env:ZBX_METADATAITEM" + Update-Config-Var $ZbxAgentConfig "HostInterface" "$env:ZBX_HOSTINTERFACE" + Update-Config-Var $ZbxAgentConfig "HostInterfaceItem" "$env:ZBX_HOSTINTERFACEITEM" + Update-Config-Var $ZbxAgentConfig "RefreshActiveChecks" "$env:ZBX_REFRESHACTIVECHECKS" + Update-Config-Var $ZbxAgentConfig "BufferSend" "$env:ZBX_BUFFERSEND" + Update-Config-Var $ZbxAgentConfig "BufferSize" "$env:ZBX_BUFFERSIZE" + Update-Config-Var $ZbxAgentConfig "MaxLinesPerSecond" "$env:ZBX_MAXLINESPERSECOND" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" $env:ZBX_ALIAS + # Please use include to enable Perfcounter feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "PerfCounter" $env:ZBX_PERFCOUNTER + Update-Config-Var $ZbxAgentConfig "Timeout" "$env:ZBX_TIMEOUT" + Update-Config-Var $ZbxAgentConfig "Include" "$ZabbixConfigDir\zabbix_agentd.d\" + Update-Config-Var $ZbxAgentConfig "UnsafeUserParameters" "$env:ZBX_UNSAFEUSERPARAMETERS" + Update-Config-Var $ZbxAgentConfig "UserParameterDir" "$ZabbixUserHomeDir\user_scripts\" + Update-Config-Var $ZbxAgentConfig "TLSConnect" "$env:ZBX_TLSCONNECT" + Update-Config-Var $ZbxAgentConfig "TLSAccept" "$env:ZBX_TLSACCEPT" + Update-Config-Var $ZbxAgentConfig "TLSCAFile" "$env:ZBX_TLSCAFILE" + Update-Config-Var $ZbxAgentConfig "TLSCRLFile" "$env:ZBX_TLSCRLFILE" + Update-Config-Var $ZbxAgentConfig "TLSServerCertIssuer" "$env:ZBX_TLSSERVERCERTISSUER" + Update-Config-Var $ZbxAgentConfig "TLSServerCertSubject" "$env:ZBX_TLSSERVERCERTSUBJECT" + Update-Config-Var $ZbxAgentConfig "TLSCertFile" "$env:ZBX_TLSCERTFILE" + Update-Config-Var $ZbxAgentConfig "TLSCipherAll" "$env:ZBX_TLSCIPHERALL" + Update-Config-Var $ZbxAgentConfig "TLSCipherAll13" "$env:ZBX_TLSCIPHERALL13" + Update-Config-Var $ZbxAgentConfig "TLSCipherCert" "$env:ZBX_TLSCIPHERCERT" + Update-Config-Var $ZbxAgentConfig "TLSCipherCert13" "$env:ZBX_TLSCIPHERCERT13" + Update-Config-Var $ZbxAgentConfig "TLSCipherPSK" "$env:ZBX_TLSCIPHERPSK" + Update-Config-Var $ZbxAgentConfig "TLSCipherPSK13" "$env:ZBX_TLSCIPHERPSK13" + Update-Config-Var $ZbxAgentConfig "TLSKeyFile" "$env:ZBX_TLSKEYFILE" + Update-Config-Var $ZbxAgentConfig "TLSPSKIdentity" "$env:ZBX_TLSPSKIDENTITY" + Update-Config-Var $ZbxAgentConfig "TLSPSKFile" "$env:ZBX_TLSPSKFILE" + + Update-Config-Multiple-Var $ZbxAgentConfig "DenyKey" "$env:ZBX_DENYKEY" + Update-Config-Multiple-Var $ZbxAgentConfig "AllowKey" "$env:ZBX_ALLOWKEY" + +} + +function PrepareAgent { + Write-Host "** Preparing Zabbix agent" + Prepare-Zbx-Agent-Config +} + +$commandArgs=$args + +if ($args.length -gt 0 -And $args[0].Substring(0, 1) -eq '-') { + $commandArgs = "C:\zabbix\sbin\zabbix_agent2.exe " + $commandArgs +} + +if ($args.length -gt 0 -And $args[0] -eq "C:\zabbix\sbin\zabbix_agent2.exe") { + PrepareAgent +} + +if ($args.length -gt 0) { + Invoke-Expression "$CommandArgs" +} From 8f1283523e093cd61a4ee9c09e226620e321fd71 Mon Sep 17 00:00:00 2001 From: dotneft Date: Sat, 4 Sep 2021 05:05:08 +0300 Subject: [PATCH 102/253] Windows docker images for Agent and Agent2 components --- agent/windows/Dockerfile | 93 +++++++++++++++++++++++-------------- agent2/windows/Dockerfile | 98 +++++++++++++++++++++++---------------- 2 files changed, 116 insertions(+), 75 deletions(-) diff --git a/agent/windows/Dockerfile b/agent/windows/Dockerfile index 11492f477..af6409d62 100644 --- a/agent/windows/Dockerfile +++ b/agent/windows/Dockerfile @@ -26,36 +26,47 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref RUN Set-Location -Path "$env:SystemDrive"; ` Write-Verbose -Message 'Visual Studio components installing...'; ` Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` + $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` + if ((Get-FileHash "$env:SystemDrive\git-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum GIT for Windows failed!"; ` + exit 1; ` + }; ` Start-Process -FilePath "$env:SystemDrive\git-installer.exe" -argumentlist '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /NOCANCEL /SP- /LOG /COMPONENTS="icons,assoc,assoc_sh,ext,ext\shellhere,gitlfs' -wait; ` Remove-Item -Force -Path "$env:SystemDrive\git-installer.exe"; ` Invoke-WebRequest -OutFile "$env:SystemDrive\nasm-installer.exe" $env:NASM_URL; ` + $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` + if ((Get-FileHash "$env:SystemDrive\nasm-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum NASM failed!"; ` + exit 1; ` + }; ` Start-Process -FilePath "$env:SystemDrive\nasm-installer.exe" -argumentlist '/S'; ` Invoke-WebRequest -OutFile "$env:SystemDrive\perl-installer.msi" $env:PERL_URL; ` + $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` + if ((Get-FileHash "$env:SystemDrive\perl-installer.msi" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum Strawberry Perl failed!"; ` + exit 1; ` + }; ` Start-Process -FilePath "msiexec.exe" -argumentlist """/i C:\perl-installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" -wait; ` $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin"""; ` cpan Text::Template; ` Remove-Item -Force -Path "$env:SystemDrive\nasm-installer.exe"; ` Remove-Item -Force -Path "$env:SystemDrive\perl-installer.msi"; ` Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + $sha256 = 'f3a7e2868c203490a4095231e20e628bf661b7469f2d53626f3fbbdfc161d471'; ` + if ((Get-FileHash "$env:SystemDrive\vs_buildtools.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum Visual Studio Build tools failed!"; ` + exit 1; ` + }; ` Write-Host "Visual Studio components installing..."; ` cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` - --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 ` - --add Microsoft.VisualStudio.Component.VC.CMake.Project ` - --add Microsoft.VisualStudio.Workload.MSBuildTools ` - --add Microsoft.VisualStudio.Workload.NetCoreBuildTools ` - --add Microsoft.Net.Component.4.8.SDK ` - --remove Microsoft.VisualStudio.Component.Windows10SDK.10240 ` - --remove Microsoft.VisualStudio.Component.Windows10SDK.10586 ` - --remove Microsoft.VisualStudio.Component.Windows10SDK.14393 ` - --remove Microsoft.VisualStudio.Component.Windows81SDK ` - --remove Microsoft.VisualStudio.Component.WebDeploy ` - --remove Microsoft.Component.ClickOnce.MSBuild; ` + --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` - throw $err; ` + throw $err; ` }; ` + Wait-Process -name msiexec; ` Write-Host "Visual Studio components installed"; ` Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` @@ -65,6 +76,11 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` + $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` + if ((Get-FileHash "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum PCRE library failed!"; ` + exit 1; ` + }; ` Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive ; ` Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build"; ` New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` @@ -82,19 +98,24 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" https://www.openssl.org/source/openssl-$env:OPENSSL_VERSION.tar.gz; ` + $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` + if ((Get-FileHash "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum OpenSSL library failed!"; ` + exit 1; ` + }; ` tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build"; ` Set-Location -Path "$env:SystemDrive\openssl_build"; ` perl $env:SystemDrive\openssl_build\Configure ` - VC-WIN64A ` - no-shared ` - no-ui-console ` - no-tests ` -# enable-capieng ` - no-capieng ` - --api=1.1.0 ` - --prefix="$env:SystemDrive\openssl_output_$env:BUILD_ARCH ` - --openssldir="$env:SystemDrive\openssl_output_ssl"; ` + VC-WIN64A ` + no-shared ` + no-ui-console ` + no-tests ` +# enable-capieng ` + no-capieng ` + --api=1.1.0 ` + --prefix="$env:SystemDrive\openssl_output_$env:BUILD_ARCH" ` + --openssldir="$env:SystemDrive\openssl_output_ssl"; ` set CL=/MP; ` nmake; ` nmake install_sw; ` @@ -114,15 +135,15 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Set-Location -Path "$env:SystemDrive\libmodbus\src\win32"; ` cscript .\configure.js; ` msbuild modbus.vs16.sln ` - -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` - /property:Configuration="Release" ` - /property:Platform="$env:BUILD_ARCH" + -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /property:Configuration="Release" ` + /property:Platform="$env:BUILD_ARCH" FROM builder_base as builder_zabbix SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG MAJOR_VERSION=6,0 +ARG MAJOR_VERSION=6.0 ARG ZBX_VERSION=${MAJOR_VERSION}.0 ARG ZABBIX_VERSION_RC_NUM=2400 ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git @@ -140,17 +161,17 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project"; ` set CL=/MP; ` nmake -f Makefile ` - CPU=$env:CPU_MODEL ` - CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` - PCREINCDIR="$env:SystemDrive\pcre_build\build" ` - PCRELIBDIR="$env:SystemDrive\pcre_build\build\Release" TLS=openssl ` - RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` -# LIBS="Crypt32.lib" ` - TLSINCDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\include" ` - TLSLIBDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\lib" ` - MODBINCDIR="$env:SystemDrive\libmodbus\src" ` - MODBLIBDIR="$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release" ` - $env:ZBX_COMPONENT; ` + CPU=$env:CPU_MODEL ` + CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` + PCREINCDIR="$env:SystemDrive\pcre_build\build" ` + PCRELIBDIR="$env:SystemDrive\pcre_build\build\Release" TLS=openssl ` + RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` +# LIBS="Crypt32.lib" ` + TLSINCDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\include" ` + TLSLIBDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\lib" ` + MODBINCDIR="$env:SystemDrive\libmodbus\src" ` + MODBLIBDIR="$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release" ` + $env:ZBX_COMPONENT; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\sbin" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\conf" | Out-Null; ` diff --git a/agent2/windows/Dockerfile b/agent2/windows/Dockerfile index 77e49cef4..a91185695 100644 --- a/agent2/windows/Dockerfile +++ b/agent2/windows/Dockerfile @@ -29,7 +29,7 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` if ((Get-FileHash "$env:SystemDrive\git-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum failed!"; ` + Write-Host "Checksum GIT for Windows failed!"; ` exit 1; ` }; ` Start-Process -FilePath "$env:SystemDrive\git-installer.exe" -ArgumentList '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /NOCANCEL /SP- /LOG /COMPONENTS="icons,assoc,assoc_sh,ext,ext\shellhere,gitlfs' -wait; ` @@ -37,37 +37,43 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Invoke-WebRequest -OutFile "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" https://golang.org/dl/go$env:GOLANG_VERSION.windows-amd64.msi; ` $sha256 = '705254e0a459edae2c6bf4c88be0b4a14ac1cbbf9607a379112235f0271e6c4b'; ` if ((Get-FileHash "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum failed!"; ` + Write-Host "Checksum Go Lang failed!"; ` exit 1; ` }; ` Start-Process -FilePath "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Wait -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi"; ` Invoke-WebRequest -OutFile "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" https://www.7-zip.org/a/7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi; ` + $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` + if ((Get-FileHash "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum 7-zip failed!"; ` + exit 1; ` + }; ` Start-Process -FilePath "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Wait -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi"; ` Invoke-WebRequest -OutFile "$env:SystemDrive\mingw.7z" $env:MINGW_URL; ` + $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` + if ((Get-FileHash "$env:SystemDrive\mingw.7z" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum Mingw-w64 failed!"; ` + exit 1; ` + }; ` Start-Process -FilePath "${env:ProgramFiles}\7-Zip\7z.exe" -Wait -ArgumentList """x $env:SystemDrive\mingw.7z"""; ` Remove-Item -Force -Path "$env:SystemDrive\mingw.7z"; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + $sha256 = 'f3a7e2868c203490a4095231e20e628bf661b7469f2d53626f3fbbdfc161d471'; ` + if ((Get-FileHash "$env:SystemDrive\vs_buildtools.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum Visual Studio Build tools failed!"; ` + exit 1; ` + }; ` Write-Host "Visual Studio components installing..."; ` cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` - --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 ` - --add Microsoft.VisualStudio.Component.VC.CMake.Project ` - --add Microsoft.VisualStudio.Workload.MSBuildTools ` - --add Microsoft.VisualStudio.Workload.NetCoreBuildTools ` - --add Microsoft.Net.Component.4.8.SDK ` - --remove Microsoft.VisualStudio.Component.Windows10SDK.10240 ` - --remove Microsoft.VisualStudio.Component.Windows10SDK.10586 ` - --remove Microsoft.VisualStudio.Component.Windows10SDK.14393 ` - --remove Microsoft.VisualStudio.Component.Windows81SDK ` - --remove Microsoft.VisualStudio.Component.WebDeploy ` - --remove Microsoft.Component.ClickOnce.MSBuild; ` + --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` - throw $err; ` + throw $err; ` }; ` + Wait-Process -name msiexec; ` Write-Host "Visual Studio components installed"; ` Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` @@ -78,41 +84,56 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` - Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive ; ` + $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` + if ((Get-FileHash "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum PCRE library failed!"; ` + exit 1; ` + }; ` + Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive; ` Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build_mingw"; ` Set-Location -Path "$env:SystemDrive\pcre_build_mingw"; ` cmake ` - -G """MinGW Makefiles""" ` - -DBUILD_SHARED_LIBS=OFF ` - -DCMAKE_C_COMPILER=gcc ` - -DCMAKE_C_FLAGS="""-O2 -g""" ` - -DCMAKE_CXX_FLAGS="""-O2 -g""" ` - -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output_mingw""" . ; ` + -G """MinGW Makefiles""" ` + -DBUILD_SHARED_LIBS=OFF ` + -DCMAKE_C_COMPILER=gcc ` + -DCMAKE_C_FLAGS="""-O2 -g""" ` + -DCMAKE_CXX_FLAGS="""-O2 -g""" ` + -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output_mingw""" . ; ` mingw32-make -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install; ` Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" RUN Set-Location -Path "$env:SystemDrive"; ` (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup-x86_64.exe"""); ` - Start-Process "$env:SystemDrive\setup-x86_64.exe" -ArgumentList """-qnNdO -R $env:SystemDrive\Cygwin64 --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin64\var\cache\setup --packages perl""" -Wait -NoNewWindow; ` + $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` + if ((Get-FileHash "$env:SystemDrive\setup-x86_64.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum Cygwin failed!"; ` + exit 1; ` + }; ` + Start-Process "$env:SystemDrive\setup-x86_64.exe" -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" -Wait -NoNewWindow; ` Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" https://www.openssl.org/source/openssl-$env:OPENSSL_VERSION.tar.gz; ` + $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` + if ((Get-FileHash "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host "Checksum OpenSSL library failed!"; ` + exit 1; ` + }; ` tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build_mingw"; ` Set-Location -Path "$env:SystemDrive\openssl_build_mingw"; ` - $env:PATH+=""";$env:SystemDrive\mingw64\bin;$env:SystemDrive\Cygwin64\bin"""; ` + $env:PATH+=""";$env:SystemDrive\mingw64\bin;$env:SystemDrive\cygwin\bin"""; ` perl Configure ` - mingw64 ` - no-shared ` - no-ui-console ` - no-tests ` -# enable-capieng ` - no-capieng ` - --api=1.1.0 ` - --prefix="$env:SystemDrive\openssl_output_mingw" ` - --openssldir="$env:SystemDrive\openssl_output_ssl_mingw"; ` + mingw64 ` + no-shared ` + no-ui-console ` + no-tests ` +# enable-capieng ` + no-capieng ` + --api=1.1.0 ` + --prefix="$env:SystemDrive\openssl_output" ` + --openssldir="$env:SystemDrive\openssl_output_ssl"; ` mingw32-make -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` - Remove-Item -Recurse -Force -Path "$env:SystemDrive\Cygwin64"; ` + Remove-Item -Recurse -Force -Path "$env:SystemDrive\cygwin"; ` Remove-Item -Force -Path "$env:SystemDrive\setup-x86_64.exe" FROM builder_base as builder_zabbix @@ -137,11 +158,10 @@ RUN Set-Location -Path "$env:SystemDrive"; ` $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw"; ` mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" ` - PCRE="$env:SystemDrive\pcre_output_mingw" ` - OPENSSL="$env:SystemDrive\openssl_output_mingw" ` - RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` -# CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output_mingw\lib -L$env:SystemDrive\pcre_output_mingw\lib""" ` - OPENSSL="$env:SystemDrive\openssl_output_mingw"; ` +# CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output\lib -L$env:SystemDrive\pcre_output\lib""" ` + PCRE="$env:SystemDrive\pcre_output_mingw" ` + OPENSSL="$env:SystemDrive\openssl_output" ` + RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\sbin" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\conf" | Out-Null; ` From db3b3ecf04215f372c7aa4306be755e3c0275b41 Mon Sep 17 00:00:00 2001 From: dotneft Date: Sat, 4 Sep 2021 18:49:04 +0300 Subject: [PATCH 103/253] Windows docker images for Agent and Agent2 components --- agent/windows/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent/windows/Dockerfile b/agent/windows/Dockerfile index af6409d62..31ae73ae0 100644 --- a/agent/windows/Dockerfile +++ b/agent/windows/Dockerfile @@ -130,7 +130,7 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch libmodbus"""; ` Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj"; ` - Copy-Item -Path "$env:SystemDrive\modbus.vs16.sln" $env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln"; ` + Copy-Item -Path "$env:SystemDrive\modbus.vs16.sln" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln"; ` Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj.filters" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters"; ` Set-Location -Path "$env:SystemDrive\libmodbus\src\win32"; ` cscript .\configure.js; ` From f58ff1d69ec9bbe8757fea6f3258ae92ebcf2ab4 Mon Sep 17 00:00:00 2001 From: dotneft Date: Sat, 4 Sep 2021 23:57:40 +0300 Subject: [PATCH 104/253] Windows docker images for Agent and Agent2 components --- agent/windows/Dockerfile | 30 +++++++++++++++--------------- agent2/windows/Dockerfile | 32 ++++++++++++++++---------------- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/agent/windows/Dockerfile b/agent/windows/Dockerfile index 31ae73ae0..f80d71e56 100644 --- a/agent/windows/Dockerfile +++ b/agent/windows/Dockerfile @@ -23,7 +23,7 @@ ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` Write-Verbose -Message 'Visual Studio components installing...'; ` Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` @@ -72,7 +72,7 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` Remove-Item -Force -Recurse "$env:TEMP\*"; -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` @@ -93,7 +93,7 @@ RUN Set-Location -Path "$env:SystemDrive"; ` /target:pcre; ` Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin;$env:SystemDrive\Program Files\NASM"""; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` @@ -150,7 +150,7 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` @@ -207,18 +207,18 @@ COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator -RUN setx /M PATH """$env:PATH;C:\zabbix\sbin;C:\zabbix\bin;"""; ` - setx /M ZbxDir """C:\zabbix""" +RUN setx /M PATH """$env:PATH;$env:SystemDrive\zabbix\sbin;$env:SystemDrive\zabbix\bin;"""; ` + setx /M ZbxDir """$env:SystemDrive\zabbix""" -RUN Set-Location -Path "$env:SystemDrive"; ` - New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` - net user /add zabbix; ` - $acl = Get-Acl -Path $env:ZbxDir; ` - $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` - $acl.AddAccessRule($ace); ` - Set-Acl -AclObject $acl -Path $env:ZbxDir +RUN Set-Location -Path "$env:SystemDrive"\; ` + New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` + net user /add zabbix; ` + $acl = Get-Acl -Path $env:ZbxDir; ` + $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` + $acl.AddAccessRule($ace); ` + Set-Acl -AclObject $acl -Path $env:ZbxDir USER zabbix diff --git a/agent2/windows/Dockerfile b/agent2/windows/Dockerfile index a91185695..329638447 100644 --- a/agent2/windows/Dockerfile +++ b/agent2/windows/Dockerfile @@ -25,7 +25,7 @@ ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` if ((Get-FileHash "$env:SystemDrive\git-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` @@ -79,7 +79,7 @@ RUN Set-Location -Path "$env:SystemDrive"; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` Remove-Item -Force -Recurse "$env:TEMP\*"; -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` @@ -103,7 +103,7 @@ RUN Set-Location -Path "$env:SystemDrive"; ` mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install; ` Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup-x86_64.exe"""); ` $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` if ((Get-FileHash "$env:SystemDrive\setup-x86_64.exe" -Algorithm sha256).Hash -ne $sha256) { ` @@ -147,7 +147,7 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path "$env:SystemDrive"\; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` @@ -195,19 +195,19 @@ COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator -RUN setx /M PATH """$env:PATH;C:\zabbix\sbin;C:\zabbix\bin;"""; ` - setx /M ZbxDir """C:\zabbix""" +RUN setx /M PATH """$env:PATH;$env:SystemDrive\zabbix\sbin;$env:SystemDrive\zabbix\bin;"""; ` + setx /M ZbxDir """$env:SystemDrive\zabbix""" -RUN Set-Location -Path "$env:SystemDrive"; ` - New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\buffer" | Out-Null; ` - net user /add zabbix; ` - $acl = Get-Acl -Path $env:ZbxDir; ` - $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` - $acl.AddAccessRule($ace); ` - Set-Acl -AclObject $acl -Path $env:ZbxDir +RUN Set-Location -Path "$env:SystemDrive"\; ` + New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZbxDir\buffer" | Out-Null; ` + net user /add zabbix; ` + $acl = Get-Acl -Path $env:ZbxDir; ` + $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` + $acl.AddAccessRule($ace); ` + Set-Acl -AclObject $acl -Path $env:ZbxDir USER zabbix From 498f3d02eee7b00079a120215063e8c9e44e97e9 Mon Sep 17 00:00:00 2001 From: dotneft Date: Sat, 11 Sep 2021 23:36:06 +0300 Subject: [PATCH 105/253] Fixed Ubuntu based Agent2 image building. Go lang min version 1.16 --- agent2/ubuntu/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index 0a102b5af..932f6d647 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -58,6 +58,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ + export PATH=/usr/lib/go-1.16/bin:$PATH && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ @@ -69,7 +70,7 @@ RUN set -eux && \ pkg-config \ git \ g++ \ - golang && \ + golang-1.16 && \ cd /tmp/ && \ git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ From 9a2e0c9a0d43f49fa02f261139212dc02d1a6ba7 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 12 Sep 2021 08:39:47 +0200 Subject: [PATCH 106/253] Using EPEL to install tini package on OEL based images --- agent/ol/Dockerfile | 30 ++++-------------------------- agent2/ol/Dockerfile | 30 ++++-------------------------- proxy-mysql/ol/Dockerfile | 29 ++--------------------------- proxy-sqlite3/ol/Dockerfile | 27 ++------------------------- server-mysql/ol/Dockerfile | 29 ++--------------------------- server-pgsql/ol/Dockerfile | 33 ++++----------------------------- 6 files changed, 18 insertions(+), 160 deletions(-) diff --git a/agent/ol/Dockerfile b/agent/ol/Dockerfile index f1cf7b537..ed51c21ba 100644 --- a/agent/ol/Dockerfile +++ b/agent/ol/Dockerfile @@ -9,19 +9,9 @@ LABEL org.opencontainers.image.title="Zabbix agent" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -39,6 +29,7 @@ RUN set -eux && \ echo "" > /etc/yum/vars/ociregion && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="bash \ + tini \ tzdata \ iputils \ pcre \ @@ -47,21 +38,8 @@ RUN set -eux && \ zlib" && \ microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ + --enablerepo="ol8_developer_EPEL" \ install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -131,7 +109,7 @@ WORKDIR /var/lib/zabbix COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/agent2/ol/Dockerfile b/agent2/ol/Dockerfile index c071ef503..ca92443d4 100644 --- a/agent2/ol/Dockerfile +++ b/agent2/ol/Dockerfile @@ -9,19 +9,9 @@ LABEL org.opencontainers.image.title="Zabbix agent 2" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -40,6 +30,7 @@ RUN set -eux && \ echo "" > /etc/yum/vars/ociregion && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="bash \ + tini \ tzdata \ iputils \ pcre \ @@ -47,21 +38,8 @@ RUN set -eux && \ openssl-libs" && \ microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ + --enablerepo="ol8_developer_EPEL" \ install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -137,7 +115,7 @@ VOLUME ["/var/lib/zabbix/enc"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/proxy-mysql/ol/Dockerfile b/proxy-mysql/ol/Dockerfile index 1daf9bd2b..24b87bf25 100644 --- a/proxy-mysql/ol/Dockerfile +++ b/proxy-mysql/ol/Dockerfile @@ -9,21 +9,9 @@ LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -50,6 +38,7 @@ RUN set -eux && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable mysql && \ INSTALL_PKGS="libevent \ + tini \ systemd \ libssh \ file-libs \ @@ -68,20 +57,6 @@ RUN set -eux && \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -171,7 +146,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/proxy-sqlite3/ol/Dockerfile b/proxy-sqlite3/ol/Dockerfile index 8cdee0407..c6da81679 100644 --- a/proxy-sqlite3/ol/Dockerfile +++ b/proxy-sqlite3/ol/Dockerfile @@ -14,16 +14,6 @@ ENV TINI_VERSION=v0.19.0 COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -50,6 +40,7 @@ RUN set -eux && \ echo "" > /etc/yum/vars/ociregion && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="libevent \ + tini \ libssh \ fping \ file-libs \ @@ -66,20 +57,6 @@ RUN set -eux && \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -169,7 +146,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/server-mysql/ol/Dockerfile b/server-mysql/ol/Dockerfile index 36e78df87..1d1c6a598 100644 --- a/server-mysql/ol/Dockerfile +++ b/server-mysql/ol/Dockerfile @@ -9,21 +9,9 @@ LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -52,6 +40,7 @@ RUN set -eux && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable mysql && \ INSTALL_PKGS="fping \ + tini \ file-libs \ tzdata \ iputils \ @@ -73,20 +62,6 @@ RUN set -eux && \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -178,7 +153,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/server-pgsql/ol/Dockerfile b/server-pgsql/ol/Dockerfile index 00c0345e7..05da6d5a9 100644 --- a/server-pgsql/ol/Dockerfile +++ b/server-pgsql/ol/Dockerfile @@ -9,21 +9,9 @@ LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -52,6 +40,7 @@ RUN set -eux && \ echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="fping \ file-libs \ + tini \ iputils \ tzdata \ traceroute \ @@ -71,20 +60,6 @@ RUN set -eux && \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -177,8 +152,8 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] - +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + USER 1997 - + CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] From 2e0ee131fcff03c9eb04447ec0da440cd16bf7e5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 12 Sep 2021 08:45:51 +0200 Subject: [PATCH 107/253] Updated Alpine base image to 3.14 and build Agent with modbus support --- agent/alpine/Dockerfile | 3 +++ .../conf/etc/yum.repos.d/oracle-epel-ol8.repo | 6 ++++++ .../conf/etc/yum.repos.d/oracle-epel-ol8.repo | 6 ++++++ docker-compose_v3_alpine_mysql_local.yaml | 18 +++++++++--------- docker-compose_v3_alpine_pgsql_local.yaml | 18 +++++++++--------- 5 files changed, 33 insertions(+), 18 deletions(-) create mode 100644 agent/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo create mode 100644 agent2/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 755cca6a2..b59287c8f 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -33,6 +33,7 @@ RUN set -eux && \ iputils \ pcre \ libcurl \ + libmodbus \ libldap && \ rm -rf /var/cache/apk/* @@ -53,6 +54,7 @@ RUN set -eux && \ curl-dev \ openssl-dev \ openldap-dev \ + libmodbus-dev \ g++ \ pcre-dev \ make \ @@ -72,6 +74,7 @@ RUN set -eux && \ --prefix=/usr \ --enable-agent \ --with-libcurl \ + --with-libmodbus \ --with-ldap \ --with-openssl \ --enable-ipv6 \ diff --git a/agent/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo b/agent/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo new file mode 100644 index 000000000..6c99308a6 --- /dev/null +++ b/agent/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo @@ -0,0 +1,6 @@ +[ol8_developer_EPEL] +name=Oracle Linux $releasever EPEL Packages for Development ($basearch) +baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL8/developer/EPEL/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle +gpgcheck=1 +enabled=0 diff --git a/agent2/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo b/agent2/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo new file mode 100644 index 000000000..6c99308a6 --- /dev/null +++ b/agent2/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo @@ -0,0 +1,6 @@ +[ol8_developer_EPEL] +name=Oracle Linux $releasever EPEL Packages for Development ($basearch) +baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL8/developer/EPEL/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle +gpgcheck=1 +enabled=0 diff --git a/docker-compose_v3_alpine_mysql_local.yaml b/docker-compose_v3_alpine_mysql_local.yaml index 71eda1d23..5590a02d1 100644 --- a/docker-compose_v3_alpine_mysql_local.yaml +++ b/docker-compose_v3_alpine_mysql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-mysql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-server-mysql:alpine-local ports: - "10051:10051" @@ -71,7 +71,7 @@ services: build: context: ./proxy-sqlite3/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-proxy-sqlite3:alpine-local profiles: - all @@ -124,7 +124,7 @@ services: build: context: ./proxy-mysql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-proxy-mysql:alpine-local profiles: - all @@ -186,7 +186,7 @@ services: build: context: ./web-apache-mysql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-web-apache-mysql:alpine-local profiles: - all @@ -246,7 +246,7 @@ services: build: context: ./web-nginx-mysql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-web-nginx-mysql:alpine-local ports: - "80:8080" @@ -304,7 +304,7 @@ services: build: context: ./agent/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-agent:alpine-local profiles: - full @@ -348,7 +348,7 @@ services: build: context: ./java-gateway/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-java-gateway:alpine-local profiles: - full @@ -381,7 +381,7 @@ services: build: context: ./snmptraps/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-snmptraps:alpine-local profiles: - full @@ -414,7 +414,7 @@ services: build: context: ./web-service/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-web-service:alpine-local profiles: - full diff --git a/docker-compose_v3_alpine_pgsql_local.yaml b/docker-compose_v3_alpine_pgsql_local.yaml index 94afb51e6..792aab882 100644 --- a/docker-compose_v3_alpine_pgsql_local.yaml +++ b/docker-compose_v3_alpine_pgsql_local.yaml @@ -4,7 +4,7 @@ services: build: context: ./server-pgsql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-server-pgsql:alpine-local ports: - "10051:10051" @@ -70,7 +70,7 @@ services: build: context: ./proxy-sqlite3/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-proxy-sqlite3:alpine-local profiles: - all @@ -123,7 +123,7 @@ services: build: context: ./proxy-mysql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-proxy-mysql:alpine-local profiles: - all @@ -182,7 +182,7 @@ services: build: context: ./web-apache-pgsql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-web-apache-pgsql:alpine-local profiles: - all @@ -242,7 +242,7 @@ services: build: context: ./web-nginx-pgsql/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-web-nginx-pgsql:alpine-local ports: - "80:8080" @@ -300,7 +300,7 @@ services: build: context: ./agent/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-agent:alpine-local profiles: - full @@ -344,7 +344,7 @@ services: build: context: ./java-gateway/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-java-gateway:alpine-local profiles: - full @@ -377,7 +377,7 @@ services: build: context: ./snmptraps/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-snmptraps:alpine-local profiles: - full @@ -410,7 +410,7 @@ services: build: context: ./web-service/alpine cache_from: - - alpine:3.13 + - alpine:3.14 image: zabbix-web-service:alpine-local profiles: - full From 8d96c3908382f87911d06fc442ab786a0af9358e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 12 Sep 2021 09:00:33 -0400 Subject: [PATCH 108/253] Using EPEL to install tini package on RHEL based images --- agent/rhel/Dockerfile | 21 ++++----------------- agent2/rhel/Dockerfile | 21 ++++----------------- proxy-mysql/rhel/Dockerfile | 20 +++----------------- proxy-sqlite3/rhel/Dockerfile | 18 ++---------------- server-mysql/rhel/Dockerfile | 18 ++---------------- 5 files changed, 15 insertions(+), 83 deletions(-) diff --git a/agent/rhel/Dockerfile b/agent/rhel/Dockerfile index f60656bad..3bfee80c7 100644 --- a/agent/rhel/Dockerfile +++ b/agent/rhel/Dockerfile @@ -7,7 +7,6 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-agent-trunk" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -40,13 +39,15 @@ STOPSIGNAL SIGTERM COPY ["licenses", "/licenses"] RUN set -eux && INSTALL_PKGS="bash \ + tini \ tzdata \ iputils \ pcre \ libcurl" && \ - REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,epel" && \ dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ groupadd --system --gid 1995 zabbix && \ @@ -62,20 +63,6 @@ RUN set -eux && INSTALL_PKGS="bash \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ - curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ - curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -132,7 +119,7 @@ WORKDIR /var/lib/zabbix COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/agent2/rhel/Dockerfile b/agent2/rhel/Dockerfile index 93827180e..87eaa27d2 100644 --- a/agent2/rhel/Dockerfile +++ b/agent2/rhel/Dockerfile @@ -7,7 +7,6 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-agent2-trunk" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -40,13 +39,15 @@ STOPSIGNAL SIGTERM COPY ["licenses", "/licenses"] RUN set -eux && INSTALL_PKGS="bash \ + tini \ tzdata \ iputils \ pcre \ libcurl" && \ - REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ + REPOLIST="ubi-8-baseos,ubi-8-appstream,epel" && \ dnf -y update-minimal --disablerepo "*" --enablerepo "ubi-8-baseos" --setopt=tsflags=nodocs \ --security --sec-severity=Important --setopt=install_weak_deps=False --sec-severity=Critical && \ + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ groupadd --system --gid 1995 zabbix && \ @@ -63,20 +64,6 @@ RUN set -eux && INSTALL_PKGS="bash \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/buffer && \ - curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ - curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -140,7 +127,7 @@ VOLUME ["/var/lib/zabbix/enc"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/proxy-mysql/rhel/Dockerfile b/proxy-mysql/rhel/Dockerfile index 83a84167d..0fc385591 100644 --- a/proxy-mysql/rhel/Dockerfile +++ b/proxy-mysql/rhel/Dockerfile @@ -8,7 +8,6 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-proxy-mysql-trunk" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -35,12 +34,13 @@ LABEL name="zabbix/zabbix-proxy-mysql-trunk" \ org.label-schema.version="${ZBX_VERSION}" \ org.label-schema.vcs-url="${ZBX_SOURCES}" \ org.label-schema.docker.cmd="docker run --name zabbix-proxy --link mysql-server:mysql-server -p 10051:10051 -d registry.connect.redhat.com/zabbix/zabbix-proxy-mysql-trunk:${ZBX_VERSION}" - + STOPSIGNAL SIGTERM COPY ["licenses", "/licenses"] RUN set -eux && INSTALL_PKGS="bash \ + tini \ fping \ iputils \ libcurl \ @@ -82,20 +82,6 @@ RUN set -eux && INSTALL_PKGS="bash \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -171,7 +157,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/proxy-sqlite3/rhel/Dockerfile b/proxy-sqlite3/rhel/Dockerfile index b51f2e4dc..deb679279 100644 --- a/proxy-sqlite3/rhel/Dockerfile +++ b/proxy-sqlite3/rhel/Dockerfile @@ -8,7 +8,6 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-proxy-sqlite-trunk" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -41,6 +40,7 @@ STOPSIGNAL SIGTERM COPY ["licenses", "/licenses"] RUN set -eux && INSTALL_PKGS="bash \ + tini \ fping \ iputils \ libcurl \ @@ -80,20 +80,6 @@ RUN set -eux && INSTALL_PKGS="bash \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -166,7 +152,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/server-mysql/rhel/Dockerfile b/server-mysql/rhel/Dockerfile index ce7a4aabc..d8944b6d8 100644 --- a/server-mysql/rhel/Dockerfile +++ b/server-mysql/rhel/Dockerfile @@ -8,7 +8,6 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-server-mysql-trunk" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -41,6 +40,7 @@ STOPSIGNAL SIGTERM COPY ["licenses", "/licenses"] RUN set -eux && INSTALL_PKGS="bash \ + tini \ fping \ tzdata \ iputils \ @@ -84,20 +84,6 @@ RUN set -eux && INSTALL_PKGS="bash \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -r "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -175,7 +161,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 From f043ef99e898b1bb704aa7855f4ccae9a8564107 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 12 Sep 2021 08:49:37 +0200 Subject: [PATCH 109/253] Remove orphaned args --- proxy-sqlite3/ol/Dockerfile | 2 -- web-service/rhel/Dockerfile | 1 - 2 files changed, 3 deletions(-) diff --git a/proxy-sqlite3/ol/Dockerfile b/proxy-sqlite3/ol/Dockerfile index c6da81679..62c868375 100644 --- a/proxy-sqlite3/ol/Dockerfile +++ b/proxy-sqlite3/ol/Dockerfile @@ -9,8 +9,6 @@ LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 - COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ diff --git a/web-service/rhel/Dockerfile b/web-service/rhel/Dockerfile index b2c74656b..70aa9dcb2 100644 --- a/web-service/rhel/Dockerfile +++ b/web-service/rhel/Dockerfile @@ -7,7 +7,6 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ENV TINI_VERSION=v0.19.0 LABEL name="zabbix/zabbix-web-service-trunk" \ maintainer="alexey.pustovalov@zabbix.com" \ From 069b6631a041f8068ab16fe6cc99508c76854d58 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 12 Sep 2021 15:59:05 +0200 Subject: [PATCH 110/253] Fixed Agent2 compilation on OEL --- agent2/ol/Dockerfile | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/agent2/ol/Dockerfile b/agent2/ol/Dockerfile index ca92443d4..6b9b5f6e9 100644 --- a/agent2/ol/Dockerfile +++ b/agent2/ol/Dockerfile @@ -55,20 +55,44 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && REPOLIST="ol8_baseos_latest,ol8_appstream" && \ + PATH=/usr/local/go/bin:$PATH && \ INSTALL_PKGS="autoconf \ automake \ pcre-devel \ libcurl-devel \ - go \ make \ openssl-devel \ openldap-devel \ git \ + wget \ + tar \ gcc" && \ microdnf -y install --setopt=install_weak_deps=0 --best \ --nodocs dnf && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + x86_64) \ + url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ + sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ + ;; \ + aarch64) \ + url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ + sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ + ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + wget -O go.tgz.asc "$url.asc" && \ + wget -O go.tgz "$url" --progress=dot:giga && \ + echo "$sha256 *go.tgz" | sha256sum -c - && \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ + gpg --batch --verify go.tgz.asc go.tgz && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" go.tgz.asc && \ + tar -C /usr/local -xzf go.tgz && \ + rm go.tgz && \ cd /tmp/ && \ git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ @@ -98,6 +122,7 @@ RUN set -eux && REPOLIST="ol8_baseos_latest,ol8_appstream" && \ strip /usr/bin/zabbix_sender && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + rm -rf /usr/local/go/ && \ dnf -y history undo last && \ dnf -y clean all && \ microdnf -y remove dnf && \ From 9734874434272ce7d96a807df868c072967ffaff Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 12 Sep 2021 10:30:43 -0400 Subject: [PATCH 111/253] Fixed Agent2 compilation on RHEL --- agent2/rhel/Dockerfile | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/agent2/rhel/Dockerfile b/agent2/rhel/Dockerfile index 87eaa27d2..3af27e979 100644 --- a/agent2/rhel/Dockerfile +++ b/agent2/rhel/Dockerfile @@ -69,19 +69,43 @@ RUN set -eux && INSTALL_PKGS="bash \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki RUN set -eux && REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ + PATH=/usr/local/go/bin:$PATH && \ INSTALL_PKGS="autoconf \ automake \ libcurl-devel \ openssl-devel \ openldap-devel \ - golang \ gcc \ pcre-devel \ make \ git \ + wget \ + tar \ binutils" && \ dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + x86_64) \ + url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ + sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ + ;; \ + aarch64) \ + url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ + sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ + ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + wget -O go.tgz.asc "$url.asc" && \ + wget -O go.tgz "$url" --progress=dot:giga && \ + echo "$sha256 *go.tgz" | sha256sum -c - && \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ + gpg --batch --verify go.tgz.asc go.tgz && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" go.tgz.asc && \ + tar -C /usr/local -xzf go.tgz && \ + rm go.tgz && \ cd /tmp/ && \ git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ cd /tmp/zabbix-${ZBX_VERSION} && \ @@ -111,6 +135,7 @@ RUN set -eux && REPOLIST="ubi-8-baseos,ubi-8-appstream" && \ strip /usr/bin/zabbix_sender && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + rm -rf /usr/local/go/ && \ dnf -y history undo last && \ dnf -y clean all && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ From 18184f650e5fa3c05761dfd06b4781c3eb64cc32 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 00:06:51 +0200 Subject: [PATCH 112/253] Dedicated build environment for Alpine and Ubuntu based images --- agent/alpine/Dockerfile | 77 +--- agent/ubuntu/Dockerfile | 101 +---- agent2/alpine/Dockerfile | 78 +--- agent2/ubuntu/Dockerfile | 101 +---- build-base/alpine/.dockerignore | 1 + build-base/alpine/Dockerfile | 47 +++ build-base/alpine/build.sh | 1 + build-base/ubuntu/.dockerignore | 1 + build-base/ubuntu/Dockerfile | 48 +++ build-base/ubuntu/build.sh | 1 + build-mysql/alpine/.dockerignore | 1 + build-mysql/alpine/Dockerfile | 71 ++++ build-mysql/alpine/build.sh | 1 + build-mysql/ubuntu/.dockerignore | 1 + build-mysql/ubuntu/Dockerfile | 71 ++++ build-mysql/ubuntu/build.sh | 1 + build-pgsql/alpine/.dockerignore | 1 + build-pgsql/alpine/Dockerfile | 71 ++++ build-pgsql/alpine/build.sh | 1 + build-pgsql/ubuntu/.dockerignore | 1 + build-pgsql/ubuntu/Dockerfile | 71 ++++ build-pgsql/ubuntu/build.sh | 1 + build-sqlite3/alpine/.dockerignore | 1 + build-sqlite3/alpine/Dockerfile | 59 +++ build-sqlite3/alpine/build.sh | 1 + build-sqlite3/ubuntu/.dockerignore | 1 + build-sqlite3/ubuntu/Dockerfile | 59 +++ build-sqlite3/ubuntu/README.md | 304 ++++++++++++++ build-sqlite3/ubuntu/build.sh | 1 + build-sqlite3/ubuntu/docker-entrypoint.sh | 487 ++++++++++++++++++++++ build.sh | 2 +- docker-compose_v3_alpine_mysql_local.yaml | 60 ++- docker-compose_v3_alpine_pgsql_local.yaml | 67 +++ docker-compose_v3_ubuntu_mysql_local.yaml | 56 +++ docker-compose_v3_ubuntu_pgsql_local.yaml | 67 +++ java-gateway/alpine/Dockerfile | 71 +--- java-gateway/ubuntu/Dockerfile | 89 ++-- proxy-mysql/alpine/Dockerfile | 97 ++--- proxy-mysql/ubuntu/Dockerfile | 129 ++---- proxy-sqlite3/alpine/Dockerfile | 93 ++--- proxy-sqlite3/ubuntu/Dockerfile | 135 ++---- server-mysql/alpine/Dockerfile | 98 ++--- server-mysql/ubuntu/Dockerfile | 131 ++---- server-pgsql/alpine/Dockerfile | 102 ++--- server-pgsql/ubuntu/Dockerfile | 133 ++---- web-apache-mysql/alpine/Dockerfile | 51 +-- web-apache-mysql/ubuntu/Dockerfile | 52 +-- web-apache-pgsql/alpine/Dockerfile | 50 +-- web-apache-pgsql/ubuntu/Dockerfile | 52 +-- web-nginx-mysql/alpine/Dockerfile | 49 +-- web-nginx-mysql/ubuntu/Dockerfile | 57 ++- web-nginx-pgsql/alpine/Dockerfile | 49 +-- web-nginx-pgsql/ubuntu/Dockerfile | 61 ++- web-service/alpine/Dockerfile | 63 +-- web-service/ubuntu/Dockerfile | 71 +--- 55 files changed, 2142 insertions(+), 1404 deletions(-) create mode 100644 build-base/alpine/.dockerignore create mode 100644 build-base/alpine/Dockerfile create mode 120000 build-base/alpine/build.sh create mode 100644 build-base/ubuntu/.dockerignore create mode 100644 build-base/ubuntu/Dockerfile create mode 120000 build-base/ubuntu/build.sh create mode 100644 build-mysql/alpine/.dockerignore create mode 100644 build-mysql/alpine/Dockerfile create mode 120000 build-mysql/alpine/build.sh create mode 100644 build-mysql/ubuntu/.dockerignore create mode 100644 build-mysql/ubuntu/Dockerfile create mode 120000 build-mysql/ubuntu/build.sh create mode 100644 build-pgsql/alpine/.dockerignore create mode 100644 build-pgsql/alpine/Dockerfile create mode 120000 build-pgsql/alpine/build.sh create mode 100644 build-pgsql/ubuntu/.dockerignore create mode 100644 build-pgsql/ubuntu/Dockerfile create mode 120000 build-pgsql/ubuntu/build.sh create mode 100644 build-sqlite3/alpine/.dockerignore create mode 100644 build-sqlite3/alpine/Dockerfile create mode 120000 build-sqlite3/alpine/build.sh create mode 100644 build-sqlite3/ubuntu/.dockerignore create mode 100644 build-sqlite3/ubuntu/Dockerfile create mode 100644 build-sqlite3/ubuntu/README.md create mode 120000 build-sqlite3/ubuntu/build.sh create mode 100755 build-sqlite3/ubuntu/docker-entrypoint.sh diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index b59287c8f..a9f0420ce 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -1,14 +1,36 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd", "/usr/sbin/zabbix_agentd"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -35,62 +57,9 @@ RUN set -eux && \ libcurl \ libmodbus \ libldap && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - curl-dev \ - openssl-dev \ - openldap-dev \ - libmodbus-dev \ - g++ \ - pcre-dev \ - make \ - git && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --with-libcurl \ - --with-libmodbus \ - --with-ldap \ - --with-openssl \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10050/TCP diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 6b63c14be..fbe08cee5 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -1,25 +1,37 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd", "/usr/sbin/zabbix_agentd"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"] + RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -43,73 +55,6 @@ RUN set -eux && \ libcurl4 \ libmodbus5 \ libldap-2.4 && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - libcurl4-openssl-dev \ - libc6-dev \ - libmodbus-dev \ - libldap2-dev \ - libpcre3-dev \ - libssl-dev \ - make \ - pkg-config \ - git \ - gcc && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --with-libcurl \ - --with-libmodbus \ - --with-ldap \ - --with-openssl \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - apt-get -y purge \ - autoconf \ - automake \ - libcurl4-openssl-dev \ - libc6-dev \ - libmodbus-dev \ - libldap2-dev \ - libssl-dev \ - make \ - pkg-config \ - git \ - gcc && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ diff --git a/agent2/alpine/Dockerfile b/agent2/alpine/Dockerfile index f2768b809..d0539b55c 100644 --- a/agent2/alpine/Dockerfile +++ b/agent2/alpine/Dockerfile @@ -1,14 +1,36 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix agent 2" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2", "/usr/sbin/zabbix_agent2"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf", "/etc/zabbix/zabbix_agent2.conf"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -33,63 +55,9 @@ RUN set -eux && \ pcre \ coreutils \ iputils && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - go \ - g++ \ - make \ - git \ - pcre-dev \ - openssl-dev \ - zlib-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - export GOPATH=/tmp/zabbix-${ZBX_VERSION}/go && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --with-openssl \ - --enable-ipv6 \ - --enable-agent2 \ - --enable-agent \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 /usr/sbin/zabbix_agent2 && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ - strip /usr/sbin/zabbix_agent2 && \ - strip /usr/bin/zabbix_get && \ - strip /usr/bin/zabbix_sender && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10050/TCP 31999/TCP diff --git a/agent2/ubuntu/Dockerfile b/agent2/ubuntu/Dockerfile index 932f6d647..1649bc772 100644 --- a/agent2/ubuntu/Dockerfile +++ b/agent2/ubuntu/Dockerfile @@ -1,25 +1,37 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix agent 2" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2", "/usr/sbin/zabbix_agent2"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf", "/etc/zabbix/zabbix_agent2.conf"] + RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -43,73 +55,6 @@ RUN set -eux && \ libssl1.1 \ libcurl4 \ libldap-2.4 && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - export PATH=/usr/lib/go-1.16/bin:$PATH && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - libpcre3-dev \ - libssl-dev \ - zlib1g-dev \ - make \ - pkg-config \ - git \ - g++ \ - golang-1.16 && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --with-openssl \ - --enable-ipv6 \ - --enable-agent2 \ - --enable-agent \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 /usr/sbin/zabbix_agent2 && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ - strip /usr/sbin/zabbix_agent2 && \ - strip /usr/bin/zabbix_get && \ - strip /usr/bin/zabbix_sender && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - apt-get -y purge \ - autoconf \ - automake \ - libpcre3-dev \ - libssl-dev \ - zlib1g-dev \ - make \ - pkg-config \ - git \ - g++ \ - golang && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ diff --git a/build-base/alpine/.dockerignore b/build-base/alpine/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-base/alpine/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-base/alpine/Dockerfile b/build-base/alpine/Dockerfile new file mode 100644 index 000000000..422f49f86 --- /dev/null +++ b/build-base/alpine/Dockerfile @@ -0,0 +1,47 @@ +# syntax=docker/dockerfile:1 +FROM alpine:3.14 + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ JAVA_HOME=/usr/lib/jvm/default-jvm + +LABEL org.opencontainers.image.title="Zabbix build base" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + apk add --no-cache --clean-protected \ + bash \ + autoconf \ + automake \ + coreutils \ + curl-dev \ + libevent-dev \ + libssh-dev \ + sqlite-dev \ + libmodbus-dev \ + libxml2-dev \ + mysql-dev \ + net-snmp-dev \ + openipmi-dev \ + openldap-dev \ + pcre-dev \ + postgresql-dev \ + openjdk8 \ + gettext \ + git \ + g++ \ + go \ + make \ + openjdk8-jre-base \ + unixodbc-dev && \ + rm -rf /var/cache/apk/* \ No newline at end of file diff --git a/build-base/alpine/build.sh b/build-base/alpine/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-base/alpine/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-base/ubuntu/.dockerignore b/build-base/ubuntu/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-base/ubuntu/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-base/ubuntu/Dockerfile b/build-base/ubuntu/Dockerfile new file mode 100644 index 000000000..d8712ad0f --- /dev/null +++ b/build-base/ubuntu/Dockerfile @@ -0,0 +1,48 @@ +# syntax=docker/dockerfile:1 +FROM ubuntu:focal + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + PATH=/usr/lib/go-1.16/bin:$PATH + +LABEL org.opencontainers.image.title="Zabbix build base" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + bash \ + autoconf \ + automake \ + binutils \ + gcc \ + libc6-dev \ + libcurl4-openssl-dev \ + libevent-dev \ + libmodbus-dev \ + libldap2-dev \ + libmysqlclient-dev \ + libopenipmi-dev \ + libpcre3-dev \ + libsnmp-dev \ + libsqlite3-dev \ + libpq-dev \ + libssh-dev \ + libxml2-dev \ + make \ + openjdk-8-jdk-headless \ + pkg-config \ + gettext \ + git \ + golang-1.16 \ + unixodbc-dev \ No newline at end of file diff --git a/build-base/ubuntu/build.sh b/build-base/ubuntu/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-base/ubuntu/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-mysql/alpine/.dockerignore b/build-mysql/alpine/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-mysql/alpine/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-mysql/alpine/Dockerfile b/build-mysql/alpine/Dockerfile new file mode 100644 index 000000000..4901864b6 --- /dev/null +++ b/build-mysql/alpine/Dockerfile @@ -0,0 +1,71 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:alpine-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for MySQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-mysql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_server.sql.gz && \ + rm -rf database/mysql/create.sql && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \ + rm -rf database/mysql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-mysql/alpine/build.sh b/build-mysql/alpine/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-mysql/alpine/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-mysql/ubuntu/.dockerignore b/build-mysql/ubuntu/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-mysql/ubuntu/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-mysql/ubuntu/Dockerfile b/build-mysql/ubuntu/Dockerfile new file mode 100644 index 000000000..ec9752f1a --- /dev/null +++ b/build-mysql/ubuntu/Dockerfile @@ -0,0 +1,71 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ubuntu-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for MySQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-mysql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_server.sql.gz && \ + rm -rf database/mysql/create.sql && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \ + rm -rf database/mysql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-mysql/ubuntu/build.sh b/build-mysql/ubuntu/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-mysql/ubuntu/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-pgsql/alpine/.dockerignore b/build-pgsql/alpine/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-pgsql/alpine/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-pgsql/alpine/Dockerfile b/build-pgsql/alpine/Dockerfile new file mode 100644 index 000000000..20fa32909 --- /dev/null +++ b/build-pgsql/alpine/Dockerfile @@ -0,0 +1,71 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:alpine-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for PostgreSQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-postgresql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_server.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-pgsql/alpine/build.sh b/build-pgsql/alpine/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-pgsql/alpine/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-pgsql/ubuntu/.dockerignore b/build-pgsql/ubuntu/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-pgsql/ubuntu/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-pgsql/ubuntu/Dockerfile b/build-pgsql/ubuntu/Dockerfile new file mode 100644 index 000000000..2cf5c068d --- /dev/null +++ b/build-pgsql/ubuntu/Dockerfile @@ -0,0 +1,71 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ubuntu-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for PostgreSQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-postgresql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_server.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-pgsql/ubuntu/build.sh b/build-pgsql/ubuntu/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-pgsql/ubuntu/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-sqlite3/alpine/.dockerignore b/build-sqlite3/alpine/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-sqlite3/alpine/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-sqlite3/alpine/Dockerfile b/build-sqlite3/alpine/Dockerfile new file mode 100644 index 000000000..7ce035b48 --- /dev/null +++ b/build-sqlite3/alpine/Dockerfile @@ -0,0 +1,59 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:alpine-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" \ + org.opencontainers.image.title="Zabbix build base (SQLite3)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for SQLite3 based images" \ + org.opencontainers.image.licenses="GPL v2.0" + +RUN set -eux && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + ls -lah /tmp/ && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-proxy \ + --with-sqlite3 \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-sqlite3/alpine/build.sh b/build-sqlite3/alpine/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-sqlite3/alpine/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-sqlite3/ubuntu/.dockerignore b/build-sqlite3/ubuntu/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-sqlite3/ubuntu/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-sqlite3/ubuntu/Dockerfile b/build-sqlite3/ubuntu/Dockerfile new file mode 100644 index 000000000..ee9aa0c61 --- /dev/null +++ b/build-sqlite3/ubuntu/Dockerfile @@ -0,0 +1,59 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ubuntu-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" \ + org.opencontainers.image.title="Zabbix build base (SQLite3)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for SQLite3 based images" \ + org.opencontainers.image.licenses="GPL v2.0" + +RUN set -eux && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + ls -lah /tmp/ && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-proxy \ + --with-sqlite3 \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender \ No newline at end of file diff --git a/build-sqlite3/ubuntu/README.md b/build-sqlite3/ubuntu/README.md new file mode 100644 index 000000000..6683fbbd9 --- /dev/null +++ b/build-sqlite3/ubuntu/README.md @@ -0,0 +1,304 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix server? + +Zabbix server is the central process of Zabbix software. + +The server performs the polling and trapping of data, it calculates triggers, sends notifications to users. It is the central component to which Zabbix agents and proxies report data on availability and integrity of systems. The server can itself remotely check networked services (such as web servers and mail servers) using simple service checks. + +# Zabbix server images + +These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix server are: + + Zabbix server 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) + Zabbix server 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) + Zabbix server 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) + Zabbix server 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) + Zabbix server 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) + Zabbix server 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) + Zabbix server 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) + Zabbix server 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) + Zabbix server 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) + Zabbix server 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) + Zabbix server 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) + Zabbix server 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) + Zabbix server 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix server 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix server 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix server 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix server 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix server 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix server 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +The image uses MySQL database. It uses the next procedure to start: +- Checking database availability +- If ``MYSQL_ROOT_PASSWORD`` or ``MYSQL_ALLOW_EMPTY_PASSWORD`` are specified, the instance tries to create ``MYSQL_USER`` user with ``MYSQL_PASSWORD`` to use these credentials then for Zabbix server. +- Checking of having `MYSQL_DATABASE` database. Creating `MYSQL_DATABASE` database name if it does not exist +- Checking of having `dbversion` table. Creating Zabbix server database schema and upload initial data sample if no `dbversion` table + +# How to use this image + +## Start `zabbix-server-mysql` + +Start a Zabbix server container as follows: + + docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -d zabbix/zabbix-server-mysql:tag + +Where `some-zabbix-server-mysql` is the name you want to assign to your container, `some-mysql-server` is IP or DNS name of MySQL server, `some-user` is user to connect to Zabbix database on MySQL server, `some-password` is the password to connect to MySQL server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-server-mysql/tags/). + +## Container shell access and viewing Zabbix server logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-server-mysql` container: + +```console +$ docker exec -ti some-zabbix-server-mysql /bin/bash +``` + +The Zabbix server log is available through Docker's container log: + +```console +$ docker logs some-zabbix-server-mysql +``` + +## Environment Variables + +When you start the `zabbix-server-mysql` image, you can adjust the configuration of the Zabbix server by passing one or more environment variables on the `docker run` command line. + +### `DB_SERVER_HOST` + +This variable is IP or DNS name of MySQL server. By default, value is 'mysql-server' + +### `DB_SERVER_PORT` + +This variable is port of MySQL server. By default, value is '3306'. + +### `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_USER_FILE`, `MYSQL_PASSWORD_FILE` + +These variables are used by Zabbix server to connect to Zabbix database. With the `_FILE` variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either `MYSQL_USER` or `MYSQL_USER_FILE`! + +```console +docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -v ./.MYSQL_USER:/run/secrets/MYSQL_USER -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -v ./.MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/var/run/secrets/MYSQL_PASSWORD -d zabbix/zabbix-server-mysql:tag +``` + +With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster! + +```console +printf "zabbix" | docker secret create MYSQL_USER - +printf "zabbix" | docker secret create MYSQL_PASSWORD - +docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -e MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD -d zabbix/zabbix-server-mysql:tag +``` + +This method is also applicable for `MYSQL_ROOT_PASSWORD` with `MYSQL_ROOT_PASSWORD_FILE`. + +By default, values for `MYSQL_USER` and `MYSQL_PASSWORD` are `zabbix`, `zabbix`. + +### `MYSQL_DATABASE` + +The variable is Zabbix database name. By default, value is `zabbix`. + +### `ZBX_LOADMODULE` + +The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``4``. + +### `ZBX_JAVAGATEWAY_ENABLE` + +The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is `false`. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_DBTLSCONNECT= # Available since 5.0.0 +ZBX_DBTLSCAFILE= # Available since 5.0.0 +ZBX_DBTLSCERTFILE= # Available since 5.0.0 +ZBX_DBTLSKEYFILE= # Available since 5.0.0 +ZBX_DBTLSCIPHER= # Available since 5.0.0 +ZBX_DBTLSCIPHER13= # Available since 5.0.0 +ZBX_VAULTDBPATH= # Available since 5.2.0 +ZBX_VAULTURL=https://127.0.0.1:8200 # Available since 5.2.0 +VAULT_TOKEN= # Available since 5.2.0 +ZBX_LISTENIP= +ZBX_STARTREPORTWRITERS=0 # Available since 5.4.0 +ZBX_WEBSERVICEURL=http://zabbix-web-service:10053/report # Available since 5.4.0 +ZBX_HISTORYSTORAGEURL= # Available since 3.4.0 +ZBX_HISTORYSTORAGETYPES=uint,dbl,str,log,text # Available since 3.4.0 +ZBX_STARTPOLLERS=5 +ZBX_IPMIPOLLERS=0 +ZBX_STARTPREPROCESSORS=3 # Available since 3.4.0 +ZBX_STARTPOLLERSUNREACHABLE=1 +ZBX_STARTTRAPPERS=5 +ZBX_STARTPINGERS=1 +ZBX_STARTDISCOVERERS=1 +ZBX_STARTHISTORYPOLLERS=5 # Available since 5.4.0 +ZBX_STARTHTTPPOLLERS=1 +ZBX_STARTTIMERS=1 +ZBX_STARTESCALATORS=1 +ZBX_STARTALERTERS=3 # Available since 3.4.0 +ZBX_JAVAGATEWAY=zabbix-java-gateway +ZBX_JAVAGATEWAYPORT=10052 +ZBX_STARTJAVAPOLLERS=5 +ZBX_STARTLLDPROCESSORS=2 # Available since 4.2.0 +ZBX_STATSALLOWEDIP= # Available since 4.0.5 +ZBX_STARTVMWARECOLLECTORS=0 +ZBX_VMWAREFREQUENCY=60 +ZBX_VMWAREPERFFREQUENCY=60 +ZBX_VMWARECACHESIZE=8M +ZBX_VMWARETIMEOUT=10 +ZBX_ENABLE_SNMP_TRAPS=false +ZBX_SOURCEIP= +ZBX_HOUSEKEEPINGFREQUENCY=1 +ZBX_MAXHOUSEKEEPERDELETE=5000 +ZBX_SENDERFREQUENCY=30 +ZBX_CACHESIZE=8M +ZBX_CACHEUPDATEFREQUENCY=60 +ZBX_STARTDBSYNCERS=4 +ZBX_EXPORTFILESIZE=1G # Available since 4.0.0 +ZBX_EXPORTTYPE= # Available since 5.0.10 and 5.2.6 +ZBX_HISTORYCACHESIZE=16M +ZBX_HISTORYINDEXCACHESIZE=4M +ZBX_HISTORYSTORAGEDATEINDEX=0 # Available since 4.0.0 +ZBX_TRENDCACHESIZE=4M +ZBX_VALUECACHESIZE=8M +ZBX_TRAPPERTIMEOUT=300 +ZBX_UNREACHABLEPERIOD=45 +ZBX_UNAVAILABLEDELAY=60 +ZBX_UNREACHABLEDELAY=15 +ZBX_LOGSLOWQUERIES=3000 +ZBX_STARTPROXYPOLLERS=1 +ZBX_PROXYCONFIGFREQUENCY=3600 +ZBX_PROXYDATAFREQUENCY=1 +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSCIPHERALL= # Available since 4.4.7 +ZBX_TLSCIPHERALL13= # Available since 4.4.7 +ZBX_TLSCIPHERCERT= # Available since 4.4.7 +ZBX_TLSCIPHERCERT13= # Available since 4.4.7 +ZBX_TLSCIPHERPSK= # Available since 4.4.7 +ZBX_TLSCIPHERPSK13= # Available since 4.4.7 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. + +Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. + +## Allowed volumes for the Zabbix server container + +### ``/usr/lib/zabbix/alertscripts`` + +The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. + +### ``/usr/lib/zabbix/externalscripts`` + +The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/modules`` + +The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/ssh_keys`` + +The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/ssl/certs`` + +The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/ssl/keys`` + +The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/ssl/ssl_ca`` + +The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. + +### ``/var/lib/zabbix/snmptraps`` + +The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. +SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. + +### ``/var/lib/zabbix/mibs`` + +The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. + +### ``/var/lib/zabbix/export`` + +Directory for real-time export of events, history and trends in newline-delimited JSON format. Could be enabled using ``ZBX_EXPORTFILESIZE`` environment variable. + +# The image variants + +The `zabbix-server-mysql` images come in many flavors, each designed for a specific use case. + +## `zabbix-server-mysql:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-server-mysql:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-server-mysql:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`server-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/server-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/build-sqlite3/ubuntu/build.sh b/build-sqlite3/ubuntu/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-sqlite3/ubuntu/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-sqlite3/ubuntu/docker-entrypoint.sh b/build-sqlite3/ubuntu/docker-entrypoint.sh new file mode 100755 index 000000000..046c284ce --- /dev/null +++ b/build-sqlite3/ubuntu/docker-entrypoint.sh @@ -0,0 +1,487 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +# usage: file_env VAR [DEFAULT] +# as example: file_env 'MYSQL_PASSWORD' 'zabbix' +# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) +# unsets the VAR_FILE afterwards and just leaving VAR +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local defaultValue="${2:-}" + + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo "**** Both variables $var and $fileVar are set (but are exclusive)" + exit 1 + fi + + local val="$defaultValue" + + if [ "${!var:-}" ]; then + val="${!var}" + echo "** Using ${var} variable from ENV" + elif [ "${!fileVar:-}" ]; then + if [ ! -f "${!fileVar}" ]; then + echo "**** Secret file \"${!fileVar}\" is not found" + exit 1 + fi + val="$(< "${!fileVar}")" + echo "** Using ${var} variable from secret file" + fi + export "$var"="$val" + unset "$fileVar" +} + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("DBPassword TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + else + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +# Check prerequisites for MySQL database +check_variables_mysql() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} + USE_DB_ROOT_USER=false + CREATE_ZBX_DB_USER=false + file_env MYSQL_USER + file_env MYSQL_PASSWORD + + file_env MYSQL_ROOT_PASSWORD + + if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD,,}" == "true" ]; then + echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" + exit 1 + fi + + if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" != "true" ]; then + echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" + exit 1 + fi + + if [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then + USE_DB_ROOT_USER=true + DB_SERVER_ROOT_USER="root" + DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} + fi + + [ -n "${MYSQL_USER}" ] && [ "${USE_DB_ROOT_USER}" == "true" ] && CREATE_ZBX_DB_USER=true + + # If root password is not specified use provided credentials + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} + [ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} + DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} + DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} + + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} +} + +db_tls_params() { + local result="" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity} + result="--ssl-mode=$ssl_mode" + + if [ -n "${ZBX_DBTLSCAFILE}" ]; then + result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" + fi + + if [ -n "${ZBX_DBTLSKEYFILE}" ]; then + result="${result} --ssl-key=${ZBX_DBTLSKEYFILE}" + fi + + if [ -n "${ZBX_DBTLSCERTFILE}" ]; then + result="${result} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + fi + + echo $result +} + +check_db_connect_mysql() { + echo "********************" + echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" + echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" + echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" + if [ "${DEBUG_MODE,,}" == "true" ]; then + if [ "${USE_DB_ROOT_USER}" == "true" ]; then + echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" + echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" + fi + echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" + echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" + fi + echo "********************" + + WAIT_TIMEOUT=5 + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ + --silent --connect_timeout=10 $ssl_opts)" ]; do + echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." + sleep $WAIT_TIMEOUT + done + + unset MYSQL_PWD +} + +mysql_query() { + query=$1 + local result="" + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ + -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts) + + unset MYSQL_PWD + + echo $result +} + +create_db_user_mysql() { + [ "${CREATE_ZBX_DB_USER}" == "true" ] || return + + echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" + + USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") + + if [ -z "$USER_EXISTS" ]; then + mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null + else + mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null + fi + + mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null +} + +create_db_database_mysql() { + DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") + + if [ -z ${DB_EXISTS} ]; then + echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." + mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null + # better solution? + mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null + else + echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" + fi +} + +create_db_schema_mysql() { + DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") + + if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then + echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." + ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") + fi + + if [ -z "${ZBX_DB_VERSION}" ]; then + echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" + + ssl_opts="$(db_tls_params)" + + export MYSQL_PWD="${DB_SERVER_ROOT_PASS}" + + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ + -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ + -u ${DB_SERVER_ROOT_USER} $ssl_opts \ + ${DB_SERVER_DBNAME} 1>/dev/null + + unset MYSQL_PWD + fi +} + +update_zbx_config() { + echo "** Preparing Zabbix server configuration file" + + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf + + update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}" + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" + update_config_var $ZBX_CONFIG "LogType" "console" + update_config_var $ZBX_CONFIG "LogFile" + update_config_var $ZBX_CONFIG "LogFileSize" + update_config_var $ZBX_CONFIG "PidFile" + + update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" + fi + + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + + if [ -n "${VAULT_TOKEN}" ]; then + update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}" + update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPassword" + else + update_config_var $ZBX_CONFIG "VaultDBPath" + update_config_var $ZBX_CONFIG "VaultURL" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" + fi + + update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}" + : ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"} + update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}" + + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" + update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" + + update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" + + update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" + + update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" + update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" + update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" + update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" + update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" + update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" + update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}" + update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" + + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + + update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" + + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} + if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" + update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" + update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" + else + update_config_var $ZBX_CONFIG "JavaGateway" + update_config_var $ZBX_CONFIG "JavaGatewayPort" + update_config_var $ZBX_CONFIG "StartJavaPollers" + fi + + update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" + update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" + update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" + update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" + + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} + if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then + update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" + else + update_config_var $ZBX_CONFIG "SNMPTrapperFile" + update_config_var $ZBX_CONFIG "StartSNMPTrapper" + fi + + update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" + + update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" + + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" + + update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" + update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" + update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" + + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" + + update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}" + update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" + update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" + update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" + + update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" + update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" + + if [ -n "${ZBX_EXPORTFILESIZE}" ]; then + update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/" + update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" + update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}" + fi + + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" + + update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" + update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" + + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" + + update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" + update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" + update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" + update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" + update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" + + update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + + update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}" + update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}" + update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}" + update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}" + update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}" + update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}" + update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_CONFIG "AllowRoot" "1" + fi +} + +prepare_server() { + echo "** Preparing Zabbix server" + + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql + + update_zbx_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" + fi + +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server +fi + +exec "$@" + +################################################# diff --git a/build.sh b/build.sh index e16468bb0..6d1adb33d 100755 --- a/build.sh +++ b/build.sh @@ -37,7 +37,7 @@ else VCS_REF=$MAJOR_VERSION.$MINOR_VERSION fi -docker build -t zabbix-$app_component:$os-$version --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` -f Dockerfile . +DOCKER_BUILDKIT=1 docker build -t zabbix-$app_component:$os-$version --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` -f Dockerfile . if [ "$type" != "build" ]; then links="" diff --git a/docker-compose_v3_alpine_mysql_local.yaml b/docker-compose_v3_alpine_mysql_local.yaml index 5590a02d1..d47b713f8 100644 --- a/docker-compose_v3_alpine_mysql_local.yaml +++ b/docker-compose_v3_alpine_mysql_local.yaml @@ -1,10 +1,41 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./build-base/alpine + cache_from: + - alpine:3.14 + image: zabbix-build-base:alpine-local + + zabbix-build-mysql: + build: + context: ./build-mysql/alpine + cache_from: + - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-base:alpine-local + image: zabbix-build-mysql:alpine-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./build-sqlite3/alpine + cache_from: + - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-base:alpine-local + image: zabbix-build-sqlite3:alpine-local + depends_on: + - zabbix-build-base + zabbix-server: - build: + build: context: ./server-mysql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-server-mysql:alpine-local ports: - "10051:10051" @@ -44,6 +75,7 @@ services: # - root-ca.pem depends_on: - mysql-server + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -72,6 +104,8 @@ services: context: ./proxy-sqlite3/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:alpine-local image: zabbix-proxy-sqlite3:alpine-local profiles: - all @@ -105,6 +139,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -125,6 +160,8 @@ services: context: ./proxy-mysql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-proxy-mysql:alpine-local profiles: - all @@ -160,6 +197,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -187,6 +225,8 @@ services: context: ./web-apache-mysql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-web-apache-mysql:alpine-local profiles: - all @@ -218,6 +258,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -247,6 +288,8 @@ services: context: ./web-nginx-mysql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-web-nginx-mysql:alpine-local ports: - "80:8080" @@ -276,6 +319,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -305,7 +349,11 @@ services: context: ./agent/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-agent:alpine-local + deploy: + mode: global profiles: - full - all @@ -331,6 +379,8 @@ services: - .env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -349,6 +399,8 @@ services: context: ./java-gateway/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-java-gateway:alpine-local profiles: - full @@ -365,6 +417,8 @@ services: memory: 256M env_file: - .env_java + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -415,6 +469,8 @@ services: context: ./web-service/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-web-service:alpine-local profiles: - full @@ -435,6 +491,8 @@ services: memory: 256M env_file: - .env_web_service + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: diff --git a/docker-compose_v3_alpine_pgsql_local.yaml b/docker-compose_v3_alpine_pgsql_local.yaml index 792aab882..187def259 100644 --- a/docker-compose_v3_alpine_pgsql_local.yaml +++ b/docker-compose_v3_alpine_pgsql_local.yaml @@ -1,10 +1,52 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./build-base/alpine + cache_from: + - alpine:3.14 + image: zabbix-build-base:alpine-local + + zabbix-build-pgsql: + build: + context: ./build-pgsql/alpine + cache_from: + - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-base:alpine-local + image: zabbix-build-pgsql:alpine-local + depends_on: + - zabbix-build-base + + zabbix-build-mysql: + build: + context: ./build-mysql/alpine + cache_from: + - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-base:alpine-local + image: zabbix-build-mysql:alpine-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./build-sqlite3/alpine + cache_from: + - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-base:alpine-local + image: zabbix-build-sqlite3:alpine-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./server-pgsql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:alpine-local image: zabbix-server-pgsql:alpine-local ports: - "10051:10051" @@ -43,6 +85,7 @@ services: - POSTGRES_PASSWORD depends_on: - postgres-server + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -71,6 +114,8 @@ services: context: ./proxy-sqlite3/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:alpine-local image: zabbix-proxy-sqlite3:alpine-local profiles: - all @@ -104,6 +149,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -124,6 +170,8 @@ services: context: ./proxy-mysql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:alpine-local image: zabbix-proxy-mysql:alpine-local profiles: - all @@ -163,6 +211,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -183,6 +232,8 @@ services: context: ./web-apache-pgsql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:alpine-local image: zabbix-web-apache-pgsql:alpine-local profiles: - all @@ -214,6 +265,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -243,6 +295,8 @@ services: context: ./web-nginx-pgsql/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:alpine-local image: zabbix-web-nginx-pgsql:alpine-local ports: - "80:8080" @@ -272,6 +326,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -301,6 +356,8 @@ services: context: ./agent/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:alpine-local image: zabbix-agent:alpine-local profiles: - full @@ -327,6 +384,8 @@ services: - .env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -345,6 +404,8 @@ services: context: ./java-gateway/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:alpine-local image: zabbix-java-gateway:alpine-local profiles: - full @@ -361,6 +422,8 @@ services: memory: 256M env_file: - .env_java + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -411,6 +474,8 @@ services: context: ./web-service/alpine cache_from: - alpine:3.14 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:alpine-local image: zabbix-web-service:alpine-local profiles: - full @@ -431,6 +496,8 @@ services: memory: 256M env_file: - .env_web_service + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: diff --git a/docker-compose_v3_ubuntu_mysql_local.yaml b/docker-compose_v3_ubuntu_mysql_local.yaml index 7845fb56c..3ae1a1b84 100644 --- a/docker-compose_v3_ubuntu_mysql_local.yaml +++ b/docker-compose_v3_ubuntu_mysql_local.yaml @@ -1,10 +1,41 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./build-base/ubuntu + cache_from: + - ubuntu:focal + image: zabbix-build-base:ubuntu-local + + zabbix-build-mysql: + build: + context: ./build-mysql/ubuntu + cache_from: + - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-base:ubuntu-local + image: zabbix-build-mysql:ubuntu-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./build-sqlite3/ubuntu + cache_from: + - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-base:ubuntu-local + image: zabbix-build-sqlite3:ubuntu-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./server-mysql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-server-mysql:ubuntu-local ports: - "10051:10051" @@ -43,6 +74,7 @@ services: # - root-ca.pem depends_on: - mysql-server + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -71,6 +103,8 @@ services: context: ./proxy-sqlite3/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:ubuntu-local image: zabbix-proxy-sqlite3:ubuntu-local profiles: - all @@ -103,6 +137,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -123,6 +158,8 @@ services: context: ./proxy-mysql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-proxy-mysql:ubuntu-local profiles: - all @@ -157,6 +194,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -184,6 +222,8 @@ services: context: ./web-apache-mysql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-web-apache-mysql:ubuntu-local profiles: - all @@ -214,6 +254,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -243,6 +284,8 @@ services: context: ./web-nginx-mysql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-web-nginx-mysql:ubuntu-local ports: - "80:8080" @@ -271,6 +314,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -300,6 +344,8 @@ services: context: ./agent/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-agent:ubuntu-local profiles: - full @@ -325,6 +371,8 @@ services: - .env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -343,6 +391,8 @@ services: context: ./java-gateway/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-java-gateway:ubuntu-local profiles: - full @@ -359,6 +409,8 @@ services: memory: 256M env_file: - .env_java + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -409,6 +461,8 @@ services: context: ./web-service/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-web-service:ubuntu-local profiles: - full @@ -429,6 +483,8 @@ services: memory: 256M env_file: - .env_web_service + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index 9bee33071..9f813c329 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -1,10 +1,52 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./build-base/ubuntu + cache_from: + - ubuntu:focal + image: zabbix-build-base:ubuntu-local + + zabbix-build-pgsql: + build: + context: ./build-pgsql/ubuntu + cache_from: + - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-base:ubuntu-local + image: zabbix-build-pgsql:ubuntu-local + depends_on: + - zabbix-build-base + + zabbix-build-mysql: + build: + context: ./build-mysql/ubuntu + cache_from: + - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-base:ubuntu-local + image: zabbix-build-mysql:ubuntu-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./build-sqlite3/ubuntu + cache_from: + - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-base:ubuntu-local + image: zabbix-build-sqlite3:ubuntu-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./server-pgsql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ubuntu-local image: zabbix-server-pgsql:ubuntu-local ports: - "10051:10051" @@ -42,6 +84,7 @@ services: - POSTGRES_PASSWORD depends_on: - postgres-server + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -70,6 +113,8 @@ services: context: ./proxy-sqlite3/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:ubuntu-local image: zabbix-proxy-sqlite3:ubuntu-local profiles: - all @@ -102,6 +147,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -122,6 +168,8 @@ services: context: ./proxy-mysql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ubuntu-local image: zabbix-proxy-mysql:ubuntu-local profiles: - all @@ -160,6 +208,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -180,6 +229,8 @@ services: context: ./web-apache-pgsql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ubuntu-local image: zabbix-web-apache-pgsql:ubuntu-local profiles: - all @@ -210,6 +261,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -239,6 +291,8 @@ services: context: ./web-nginx-pgsql/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ubuntu-local image: zabbix-web-nginx-pgsql:ubuntu-local ports: - "80:8080" @@ -267,6 +321,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -296,6 +351,8 @@ services: context: ./agent/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ubuntu-local image: zabbix-agent:ubuntu-local profiles: - full @@ -321,6 +378,8 @@ services: - .env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -339,6 +398,8 @@ services: context: ./java-gateway/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ubuntu-local image: zabbix-java-gateway:ubuntu-local profiles: - full @@ -355,6 +416,8 @@ services: memory: 256M env_file: - .env_java + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -405,6 +468,8 @@ services: context: ./web-service/ubuntu cache_from: - ubuntu:focal + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ubuntu-local image: zabbix-web-service:ubuntu-local profiles: - full @@ -425,6 +490,8 @@ services: memory: 256M env_file: - .env_web_service + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 032cbdcbe..0368146ee 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -1,14 +1,36 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ JAVA_HOME=/usr/lib/jvm/default-jvm + LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -26,57 +48,10 @@ RUN set -eux && \ apk add --clean-protected --no-cache \ bash \ openjdk8-jre-base && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ JAVA_HOME=/usr/lib/jvm/default-jvm - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - coreutils \ - pkgconf \ - git \ - g++ \ - make \ - openjdk8 && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-java \ - --silent && \ - make -j"$(nproc)" -s && \ - mkdir -p /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10052/TCP diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index d4f7d2a9f..ab3123fed 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -1,14 +1,35 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.opencontainers.image.licenses="GPL v2.0" - + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ @@ -25,63 +46,7 @@ RUN set -eux && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ openjdk-8-jre-headless && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - libc6-dev \ - make \ - openjdk-8-jdk-headless \ - pkg-config \ - git \ - gcc && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-java \ - --silent && \ - make -j"$(nproc)" -s && \ - mkdir -p /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - autoconf \ - automake \ - libc6-dev \ - make \ - openjdk-8-jdk \ - pkg-config \ - git \ - gcc && \ apt-get -y autoremove && \ apt-get -y clean && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ @@ -90,16 +55,16 @@ RUN set -eux && \ rm -rf /var/lib/apt/lists/* EXPOSE 10052/TCP - + WORKDIR /var/lib/zabbix VOLUME ["/usr/sbin/zabbix_java/ext_lib"] COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] - + ENTRYPOINT ["docker-entrypoint.sh"] - + USER 1997 - + CMD ["/usr/sbin/zabbix_java_gateway"] diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index fd8cf8623..7846db4ea 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -1,14 +1,38 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -48,79 +72,12 @@ RUN set -eux && \ openipmi-libs \ pcre \ unixodbc \ +# Temporary!! + libmodbus \ fping && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - coreutils \ - curl-dev \ - libevent-dev \ - g++ \ - git \ - make \ - libssh-dev \ - libxml2-dev \ - mysql-dev \ - net-snmp-dev \ - openipmi-dev \ - openldap-dev \ - pcre-dev \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10051/TCP diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index 1d686e8c7..05f9af33f 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -1,25 +1,40 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"] + RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -56,102 +71,16 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ +# Temporary! + libmodbus5 \ mysql-client \ snmp-mibs-downloader \ unixodbc && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libmysqlclient-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libmysqlclient-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index c55607c09..f2b62249d 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -1,14 +1,36 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:alpine-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -45,79 +67,14 @@ RUN set -eux && \ libxml2 \ net-snmp-agent-libs \ openipmi-libs \ +# Temporary! + libmodbus \ pcre \ sqlite-libs \ unixodbc && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - coreutils \ - curl-dev \ - libevent-dev \ - libssh-dev \ - libxml2-dev \ - net-snmp-dev \ - openipmi-dev \ - openldap-dev \ - pcre-dev \ - sqlite-dev \ - git \ - g++ \ - make \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-sqlite3 \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10051/TCP diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 5dc61bee5..f477dcb3d 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -1,25 +1,38 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:ubuntu-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] + RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -56,110 +69,26 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ +# Temporary! + libmodbus5 \ snmp-mibs-downloader \ unixodbc && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libsqlite3-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-sqlite3 \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libsqlite3-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP - + WORKDIR /var/lib/zabbix - + VOLUME ["/var/lib/zabbix/snmptraps"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] - + ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] - + USER 1997 - + CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 0671b91fa..f4cb2b7c1 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -1,14 +1,38 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -45,6 +69,7 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ + libmodbus \ libssh \ libxml2 \ mariadb-client \ @@ -53,80 +78,9 @@ RUN set -eux && \ openipmi-libs \ pcre \ unixodbc && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - coreutils \ - curl-dev \ - libevent-dev \ - libssh-dev \ - libxml2-dev \ - mysql-dev \ - net-snmp-dev \ - openipmi-dev \ - openldap-dev \ - pcre-dev \ - git \ - g++ \ - make \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - cat database/mysql/images.sql >> database/mysql/create.sql && \ - cat database/mysql/data.sql >> database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10051/TCP diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index 315f06ea5..e65e8b3ea 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -1,25 +1,40 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"] + RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -61,104 +76,16 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ +# Temporary! + libmodbus5 \ mysql-client \ snmp-mibs-downloader \ unixodbc && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libmysqlclient-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - cat database/mysql/images.sql >> database/mysql/create.sql && \ - cat database/mysql/data.sql >> database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libmysqlclient-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libsnmp-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 696550356..73fc21aab 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -1,14 +1,39 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/create_server.sql.gz", "/usr/share/doc/zabbix-server-postgresql/create.sql.gz"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb.sql", "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -50,85 +75,14 @@ RUN set -eux && \ net-snmp-agent-libs \ openipmi-libs \ pcre \ +# Termporay! + libmodbus \ postgresql-client \ postgresql-libs \ unixodbc && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - alpine-sdk \ - autoconf \ - automake \ - coreutils \ - curl-dev \ - libevent-dev \ - libssh-dev \ - libxml2-dev \ - net-snmp-dev \ - openipmi-dev \ - openldap-dev \ - pcre-dev \ - postgresql-dev \ - git \ - g++ \ - make \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-postgresql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/postgresql/schema.sql > database/postgresql/create.sql && \ - cat database/postgresql/images.sql >> database/postgresql/create.sql && \ - cat database/postgresql/data.sql >> database/postgresql/create.sql && \ - gzip database/postgresql/create.sql && \ - cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ - cp database/postgresql/timescaledb.sql /usr/share/doc/zabbix-server-postgresql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10051/TCP diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 84b8cfff6..7c1e32f8a 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -1,25 +1,41 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/create_server.sql.gz", "/usr/share/doc/zabbix-server-postgresql/create.sql.gz"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb.sql", "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"] + RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -61,105 +77,16 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ +# Temporary! + libmodbus5 \ postgresql-client \ snmp-mibs-downloader \ unixodbc && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libpq-dev \ - libsnmp-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-postgresql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/postgresql/schema.sql > database/postgresql/create.sql && \ - cat database/postgresql/images.sql >> database/postgresql/create.sql && \ - cat database/postgresql/data.sql >> database/postgresql/create.sql && \ - gzip database/postgresql/create.sql && \ - cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ - cp database/postgresql/timescaledb.sql /usr/share/doc/zabbix-server-postgresql/timescaledb.sql && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - autoconf \ - automake \ - gcc \ - libc6-dev \ - libcurl4-openssl-dev \ - libevent-dev \ - libldap2-dev \ - libopenipmi-dev \ - libpcre3-dev \ - libpq-dev \ - libsnmp-dev \ - libssh-dev \ - libxml2-dev \ - make \ - pkg-config \ - git \ - unixodbc-dev && \ apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index a17762ecc..e6f005dbc 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -56,36 +76,13 @@ RUN set -eux && \ "/etc/apache2/conf.d/mpm.conf" && \ sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/httpd.conf && \ rm -rf "/var/run/apache2/" && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ - rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ + find /usr/share/zabbix/locale -name '*.po' | xargs rm -f && \ + find /usr/share/zabbix/locale -name '*.sh' | xargs rm -f && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ chmod -R g=u /etc/zabbix/ /usr/share/zabbix/include/defines.inc.php /usr/share/zabbix/modules/ && \ @@ -95,8 +92,6 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 8080/TCP 8443/TCP diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index 279b461ab..71d5cf861 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ @@ -51,37 +71,12 @@ RUN set -eux && \ sed -i 's/Listen 443/Listen 8443/g' /etc/apache2/ports.conf && \ sed -i 's|/var/run/apache2$SUFFIX|/tmp|g' /etc/apache2/envvars && \ rm -f /var/run/apache2/apache2.pid && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ + gettext && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ - rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ mkdir -p /var/lib/locales/supported.d/ && \ @@ -102,8 +97,7 @@ RUN set -eux && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - gettext \ - git && \ + gettext && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index 7a9d2c56c..a48004f72 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -32,7 +52,7 @@ RUN set -eux && \ php7-gd \ php7-gettext \ php7-json \ - php7-ldap \ + php7-ldap \ php7-pgsql \ php7-mbstring \ php7-session \ @@ -55,31 +75,7 @@ RUN set -eux && \ "/etc/apache2/conf.d/mpm.conf" && \ sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/httpd.conf && \ rm -rf "/var/run/apache2/" && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -94,8 +90,6 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 8080/TCP 8443/TCP diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index ebf8b0b28..82b70e5f9 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ @@ -51,37 +71,12 @@ RUN set -eux && \ sed -i 's/Listen 443/Listen 8443/g' /etc/apache2/ports.conf && \ sed -i 's|/var/run/apache2$SUFFIX|/tmp|g' /etc/apache2/envvars && \ rm -f /var/run/apache2/apache2.pid && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ + gettext && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ - rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ mkdir -p /var/lib/locales/supported.d/ && \ @@ -102,8 +97,7 @@ RUN set -eux && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - gettext \ - git && \ + gettext && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 18c526bb1..9a76eff49 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -49,32 +69,7 @@ RUN set -eux && \ rm -rf /etc/php7/php-fpm.d/www.conf && \ rm -f /etc/nginx/http.d/*.conf && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - coreutils \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -92,8 +87,6 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 8080/TCP 8443/TCP diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index ae2fdc789..47188a117 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ @@ -43,7 +63,8 @@ RUN set -eux && \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends \ + -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install \ curl \ mysql-client \ nginx \ @@ -61,38 +82,11 @@ RUN set -eux && \ rm -rf /var/cache/nginx/ && \ rm -f /etc/php/7.4/fpm/pool.d/www.conf && \ ln -sf /dev/fd/2 /var/log/nginx/error.log && \ + rm -f /etc/php/7.4/fpm/php-fpm.conf.dpkg-dist && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge gpg dirmngr gpg-agent && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ - rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ mkdir -p /var/lib/locales/supported.d/ && \ @@ -115,9 +109,6 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - gettext \ - git && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index fdced34c4..0fdcabaf2 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -48,32 +68,7 @@ RUN set -eux && \ rm -rf /etc/php7/php-fpm.d/www.conf && \ rm -f /etc/nginx/http.d/*.conf && \ ln -sf /dev/fd/2 /var/lib/nginx/logs/error.log && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - coreutils \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -91,8 +86,6 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 8080/TCP 8443/TCP diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 69f59341a..b660ca185 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -1,14 +1,34 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal -LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ groupadd --system --gid 1995 zabbix && \ @@ -43,7 +63,8 @@ RUN set -eux && \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends \ + -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install \ curl \ nginx \ locales \ @@ -61,38 +82,11 @@ RUN set -eux && \ rm -rf /var/cache/nginx/ && \ rm -f /etc/php/7.4/fpm/pool.d/www.conf && \ ln -sf /dev/fd/2 /var/log/nginx/error.log && \ + rm -f /etc/php/7.4/fpm/php-fpm.conf.dpkg-dist && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge gpg dirmngr gpg-agent && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ - rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ ln -s "/etc/zabbix/web/maintenance.inc.php" "/usr/share/zabbix/conf/maintenance.inc.php" && \ mkdir -p /var/lib/locales/supported.d/ && \ @@ -115,9 +109,6 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - DEBIAN_FRONTEND=noninteractive apt-get -y purge \ - gettext \ - git && \ apt-get -y autoremove && \ apt-get -y clean && \ rm -rf /var/lib/apt/lists/* diff --git a/web-service/alpine/Dockerfile b/web-service/alpine/Dockerfile index a52613cd7..4909a41ee 100644 --- a/web-service/alpine/Dockerfile +++ b/web-service/alpine/Dockerfile @@ -1,14 +1,32 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:alpine-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM alpine:3.14 +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + LABEL org.opencontainers.image.title="Zabbix web service" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service", "/usr/sbin/zabbix_web_service"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf", "/etc/zabbix/zabbix_web_service.conf"] + RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ adduser --system \ @@ -25,52 +43,9 @@ RUN set -eux && \ apk add --no-cache --clean-protected \ bash \ chromium && \ - rm -rf /var/cache/apk/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apk add --no-cache --virtual build-dependencies \ - autoconf \ - automake \ - go \ - g++ \ - make \ - git \ - pkgconf && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-webservice \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - apk del --purge --no-network \ - build-dependencies && \ rm -rf /var/cache/apk/* EXPOSE 10053/TCP diff --git a/web-service/ubuntu/Dockerfile b/web-service/ubuntu/Dockerfile index 85431a4f8..8cf90e286 100644 --- a/web-service/ubuntu/Dockerfile +++ b/web-service/ubuntu/Dockerfile @@ -1,14 +1,31 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ubuntu-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM ubuntu:focal +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + LABEL org.opencontainers.image.title="Zabbix web service" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service", "/usr/sbin/zabbix_web_service"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf", "/etc/zabbix/zabbix_web_service.conf"] COPY ["conf/etc/apt/preferences.d/chromium.pref", "/etc/apt/preferences.d/chromium.pref"] RUN set -eux && \ @@ -41,58 +58,6 @@ RUN set -eux && \ chromium-sandbox && \ DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gnupg && \ - apt-get -y autoremove && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - apt-get -y update && \ - DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ - autoconf \ - automake \ - make \ - pkg-config \ - git \ - g++ \ - golang && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-webservice \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - apt-get -y purge \ - autoconf \ - automake \ - make \ - pkg-config \ - git \ - g++ \ - golang && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ From 9b847d6ff61c1e1953a0286da1821d833b726893 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 00:07:21 +0200 Subject: [PATCH 113/253] Dedicated build environment for Alpine and Ubuntu based images --- build-sqlite3/ubuntu/README.md | 304 --------------------------------- 1 file changed, 304 deletions(-) delete mode 100644 build-sqlite3/ubuntu/README.md diff --git a/build-sqlite3/ubuntu/README.md b/build-sqlite3/ubuntu/README.md deleted file mode 100644 index 6683fbbd9..000000000 --- a/build-sqlite3/ubuntu/README.md +++ /dev/null @@ -1,304 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix server? - -Zabbix server is the central process of Zabbix software. - -The server performs the polling and trapping of data, it calculates triggers, sends notifications to users. It is the central component to which Zabbix agents and proxies report data on availability and integrity of systems. The server can itself remotely check networked services (such as web servers and mail servers) using simple service checks. - -# Zabbix server images - -These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix server are: - - Zabbix server 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) - Zabbix server 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) - Zabbix server 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) - Zabbix server 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix server 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) - Zabbix server 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix server 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix server 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix server 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) - Zabbix server 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix server 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) - Zabbix server 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) - Zabbix server 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) - Zabbix server 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) - Zabbix server 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) - Zabbix server 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) - Zabbix server 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) - Zabbix server 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) - Zabbix server 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -The image uses MySQL database. It uses the next procedure to start: -- Checking database availability -- If ``MYSQL_ROOT_PASSWORD`` or ``MYSQL_ALLOW_EMPTY_PASSWORD`` are specified, the instance tries to create ``MYSQL_USER`` user with ``MYSQL_PASSWORD`` to use these credentials then for Zabbix server. -- Checking of having `MYSQL_DATABASE` database. Creating `MYSQL_DATABASE` database name if it does not exist -- Checking of having `dbversion` table. Creating Zabbix server database schema and upload initial data sample if no `dbversion` table - -# How to use this image - -## Start `zabbix-server-mysql` - -Start a Zabbix server container as follows: - - docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER="some-user" -e MYSQL_PASSWORD="some-password" -d zabbix/zabbix-server-mysql:tag - -Where `some-zabbix-server-mysql` is the name you want to assign to your container, `some-mysql-server` is IP or DNS name of MySQL server, `some-user` is user to connect to Zabbix database on MySQL server, `some-password` is the password to connect to MySQL server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-server-mysql/tags/). - -## Container shell access and viewing Zabbix server logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-server-mysql` container: - -```console -$ docker exec -ti some-zabbix-server-mysql /bin/bash -``` - -The Zabbix server log is available through Docker's container log: - -```console -$ docker logs some-zabbix-server-mysql -``` - -## Environment Variables - -When you start the `zabbix-server-mysql` image, you can adjust the configuration of the Zabbix server by passing one or more environment variables on the `docker run` command line. - -### `DB_SERVER_HOST` - -This variable is IP or DNS name of MySQL server. By default, value is 'mysql-server' - -### `DB_SERVER_PORT` - -This variable is port of MySQL server. By default, value is '3306'. - -### `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_USER_FILE`, `MYSQL_PASSWORD_FILE` - -These variables are used by Zabbix server to connect to Zabbix database. With the `_FILE` variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either `MYSQL_USER` or `MYSQL_USER_FILE`! - -```console -docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -v ./.MYSQL_USER:/run/secrets/MYSQL_USER -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -v ./.MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/var/run/secrets/MYSQL_PASSWORD -d zabbix/zabbix-server-mysql:tag -``` - -With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster! - -```console -printf "zabbix" | docker secret create MYSQL_USER - -printf "zabbix" | docker secret create MYSQL_PASSWORD - -docker run --name some-zabbix-server-mysql -e DB_SERVER_HOST="some-mysql-server" -e MYSQL_USER_FILE=/run/secrets/MYSQL_USER -e MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD -d zabbix/zabbix-server-mysql:tag -``` - -This method is also applicable for `MYSQL_ROOT_PASSWORD` with `MYSQL_ROOT_PASSWORD_FILE`. - -By default, values for `MYSQL_USER` and `MYSQL_PASSWORD` are `zabbix`, `zabbix`. - -### `MYSQL_DATABASE` - -The variable is Zabbix database name. By default, value is `zabbix`. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_server.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``4``. - -### `ZBX_JAVAGATEWAY_ENABLE` - -The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is `false`. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_DBTLSCONNECT= # Available since 5.0.0 -ZBX_DBTLSCAFILE= # Available since 5.0.0 -ZBX_DBTLSCERTFILE= # Available since 5.0.0 -ZBX_DBTLSKEYFILE= # Available since 5.0.0 -ZBX_DBTLSCIPHER= # Available since 5.0.0 -ZBX_DBTLSCIPHER13= # Available since 5.0.0 -ZBX_VAULTDBPATH= # Available since 5.2.0 -ZBX_VAULTURL=https://127.0.0.1:8200 # Available since 5.2.0 -VAULT_TOKEN= # Available since 5.2.0 -ZBX_LISTENIP= -ZBX_STARTREPORTWRITERS=0 # Available since 5.4.0 -ZBX_WEBSERVICEURL=http://zabbix-web-service:10053/report # Available since 5.4.0 -ZBX_HISTORYSTORAGEURL= # Available since 3.4.0 -ZBX_HISTORYSTORAGETYPES=uint,dbl,str,log,text # Available since 3.4.0 -ZBX_STARTPOLLERS=5 -ZBX_IPMIPOLLERS=0 -ZBX_STARTPREPROCESSORS=3 # Available since 3.4.0 -ZBX_STARTPOLLERSUNREACHABLE=1 -ZBX_STARTTRAPPERS=5 -ZBX_STARTPINGERS=1 -ZBX_STARTDISCOVERERS=1 -ZBX_STARTHISTORYPOLLERS=5 # Available since 5.4.0 -ZBX_STARTHTTPPOLLERS=1 -ZBX_STARTTIMERS=1 -ZBX_STARTESCALATORS=1 -ZBX_STARTALERTERS=3 # Available since 3.4.0 -ZBX_JAVAGATEWAY=zabbix-java-gateway -ZBX_JAVAGATEWAYPORT=10052 -ZBX_STARTJAVAPOLLERS=5 -ZBX_STARTLLDPROCESSORS=2 # Available since 4.2.0 -ZBX_STATSALLOWEDIP= # Available since 4.0.5 -ZBX_STARTVMWARECOLLECTORS=0 -ZBX_VMWAREFREQUENCY=60 -ZBX_VMWAREPERFFREQUENCY=60 -ZBX_VMWARECACHESIZE=8M -ZBX_VMWARETIMEOUT=10 -ZBX_ENABLE_SNMP_TRAPS=false -ZBX_SOURCEIP= -ZBX_HOUSEKEEPINGFREQUENCY=1 -ZBX_MAXHOUSEKEEPERDELETE=5000 -ZBX_SENDERFREQUENCY=30 -ZBX_CACHESIZE=8M -ZBX_CACHEUPDATEFREQUENCY=60 -ZBX_STARTDBSYNCERS=4 -ZBX_EXPORTFILESIZE=1G # Available since 4.0.0 -ZBX_EXPORTTYPE= # Available since 5.0.10 and 5.2.6 -ZBX_HISTORYCACHESIZE=16M -ZBX_HISTORYINDEXCACHESIZE=4M -ZBX_HISTORYSTORAGEDATEINDEX=0 # Available since 4.0.0 -ZBX_TRENDCACHESIZE=4M -ZBX_VALUECACHESIZE=8M -ZBX_TRAPPERTIMEOUT=300 -ZBX_UNREACHABLEPERIOD=45 -ZBX_UNAVAILABLEDELAY=60 -ZBX_UNREACHABLEDELAY=15 -ZBX_LOGSLOWQUERIES=3000 -ZBX_STARTPROXYPOLLERS=1 -ZBX_PROXYCONFIGFREQUENCY=3600 -ZBX_PROXYDATAFREQUENCY=1 -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -ZBX_TLSCIPHERALL= # Available since 4.4.7 -ZBX_TLSCIPHERALL13= # Available since 4.4.7 -ZBX_TLSCIPHERCERT= # Available since 4.4.7 -ZBX_TLSCIPHERCERT13= # Available since 4.4.7 -ZBX_TLSCIPHERPSK= # Available since 4.4.7 -ZBX_TLSCIPHERPSK13= # Available since 4.4.7 -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_server.conf``. For example, ``ZBX_LOGSLOWQUERIES`` = ``LogSlowQueries``. - -Please use official documentation for [``zabbix_server.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server) to get more information about the variables. - -## Allowed volumes for the Zabbix server container - -### ``/usr/lib/zabbix/alertscripts`` - -The volume is used for custom alert scripts. It is `AlertScriptsPath` parameter in ``zabbix_server.conf``. - -### ``/usr/lib/zabbix/externalscripts`` - -The volume is used by External checks (type of items). It is `ExternalScripts` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix server using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/ssh_keys`` - -The volume is used as location of public and private keys for SSH checks and actions. It is `SSHKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/certs`` - -The volume is used as location of of SSL client certificate files for client authentication. It is `SSLCertLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/keys`` - -The volume is used as location of SSL private key files for client authentication. It is `SSLKeyLocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/ssl/ssl_ca`` - -The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is `SSLCALocation` parameter in ``zabbix_server.conf``. - -### ``/var/lib/zabbix/snmptraps`` - -The volume is used as location of ``snmptraps.log`` file. It could be shared by ``zabbix-snmptraps`` container and inherited using `volumes_from` Docker option while creating new instance of Zabbix server. -SNMP traps processing feature could be enabled using shared volume and switched ``ZBX_ENABLE_SNMP_TRAPS`` environment variable to `true`. - -### ``/var/lib/zabbix/mibs`` - -The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to ``/var/lib/zabbix/mibs``. - -### ``/var/lib/zabbix/export`` - -Directory for real-time export of events, history and trends in newline-delimited JSON format. Could be enabled using ``ZBX_EXPORTFILESIZE`` environment variable. - -# The image variants - -The `zabbix-server-mysql` images come in many flavors, each designed for a specific use case. - -## `zabbix-server-mysql:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -## `zabbix-server-mysql:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-server-mysql:ol-` - -Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`server-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/server-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. From 2b7d26b4cabd5664d4d9523109c1e0e11708696b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 03:35:17 +0200 Subject: [PATCH 114/253] Dedicated build environment for Oracle Linux based images --- agent/centos/Dockerfile | 1 + agent/ol/Dockerfile | 89 +++++-------- agent2/ol/Dockerfile | 121 +++++------------- build-base/ol/.dockerignore | 1 + build-base/ol/Dockerfile | 76 +++++++++++ build-base/ol/build.sh | 1 + .../conf/etc/yum.repos.d/oracle-epel-ol8.repo | 6 + build-mysql/ol/.dockerignore | 1 + build-mysql/ol/Dockerfile | 70 ++++++++++ build-mysql/ol/build.sh | 1 + build-pgsql/ol/.dockerignore | 1 + build-pgsql/ol/Dockerfile | 71 ++++++++++ build-pgsql/ol/build.sh | 1 + build-sqlite3/alpine/Dockerfile | 12 +- build-sqlite3/ol/.dockerignore | 1 + build-sqlite3/ol/Dockerfile | 58 +++++++++ build-sqlite3/ol/build.sh | 1 + docker-compose_v3_ol_mysql_local.yaml | 56 ++++++++ docker-compose_v3_ol_pgsql_local.yaml | 67 ++++++++++ java-gateway/ol/Dockerfile | 85 +++++------- proxy-mysql/ol/Dockerfile | 113 +++++----------- proxy-sqlite3/ol/Dockerfile | 111 +++++----------- server-mysql/ol/Dockerfile | 116 +++++------------ server-pgsql/ol/Dockerfile | 117 +++++------------ web-apache-mysql/ol/Dockerfile | 73 +++++------ web-apache-pgsql/ol/Dockerfile | 77 +++++------ web-nginx-mysql/ol/Dockerfile | 70 +++++----- web-nginx-pgsql/ol/Dockerfile | 73 +++++------ web-service/ol/Dockerfile | 80 ++++-------- 29 files changed, 786 insertions(+), 764 deletions(-) create mode 100644 build-base/ol/.dockerignore create mode 100644 build-base/ol/Dockerfile create mode 120000 build-base/ol/build.sh create mode 100644 build-base/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo create mode 100644 build-mysql/ol/.dockerignore create mode 100644 build-mysql/ol/Dockerfile create mode 120000 build-mysql/ol/build.sh create mode 100644 build-pgsql/ol/.dockerignore create mode 100644 build-pgsql/ol/Dockerfile create mode 120000 build-pgsql/ol/build.sh create mode 100644 build-sqlite3/ol/.dockerignore create mode 100644 build-sqlite3/ol/Dockerfile create mode 120000 build-sqlite3/ol/build.sh diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 7e084cec8..c44987c5a 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -41,6 +41,7 @@ RUN set -eux && \ zlib \ tzdata \ openssl-libs && \ + dnf -y upgrade && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ export GNUPGHOME="$(mktemp -d)" && \ diff --git a/agent/ol/Dockerfile b/agent/ol/Dockerfile index ed51c21ba..0d20516d8 100644 --- a/agent/ol/Dockerfile +++ b/agent/ol/Dockerfile @@ -1,14 +1,35 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd", "/usr/sbin/zabbix_agentd"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -36,70 +57,18 @@ RUN set -eux && \ libcurl \ openssl-libs \ zlib" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && REPOLIST="ol8_baseos_latest,ol8_appstream" && \ - INSTALL_PKGS="autoconf \ - automake \ - pcre-devel \ - libcurl-devel \ - make \ - openssl-devel \ - openldap-devel \ - git \ - gcc" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --with-libcurl \ - --with-ldap \ - --with-openssl \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/agent2/ol/Dockerfile b/agent2/ol/Dockerfile index 6b9b5f6e9..077e377cc 100644 --- a/agent2/ol/Dockerfile +++ b/agent2/ol/Dockerfile @@ -1,14 +1,35 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix agent 2" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2", "/usr/sbin/zabbix_agent2"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf", "/etc/zabbix/zabbix_agent2.conf"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -26,9 +47,6 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/buffer && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="bash \ tini \ tzdata \ @@ -36,99 +54,18 @@ RUN set -eux && \ pcre \ libcurl \ openssl-libs" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && REPOLIST="ol8_baseos_latest,ol8_appstream" && \ - PATH=/usr/local/go/bin:$PATH && \ - INSTALL_PKGS="autoconf \ - automake \ - pcre-devel \ - libcurl-devel \ - make \ - openssl-devel \ - openldap-devel \ - git \ - wget \ - tar \ - gcc" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - x86_64) \ - url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ - sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ - ;; \ - aarch64) \ - url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ - sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ - ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ - wget -O go.tgz.asc "$url.asc" && \ - wget -O go.tgz "$url" --progress=dot:giga && \ - echo "$sha256 *go.tgz" | sha256sum -c - && \ - GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ - gpg --batch --verify go.tgz.asc go.tgz && \ - gpgconf --kill all && \ - rm -rf "$GNUPGHOME" go.tgz.asc && \ - tar -C /usr/local -xzf go.tgz && \ - rm go.tgz && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - export GOPATH=/tmp/zabbix-${ZBX_VERSION}/go && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --with-openssl \ - --enable-ipv6 \ - --enable-agent2 \ - --enable-agent \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 /usr/sbin/zabbix_agent2 && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ - strip /usr/sbin/zabbix_agent2 && \ - strip /usr/bin/zabbix_get && \ - strip /usr/bin/zabbix_sender && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - rm -rf /usr/local/go/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/build-base/ol/.dockerignore b/build-base/ol/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-base/ol/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-base/ol/Dockerfile b/build-base/ol/Dockerfile new file mode 100644 index 000000000..5fb511109 --- /dev/null +++ b/build-base/ol/Dockerfile @@ -0,0 +1,76 @@ +# syntax=docker/dockerfile:1 +FROM oraclelinux:8-slim + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + PATH=/usr/local/go/bin:$PATH + +LABEL org.opencontainers.image.title="Zabbix build base" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + microdnf -y module enable mysql && \ + INSTALL_PKGS="autoconf \ + automake \ + bash \ + gcc \ + pcre-devel \ + libcurl-devel \ + libevent-devel \ + libssh-devel \ + libxml2-devel \ + openssl-devel \ + openldap-devel \ + make \ + mysql-devel \ + net-snmp-devel \ + OpenIPMI-devel \ + openldap-devel \ + sqlite-devel \ + postgresql-devel \ + java-1.8.0-openjdk-devel \ + git \ + wget \ + tar \ + gettext \ + unixODBC-devel" && \ + microdnf -y install \ + --disablerepo "*" \ + --enablerepo "ol8_baseos_latest" \ + --enablerepo "ol8_appstream" \ + --enablerepo "ol8_codeready_builder" \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + x86_64) \ + url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ + sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ + ;; \ + aarch64) \ + url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ + sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ + ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + wget -O go.tgz.asc "$url.asc" && \ + wget -O go.tgz "$url" --progress=dot:giga && \ + echo "$sha256 *go.tgz" | sha256sum -c - && \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ + gpg --batch --verify go.tgz.asc go.tgz && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" go.tgz.asc && \ + tar -C /usr/local -xzf go.tgz && \ + rm go.tgz diff --git a/build-base/ol/build.sh b/build-base/ol/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-base/ol/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-base/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo b/build-base/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo new file mode 100644 index 000000000..6c99308a6 --- /dev/null +++ b/build-base/ol/conf/etc/yum.repos.d/oracle-epel-ol8.repo @@ -0,0 +1,6 @@ +[ol8_developer_EPEL] +name=Oracle Linux $releasever EPEL Packages for Development ($basearch) +baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL8/developer/EPEL/$basearch/ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle +gpgcheck=1 +enabled=0 diff --git a/build-mysql/ol/.dockerignore b/build-mysql/ol/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-mysql/ol/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-mysql/ol/Dockerfile b/build-mysql/ol/Dockerfile new file mode 100644 index 000000000..44d6cc9ec --- /dev/null +++ b/build-mysql/ol/Dockerfile @@ -0,0 +1,70 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ol-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for MySQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-mysql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_server.sql.gz && \ + rm -rf database/mysql/create.sql && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \ + rm -rf database/mysql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-mysql/ol/build.sh b/build-mysql/ol/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-mysql/ol/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-pgsql/ol/.dockerignore b/build-pgsql/ol/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-pgsql/ol/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-pgsql/ol/Dockerfile b/build-pgsql/ol/Dockerfile new file mode 100644 index 000000000..79d9fe4dd --- /dev/null +++ b/build-pgsql/ol/Dockerfile @@ -0,0 +1,71 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ol-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for PostgreSQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-postgresql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ +# --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_server.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/build-pgsql/ol/build.sh b/build-pgsql/ol/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-pgsql/ol/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/build-sqlite3/alpine/Dockerfile b/build-sqlite3/alpine/Dockerfile index 7ce035b48..4fb1b0a9b 100644 --- a/build-sqlite3/alpine/Dockerfile +++ b/build-sqlite3/alpine/Dockerfile @@ -9,19 +9,19 @@ ARG MAJOR_VERSION ARG ZBX_VERSION ARG ZBX_SOURCES -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" \ - org.opencontainers.image.title="Zabbix build base (SQLite3)" \ +LABEL org.opencontainers.image.title="Zabbix build base (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix build base for SQLite3 based images" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ + cd /tmp/ && \ git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ - ls -lah /tmp/ && \ cd /tmp/zabbix-${ZBX_VERSION} && \ zabbix_revision=`git rev-parse --short HEAD` && \ sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ diff --git a/build-sqlite3/ol/.dockerignore b/build-sqlite3/ol/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/build-sqlite3/ol/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/build-sqlite3/ol/Dockerfile b/build-sqlite3/ol/Dockerfile new file mode 100644 index 000000000..78fac1f6b --- /dev/null +++ b/build-sqlite3/ol/Dockerfile @@ -0,0 +1,58 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ol-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +LABEL org.opencontainers.image.title="Zabbix build base (SQLite3)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for SQLite3 based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-proxy \ + --with-sqlite3 \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender \ No newline at end of file diff --git a/build-sqlite3/ol/build.sh b/build-sqlite3/ol/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/build-sqlite3/ol/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/docker-compose_v3_ol_mysql_local.yaml b/docker-compose_v3_ol_mysql_local.yaml index 17026a592..feaf85525 100644 --- a/docker-compose_v3_ol_mysql_local.yaml +++ b/docker-compose_v3_ol_mysql_local.yaml @@ -1,10 +1,41 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./build-base/ol + cache_from: + - oraclelinux:8-slim + image: zabbix-build-base:ol-local + + zabbix-build-mysql: + build: + context: ./build-mysql/ol + cache_from: + - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-base:ol-local + image: zabbix-build-mysql:ol-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./build-sqlite3/ol + cache_from: + - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-base:ol-local + image: zabbix-build-sqlite3:ol-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./server-mysql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-server-mysql:ol-local ports: - "10051:10051" @@ -44,6 +75,7 @@ services: # - root-ca.pem depends_on: - mysql-server + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -72,6 +104,8 @@ services: context: ./proxy-sqlite3/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:ol-local image: zabbix-proxy-sqlite3:ol-local profiles: - all @@ -105,6 +139,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -125,6 +160,8 @@ services: context: ./proxy-mysql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-proxy-mysql:ol-local profiles: - all @@ -160,6 +197,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -187,6 +225,8 @@ services: context: ./web-apache-mysql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-web-apache-mysql:ol-local profiles: - all @@ -218,6 +258,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -247,6 +288,8 @@ services: context: ./web-nginx-mysql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-web-nginx-mysql:ol-local ports: - "80:8080" @@ -276,6 +319,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -305,6 +349,8 @@ services: context: ./agent/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-agent:ol-local profiles: - full @@ -331,6 +377,8 @@ services: - .env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -349,6 +397,8 @@ services: context: ./java-gateway/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-java-gateway:ol-local profiles: - full @@ -365,6 +415,8 @@ services: memory: 256M env_file: - .env_java + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -415,6 +467,8 @@ services: context: ./web-service/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-web-service:ol-local profiles: - full @@ -435,6 +489,8 @@ services: memory: 256M env_file: - .env_web_service + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: diff --git a/docker-compose_v3_ol_pgsql_local.yaml b/docker-compose_v3_ol_pgsql_local.yaml index 48849d541..d19ebb926 100644 --- a/docker-compose_v3_ol_pgsql_local.yaml +++ b/docker-compose_v3_ol_pgsql_local.yaml @@ -1,10 +1,52 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./build-base/ol + cache_from: + - oraclelinux:8-slim + image: zabbix-build-base:ol-local + + zabbix-build-pgsql: + build: + context: ./build-pgsql/ol + cache_from: + - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-base:ol-local + image: zabbix-build-pgsql:ol-local + depends_on: + - zabbix-build-base + + zabbix-build-mysql: + build: + context: ./build-mysql/ol + cache_from: + - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-base:ol-local + image: zabbix-build-mysql:ol-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./build-sqlite3/ol + cache_from: + - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-base:ol-local + image: zabbix-build-sqlite3:ol-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./server-pgsql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ol-local image: zabbix-server-pgsql:ol-local ports: - "10051:10051" @@ -43,6 +85,7 @@ services: - POSTGRES_PASSWORD depends_on: - postgres-server + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -71,6 +114,8 @@ services: context: ./proxy-sqlite3/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:ol-local image: zabbix-proxy-sqlite3:ol-local profiles: - all @@ -104,6 +149,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -124,6 +170,8 @@ services: context: ./proxy-mysql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:ol-local image: zabbix-proxy-mysql:ol-local profiles: - all @@ -163,6 +211,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -183,6 +232,8 @@ services: context: ./web-apache-pgsql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ol-local image: zabbix-web-apache-pgsql:ol-local profiles: - all @@ -214,6 +265,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -243,6 +295,8 @@ services: context: ./web-nginx-pgsql/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ol-local image: zabbix-web-nginx-pgsql:ol-local ports: - "80:8080" @@ -272,6 +326,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -301,6 +356,8 @@ services: context: ./agent/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ol-local image: zabbix-agent:ol-local profiles: - full @@ -327,6 +384,8 @@ services: - .env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -345,6 +404,8 @@ services: context: ./java-gateway/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ol-local image: zabbix-java-gateway:ol-local profiles: - full @@ -361,6 +422,8 @@ services: memory: 256M env_file: - .env_java + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -411,6 +474,8 @@ services: context: ./web-service/ol cache_from: - oraclelinux:8-slim + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:ol-local image: zabbix-web-service:ol-local profiles: - full @@ -431,6 +496,8 @@ services: memory: 256M env_file: - .env_web_service + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: diff --git a/java-gateway/ol/Dockerfile b/java-gateway/ol/Dockerfile index 3532f6090..c54511abb 100644 --- a/java-gateway/ol/Dockerfile +++ b/java-gateway/ol/Dockerfile @@ -1,14 +1,35 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -21,68 +42,20 @@ RUN set -eux && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="java-1.8.0-openjdk-headless \ findutils" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && REPOLIST="ol8_baseos_latest,ol8_appstream" && \ - INSTALL_PKGS="autoconf \ - automake \ - java-1.8.0-openjdk-devel \ - make \ - git \ - gcc" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-java \ - --silent && \ - make -j"$(nproc)" -s && \ - mkdir -p /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/proxy-mysql/ol/Dockerfile b/proxy-mysql/ol/Dockerfile index 24b87bf25..820755f70 100644 --- a/proxy-mysql/ol/Dockerfile +++ b/proxy-mysql/ol/Dockerfile @@ -1,14 +1,38 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -33,9 +57,6 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable mysql && \ INSTALL_PKGS="libevent \ tini \ @@ -53,88 +74,18 @@ RUN set -eux && \ pcre \ zlib \ unixODBC" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - mysql-devel \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - git \ - unixODBC-devel" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/proxy-sqlite3/ol/Dockerfile b/proxy-sqlite3/ol/Dockerfile index 62c868375..55edd6baa 100644 --- a/proxy-sqlite3/ol/Dockerfile +++ b/proxy-sqlite3/ol/Dockerfile @@ -1,14 +1,36 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:ol-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -34,9 +56,6 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-proxy-sqlite3 && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="libevent \ tini \ libssh \ @@ -51,88 +70,18 @@ RUN set -eux && \ pcre \ zlib \ unixODBC" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - sqlite-devel \ - git \ - unixODBC-devel" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-sqlite3 \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cat database/sqlite3/schema.sql > database/sqlite3/create.sql && \ - gzip database/sqlite3/create.sql && \ - cp database/sqlite3/create.sql.gz /usr/share/doc/zabbix-proxy-sqlite3/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/server-mysql/ol/Dockerfile b/server-mysql/ol/Dockerfile index 1d1c6a598..a1fa1bc65 100644 --- a/server-mysql/ol/Dockerfile +++ b/server-mysql/ol/Dockerfile @@ -1,14 +1,38 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -35,9 +59,6 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable mysql && \ INSTALL_PKGS="fping \ tini \ @@ -48,7 +69,6 @@ RUN set -eux && \ libevent \ libxml2 \ libssh \ - systemd \ mysql \ mysql-libs \ net-snmp-libs \ @@ -58,90 +78,18 @@ RUN set -eux && \ pcre \ zlib \ unixODBC" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - mysql-devel \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - git \ - unixODBC-devel" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - cat database/mysql/images.sql >> database/mysql/create.sql && \ - cat database/mysql/data.sql >> database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/server-pgsql/ol/Dockerfile b/server-pgsql/ol/Dockerfile index 05da6d5a9..14ccc79ad 100644 --- a/server-pgsql/ol/Dockerfile +++ b/server-pgsql/ol/Dockerfile @@ -1,14 +1,38 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/create_server.sql.gz", "/usr/share/doc/zabbix-server-postgresql/create.sql.gz"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb.sql", "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -35,9 +59,6 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-postgresql && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="fping \ file-libs \ tini \ @@ -56,94 +77,18 @@ RUN set -eux && \ postgresql-libs \ zlib \ unixODBC" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - postgresql-devel \ - git \ - unixODBC-devel" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-postgresql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/postgresql/schema.sql > database/postgresql/create.sql && \ - cat database/postgresql/images.sql >> database/postgresql/create.sql && \ - cat database/postgresql/data.sql >> database/postgresql/create.sql && \ - gzip database/postgresql/create.sql && \ - cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ - cp database/postgresql/timescaledb.sql /usr/share/doc/zabbix-server-postgresql/timescaledb.sql && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ - chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ - chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - EXPOSE 10051/TCP WORKDIR /var/lib/zabbix diff --git a/web-apache-mysql/ol/Dockerfile b/web-apache-mysql/ol/Dockerfile index f1d3d1550..2759c9ac0 100644 --- a/web-apache-mysql/ol/Dockerfile +++ b/web-apache-mysql/ol/Dockerfile @@ -1,14 +1,33 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -23,9 +42,6 @@ RUN set -eux && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable mysql && \ microdnf -y module enable php:7.4 && \ INSTALL_PKGS="curl \ @@ -41,11 +57,17 @@ RUN set -eux && \ php-mysqlnd \ php-json \ php-xml \ + findutils \ + glibc-locale-source \ supervisor" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ rm -f "/etc/httpd/conf.d/default.conf" && \ rm -f "/etc/httpd/conf.d/ssl.conf" && \ rm -f /etc/php-fpm.d/www.conf && \ @@ -54,39 +76,7 @@ RUN set -eux && \ -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ "/etc/httpd/conf/httpd.conf" && \ sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="glibc-locale-source \ - gettext \ - findutils \ - git" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -107,9 +97,10 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y remove \ + findutils \ + glibc-locale-source && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/web-apache-pgsql/ol/Dockerfile b/web-apache-pgsql/ol/Dockerfile index 3d3df43ff..4bb6b4097 100644 --- a/web-apache-pgsql/ol/Dockerfile +++ b/web-apache-pgsql/ol/Dockerfile @@ -1,14 +1,33 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim -LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -23,9 +42,6 @@ RUN set -eux && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable php:7.4 && \ INSTALL_PKGS="curl \ httpd \ @@ -40,11 +56,17 @@ RUN set -eux && \ php-json \ php-xml \ postgresql \ + findutils \ + glibc-locale-source \ supervisor" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ rm -f "/etc/httpd/conf.d/default.conf" && \ rm -f "/etc/httpd/conf.d/ssl.conf" && \ rm -f /etc/php-fpm.d/www.conf && \ @@ -53,39 +75,7 @@ RUN set -eux && \ -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ "/etc/httpd/conf/httpd.conf" && \ sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="glibc-locale-source \ - gettext \ - findutils \ - git" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -106,9 +96,10 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y remove \ + findutils \ + glibc-locale-source && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/web-nginx-mysql/ol/Dockerfile b/web-nginx-mysql/ol/Dockerfile index 78941bb37..dc7d128fd 100644 --- a/web-nginx-mysql/ol/Dockerfile +++ b/web-nginx-mysql/ol/Dockerfile @@ -1,14 +1,33 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -40,46 +59,20 @@ RUN set -eux && \ php-mysqlnd \ php-json \ php-xml \ + findutils \ + glibc-locale-source \ supervisor" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ rm -f /etc/nginx/conf.d/*.conf && \ rm -f /etc/php-fpm.d/www.conf && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="glibc-locale-source \ - gettext \ - findutils \ - git" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -100,9 +93,10 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y remove \ + findutils \ + glibc-locale-source && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/web-nginx-pgsql/ol/Dockerfile b/web-nginx-pgsql/ol/Dockerfile index 4e4ea32b7..e9e2c236b 100644 --- a/web-nginx-pgsql/ol/Dockerfile +++ b/web-nginx-pgsql/ol/Dockerfile @@ -1,14 +1,33 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -24,9 +43,6 @@ RUN set -eux && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ mkdir -p /var/lib/php/session && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable php:7.4 && \ INSTALL_PKGS="supervisor \ curl \ @@ -39,46 +55,20 @@ RUN set -eux && \ php-mbstring \ php-pgsql \ php-json \ + findutils \ + glibc-locale-source \ php-xml" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ rm -f /etc/nginx/conf.d/*.conf && \ rm -f /etc/php-fpm.d/www.conf && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream,ol8_codeready_builder" && \ - INSTALL_PKGS="glibc-locale-source \ - gettext \ - findutils \ - git" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -99,9 +89,10 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y remove \ + findutils \ + glibc-locale-source && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/web-service/ol/Dockerfile b/web-service/ol/Dockerfile index 3322b9649..d2d724940 100644 --- a/web-service/ol/Dockerfile +++ b/web-service/ol/Dockerfile @@ -1,14 +1,31 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:ol-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + FROM oraclelinux:8-slim +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + LABEL org.opencontainers.image.title="Zabbix web service" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service", "/usr/sbin/zabbix_web_service"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf", "/etc/zabbix/zabbix_web_service.conf"] COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel-ol8.repo"] RUN set -eux && \ @@ -23,68 +40,21 @@ RUN set -eux && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="chromium \ openssl-libs \ zlib" && \ - microdnf -y --disablerepo="*" --enablerepo="ol8_baseos_latest" \ + microdnf -y install \ + --disablerepo="*" \ + --enablerepo="ol8_baseos_latest" \ --enablerepo="ol8_appstream" \ --enablerepo="ol8_developer_EPEL" \ - install --setopt=install_weak_deps=0 --best --nodocs ${INSTALL_PKGS} && \ - microdnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - REPOLIST="ol8_baseos_latest,ol8_appstream" && \ - INSTALL_PKGS="autoconf \ - automake \ - gcc \ - make \ - golang \ - git" && \ - microdnf -y install --setopt=install_weak_deps=0 --best \ - --nodocs dnf && \ - dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ - --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-webservice \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + --setopt=install_weak_deps=0 \ + --best \ + --nodocs ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo last && \ - dnf -y clean all && \ - microdnf -y remove dnf && \ + microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki From 1b3bdda93a2114c5fb68721d81c0c182808432d8 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 17:10:21 +0200 Subject: [PATCH 115/253] Orphaned code. Package manager microdnf already fixed the issue --- agent/ol/Dockerfile | 3 --- web-nginx-mysql/ol/Dockerfile | 3 --- 2 files changed, 6 deletions(-) diff --git a/agent/ol/Dockerfile b/agent/ol/Dockerfile index 0d20516d8..832aeb85a 100644 --- a/agent/ol/Dockerfile +++ b/agent/ol/Dockerfile @@ -46,9 +46,6 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ INSTALL_PKGS="bash \ tini \ tzdata \ diff --git a/web-nginx-mysql/ol/Dockerfile b/web-nginx-mysql/ol/Dockerfile index dc7d128fd..d49e85dcb 100644 --- a/web-nginx-mysql/ol/Dockerfile +++ b/web-nginx-mysql/ol/Dockerfile @@ -43,9 +43,6 @@ RUN set -eux && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ mkdir -p /var/lib/php/session && \ - mkdir -p /etc/yum/vars/ && \ - echo "" > /etc/yum/vars/ociregion && \ - echo "oracle.com" > /etc/yum/vars/ocidomain && \ microdnf -y module enable mysql && \ microdnf -y module enable php:7.4 && \ INSTALL_PKGS="curl \ From 72ddd79a584628b4db11e71a390ea3610301b367 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 17:56:09 +0200 Subject: [PATCH 116/253] Optimized Java Gateway build process --- java-gateway/ol/Dockerfile | 3 ++- .../etc/zabbix/zabbix_java_gateway_logback.xml | 15 --------------- java-gateway/rhel/Dockerfile | 3 ++- .../etc/zabbix/zabbix_java_gateway_logback.xml | 15 --------------- zabbix-appliance/rhel/Dockerfile | 3 ++- .../etc/zabbix/zabbix_java_gateway_logback.xml | 15 --------------- 6 files changed, 6 insertions(+), 48 deletions(-) delete mode 100644 java-gateway/ol/conf/etc/zabbix/zabbix_java_gateway_logback.xml delete mode 100644 java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml delete mode 100644 zabbix-appliance/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml diff --git a/java-gateway/ol/Dockerfile b/java-gateway/ol/Dockerfile index c54511abb..462280050 100644 --- a/java-gateway/ol/Dockerfile +++ b/java-gateway/ol/Dockerfile @@ -51,7 +51,8 @@ RUN set -eux && \ --setopt=install_weak_deps=0 \ --best \ --nodocs ${INSTALL_PKGS} && \ - rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ + rm -rf /usr/sbin/zabbix_java/lib/logback.xml && \ + mv /usr/sbin/zabbix_java/lib/logback-console.xml /etc/zabbix/zabbix_java_gateway_logback.xml && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ diff --git a/java-gateway/ol/conf/etc/zabbix/zabbix_java_gateway_logback.xml b/java-gateway/ol/conf/etc/zabbix/zabbix_java_gateway_logback.xml deleted file mode 100644 index 750f3506f..000000000 --- a/java-gateway/ol/conf/etc/zabbix/zabbix_java_gateway_logback.xml +++ /dev/null @@ -1,15 +0,0 @@ - - - - - - %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - diff --git a/java-gateway/rhel/Dockerfile b/java-gateway/rhel/Dockerfile index 59d6b4aab..61225eedc 100644 --- a/java-gateway/rhel/Dockerfile +++ b/java-gateway/rhel/Dockerfile @@ -90,7 +90,8 @@ RUN set -eux && INSTALL_PKGS="autoconf \ mkdir -p /usr/sbin/zabbix_java/ && \ cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ - rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ + rm -rf /usr/sbin/zabbix_java/lib/logback.xml && \ + mv /usr/sbin/zabbix_java/lib/logback-console.xml /etc/zabbix/zabbix_java_gateway_logback.xml && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ dnf -y history undo last && \ diff --git a/java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml b/java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml deleted file mode 100644 index 750f3506f..000000000 --- a/java-gateway/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml +++ /dev/null @@ -1,15 +0,0 @@ - - - - - - %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index 5be573929..464019480 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -169,7 +169,8 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ - rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ + rm -rf /usr/sbin/zabbix_java/lib/logback.xml && \ + mv /usr/sbin/zabbix_java/lib/logback-console.xml /etc/zabbix/zabbix_java_gateway_logback.xml && \ cp -R /tmp/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml b/zabbix-appliance/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml deleted file mode 100644 index 750f3506f..000000000 --- a/zabbix-appliance/rhel/conf/etc/zabbix/zabbix_java_gateway_logback.xml +++ /dev/null @@ -1,15 +0,0 @@ - - - - - - %d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - From 3497c2d7d670f78566986a900f3e0727f0dcaa28 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 19:36:12 +0200 Subject: [PATCH 117/253] Preparation for multistage builds --- .github/workflows/Azure.yml | 1 - .github/workflows/CI.yml | 191 ------------------ .github/workflows/build_images.yml | 298 +++++++++++++++++++++++++++++ 3 files changed, 298 insertions(+), 192 deletions(-) delete mode 100644 .github/workflows/CI.yml create mode 100644 .github/workflows/build_images.yml diff --git a/.github/workflows/Azure.yml b/.github/workflows/Azure.yml index f903e2ae0..4321f1285 100644 --- a/.github/workflows/Azure.yml +++ b/.github/workflows/Azure.yml @@ -8,7 +8,6 @@ on: branches: - '5.0' - '5.4' - - 'trunk' paths-ignore: - '.env*' - 'docker-compose*.yaml' diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml deleted file mode 100644 index 178dd766e..000000000 --- a/.github/workflows/CI.yml +++ /dev/null @@ -1,191 +0,0 @@ -name: CI - -on: - release: - types: - - published - push: - branches: - - '4.0' - - '5.0' - - '5.2' - - '5.4' - - 'trunk' - paths-ignore: - - '.env*' - - 'docker-compose*.yaml' - - '*/rhel/*' - - '*/windows/*' - - "**.md" - -defaults: - run: - shell: bash - -jobs: - build: - timeout-minutes: 70 - env: - LATEST_BRANCH: "${{ github.event.repository.default_branch }}" - DOCKER_REPOSITORY: "zabbix" - strategy: - fail-fast: false - matrix: - build: - - agent - - agent2 - - java-gateway - - proxy-mysql - - proxy-sqlite3 - - server-mysql - - server-pgsql - - snmptraps - - web-apache-mysql - - web-apache-pgsql - - web-nginx-mysql - - web-nginx-pgsql - - web-service - os: - - alpine - - ubuntu - - ol - - runs-on: ubuntu-20.04 - steps: - - - uses: actions/checkout@v2 - - - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to DockerHub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Prepare platform list - id: platform - run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" - - if [ "${{ matrix.build }}" == "agent2" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le" - fi - - if [ "${{ matrix.build }}" == "web-service" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" - fi - - if [ "${{ matrix.build }}" == "java-gateway" ]; then - DOCKER_PLATFORM=${DOCKER_PLATFORM%",linux/ppc64le"} - fi - - if [ "${{ matrix.build }}" == "web-service" ]; then - DOCKER_PLATFORM=${DOCKER_PLATFORM%",linux/ppc64le"} - fi - - if [ "${{ matrix.os }}" == "ol" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - echo ::set-output name=list::${DOCKER_PLATFORM} - - - name: Prepare environment (push) - if: github.event_name == 'push' - id: prepare_push - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - GIT_BRANCH="${{ github.ref }}" - GIT_BRANCH=${GIT_BRANCH:11} - - echo "::debug::Branch - ${GIT_BRANCH}" - - if [ "${GIT_BRANCH}" == "trunk" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") - else - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") - fi - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") - fi - - TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") - - echo "::debug::Tags - ${TAGS}" - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") - - - name: Prepare environment (release) - if: github.event_name == 'release' && github.event.action == 'published' - id: prepare_release - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - RELEASE_VERSION="${{ github.ref }}" - RELEASE_VERSION=${RELEASE_VERSION:10} - GIT_BRANCH=${RELEASE_VERSION%.*} - - echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" - - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") - TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") - - - name: Prepare tags - id: prepare_tags - run: | - if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" - elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" - else - exit 1 - fi - - echo ::set-output name=image_tag_versions::${TAGS} - echo ::set-output name=image_name::${IMAGE_NAME} - - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - context: ./${{ matrix.build }}/${{ matrix.os }} - file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile - platforms: ${{ steps.platform.outputs.list }} - push: ${{ secrets.AUTO_PUSH_IMAGES }} - tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - - - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml new file mode 100644 index 000000000..3204a9b09 --- /dev/null +++ b/.github/workflows/build_images.yml @@ -0,0 +1,298 @@ +name: Build images + +on: + release: + types: + - published + push: + branches: + - 'trunk' + paths-ignore: + - '.env*' + - 'docker-compose*.yaml' + - '*/rhel/*' + - '*/windows/*' + - "**.md" + +defaults: + run: + shell: bash + +jobs: + build_base: + timeout-minutes: 70 + env: + LATEST_BRANCH: "${{ github.event.repository.default_branch }}" + DOCKER_REPOSITORY: "zabbix" + strategy: + fail-fast: false + matrix: + build: + - build-base + os: + - alpine + - ubuntu + - ol + + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Prepare platform list + id: platform + run: | + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" + + if [ "${{ matrix.os }}" == "ubuntu" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + fi + + if [ "${{ matrix.os }}" == "ol" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm64" + fi + + echo ::set-output name=list::${DOCKER_PLATFORM} + + - name: Prepare environment (push) + if: github.event_name == 'push' + id: prepare_push + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + GIT_BRANCH="${{ github.ref }}" + GIT_BRANCH=${GIT_BRANCH:11} + + echo "::debug::Branch - ${GIT_BRANCH}" + + if [ "${GIT_BRANCH}" == "trunk" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") + TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") + else + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") + TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") + fi + + if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:latest") + fi + + if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") + fi + + TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") + + echo "::debug::Tags - ${TAGS}" + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") + + - name: Prepare environment (release) + if: github.event_name == 'release' && github.event.action == 'published' + id: prepare_release + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + RELEASE_VERSION="${{ github.ref }}" + RELEASE_VERSION=${RELEASE_VERSION:10} + GIT_BRANCH=${RELEASE_VERSION%.*} + + echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" + + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") + TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") + + if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:latest") + fi + + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") + + - name: Prepare tags + id: prepare_tags + run: | + if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" + elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" + else + exit 1 + fi + + echo ::set-output name=image_tag_versions::${TAGS} + echo ::set-output name=image_name::${IMAGE_NAME} + + - name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./${{ matrix.build }}/${{ matrix.os }} + file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: ${{ secrets.AUTO_PUSH_IMAGES }} + tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} + + build_base_database: + timeout-minutes: 70 + env: + LATEST_BRANCH: "${{ github.event.repository.default_branch }}" + DOCKER_REPOSITORY: "zabbix" + strategy: + fail-fast: false + matrix: + build: + - build-base-mysql + - build-base-pgsql + - build-base-sqlite3 + os: + - alpine + - ubuntu + - ol + + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Prepare platform list + id: platform + run: | + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" + + if [ "${{ matrix.os }}" == "ubuntu" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + fi + + if [ "${{ matrix.os }}" == "ol" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm64" + fi + + echo ::set-output name=list::${DOCKER_PLATFORM} + + - name: Prepare environment (push) + if: github.event_name == 'push' + id: prepare_push + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + GIT_BRANCH="${{ github.ref }}" + GIT_BRANCH=${GIT_BRANCH:11} + + echo "::debug::Branch - ${GIT_BRANCH}" + + if [ "${GIT_BRANCH}" == "trunk" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") + TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") + else + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") + TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") + fi + + if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:latest") + fi + + if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") + fi + + TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") + + echo "::debug::Tags - ${TAGS}" + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") + echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} + + - name: Prepare environment (release) + if: github.event_name == 'release' && github.event.action == 'published' + id: prepare_release + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + RELEASE_VERSION="${{ github.ref }}" + RELEASE_VERSION=${RELEASE_VERSION:10} + GIT_BRANCH=${RELEASE_VERSION%.*} + + echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" + + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") + TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") + + if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:latest") + fi + + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") + echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} + + - name: Prepare tags + id: prepare_tags + run: | + if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" + BASE_TAG="${{ steps.prepare_push.outputs.base_tag }}" + elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" + BASE_TAG="${{ steps.prepare_release.outputs.base_tag }}" + else + exit 1 + fi + + echo ::set-output name=image_tag_versions::${TAGS} + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=base_tag::${BASE_TAG} + + - name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./${{ matrix.build }}/${{ matrix.os }} + file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: ${{ secrets.AUTO_PUSH_IMAGES }} + tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} + build-args: zabbix/zabbix-build-base:${{ steps.prepare_tags.outputs.base_tag }} + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} From 59097eb7dc743f4377b4591c9dccf3cfbaa09880 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 19:42:05 +0200 Subject: [PATCH 118/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 3204a9b09..214b7729e 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -156,6 +156,8 @@ jobs: build_base_database: timeout-minutes: 70 + needs: build_base + name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" DOCKER_REPOSITORY: "zabbix" From 43628f0e2f80122151d54ea8253802cc9096b68b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 21:04:05 +0200 Subject: [PATCH 119/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 214b7729e..28d13bf54 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -21,6 +21,7 @@ defaults: jobs: build_base: timeout-minutes: 70 + name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" DOCKER_REPOSITORY: "zabbix" @@ -152,7 +153,9 @@ jobs: tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} + run: | + echo ${{ steps.docker_build.outputs.digest }} + echo "${{ steps.docker_build.outputs.digest }}" > /tmp/${{ matrix.build }}_${{ matrix.os }} build_base_database: timeout-minutes: 70 @@ -165,9 +168,9 @@ jobs: fail-fast: false matrix: build: - - build-base-mysql - - build-base-pgsql - - build-base-sqlite3 + - base-mysql + - base-pgsql + - base-sqlite3 os: - alpine - ubuntu @@ -281,6 +284,8 @@ jobs: exit 1 fi + cat /tmp/build-base_${{ matrix.os }} + echo ::set-output name=image_tag_versions::${TAGS} echo ::set-output name=image_name::${IMAGE_NAME} echo ::set-output name=base_tag::${BASE_TAG} From 1de5bcf42971991ea513f02a6bfeb0d4274a5666 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 21:17:54 +0200 Subject: [PATCH 120/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 28d13bf54..f728851e3 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -155,7 +155,12 @@ jobs: - name: Image digest run: | echo ${{ steps.docker_build.outputs.digest }} - echo "${{ steps.docker_build.outputs.digest }}" > /tmp/${{ matrix.build }}_${{ matrix.os }} + echo "${{ steps.docker_build.outputs.digest }}" > base_build/${{ matrix.build }}_${{ matrix.os }} + + - uses: actions/upload-artifact@v2 + with: + name: my-artifact + path: base_build/${{ matrix.build }}_${{ matrix.os }} build_base_database: timeout-minutes: 70 @@ -269,6 +274,14 @@ jobs: echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} + - uses: actions/download-artifact@v2 + with: + name: my-artifact + path: base_build + + - name: Display structure of downloaded files + run: ls -R + - name: Prepare tags id: prepare_tags run: | @@ -284,12 +297,13 @@ jobs: exit 1 fi - cat /tmp/build-base_${{ matrix.os }} + BASE_TAG=$(cat base_build/${{ matrix.build }}_${{ matrix.os }}) echo ::set-output name=image_tag_versions::${TAGS} echo ::set-output name=image_name::${IMAGE_NAME} echo ::set-output name=base_tag::${BASE_TAG} + - name: Build and push id: docker_build uses: docker/build-push-action@v2 @@ -299,7 +313,7 @@ jobs: platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - build-args: zabbix/zabbix-build-base:${{ steps.prepare_tags.outputs.base_tag }} + build-args: zabbix/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} From eb293c1ebf5eb9b63e084005625854060ea5de25 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 21:26:49 +0200 Subject: [PATCH 121/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index f728851e3..cef3dc294 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -155,12 +155,15 @@ jobs: - name: Image digest run: | echo ${{ steps.docker_build.outputs.digest }} + pwd + mkdir base_build/ echo "${{ steps.docker_build.outputs.digest }}" > base_build/${{ matrix.build }}_${{ matrix.os }} - uses: actions/upload-artifact@v2 with: - name: my-artifact + name: ${{ matrix.build }}_${{ matrix.os }} path: base_build/${{ matrix.build }}_${{ matrix.os }} + if-no-files-found: error build_base_database: timeout-minutes: 70 @@ -276,7 +279,7 @@ jobs: - uses: actions/download-artifact@v2 with: - name: my-artifact + name: ${{ matrix.build }}_${{ matrix.os }} path: base_build - name: Display structure of downloaded files From fb845599d42b1ad3075e4797238de0922a93c04a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 21:40:08 +0200 Subject: [PATCH 122/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index cef3dc294..ad5939ea4 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -155,14 +155,12 @@ jobs: - name: Image digest run: | echo ${{ steps.docker_build.outputs.digest }} - pwd - mkdir base_build/ - echo "${{ steps.docker_build.outputs.digest }}" > base_build/${{ matrix.build }}_${{ matrix.os }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} - uses: actions/upload-artifact@v2 with: name: ${{ matrix.build }}_${{ matrix.os }} - path: base_build/${{ matrix.build }}_${{ matrix.os }} + path: ${{ matrix.build }}_${{ matrix.os }} if-no-files-found: error build_base_database: @@ -279,8 +277,7 @@ jobs: - uses: actions/download-artifact@v2 with: - name: ${{ matrix.build }}_${{ matrix.os }} - path: base_build + name: base-build_${{ matrix.os }} - name: Display structure of downloaded files run: ls -R @@ -300,7 +297,7 @@ jobs: exit 1 fi - BASE_TAG=$(cat base_build/${{ matrix.build }}_${{ matrix.os }}) + BASE_TAG=$(cat ${{ matrix.build }}_${{ matrix.os }}) echo ::set-output name=image_tag_versions::${TAGS} echo ::set-output name=image_name::${IMAGE_NAME} From 476a34acad55125ddc8108a3a12041195773cc7f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 21:50:20 +0200 Subject: [PATCH 123/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index ad5939ea4..4007b7b3e 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -277,7 +277,7 @@ jobs: - uses: actions/download-artifact@v2 with: - name: base-build_${{ matrix.os }} + name: build-base_${{ matrix.os }} - name: Display structure of downloaded files run: ls -R From 7f4617b2b757ecc1a319e81eaaf0fa83acfc1207 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 22:00:00 +0200 Subject: [PATCH 124/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 4007b7b3e..4ccf0fab1 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -297,7 +297,7 @@ jobs: exit 1 fi - BASE_TAG=$(cat ${{ matrix.build }}_${{ matrix.os }}) + BASE_TAG=$(cat ${{ build-base_${{ matrix.os }}) echo ::set-output name=image_tag_versions::${TAGS} echo ::set-output name=image_name::${IMAGE_NAME} From 6bdbd2f704df682b865847349c0b0fd4901ebe58 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 22:01:07 +0200 Subject: [PATCH 125/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 4ccf0fab1..b24c4038e 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -297,7 +297,7 @@ jobs: exit 1 fi - BASE_TAG=$(cat ${{ build-base_${{ matrix.os }}) + BASE_TAG=$(cat build-base_${{ matrix.os }}) echo ::set-output name=image_tag_versions::${TAGS} echo ::set-output name=image_name::${IMAGE_NAME} From dfca6ccb969a3e075ed66d04b8937d4419847ee7 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 22:14:34 +0200 Subject: [PATCH 126/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index b24c4038e..796429fd4 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -174,9 +174,9 @@ jobs: fail-fast: false matrix: build: - - base-mysql - - base-pgsql - - base-sqlite3 + - build-mysql + - build-pgsql + - build-sqlite3 os: - alpine - ubuntu @@ -313,7 +313,7 @@ jobs: platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - build-args: zabbix/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} + build-args: BUILD_BASE_IMAGE=zabbix/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} From 98f7636c6f906ff57fe7db0294744994170d1bcf Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 23:06:45 +0200 Subject: [PATCH 127/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 175 ++++++++++++++++++++++++++++- 1 file changed, 171 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 796429fd4..b4b93cac7 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -279,9 +279,6 @@ jobs: with: name: build-base_${{ matrix.os }} - - name: Display structure of downloaded files - run: ls -R - - name: Prepare tags id: prepare_tags run: | @@ -313,7 +310,177 @@ jobs: platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - build-args: BUILD_BASE_IMAGE=zabbix/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} + build-args: BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} + + - uses: actions/upload-artifact@v2 + with: + name: ${{ matrix.build }}_${{ matrix.os }} + path: ${{ matrix.build }}_${{ matrix.os }} + if-no-files-found: error + + build_images: + timeout-minutes: 70 + needs: build_base + name: Build ${{ matrix.build }} base on ${{ matrix.os }} + env: + LATEST_BRANCH: "${{ github.event.repository.default_branch }}" + DOCKER_REPOSITORY: "zabbix" + strategy: + fail-fast: false + matrix: + build: + - agent + - agent2 + - proxy-mysql + - java-gateway + os: + - alpine + - ubuntu + - ol + + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Prepare platform list + id: platform + run: | + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" + + if [ "${{ matrix.os }}" == "ubuntu" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + fi + + if [ "${{ matrix.os }}" == "ol" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm64" + fi + + echo ::set-output name=list::${DOCKER_PLATFORM} + + - name: Prepare environment (push) + if: github.event_name == 'push' + id: prepare_push + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + GIT_BRANCH="${{ github.ref }}" + GIT_BRANCH=${GIT_BRANCH:11} + + echo "::debug::Branch - ${GIT_BRANCH}" + + if [ "${GIT_BRANCH}" == "trunk" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") + TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") + else + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") + TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") + fi + + if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:latest") + fi + + if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") + fi + + TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") + + echo "::debug::Tags - ${TAGS}" + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") + echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} + + - name: Prepare environment (release) + if: github.event_name == 'release' && github.event.action == 'published' + id: prepare_release + run: | + TAGS_ARRAY=() + + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + RELEASE_VERSION="${{ github.ref }}" + RELEASE_VERSION=${RELEASE_VERSION:10} + GIT_BRANCH=${RELEASE_VERSION%.*} + + echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" + + TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") + TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") + + if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then + TAGS_ARRAY+=("$IMAGE_NAME:latest") + fi + + TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") + + + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") + + - name: Detect Build Base Image + id: build_base_image + run: | + BUILD_BASE="build-mysql" + if [[ "${{ matrix.build }}" == *"pgsql" ]]; then + BUILD_BASE="build-pgsql" + fi + if [[ "${{ matrix.build }}" == *"sqlite3" ]]; then + BUILD_BASE="build-mysql" + fi + + echo ::set-output name=build_base::${BUILD_BASE} + + - uses: actions/download-artifact@v2 + with: + name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} + + - name: Prepare tags + id: prepare_tags + run: | + if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" + elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then + TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" + IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" + else + exit 1 + fi + + BASE_TAG=$(cat ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}) + + echo ::set-output name=image_tag_versions::${TAGS} + echo ::set-output name=image_name::${IMAGE_NAME} + echo ::set-output name=base_tag::${BASE_TAG} + + - name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./${{ matrix.build }}/${{ matrix.os }} + file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: false + tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} + build-args: BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${{ steps.prepare_tags.outputs.base_tag }} - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} From 8c900d49f86f266377cf4525f2ec7348851df0e3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 13 Sep 2021 23:11:03 +0200 Subject: [PATCH 128/253] Preparation for multistage builds --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index b4b93cac7..664587ac0 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -324,7 +324,7 @@ jobs: build_images: timeout-minutes: 70 - needs: build_base + needs: build_base_database name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" From 5c1977ea86963468dedf07e7b7568fc321c60310 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 00:12:27 +0200 Subject: [PATCH 129/253] Updated Go lang to 1.17.1 version --- build-base/alpine/Dockerfile | 7 +++++-- build-base/ubuntu/Dockerfile | 37 +++++++++++++++++++++++++++++++++--- 2 files changed, 39 insertions(+), 5 deletions(-) diff --git a/build-base/alpine/Dockerfile b/build-base/alpine/Dockerfile index 422f49f86..58fc4292a 100644 --- a/build-base/alpine/Dockerfile +++ b/build-base/alpine/Dockerfile @@ -6,6 +6,7 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + PATH=/usr/local/go/bin:$PATH \ PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ JAVA_HOME=/usr/lib/jvm/default-jvm LABEL org.opencontainers.image.title="Zabbix build base" \ @@ -40,8 +41,10 @@ RUN set -eux && \ gettext \ git \ g++ \ - go \ make \ openjdk8-jre-base \ unixodbc-dev && \ - rm -rf /var/cache/apk/* \ No newline at end of file + rm -rf /var/cache/apk/* + +COPY --from=golang@sha256:55f55d3232f63391e0797acaf145ade8f6fca2ff36795dd5ae446de360724dec ["/usr/local/go", "/usr/local/go"] + diff --git a/build-base/ubuntu/Dockerfile b/build-base/ubuntu/Dockerfile index d8712ad0f..c7b52dd0f 100644 --- a/build-base/ubuntu/Dockerfile +++ b/build-base/ubuntu/Dockerfile @@ -6,7 +6,7 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - PATH=/usr/lib/go-1.16/bin:$PATH + PATH=/usr/local/go/bin:$PATH LABEL org.opencontainers.image.title="Zabbix build base" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -44,5 +44,36 @@ RUN set -eux && \ pkg-config \ gettext \ git \ - golang-1.16 \ - unixodbc-dev \ No newline at end of file + tar \ + wget \ + unixodbc-dev && \ + ARCH_SUFFIX="$(dpkg --print-architecture)"; arch="${arch##*-}"; \ + case "$ARCH_SUFFIX" in \ + 'amd64') \ + url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ + sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ + ;; \ + 'armhf') \ + url='https://dl.google.com/go/go1.17.1.linux-armv6l.tar.gz'; \ + sha256='ed3e4dbc9b80353f6482c441d65b51808290e94ff1d15d56da5f4a7be7353758'; \ + ;; \ + 'arm64') \ + url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ + sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ + ;; \ + 'ppc64el') \ + url='https://dl.google.com/go/go1.17.1.linux-ppc64le.tar.gz'; \ + sha256='df4fa945512c3b472cf3d2dcb2e4ae5b34819607bc63f3223f5bc0c17b637dd0'; \ + ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + wget -O go.tgz.asc "$url.asc" && \ + wget -O go.tgz "$url" --progress=dot:giga && \ + echo "$sha256 *go.tgz" | sha256sum -c - && \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ + gpg --batch --verify go.tgz.asc go.tgz && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" go.tgz.asc && \ + tar -C /usr/local -xzf go.tgz && \ + rm go.tgz From 78c1ccacec0c413af6cc83456611cbaba2d05330 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 00:31:35 +0200 Subject: [PATCH 130/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 9 ++++++--- build-base/ubuntu/Dockerfile | 3 ++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 664587ac0..ebf0e0b5e 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -57,7 +57,8 @@ jobs: DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" + #,linux/ppc64le" fi if [ "${{ matrix.os }}" == "ol" ]; then @@ -204,7 +205,8 @@ jobs: DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" + #,linux/ppc64le" fi if [ "${{ matrix.os }}" == "ol" ]; then @@ -364,7 +366,8 @@ jobs: DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le" + DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" + #,linux/ppc64le" fi if [ "${{ matrix.os }}" == "ol" ]; then diff --git a/build-base/ubuntu/Dockerfile b/build-base/ubuntu/Dockerfile index c7b52dd0f..12146c1da 100644 --- a/build-base/ubuntu/Dockerfile +++ b/build-base/ubuntu/Dockerfile @@ -46,8 +46,9 @@ RUN set -eux && \ git \ tar \ wget \ + gnupg \ unixodbc-dev && \ - ARCH_SUFFIX="$(dpkg --print-architecture)"; arch="${arch##*-}"; \ + ARCH_SUFFIX="$(dpkg --print-architecture)"; ARCH_SUFFIX="${ARCH_SUFFIX##*-}"; \ case "$ARCH_SUFFIX" in \ 'amd64') \ url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ From 94d064dac7757e25554e01e419536f34000ac2f0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 00:47:23 +0200 Subject: [PATCH 131/253] Updated Go lang to 1.17.1 version --- build-base/ubuntu/Dockerfile | 38 +++--------------------------------- 1 file changed, 3 insertions(+), 35 deletions(-) diff --git a/build-base/ubuntu/Dockerfile b/build-base/ubuntu/Dockerfile index 12146c1da..d8712ad0f 100644 --- a/build-base/ubuntu/Dockerfile +++ b/build-base/ubuntu/Dockerfile @@ -6,7 +6,7 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - PATH=/usr/local/go/bin:$PATH + PATH=/usr/lib/go-1.16/bin:$PATH LABEL org.opencontainers.image.title="Zabbix build base" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -44,37 +44,5 @@ RUN set -eux && \ pkg-config \ gettext \ git \ - tar \ - wget \ - gnupg \ - unixodbc-dev && \ - ARCH_SUFFIX="$(dpkg --print-architecture)"; ARCH_SUFFIX="${ARCH_SUFFIX##*-}"; \ - case "$ARCH_SUFFIX" in \ - 'amd64') \ - url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ - sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ - ;; \ - 'armhf') \ - url='https://dl.google.com/go/go1.17.1.linux-armv6l.tar.gz'; \ - sha256='ed3e4dbc9b80353f6482c441d65b51808290e94ff1d15d56da5f4a7be7353758'; \ - ;; \ - 'arm64') \ - url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ - sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ - ;; \ - 'ppc64el') \ - url='https://dl.google.com/go/go1.17.1.linux-ppc64le.tar.gz'; \ - sha256='df4fa945512c3b472cf3d2dcb2e4ae5b34819607bc63f3223f5bc0c17b637dd0'; \ - ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ - wget -O go.tgz.asc "$url.asc" && \ - wget -O go.tgz "$url" --progress=dot:giga && \ - echo "$sha256 *go.tgz" | sha256sum -c - && \ - GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ - gpg --batch --verify go.tgz.asc go.tgz && \ - gpgconf --kill all && \ - rm -rf "$GNUPGHOME" go.tgz.asc && \ - tar -C /usr/local -xzf go.tgz && \ - rm go.tgz + golang-1.16 \ + unixodbc-dev \ No newline at end of file From dec682ea45ad49abdd8deeea4887b30b37a8a46a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 01:18:41 +0200 Subject: [PATCH 132/253] Updated Go lang to 1.17.1 version --- build-base/alpine/Dockerfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/build-base/alpine/Dockerfile b/build-base/alpine/Dockerfile index 58fc4292a..c8645f34e 100644 --- a/build-base/alpine/Dockerfile +++ b/build-base/alpine/Dockerfile @@ -6,8 +6,8 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - PATH=/usr/local/go/bin:$PATH \ - PATH=${PATH}:/usr/lib/jvm/default-jvm/bin/ JAVA_HOME=/usr/lib/jvm/default-jvm + PATH=/usr/local/go/bin:/usr/lib/jvm/default-jvm/bin:$PATH \ + JAVA_HOME=/usr/lib/jvm/default-jvm LABEL org.opencontainers.image.title="Zabbix build base" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -47,4 +47,3 @@ RUN set -eux && \ rm -rf /var/cache/apk/* COPY --from=golang@sha256:55f55d3232f63391e0797acaf145ade8f6fca2ff36795dd5ae446de360724dec ["/usr/local/go", "/usr/local/go"] - From 43f519778e0e844f70395c7d7cdebdb1f99d79eb Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 02:17:14 +0200 Subject: [PATCH 133/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 28 ++++++++++++++++------------ build-base/alpine/Dockerfile | 1 + 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index ebf0e0b5e..277e4f1d6 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -19,6 +19,17 @@ defaults: shell: bash jobs: + init_build: + name: Initialize build + runs-on: ubuntu-latest + outputs: + os: ["alpine", "ol", "ubuntu"] + steps: + - name: Checkout the repository + uses: actions/checkout@v2 + with: + fetch-depth: 1 + build_base: timeout-minutes: 70 name: Build ${{ matrix.build }} base on ${{ matrix.os }} @@ -30,14 +41,13 @@ jobs: matrix: build: - build-base - os: - - alpine - - ubuntu - - ol + os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: ubuntu-20.04 steps: - uses: actions/checkout@v2 + with: + fetch-depth: 1 - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -178,10 +188,7 @@ jobs: - build-mysql - build-pgsql - build-sqlite3 - os: - - alpine - - ubuntu - - ol + os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: ubuntu-20.04 steps: @@ -339,10 +346,7 @@ jobs: - agent2 - proxy-mysql - java-gateway - os: - - alpine - - ubuntu - - ol + os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: ubuntu-20.04 steps: diff --git a/build-base/alpine/Dockerfile b/build-base/alpine/Dockerfile index c8645f34e..20f6424aa 100644 --- a/build-base/alpine/Dockerfile +++ b/build-base/alpine/Dockerfile @@ -20,6 +20,7 @@ LABEL org.opencontainers.image.title="Zabbix build base" \ org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ + env && \ apk add --no-cache --clean-protected \ bash \ autoconf \ From 551e805f5023a3ebdf676acb8eedd3f33639d394 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 02:18:47 +0200 Subject: [PATCH 134/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 277e4f1d6..e377040b2 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -33,6 +33,7 @@ jobs: build_base: timeout-minutes: 70 name: Build ${{ matrix.build }} base on ${{ matrix.os }} + needs: init_build env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" DOCKER_REPOSITORY: "zabbix" @@ -176,7 +177,7 @@ jobs: build_base_database: timeout-minutes: 70 - needs: build_base + needs: [ "build_base", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" @@ -333,7 +334,7 @@ jobs: build_images: timeout-minutes: 70 - needs: build_base_database + needs: [ "build_base_database", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: LATEST_BRANCH: "${{ github.event.repository.default_branch }}" From c00e9dbfb0a6317597a656d20c43843cd1800541 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 02:19:36 +0200 Subject: [PATCH 135/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index e377040b2..1abc6fb74 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -23,7 +23,7 @@ jobs: name: Initialize build runs-on: ubuntu-latest outputs: - os: ["alpine", "ol", "ubuntu"] + os: "[\"alpine\", \"ol\", \"ubuntu\"]" steps: - name: Checkout the repository uses: actions/checkout@v2 From 0e1f2a11fdd07cb695309f19d7f166171fbfc8aa Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 02:49:22 +0200 Subject: [PATCH 136/253] Updated Go lang to 1.17.1 version --- build-base/alpine/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build-base/alpine/Dockerfile b/build-base/alpine/Dockerfile index 20f6424aa..aeb8a8ff3 100644 --- a/build-base/alpine/Dockerfile +++ b/build-base/alpine/Dockerfile @@ -42,9 +42,8 @@ RUN set -eux && \ gettext \ git \ g++ \ + go \ make \ openjdk8-jre-base \ unixodbc-dev && \ rm -rf /var/cache/apk/* - -COPY --from=golang@sha256:55f55d3232f63391e0797acaf145ade8f6fca2ff36795dd5ae446de360724dec ["/usr/local/go", "/usr/local/go"] From 3298678099f20d05df0e4fe29c5e90b555041c07 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 03:10:41 +0200 Subject: [PATCH 137/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 48 +++++++++++++++++++----------- 1 file changed, 30 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 1abc6fb74..6a707b45f 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -23,28 +23,47 @@ jobs: name: Initialize build runs-on: ubuntu-latest outputs: - os: "[\"alpine\", \"ol\", \"ubuntu\"]" + os: ${{ steps.os.outputs.list }} + database: ${{ steps.database.outputs.list }} + components: ${{ steps.components.outputs.list }} + latest_branch: ${{ github.event.repository.default_branch }} + docker_repository: "zabbix" steps: - name: Checkout the repository uses: actions/checkout@v2 with: fetch-depth: 1 + - shell: bash + id: os + run: | + echo "::set-output name=list::[\"alpine\", \"ol\", \"ubuntu\"]" + + - shell: bash + id: database + run: | + echo "::set-output name=list::[\"build-mysql\", \"build-pgsql\", \"build-sqlite3\"]" + + - shell: bash + id: components + run: | + echo "::set-output name=list::[\"agent\", \"agent2\", \"proxy-mysql\", \"java-gateway\"]" + build_base: timeout-minutes: 70 name: Build ${{ matrix.build }} base on ${{ matrix.os }} needs: init_build env: - LATEST_BRANCH: "${{ github.event.repository.default_branch }}" - DOCKER_REPOSITORY: "zabbix" + LATEST_BRANCH: "${{ needs.init_build.outputs.latest_branch }}" + DOCKER_REPOSITORY: "${{ needs.init_build.outputs.docker_repository }}" strategy: - fail-fast: false + fail-fast: false matrix: build: - build-base os: ${{ fromJson(needs.init_build.outputs.os) }} - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: @@ -180,15 +199,12 @@ jobs: needs: [ "build_base", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: - LATEST_BRANCH: "${{ github.event.repository.default_branch }}" - DOCKER_REPOSITORY: "zabbix" + LATEST_BRANCH: "${{ needs.init_build.outputs.latest_branch }}" + DOCKER_REPOSITORY: "${{ needs.init_build.outputs.docker_repository }}" strategy: fail-fast: false matrix: - build: - - build-mysql - - build-pgsql - - build-sqlite3 + build: ${{ fromJson(needs.init_build.outputs.database) }} os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: ubuntu-20.04 @@ -337,16 +353,12 @@ jobs: needs: [ "build_base_database", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} env: - LATEST_BRANCH: "${{ github.event.repository.default_branch }}" - DOCKER_REPOSITORY: "zabbix" + LATEST_BRANCH: "${{ needs.init_build.outputs.latest_branch }}" + DOCKER_REPOSITORY: "${{ needs.init_build.outputs.docker_repository }}" strategy: fail-fast: false matrix: - build: - - agent - - agent2 - - proxy-mysql - - java-gateway + build: ${{ fromJson(needs.init_build.outputs.components) }} os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: ubuntu-20.04 From 2f6ea9a0dc4a05ec631ab1ed6c5af58bd95a3348 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 03:27:47 +0200 Subject: [PATCH 138/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 6a707b45f..2625955de 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -84,7 +84,8 @@ jobs: - name: Prepare platform list id: platform run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64" + #,linux/s390x" if [ "${{ matrix.os }}" == "ubuntu" ]; then DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" From 0d6b1823fbb924e20da18242f12d4ab73ff385f5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 03:39:50 +0200 Subject: [PATCH 139/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 2625955de..7bdeddee1 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -37,6 +37,7 @@ jobs: - shell: bash id: os run: | + jq echo "::set-output name=list::[\"alpine\", \"ol\", \"ubuntu\"]" - shell: bash @@ -227,7 +228,8 @@ jobs: - name: Prepare platform list id: platform run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64" + # ,linux/s390x" if [ "${{ matrix.os }}" == "ubuntu" ]; then DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" @@ -381,7 +383,8 @@ jobs: - name: Prepare platform list id: platform run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x" + DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64" + # ,linux/s390x" if [ "${{ matrix.os }}" == "ubuntu" ]; then DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" From 239115bbbaa168fbf2965c85218cb073f76ef4ef Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 04:55:24 +0200 Subject: [PATCH 140/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 10 +++------- build-base/alpine/Dockerfile | 2 +- build-base/ubuntu/Dockerfile | 2 +- 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 7bdeddee1..bc4c49ad0 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -29,11 +29,6 @@ jobs: latest_branch: ${{ github.event.repository.default_branch }} docker_repository: "zabbix" steps: - - name: Checkout the repository - uses: actions/checkout@v2 - with: - fetch-depth: 1 - - shell: bash id: os run: | @@ -342,8 +337,9 @@ jobs: build-args: BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} - echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} + run: | + echo ${{ steps.docker_build.outputs.digest }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} - uses: actions/upload-artifact@v2 with: diff --git a/build-base/alpine/Dockerfile b/build-base/alpine/Dockerfile index aeb8a8ff3..142a73e00 100644 --- a/build-base/alpine/Dockerfile +++ b/build-base/alpine/Dockerfile @@ -6,7 +6,7 @@ ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - PATH=/usr/local/go/bin:/usr/lib/jvm/default-jvm/bin:$PATH \ + PATH=/usr/lib/jvm/default-jvm/bin:$PATH \ JAVA_HOME=/usr/lib/jvm/default-jvm LABEL org.opencontainers.image.title="Zabbix build base" \ diff --git a/build-base/ubuntu/Dockerfile b/build-base/ubuntu/Dockerfile index d8712ad0f..61d195b1f 100644 --- a/build-base/ubuntu/Dockerfile +++ b/build-base/ubuntu/Dockerfile @@ -45,4 +45,4 @@ RUN set -eux && \ gettext \ git \ golang-1.16 \ - unixodbc-dev \ No newline at end of file + unixodbc-dev From 9a2b6b3c8e9f87ee4d68be57822818901a12e9f0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 07:21:16 +0200 Subject: [PATCH 141/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 +- java-gateway/alpine/Dockerfile | 1 - java-gateway/ol/Dockerfile | 1 - java-gateway/ubuntu/Dockerfile | 1 - 4 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index bc4c49ad0..f2de79130 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -498,7 +498,7 @@ jobs: context: ./${{ matrix.build }}/${{ matrix.os }} file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} - push: false + push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} build-args: BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${{ steps.prepare_tags.outputs.base_tag }} diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index bca8b7beb..c785988ed 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -29,7 +29,6 @@ STOPSIGNAL SIGTERM COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] -COPY ["conf/etc/", "/etc/"] RUN set -eux && \ addgroup --system --gid 1995 zabbix && \ diff --git a/java-gateway/ol/Dockerfile b/java-gateway/ol/Dockerfile index 462280050..467025a36 100644 --- a/java-gateway/ol/Dockerfile +++ b/java-gateway/ol/Dockerfile @@ -28,7 +28,6 @@ STOPSIGNAL SIGTERM COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] -COPY ["conf/etc/", "/etc/"] RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index 358696103..cfd9a5ff9 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -28,7 +28,6 @@ STOPSIGNAL SIGTERM COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] -COPY ["conf/etc/", "/etc/"] RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ From 244158f3756f363d6967ccb2226a5ee3ac5d27ff Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 08:34:51 +0200 Subject: [PATCH 142/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index f2de79130..0c195f61c 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -43,7 +43,7 @@ jobs: - shell: bash id: components run: | - echo "::set-output name=list::[\"agent\", \"agent2\", \"proxy-mysql\", \"java-gateway\"]" + echo "::set-output name=list::[\"agent\", \"agent2\", \"java-gateway\", \"proxy-mysql\", \"proxy-sqlite3\", \"server-mysql\", \"server-pgsql\", \"snmptraps\", \"web-apache-mysql\", \"web-apache-pgsql\", \"web-nginx-mysql\", \"web-nginx-pgsql\", \"web-service\"]" build_base: timeout-minutes: 70 From 1d74db337f3a0d0ae7f3fb1f22fcc07a7b16fdf4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 11:41:09 +0200 Subject: [PATCH 143/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 39 ++++++++++++++++++------------ build.xml | 35 +++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 15 deletions(-) create mode 100644 build.xml diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 0c195f61c..4b781ba8b 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -18,6 +18,10 @@ defaults: run: shell: bash +env: + DOCKER_REPOSITORY: "zabbix" + LATEST_BRANCH: ${{ github.event.repository.default_branch }} + jobs: init_build: name: Initialize build @@ -26,32 +30,38 @@ jobs: os: ${{ steps.os.outputs.list }} database: ${{ steps.database.outputs.list }} components: ${{ steps.components.outputs.list }} - latest_branch: ${{ github.event.repository.default_branch }} - docker_repository: "zabbix" steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 1 + - shell: bash id: os run: | - jq - echo "::set-output name=list::[\"alpine\", \"ol\", \"ubuntu\"]" + if [[ -f "./build.xml" ]]; then + os=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.xml") + else + os=[] + fi + + echo "::set-output name=list::$os" - shell: bash id: database run: | - echo "::set-output name=list::[\"build-mysql\", \"build-pgsql\", \"build-sqlite3\"]" + database=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.xml") + echo "::set-output name=list::$database" - shell: bash id: components run: | - echo "::set-output name=list::[\"agent\", \"agent2\", \"java-gateway\", \"proxy-mysql\", \"proxy-sqlite3\", \"server-mysql\", \"server-pgsql\", \"snmptraps\", \"web-apache-mysql\", \"web-apache-pgsql\", \"web-nginx-mysql\", \"web-nginx-pgsql\", \"web-service\"]" + components=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.xml") + echo "::set-output name=list::$components" build_base: timeout-minutes: 70 name: Build ${{ matrix.build }} base on ${{ matrix.os }} needs: init_build - env: - LATEST_BRANCH: "${{ needs.init_build.outputs.latest_branch }}" - DOCKER_REPOSITORY: "${{ needs.init_build.outputs.docker_repository }}" strategy: fail-fast: false matrix: @@ -195,9 +205,6 @@ jobs: timeout-minutes: 70 needs: [ "build_base", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} - env: - LATEST_BRANCH: "${{ needs.init_build.outputs.latest_branch }}" - DOCKER_REPOSITORY: "${{ needs.init_build.outputs.docker_repository }}" strategy: fail-fast: false matrix: @@ -351,9 +358,6 @@ jobs: timeout-minutes: 70 needs: [ "build_base_database", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} - env: - LATEST_BRANCH: "${{ needs.init_build.outputs.latest_branch }}" - DOCKER_REPOSITORY: "${{ needs.init_build.outputs.docker_repository }}" strategy: fail-fast: false matrix: @@ -387,6 +391,11 @@ jobs: #,linux/ppc64le" fi + # Chromium package does not have additional architectures support + if [ "${{ matrix.build }}" == "web-service" ]; then + DOCKER_PLATFORM="linux/amd64,linux/arm64" + fi + if [ "${{ matrix.os }}" == "ol" ]; then DOCKER_PLATFORM="linux/amd64,linux/arm64" fi diff --git a/build.xml b/build.xml new file mode 100644 index 000000000..c8e15fbdd --- /dev/null +++ b/build.xml @@ -0,0 +1,35 @@ +{ + "os": { + "alpine": [ + "linux/amd64", + "linux/arm/v6", + "linux/arm/v7", + "linux/arm64", + "linux/s390x" + ], + "ol": [ + "linux/amd64", + "linux/arm64" + ], + "ubuntu": [ + "linux/amd64", + "linux/arm/v7", + "linux/arm64" + ] + }, + "components": { + "agent": "build-mysql", + "agent2": "build-mysql", + "java-gateway": "build-mysql", + "proxy-mysql": "build-mysql", + "proxy-sqlite3": "build-sqlite3", + "server-mysql": "build-mysql", + "server-pgsql": "build-pgsql", + "snmptraps": "", + "web-apache-mysql": "build-mysql", + "web-apache-pgsql": "build-pgsql", + "web-nginx-mysql": "build-mysql", + "web-nginx-pgsql": "build-mysql", + "web-service": "build-mysql" + } +} \ No newline at end of file From aeca02b9abec6b3a5f7ceb450d4428718e536d14 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 12:32:06 +0200 Subject: [PATCH 144/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 104 ++++++++++++++--------------- 1 file changed, 49 insertions(+), 55 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 4b781ba8b..4a240c34a 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -21,6 +21,7 @@ defaults: env: DOCKER_REPOSITORY: "zabbix" LATEST_BRANCH: ${{ github.event.repository.default_branch }} + BASE_BUILD_NAME: "build-base" jobs: init_build: @@ -31,47 +32,60 @@ jobs: database: ${{ steps.database.outputs.list }} components: ${{ steps.components.outputs.list }} steps: - - uses: actions/checkout@v2 + - name: Checkout repository + uses: actions/checkout@v2 with: fetch-depth: 1 - - shell: bash - id: os + - name: Check build.xml file + id: build_exists run: | - if [[ -f "./build.xml" ]]; then - os=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.xml") - else - os=[] + if [[ ! -f "./build.xml" ]]; then + echo "::error::File build.xml is missing" + exit 1 fi - echo "::set-output name=list::$os" + - name: Prepare Operating System list + id: os + run: | + os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.xml") - - shell: bash + echo "::set-output name=list::$os_list" + + - name: Prepare Platform list + id: platform_list + run: | + platform_list=$(jq -r '.os | tostring | @json' "./build.xml") + + echo "::set-output name=list::$platform_list" + + - name: Prepare Database engine list id: database run: | - database=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.xml") - echo "::set-output name=list::$database" + database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.xml") - - shell: bash + echo "::set-output name=list::$database_list" + + - name: Prepare Zabbix component list id: components run: | - components=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.xml") - echo "::set-output name=list::$components" + component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.xml") + + echo "::set-output name=list::$component_list" build_base: timeout-minutes: 70 - name: Build ${{ matrix.build }} base on ${{ matrix.os }} + name: Build base on ${{ matrix.os }} needs: init_build strategy: fail-fast: false matrix: - build: - - build-base os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: Checkout repository + uses: actions/checkout@v2 with: fetch-depth: 1 @@ -87,30 +101,20 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Prepare platform list - id: platform + - name: Prepare Platform list + id: platform_list run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64" - #,linux/s390x" + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") - if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" - #,linux/ppc64le" - fi + echo ::set-output name=list::${DOCKER_PLATFORM} - if [ "${{ matrix.os }}" == "ol" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - echo ::set-output name=list::${DOCKER_PLATFORM} - - - name: Prepare environment (push) + - name: Prepare environment (${{ github.event_name }}) if: github.event_name == 'push' id: prepare_push run: | TAGS_ARRAY=() - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ $env.BASE_BUILD_NAME }}" GIT_BRANCH="${{ github.ref }}" GIT_BRANCH=${GIT_BRANCH:11} @@ -139,13 +143,13 @@ jobs: echo ::set-output name=image_name::${IMAGE_NAME} echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") - - name: Prepare environment (release) + - name: Prepare environment (${{ github.event_name }}) if: github.event_name == 'release' && github.event.action == 'published' id: prepare_release run: | TAGS_ARRAY=() - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ $env.BASE_BUILD_NAME }}" RELEASE_VERSION="${{ github.ref }}" RELEASE_VERSION=${RELEASE_VERSION:10} GIT_BRANCH=${RELEASE_VERSION%.*} @@ -184,8 +188,8 @@ jobs: id: docker_build uses: docker/build-push-action@v2 with: - context: ./${{ matrix.build }}/${{ matrix.os }} - file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + context: ./${{ $env.BASE_BUILD_NAME }}/${{ matrix.os }} + file: ./${{ $env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} @@ -193,12 +197,12 @@ jobs: - name: Image digest run: | echo ${{ steps.docker_build.outputs.digest }} - echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ $env.BASE_BUILD_NAME }}_${{ matrix.os }} - uses: actions/upload-artifact@v2 with: - name: ${{ matrix.build }}_${{ matrix.os }} - path: ${{ matrix.build }}_${{ matrix.os }} + name: ${{ $env.BASE_BUILD_NAME }}_${{ matrix.os }} + path: ${{ $env.BASE_BUILD_NAME }}_${{ matrix.os }} if-no-files-found: error build_base_database: @@ -227,22 +231,12 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Prepare platform list - id: platform + - name: Prepare Platform list + id: platform_list run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64" - # ,linux/s390x" + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") - if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" - #,linux/ppc64le" - fi - - if [ "${{ matrix.os }}" == "ol" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - echo ::set-output name=list::${DOCKER_PLATFORM} + echo ::set-output name=list::${DOCKER_PLATFORM} - name: Prepare environment (push) if: github.event_name == 'push' From 1d64aceb3023d2031d30651b3a1859314a7d216a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 12:32:43 +0200 Subject: [PATCH 145/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 4a240c34a..538a912ca 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -71,7 +71,7 @@ jobs: run: | component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.xml") - echo "::set-output name=list::$component_list" + echo "::set-output name=list::$component_list" build_base: timeout-minutes: 70 From 968e70e576286e60f0f90716226ce61a6fa63234 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 12:33:46 +0200 Subject: [PATCH 146/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 538a912ca..881d1c76d 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -114,7 +114,7 @@ jobs: run: | TAGS_ARRAY=() - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ $env.BASE_BUILD_NAME }}" + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }}" GIT_BRANCH="${{ github.ref }}" GIT_BRANCH=${GIT_BRANCH:11} @@ -149,7 +149,7 @@ jobs: run: | TAGS_ARRAY=() - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ $env.BASE_BUILD_NAME }}" + IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }}" RELEASE_VERSION="${{ github.ref }}" RELEASE_VERSION=${RELEASE_VERSION:10} GIT_BRANCH=${RELEASE_VERSION%.*} @@ -188,8 +188,8 @@ jobs: id: docker_build uses: docker/build-push-action@v2 with: - context: ./${{ $env.BASE_BUILD_NAME }}/${{ matrix.os }} - file: ./${{ $env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile + context: ./${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} + file: ./${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} @@ -197,12 +197,12 @@ jobs: - name: Image digest run: | echo ${{ steps.docker_build.outputs.digest }} - echo "${{ steps.docker_build.outputs.digest }}" > ${{ $env.BASE_BUILD_NAME }}_${{ matrix.os }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} - uses: actions/upload-artifact@v2 with: - name: ${{ $env.BASE_BUILD_NAME }}_${{ matrix.os }} - path: ${{ $env.BASE_BUILD_NAME }}_${{ matrix.os }} + name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} + path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} if-no-files-found: error build_base_database: From 4acb3dd810f766819aee9d993fa721ab9937c9af Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 12:35:54 +0200 Subject: [PATCH 147/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 881d1c76d..de18213d5 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -106,7 +106,7 @@ jobs: run: | platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") - echo ::set-output name=list::${DOCKER_PLATFORM} + echo ::set-output name=list::$platform_list - name: Prepare environment (${{ github.event_name }}) if: github.event_name == 'push' From fe97fa79bfadaf2655da5cf3fefe918ef9f29b2e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 12:36:08 +0200 Subject: [PATCH 148/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index de18213d5..ddaefda7c 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -236,7 +236,7 @@ jobs: run: | platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") - echo ::set-output name=list::${DOCKER_PLATFORM} + echo ::set-output name=list::$platform_list - name: Prepare environment (push) if: github.event_name == 'push' From 830c0840483999abf57a578e0546e446e36b1dc9 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 13:58:32 +0200 Subject: [PATCH 149/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index ddaefda7c..63a7b0250 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -108,6 +108,25 @@ jobs: echo ::set-output name=list::$platform_list + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} + tags: | + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{ version }} + type=semver,pattern={{ major }}.{{ minor }} + type=raw,value=${{ matrix.os }}-{{ branch }} + type=raw,value=${{ branch }}-${{ matrix.os }} + type=pep440,pattern={{version}}, + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=ref,event=push,prefix=${{ matrix.os }}- + type=ref,event=push,suffix=-${{ matrix.os }} + + - name: Prepare environment (${{ github.event_name }}) if: github.event_name == 'push' id: prepare_push From d0683d44f05e6e5a8312b49a733bdadb7842cb08 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:00:09 +0200 Subject: [PATCH 150/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 63a7b0250..20b2e80e3 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -114,8 +114,6 @@ jobs: with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} tags: | - type=ref,event=branch - type=ref,event=pr type=semver,pattern={{ version }} type=semver,pattern={{ major }}.{{ minor }} type=raw,value=${{ matrix.os }}-{{ branch }} From d5673842d7f435747347977e003ffda5e3915e06 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:02:44 +0200 Subject: [PATCH 151/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 20b2e80e3..97ef9a093 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -114,10 +114,10 @@ jobs: with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} tags: | - type=semver,pattern={{ version }} - type=semver,pattern={{ major }}.{{ minor }} - type=raw,value=${{ matrix.os }}-{{ branch }} - type=raw,value=${{ branch }}-${{ matrix.os }} + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{matrix.os}}-{{ branch }} + type=raw,value={{branch}}-${{ matrix.os }} type=pep440,pattern={{version}}, type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} From 33830b79836e3f6e6766f93f671a58558b7de69d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:05:14 +0200 Subject: [PATCH 152/253] Updated Go lang to 1.17.1 version --- .github/workflows/build_images.yml | 33 +++++++++++++++--------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 97ef9a093..55f348b61 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -89,6 +89,22 @@ jobs: with: fetch-depth: 1 + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{matrix.os}}-{{ branch }} + type=raw,value={{branch}}-${{ matrix.os }} + type=pep440,pattern={{version}}, + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=pr,suffix=-${{ matrix.os }} + - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -108,23 +124,6 @@ jobs: echo ::set-output name=list::$platform_list - - name: Docker meta - id: meta - uses: docker/metadata-action@v3 - with: - images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} - tags: | - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=raw,value=${{matrix.os}}-{{ branch }} - type=raw,value={{branch}}-${{ matrix.os }} - type=pep440,pattern={{version}}, - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=ref,event=push,prefix=${{ matrix.os }}- - type=ref,event=push,suffix=-${{ matrix.os }} - - - name: Prepare environment (${{ github.event_name }}) if: github.event_name == 'push' id: prepare_push From 18b2858b97790e8086ea35bf88ef60f6c40571e5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:14:02 +0200 Subject: [PATCH 153/253] Test --- .github/workflows/build_images.yml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 55f348b61..2cee0ce4e 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -95,15 +95,10 @@ jobs: with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} tags: | - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=raw,value=${{matrix.os}}-{{ branch }} - type=raw,value={{branch}}-${{ matrix.os }} - type=pep440,pattern={{version}}, - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=ref,event=branch,prefix=${{ matrix.os }}- - type=ref,event=pr,suffix=-${{ matrix.os }} + type=raw,value=${{matrix.os}}-{{ branch }}test1 + type=raw,value={{branch}}-${{ matrix.os }}test2 + type=ref,event=push,prefix=${{ matrix.os }}-test3 + type=ref,event=push,suffix=-${{ matrix.os }}-test4 - name: Set up QEMU uses: docker/setup-qemu-action@v1 From ddadbdf8220a593d092ccf07a9712bb001506b70 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:15:57 +0200 Subject: [PATCH 154/253] Test --- .github/workflows/build_images.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 2cee0ce4e..111e0c3ba 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -97,8 +97,8 @@ jobs: tags: | type=raw,value=${{matrix.os}}-{{ branch }}test1 type=raw,value={{branch}}-${{ matrix.os }}test2 - type=ref,event=push,prefix=${{ matrix.os }}-test3 - type=ref,event=push,suffix=-${{ matrix.os }}-test4 + type=ref,event=branch,prefix=${{ matrix.os }}-test3 + type=ref,event=branch,suffix=-${{ matrix.os }}-test4 - name: Set up QEMU uses: docker/setup-qemu-action@v1 From 8d2e46895d2777893a676ac8bff13ff1f9bcaedd Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:36:19 +0200 Subject: [PATCH 155/253] Test --- .github/workflows/build_images.yml | 306 +++-------------------------- 1 file changed, 29 insertions(+), 277 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 111e0c3ba..f64d62208 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -89,17 +89,6 @@ jobs: with: fetch-depth: 1 - - name: Docker meta - id: meta - uses: docker/metadata-action@v3 - with: - images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} - tags: | - type=raw,value=${{matrix.os}}-{{ branch }}test1 - type=raw,value={{branch}}-${{ matrix.os }}test2 - type=ref,event=branch,prefix=${{ matrix.os }}-test3 - type=ref,event=branch,suffix=-${{ matrix.os }}-test4 - - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -119,81 +108,14 @@ jobs: echo ::set-output name=list::$platform_list - - name: Prepare environment (${{ github.event_name }}) - if: github.event_name == 'push' - id: prepare_push - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }}" - GIT_BRANCH="${{ github.ref }}" - GIT_BRANCH=${GIT_BRANCH:11} - - echo "::debug::Branch - ${GIT_BRANCH}" - - if [ "${GIT_BRANCH}" == "trunk" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") - else - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") - fi - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") - fi - - TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") - - echo "::debug::Tags - ${TAGS}" - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") - - - name: Prepare environment (${{ github.event_name }}) - if: github.event_name == 'release' && github.event.action == 'published' - id: prepare_release - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }}" - RELEASE_VERSION="${{ github.ref }}" - RELEASE_VERSION=${RELEASE_VERSION:10} - GIT_BRANCH=${RELEASE_VERSION%.*} - - echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" - - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") - TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") - - - name: Prepare tags - id: prepare_tags - run: | - if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" - elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" - else - exit 1 - fi - - echo ::set-output name=image_tag_versions::${TAGS} - echo ::set-output name=image_name::${IMAGE_NAME} + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} + tags: | + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} - name: Build and push id: docker_build @@ -203,7 +125,7 @@ jobs: file: ./${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} - tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} + tags: ${{ steps.meta.outputs.tags }} - name: Image digest run: | @@ -249,93 +171,23 @@ jobs: echo ::set-output name=list::$platform_list - - name: Prepare environment (push) - if: github.event_name == 'push' - id: prepare_push - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - GIT_BRANCH="${{ github.ref }}" - GIT_BRANCH=${GIT_BRANCH:11} - - echo "::debug::Branch - ${GIT_BRANCH}" - - if [ "${GIT_BRANCH}" == "trunk" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") - else - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") - fi - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") - fi - - TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") - - echo "::debug::Tags - ${TAGS}" - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") - echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} - - - name: Prepare environment (release) - if: github.event_name == 'release' && github.event.action == 'published' - id: prepare_release - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - RELEASE_VERSION="${{ github.ref }}" - RELEASE_VERSION=${RELEASE_VERSION:10} - GIT_BRANCH=${RELEASE_VERSION%.*} - - echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" - - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") - TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") - echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} - - - uses: actions/download-artifact@v2 + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 with: - name: build-base_${{ matrix.os }} + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} + tags: | + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} - - name: Prepare tags - id: prepare_tags + - name: Retrieve base build SHA256 tag + id: base_build run: | - if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" - BASE_TAG="${{ steps.prepare_push.outputs.base_tag }}" - elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" - BASE_TAG="${{ steps.prepare_release.outputs.base_tag }}" - else - exit 1 - fi - BASE_TAG=$(cat build-base_${{ matrix.os }}) + BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${{ steps.base_build.outputs.base_tag }} - echo ::set-output name=image_tag_versions::${TAGS} - echo ::set-output name=image_name::${IMAGE_NAME} echo ::set-output name=base_tag::${BASE_TAG} - + echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} - name: Build and push id: docker_build @@ -345,8 +197,8 @@ jobs: file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} - tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - build-args: BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${{ steps.prepare_tags.outputs.base_tag }} + tags: ${{ steps.meta.outputs.tags }} + build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} - name: Image digest run: | @@ -364,7 +216,7 @@ jobs: needs: [ "build_base_database", "init_build"] name: Build ${{ matrix.build }} base on ${{ matrix.os }} strategy: - fail-fast: false + fail-fast: false matrix: build: ${{ fromJson(needs.init_build.outputs.components) }} os: ${{ fromJson(needs.init_build.outputs.os) }} @@ -385,100 +237,10 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Prepare platform list - id: platform - run: | - DOCKER_PLATFORM="linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64" - # ,linux/s390x" - - if [ "${{ matrix.os }}" == "ubuntu" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm/v7,linux/arm64" - #,linux/ppc64le" - fi - - # Chromium package does not have additional architectures support - if [ "${{ matrix.build }}" == "web-service" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - if [ "${{ matrix.os }}" == "ol" ]; then - DOCKER_PLATFORM="linux/amd64,linux/arm64" - fi - - echo ::set-output name=list::${DOCKER_PLATFORM} - - - name: Prepare environment (push) - if: github.event_name == 'push' - id: prepare_push - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - GIT_BRANCH="${{ github.ref }}" - GIT_BRANCH=${GIT_BRANCH:11} - - echo "::debug::Branch - ${GIT_BRANCH}" - - if [ "${GIT_BRANCH}" == "trunk" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}") - else - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}-latest") - TAGS_ARRAY+=("$IMAGE_NAME:${GIT_BRANCH}-${{ matrix.os }}-latest") - fi - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - if [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-latest") - fi - - TAGS=$(printf -- "%s, " "${TAGS_ARRAY[@]}") - - echo "::debug::Tags - ${TAGS}" - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- "%s," "${TAGS_ARRAY[@]}") - echo ::set-output name=base_tag::${TAGS_ARRAY[1]#*:} - - - name: Prepare environment (release) - if: github.event_name == 'release' && github.event.action == 'published' - id: prepare_release - run: | - TAGS_ARRAY=() - - IMAGE_NAME="${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }}" - RELEASE_VERSION="${{ github.ref }}" - RELEASE_VERSION=${RELEASE_VERSION:10} - GIT_BRANCH=${RELEASE_VERSION%.*} - - echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" - - TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") - TAGS_ARRAY+=("$IMAGE_NAME:${RELEASE_VERSION}-${{ matrix.os }}") - - if [ "${{ matrix.os }}" == "alpine" ] && [ "${LATEST_BRANCH}" == "${GIT_BRANCH}" ]; then - TAGS_ARRAY+=("$IMAGE_NAME:latest") - fi - - TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") - - - echo ::set-output name=image_name::${IMAGE_NAME} - echo ::set-output name=image_tag_versions::$(printf -- ",%s" "${TAGS_ARRAY[@]}") - - name: Detect Build Base Image id: build_base_image run: | - BUILD_BASE="build-mysql" - if [[ "${{ matrix.build }}" == *"pgsql" ]]; then - BUILD_BASE="build-pgsql" - fi - if [[ "${{ matrix.build }}" == *"sqlite3" ]]; then - BUILD_BASE="build-mysql" - fi + BUILD_BASE=$(jq -r '.components."${{ matrix.build }}"' "./build.xml") echo ::set-output name=build_base::${BUILD_BASE} @@ -486,24 +248,14 @@ jobs: with: name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} - - name: Prepare tags - id: prepare_tags + - name: Retrieve base build SHA256 tag + id: base_build run: | - if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_push.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_push.outputs.image_name }}" - elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then - TAGS="${{ steps.prepare_release.outputs.image_tag_versions }}" - IMAGE_NAME="${{ steps.prepare_release.outputs.image_name }}" - else - exit 1 - fi - BASE_TAG=$(cat ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}) + BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${BASE_TAG} - echo ::set-output name=image_tag_versions::${TAGS} - echo ::set-output name=image_name::${IMAGE_NAME} echo ::set-output name=base_tag::${BASE_TAG} + echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} - name: Build and push id: docker_build @@ -514,7 +266,7 @@ jobs: platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} - build-args: BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${{ steps.prepare_tags.outputs.base_tag }} + build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} From 2d47b2c52e78d698ace268aaa99371cc2372e854 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 14:49:54 +0200 Subject: [PATCH 156/253] Test --- .github/workflows/build_images.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index f64d62208..6cba25074 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -180,6 +180,10 @@ jobs: type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} + - uses: actions/download-artifact@v2 + with: + name: build-base_${{ matrix.os }} + - name: Retrieve base build SHA256 tag id: base_build run: | From e43c79dffdbb12831adf9a15390b2eb66b7096e3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 15:02:34 +0200 Subject: [PATCH 157/253] Test --- .github/workflows/build_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 6cba25074..965d82bba 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -188,7 +188,7 @@ jobs: id: base_build run: | BASE_TAG=$(cat build-base_${{ matrix.os }}) - BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${{ steps.base_build.outputs.base_tag }} + BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${BASE_TAG} echo ::set-output name=base_tag::${BASE_TAG} echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} From 8a39fcf7b4bab435e666bb61af0975a473c0b688 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 15:22:13 +0200 Subject: [PATCH 158/253] Test --- .github/workflows/build_images.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 965d82bba..1da71fb91 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -116,6 +116,8 @@ jobs: tags: | type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} + flavor: | + latest=auto - name: Build and push id: docker_build @@ -179,6 +181,8 @@ jobs: tags: | type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} + flavor: | + latest=auto - uses: actions/download-artifact@v2 with: @@ -248,6 +252,17 @@ jobs: echo ::set-output name=build_base::${BUILD_BASE} + - name: Docker meta + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} + tags: | + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} + flavor: | + latest=auto + - uses: actions/download-artifact@v2 with: name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} @@ -269,7 +284,7 @@ jobs: file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} - tags: ${{ steps.prepare_tags.outputs.image_tag_versions }} + tags: ${{ steps.meta.outputs.tags }} build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} - name: Image digest From 98c7b39287a26d1ea80090fb96e54d3558bf6cb7 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 16:14:38 +0200 Subject: [PATCH 159/253] Test --- .github/workflows/build_images.yml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 1da71fb91..be2e15c77 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -33,7 +33,7 @@ jobs: components: ${{ steps.components.outputs.list }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v2.3.4 with: fetch-depth: 1 @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v2.3.4 with: fetch-depth: 1 @@ -134,7 +134,7 @@ jobs: echo ${{ steps.docker_build.outputs.digest }} echo "${{ steps.docker_build.outputs.digest }}" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} @@ -152,7 +152,7 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v2.3.4 - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -184,7 +184,7 @@ jobs: flavor: | latest=auto - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v2.0.10 with: name: build-base_${{ matrix.os }} @@ -213,7 +213,7 @@ jobs: echo ${{ steps.docker_build.outputs.digest }} echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} - - uses: actions/upload-artifact@v2 + - uses: actions/upload-artifact@v2.2.4 with: name: ${{ matrix.build }}_${{ matrix.os }} path: ${{ matrix.build }}_${{ matrix.os }} @@ -231,7 +231,7 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v2.3.4 - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -263,12 +263,14 @@ jobs: flavor: | latest=auto - - uses: actions/download-artifact@v2 + - uses: actions/download-artifact@v2.0.10 + if: ${{ matrix.build != "snmptraps" }} with: name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} - name: Retrieve base build SHA256 tag id: base_build + if: ${{ matrix.build != "snmptraps" }} run: | BASE_TAG=$(cat ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}) BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${BASE_TAG} From da71721516418e734b9554d1ac050ac3f2484149 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 16:15:32 +0200 Subject: [PATCH 160/253] Test --- .github/workflows/build_images.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index be2e15c77..2a7b199a0 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -264,13 +264,13 @@ jobs: latest=auto - uses: actions/download-artifact@v2.0.10 - if: ${{ matrix.build != "snmptraps" }} + if: ${{ matrix.build != 'snmptraps' }} with: name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} - name: Retrieve base build SHA256 tag id: base_build - if: ${{ matrix.build != "snmptraps" }} + if: ${{ matrix.build != 'snmptraps' }} run: | BASE_TAG=$(cat ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}) BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${BASE_TAG} From fd2da0a3617f9f3b92004cfece3c99a7f754a7b3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 14 Sep 2021 17:37:31 +0200 Subject: [PATCH 161/253] Test --- .github/workflows/Azure.yml | 2 +- .github/workflows/build_images.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/Azure.yml b/.github/workflows/Azure.yml index 4321f1285..64e50e29f 100644 --- a/.github/workflows/Azure.yml +++ b/.github/workflows/Azure.yml @@ -1,4 +1,4 @@ -name: Azure +name: Build images (Azure) on: release: diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 2a7b199a0..39a856be8 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -1,4 +1,4 @@ -name: Build images +name: Build images (DockerHub) on: release: From 632daf9386a00e6177bc59619f0009adcdab404b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 15 Sep 2021 13:31:56 +0200 Subject: [PATCH 162/253] Test --- .github/workflows/build_images.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 39a856be8..d42e55c00 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -102,7 +102,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: Prepare Platform list - id: platform_list + id: platform run: | platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") @@ -167,7 +167,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: Prepare Platform list - id: platform_list + id: platform run: | platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") @@ -245,6 +245,13 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + - name: Prepare Platform list + id: platform + run: | + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") + + echo ::set-output name=list::$platform_list + - name: Detect Build Base Image id: build_base_image run: | From de84862c743c0709dcb8a1423031e3d821a46b9d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 15 Sep 2021 14:15:05 +0200 Subject: [PATCH 163/253] Test --- .github/workflows/build_images.yml | 10 ++++++---- build.xml | 6 +++--- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index d42e55c00..ff2f2669e 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -108,7 +108,7 @@ jobs: echo ::set-output name=list::$platform_list - - name: Docker meta + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: @@ -134,7 +134,8 @@ jobs: echo ${{ steps.docker_build.outputs.digest }} echo "${{ steps.docker_build.outputs.digest }}" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} - - uses: actions/upload-artifact@v2.2.4 + - name: Upload SHA256 tag + uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} @@ -173,7 +174,7 @@ jobs: echo ::set-output name=list::$platform_list - - name: Docker meta + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: @@ -184,7 +185,8 @@ jobs: flavor: | latest=auto - - uses: actions/download-artifact@v2.0.10 + - name: Download SHA256 tag + uses: actions/download-artifact@v2.0.10 with: name: build-base_${{ matrix.os }} diff --git a/build.xml b/build.xml index c8e15fbdd..7a4f65e20 100644 --- a/build.xml +++ b/build.xml @@ -4,8 +4,7 @@ "linux/amd64", "linux/arm/v6", "linux/arm/v7", - "linux/arm64", - "linux/s390x" + "linux/arm64" ], "ol": [ "linux/amd64", @@ -14,7 +13,8 @@ "ubuntu": [ "linux/amd64", "linux/arm/v7", - "linux/arm64" + "linux/arm64", + "linux/ppc64le" ] }, "components": { From 8aaf6590a4e580841feeb13feb24e9bea2a62040 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 15 Sep 2021 14:21:33 +0200 Subject: [PATCH 164/253] Test --- .github/workflows/build_images.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index ff2f2669e..04e479c59 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -128,6 +128,9 @@ jobs: platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.meta.outputs.tags }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - name: Image digest run: | @@ -215,7 +218,8 @@ jobs: echo ${{ steps.docker_build.outputs.digest }} echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} - - uses: actions/upload-artifact@v2.2.4 + - name: Upload SHA256 tag + uses: actions/upload-artifact@v2.2.4 with: name: ${{ matrix.build }}_${{ matrix.os }} path: ${{ matrix.build }}_${{ matrix.os }} @@ -261,7 +265,7 @@ jobs: echo ::set-output name=build_base::${BUILD_BASE} - - name: Docker meta + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: @@ -272,7 +276,8 @@ jobs: flavor: | latest=auto - - uses: actions/download-artifact@v2.0.10 + - name: Download SHA256 tag + uses: actions/download-artifact@v2.0.10 if: ${{ matrix.build != 'snmptraps' }} with: name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} From b00da1c4f968e76fbcc3a721d8a6007cf80063d2 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 15 Sep 2021 15:29:12 +0200 Subject: [PATCH 165/253] Test --- .github/workflows/build_images.yml | 6 ++++++ build.xml | 3 +-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index 04e479c59..ca2eb7209 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -212,6 +212,9 @@ jobs: push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.meta.outputs.tags }} build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - name: Image digest run: | @@ -302,6 +305,9 @@ jobs: push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.meta.outputs.tags }} build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/build.xml b/build.xml index 7a4f65e20..d9be52bae 100644 --- a/build.xml +++ b/build.xml @@ -13,8 +13,7 @@ "ubuntu": [ "linux/amd64", "linux/arm/v7", - "linux/arm64", - "linux/ppc64le" + "linux/arm64" ] }, "components": { From e41876db2ddc6e450766246cd1720bf7a7fc0b06 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 15 Sep 2021 16:48:48 +0200 Subject: [PATCH 166/253] Test --- .github/workflows/build_images.yml | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml index ca2eb7209..50c39b0d4 100644 --- a/.github/workflows/build_images.yml +++ b/.github/workflows/build_images.yml @@ -119,7 +119,7 @@ jobs: flavor: | latest=auto - - name: Build and push + - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} and push id: docker_build uses: docker/build-push-action@v2 with: @@ -156,7 +156,8 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v2.3.4 + - name: Checkout repository + uses: actions/checkout@v2.3.4 - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -188,12 +189,12 @@ jobs: flavor: | latest=auto - - name: Download SHA256 tag + - name: Download SHA256 tag build-base:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: name: build-base_${{ matrix.os }} - - name: Retrieve base build SHA256 tag + - name: Retrieve build-base:${{ matrix.os }} SHA256 tag id: base_build run: | BASE_TAG=$(cat build-base_${{ matrix.os }}) @@ -202,7 +203,7 @@ jobs: echo ::set-output name=base_tag::${BASE_TAG} echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} - - name: Build and push + - name: Build ${{ matrix.build }}/${{ matrix.os }} and push id: docker_build uses: docker/build-push-action@v2 with: @@ -257,7 +258,12 @@ jobs: - name: Prepare Platform list id: platform run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") + # Chromium on Alpine is available only on linux/amd64, linux/arm64 platforms + if [ "${{ matrix.os }}" == "alpine" ] && [ "${{ matrix.build }}" == "web-service" ]; then + platform_list="linux/amd64,linux/arm64" + else + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") + fi echo ::set-output name=list::$platform_list @@ -279,13 +285,13 @@ jobs: flavor: | latest=auto - - name: Download SHA256 tag + - name: Download SHA256 tag for ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 if: ${{ matrix.build != 'snmptraps' }} with: name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} - - name: Retrieve base build SHA256 tag + - name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag id: base_build if: ${{ matrix.build != 'snmptraps' }} run: | @@ -295,7 +301,7 @@ jobs: echo ::set-output name=base_tag::${BASE_TAG} echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} - - name: Build and push + - name: Build ${{ matrix.build }}/${{ matrix.os }} and push id: docker_build uses: docker/build-push-action@v2 with: From 80af5cb76b12e4fa431ffe17b9eaf9c757957572 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 15 Sep 2021 22:32:35 +0200 Subject: [PATCH 167/253] New Dockerfiles and environment variables structure --- .github/workflows/images_build.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index c38e711d2..aa1191d77 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -123,8 +123,8 @@ jobs: id: docker_build uses: docker/build-push-action@v2 with: - context: ./${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} - file: ./${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile + context: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} + file: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.meta.outputs.tags }} @@ -207,8 +207,8 @@ jobs: id: docker_build uses: docker/build-push-action@v2 with: - context: ./${{ matrix.build }}/${{ matrix.os }} - file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + context: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }} + file: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.meta.outputs.tags }} @@ -305,8 +305,8 @@ jobs: id: docker_build uses: docker/build-push-action@v2 with: - context: ./${{ matrix.build }}/${{ matrix.os }} - file: ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile + context: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }} + file: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }}/Dockerfile platforms: ${{ steps.platform.outputs.list }} push: ${{ secrets.AUTO_PUSH_IMAGES }} tags: ${{ steps.meta.outputs.tags }} From 2c6d639255dc7acff24639cd653b420cfbac540b Mon Sep 17 00:00:00 2001 From: dotneft Date: Thu, 16 Sep 2021 04:15:22 +0300 Subject: [PATCH 168/253] Updated Windows Dockerfiles --- Dockerfiles/agent/windows/Dockerfile | 180 ++++++++++++++++++-------- Dockerfiles/agent2/windows/Dockerfile | 155 ++++++++++++++++------ 2 files changed, 242 insertions(+), 93 deletions(-) diff --git a/Dockerfiles/agent/windows/Dockerfile b/Dockerfiles/agent/windows/Dockerfile index f80d71e56..59265d108 100644 --- a/Dockerfiles/agent/windows/Dockerfile +++ b/Dockerfiles/agent/windows/Dockerfile @@ -1,3 +1,4 @@ +# syntax=docker/dockerfile:1 # escape=` ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 @@ -10,53 +11,80 @@ ARG LIBMODBUS_VERSION=master ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-installer-x64.exe ARG PERL_URL=https://strawberryperl.com/download/5.32.1.1/strawberry-perl-5.32.1.1-64bit.msi -ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/Git-2.33.0.2-64-bit.exe +ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip +ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip +ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz ARG LIBMODBUS_URL=https://github.com/stephane/libmodbus.git -ARG VS_DEV_CMD_LOCATION="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\VsDevCmd.bat" -ARG VC_VARS_ALL_LOCATION="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Auxiliary\Build\vcvarsall.bat" - ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION LIBMODBUS_VERSION=$LIBMODBUS_VERSION ` - GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL ` - VS_DEV_CMD_LOCATION=$VS_DEV_CMD_LOCATION VC_VARS_ALL_LOCATION=$VC_VARS_ALL_LOCATION + GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -RUN Set-Location -Path "$env:SystemDrive"\; ` - Write-Verbose -Message 'Visual Studio components installing...'; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` - $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` - if ((Get-FileHash "$env:SystemDrive\git-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\git.zip" -Uri $env:GIT_URL; ` + $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash "$env:SystemDrive\git.zip" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum GIT for Windows failed!"; ` exit 1; ` }; ` - Start-Process -FilePath "$env:SystemDrive\git-installer.exe" -argumentlist '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /NOCANCEL /SP- /LOG /COMPONENTS="icons,assoc,assoc_sh,ext,ext\shellhere,gitlfs' -wait; ` - Remove-Item -Force -Path "$env:SystemDrive\git-installer.exe"; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\nasm-installer.exe" $env:NASM_URL; ` + Write-Host 'Installing ...'; ` + Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` + Remove-Item -Force -Path "$env:SystemDrive\git.zip"; ` + $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("git version") ...'; ` + git version; ` + ` + Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\nasm-installer.exe" -Uri $env:NASM_URL; ` $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\nasm-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum NASM failed!"; ` exit 1; ` }; ` - Start-Process -FilePath "$env:SystemDrive\nasm-installer.exe" -argumentlist '/S'; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\perl-installer.msi" $env:PERL_URL; ` + Write-Host 'Installing ...'; ` + Start-Process -FilePath "$env:SystemDrive\nasm-installer.exe" -argumentlist '/S' -Wait; ` + Remove-Item -Force -Path "$env:SystemDrive\nasm-installer.exe"; ` + $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("nasm -v") ...'; ` + nasm -v; ` + ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` + Invoke-WebRequest -OutFile "$env:SystemDrive\perl-installer.msi" -Uri $env:PERL_URL; ` + ` $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\perl-installer.msi" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Strawberry Perl failed!"; ` exit 1; ` }; ` + Write-Host 'Installing ...'; ` Start-Process -FilePath "msiexec.exe" -argumentlist """/i C:\perl-installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" -wait; ` - $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin"""; ` - cpan Text::Template; ` - Remove-Item -Force -Path "$env:SystemDrive\nasm-installer.exe"; ` Remove-Item -Force -Path "$env:SystemDrive\perl-installer.msi"; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` - $sha256 = 'f3a7e2868c203490a4095231e20e628bf661b7469f2d53626f3fbbdfc161d471'; ` - if ((Get-FileHash "$env:SystemDrive\vs_buildtools.exe" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum Visual Studio Build tools failed!"; ` - exit 1; ` - }; ` + $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("perl -V") ...'; ` + perl -V; ` + ` + Write-Host 'Installing Text::Template...'; ` + cpan Text::Template; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" -Uri $env:VS_BUILDTOOLS_URL; ` Write-Host "Visual Studio components installing..."; ` cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` @@ -68,43 +96,74 @@ RUN Set-Location -Path "$env:SystemDrive"\; ` }; ` Wait-Process -name msiexec; ` Write-Host "Visual Studio components installed"; ` + ` + Write-Host "Visual Studio components installation cleanup"; ` Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` - Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` - Remove-Item -Force -Recurse "$env:TEMP\*"; + Get-ChildItem -Path ('{0}\Microsoft Visual Studio\Installer' -f ${env:ProgramFiles(x86)}) -Directory -Recurse | Remove-Item -Force –Recurse; ` + Remove-Item -Force -Recurse "$env:TEMP\*"; ` + Write-Host 'Build environment is ready...'; -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Uri $env:PCRE_URL; ` + ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum PCRE library failed!"; ` exit 1; ` }; ` + ` + Write-Host 'Extracting archive ...'; ` Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive ; ` Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build"; ` New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` + ` Set-Location -Path "$env:SystemDrive\pcre_build\build"; ` - cmake -G """Visual Studio 16 2019""" -A $env:BUILD_ARCH -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON -DPCRE_SUPPORT_UTF=ON -DCMAKE_C_FLAGS_RELEASE:string="/MT" ..; ` + Write-Host 'Building PCRE library ...'; ` + cmake --log-level=ERROR ` + -G """Visual Studio 16 2019""" ` + -A $env:BUILD_ARCH ` + -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` + -DPCRE_SUPPORT_UTF=ON ` + -DCMAKE_C_FLAGS_RELEASE:string="/MT" ..; ` msbuild PCRE.sln ` -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /verbosity:quiet ` /property:Configuration="Release" ` /property:Platform="$env:BUILD_ARCH" ` /target:pcre; ` + ` + Write-Host 'PCRE is ready...'; ` Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin;$env:SystemDrive\Program Files\NASM"""; ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" https://www.openssl.org/source/openssl-$env:OPENSSL_VERSION.tar.gz; ` + ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Uri $env:OPENSSL_URL; ` + ` $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum OpenSSL library failed!"; ` exit 1; ` }; ` + ` + Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build"; ` + ` + Write-Host 'Building OpenSSL library...'; ` Set-Location -Path "$env:SystemDrive\openssl_build"; ` perl $env:SystemDrive\openssl_build\Configure ` VC-WIN64A ` @@ -117,18 +176,24 @@ RUN Set-Location -Path "$env:SystemDrive"\; ` --prefix="$env:SystemDrive\openssl_output_$env:BUILD_ARCH" ` --openssldir="$env:SystemDrive\openssl_output_ssl"; ` set CL=/MP; ` - nmake; ` - nmake install_sw; ` + nmake /S; ` + nmake /S install_sw; ` + Write-Host 'OpenSSL is ready...'; ` Remove-Item -Force -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" COPY modbus.vs16.vcxproj c:\ COPY modbus.vs16.sln c:\ COPY modbus.vs16.vcxproj.filters c:\ -RUN Set-Location -Path "$env:SystemDrive"; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch libmodbus"""; ` + ` + Write-Host ('Checkout GIT {0} repository ...' -f $env:LIBMODBUS_URL); ` + Start-Process -FilePath "git" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch libmodbus"""; ` + ` + Write-Host 'Building Libmodbus library...'; ` Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj"; ` Copy-Item -Path "$env:SystemDrive\modbus.vs16.sln" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln"; ` Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj.filters" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters"; ` @@ -136,8 +201,10 @@ RUN Set-Location -Path "$env:SystemDrive"; ` cscript .\configure.js; ` msbuild modbus.vs16.sln ` -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /verbosity:quiet ` /property:Configuration="Release" ` - /property:Platform="$env:BUILD_ARCH" + /property:Platform="$env:BUILD_ARCH"; ` + Write-Host 'Libmodbus is ready...'; FROM builder_base as builder_zabbix @@ -150,17 +217,21 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` - Write-Host "Building Zabbix $env:ZBX_VERSION version"; ` + ` + Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` + Start-Process -FilePath "git" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` + ` + Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION"; ` $ZbxRevision=(git rev-parse --short HEAD); ` (Get-Content include/version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include/version.h; ` Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project"; ` set CL=/MP; ` - nmake -f Makefile ` + nmake /S -f Makefile ` CPU=$env:CPU_MODEL ` CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` PCREINCDIR="$env:SystemDrive\pcre_build\build" ` @@ -172,15 +243,20 @@ RUN Set-Location -Path "$env:SystemDrive"\; ` MODBINCDIR="$env:SystemDrive\libmodbus\src" ` MODBLIBDIR="$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release" ` $env:ZBX_COMPONENT; ` + ` + Write-Host 'Verifying build ("zabbix_agentd.exe -V") ...'; ` + & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` + ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\sbin" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\conf" | Out-Null; ` - & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` - dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` + ` Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe" "$env:SystemDrive\zabbix\sbin"; ` Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe" "$env:SystemDrive\zabbix\sbin"; ` Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe" "$env:SystemDrive\zabbix\sbin"; ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf" "$env:SystemDrive\zabbix\conf" + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf" "$env:SystemDrive\zabbix\conf"; ` + Write-Host 'Zabbix is ready...'; FROM $BASE_IMAGE @@ -208,20 +284,20 @@ COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator RUN setx /M PATH """$env:PATH;$env:SystemDrive\zabbix\sbin;$env:SystemDrive\zabbix\bin;"""; ` - setx /M ZbxDir """$env:SystemDrive\zabbix""" + setx /M ZBXDIR """$env:SystemDrive\zabbix""" RUN Set-Location -Path "$env:SystemDrive"\; ` - New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBXDIR\conf\zabbix_agentd.d" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBXDIR\enc" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBXDIR\modules" | Out-Null; ` net user /add zabbix; ` - $acl = Get-Acl -Path $env:ZbxDir; ` - $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` + $acl = Get-Acl -Path $env:ZBXDIR; ` + $ace = New-Object Security.AccessControl.FileSystemAccessRule('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` $acl.AddAccessRule($ace); ` - Set-Acl -AclObject $acl -Path $env:ZbxDir + Set-Acl -AclObject $acl -Path $env:ZBXDIR USER zabbix EXPOSE 10050/TCP -CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agentd.exe -c C:\zabbix\conf\zabbix_agentd.win.conf -f +CMD $env:SystemDrive\zabbix\docker-entrypoint.ps1 $env:SystemDrive\zabbix\sbin\zabbix_agentd.exe -c $env:SystemDrive\zabbix\conf\zabbix_agentd.win.conf -f diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index 329638447..95447fed5 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -1,3 +1,4 @@ +# syntax=docker/dockerfile:1 # escape=` ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 @@ -6,65 +7,101 @@ FROM $BUILD_BASE_IMAGE as builder_base ARG PCRE_VERSION=8.45 ARG OPENSSL_VERSION=1.1.1l ARG ZLIB_VERSION=1.2.11 -ARG GOLANG_VERSION=1.17 +ARG GOLANG_VERSION=1.17.1 ARG SEVEN_ZIP_VERSION=1900 +ARG BUILD_ARCH=x64 +ARG CPU_MODEL=AMD64 ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe -ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/Git-2.33.0.2-64-bit.exe +ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip ARG MINGW_URL=https://deac-riga.dl.sourceforge.net/project/mingw-w64/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z +ARG GOLANG_URL=https://golang.org/dl/go$GOLANG_VERSION.windows-amd64.msi ARG CYGWIN_URL=https://cygwin.com/setup-x86_64.exe +ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip +ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz +ARG SEVEN_ZIP_URL=https://www.7-zip.org/a/7z$SEVEN_ZIP_VERSION-$BUILD_ARCH.msi -ARG VS_DEV_CMD_LOCATION="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\VsDevCmd.bat" - -ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` +ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION ZLIB_VERSION=$ZLIB_VERSION ` GOLANG_VERSION=$GOLANG_VERSION SEVEN_ZIP_VERSION=$SEVEN_ZIP_VERSION ` - GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL ` - VS_DEV_CMD_LOCATION=$VS_DEV_CMD_LOCATION + GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL GOLANG_URL=$GOLANG_URL SEVEN_ZIP_URL=$SEVEN_ZIP_URL ` + PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -RUN Set-Location -Path "$env:SystemDrive"\; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\git-installer.exe" $env:GIT_URL; ` - $sha256 = 'a5704733c219e9a0c96bfeb0febef62bc2518bdd4e358bc9519dbc5e63a3b5fe'; ` - if ((Get-FileHash "$env:SystemDrive\git-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` + Invoke-WebRequest -OutFile "$env:SystemDrive\git.zip" -Uri $env:GIT_URL; ` + ` + $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash "$env:SystemDrive\git.zip" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum GIT for Windows failed!"; ` exit 1; ` }; ` - Start-Process -FilePath "$env:SystemDrive\git-installer.exe" -ArgumentList '/VERYSILENT /SUPPRESSMSGBOXES /NORESTART /NOCANCEL /SP- /LOG /COMPONENTS="icons,assoc,assoc_sh,ext,ext\shellhere,gitlfs' -wait; ` - Remove-Item -Force -Path "$env:SystemDrive\git-installer.exe"; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" https://golang.org/dl/go$env:GOLANG_VERSION.windows-amd64.msi; ` - $sha256 = '705254e0a459edae2c6bf4c88be0b4a14ac1cbbf9607a379112235f0271e6c4b'; ` + ` + Write-Host 'Installing ...'; ` + Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` + Remove-Item -Force -Path "$env:SystemDrive\git.zip"; ` + $env:PATH = """$env:SystemDrive\git\cmd;$env:SystemDrive\git\mingw64\bin;$env:SystemDrive\git\usr\bin;""" + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("git version") ...'; ` + git version; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` + Invoke-WebRequest -OutFile "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Uri $env:GOLANG_URL; ` + $sha256 = '7a360967708350354ea479500a8eada6a032e07eac5bd43142367ee5b0ab1df9'; ` + ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Go Lang failed!"; ` exit 1; ` }; ` + Write-Host 'Installing ...'; ` Start-Process -FilePath "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Wait -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi"; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" https://www.7-zip.org/a/7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi; ` + ` + $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + Write-Host 'Verifying install ("go version") ...'; ` + go version; ` + ` + Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` + Invoke-WebRequest -OutFile "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Uri $env:SEVEN_ZIP_URL; ` $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum 7-zip failed!"; ` exit 1; ` }; ` + ` + Write-Host 'Installing ...'; ` Start-Process -FilePath "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Wait -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi"; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\mingw.7z" $env:MINGW_URL; ` + $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("7z -h") ...'; ` + 7z -h | Select -first 2; ` + ` + Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` + Invoke-WebRequest -OutFile "$env:SystemDrive\mingw.7z" -Uri $env:MINGW_URL; ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` if ((Get-FileHash "$env:SystemDrive\mingw.7z" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Mingw-w64 failed!"; ` exit 1; ` }; ` - Start-Process -FilePath "${env:ProgramFiles}\7-Zip\7z.exe" -Wait -ArgumentList """x $env:SystemDrive\mingw.7z"""; ` + ` + Write-Host 'Installing ...'; ` + Start-Process -FilePath "7z" -Wait -ArgumentList """x $env:SystemDrive\mingw.7z"""; ` Remove-Item -Force -Path "$env:SystemDrive\mingw.7z"; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` - $sha256 = 'f3a7e2868c203490a4095231e20e628bf661b7469f2d53626f3fbbdfc161d471'; ` - if ((Get-FileHash "$env:SystemDrive\vs_buildtools.exe" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum Visual Studio Build tools failed!"; ` - exit 1; ` - }; ` - Write-Host "Visual Studio components installing..."; ` + Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 @@ -74,24 +111,36 @@ RUN Set-Location -Path "$env:SystemDrive"\; ` throw $err; ` }; ` Wait-Process -name msiexec; ` - Write-Host "Visual Studio components installed"; ` + Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` + ` + Write-Host 'Visual Studio components installation cleanup'; ` Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` - Remove-Item -Force -Recurse "$env:TEMP\*"; + Remove-Item -Force -Recurse "$env:TEMP\*"; ` + Write-Host 'Build environment is ready...'; -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" https://ftp.pcre.org/pub/pcre/pcre-$env:PCRE_VERSION.zip; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Uri $env:PCRE_URL; ` + ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` if ((Get-FileHash "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum PCRE library failed!"; ` exit 1; ` }; ` + Write-Host 'Extracting archive ...'; ` Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive; ` Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build_mingw"; ` + ` Set-Location -Path "$env:SystemDrive\pcre_build_mingw"; ` + Write-Host 'Building PCRE library ...'; ` cmake ` -G """MinGW Makefiles""" ` -DBUILD_SHARED_LIBS=OFF ` @@ -99,26 +148,40 @@ RUN Set-Location -Path "$env:SystemDrive"\; ` -DCMAKE_C_FLAGS="""-O2 -g""" ` -DCMAKE_CXX_FLAGS="""-O2 -g""" ` -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output_mingw""" . ; ` - mingw32-make -j"""$env:NUMBER_OF_PROCESSORS"""; ` - mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install; ` + Write-Host 'PCRE is ready...'; ` Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\; ` + ` + Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup-x86_64.exe"""); ` $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\setup-x86_64.exe" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Cygwin failed!"; ` exit 1; ` }; ` + Write-Host 'Installing ...'; ` Start-Process "$env:SystemDrive\setup-x86_64.exe" -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" -Wait -NoNewWindow; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" https://www.openssl.org/source/openssl-$env:OPENSSL_VERSION.tar.gz; ` + ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Uri $env:OPENSSL_URL; ` + ` $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` + Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum OpenSSL library failed!"; ` exit 1; ` }; ` + ` + Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build_mingw"; ` + ` + Write-Host 'Building OpenSSL library...'; ` Set-Location -Path "$env:SystemDrive\openssl_build_mingw"; ` $env:PATH+=""";$env:SystemDrive\mingw64\bin;$env:SystemDrive\cygwin\bin"""; ` perl Configure ` @@ -131,8 +194,9 @@ RUN Set-Location -Path "$env:SystemDrive"\; ` --api=1.1.0 ` --prefix="$env:SystemDrive\openssl_output" ` --openssldir="$env:SystemDrive\openssl_output_ssl"; ` - mingw32-make -j"""$env:NUMBER_OF_PROCESSORS"""; ` - mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` + Write-Host 'OpenSSL is ready...'; ` Remove-Item -Recurse -Force -Path "$env:SystemDrive\cygwin"; ` Remove-Item -Force -Path "$env:SystemDrive\setup-x86_64.exe" @@ -147,28 +211,37 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - Start-Process -FilePath "${env:ProgramFiles}\Git\bin\git.exe" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` - Write-Host "Building Zabbix $env:ZBX_VERSION version"; ` + ` + Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` + Start-Process -FilePath "git" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` + ` + Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION"; ` $ZbxRevision=(git rev-parse --short HEAD); ` (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw"; ` - mingw32-make -j"""$env:NUMBER_OF_PROCESSORS""" ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" ` # CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output\lib -L$env:SystemDrive\pcre_output\lib""" ` PCRE="$env:SystemDrive\pcre_output_mingw" ` OPENSSL="$env:SystemDrive\openssl_output" ` RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` + ` + Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` + & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` + ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\sbin" | Out-Null; ` New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\conf" | Out-Null; ` - & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` - dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` + ` Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe" "$env:SystemDrive\zabbix2\sbin"; ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf" "$env:SystemDrive\zabbix2\conf" + Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf" "$env:SystemDrive\zabbix2\conf"; ` + Write-Host 'Zabbix is ready...'; FROM $BASE_IMAGE From e64f75810959f72593b304f722571a3905f23913 Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 17 Sep 2021 00:07:08 +0300 Subject: [PATCH 169/253] Updated Zabbix agent 2 for Windows --- Dockerfiles/agent2/windows/Dockerfile | 168 ++++++++++++++------------ 1 file changed, 93 insertions(+), 75 deletions(-) diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index 95447fed5..b85c0be54 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -33,10 +33,10 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\git.zip" -Uri $env:GIT_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` ` $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\git.zip" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum GIT for Windows failed!"; ` exit 1; ` @@ -44,25 +44,25 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Installing ...'; ` Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` - Remove-Item -Force -Path "$env:SystemDrive\git.zip"; ` - $env:PATH = """$env:SystemDrive\git\cmd;$env:SystemDrive\git\mingw64\bin;$env:SystemDrive\git\usr\bin;""" + $env:PATH; ` + Remove-Item -Force -Path $env:SystemDrive\git.zip; ` + $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` Write-Host 'Verifying install ("git version") ...'; ` git version; ` ` Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Uri $env:GOLANG_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi -Uri $env:GOLANG_URL; ` $sha256 = '7a360967708350354ea479500a8eada6a032e07eac5bd43142367ee5b0ab1df9'; ` ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Go Lang failed!"; ` exit 1; ` }; ` Write-Host 'Installing ...'; ` - Start-Process -FilePath "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Wait -ArgumentList '/qn /norestart'; ` - Remove-Item -Force -Path "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi"; ` + Start-Process -FilePath $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi -Wait -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi; ` ` $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -70,17 +70,18 @@ RUN Set-Location -Path $env:SystemDrive\.; ` go version; ` ` Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Uri $env:SEVEN_ZIP_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\7z.msi -Uri $env:SEVEN_ZIP_URL; ` + ` $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\7z.msi -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum 7-zip failed!"; ` exit 1; ` }; ` ` Write-Host 'Installing ...'; ` - Start-Process -FilePath "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi" -Wait -ArgumentList '/qn /norestart'; ` - Remove-Item -Force -Path "$env:SystemDrive\7z$env:SEVEN_ZIP_VERSION-$env:BUILD_ARCH.msi"; ` + Start-Process -FilePath $env:SystemDrive\7z.msi -Wait -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` @@ -88,21 +89,33 @@ RUN Set-Location -Path $env:SystemDrive\.; ` 7z -h | Select -first 2; ` ` Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\mingw.7z" -Uri $env:MINGW_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` + ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` - if ((Get-FileHash "$env:SystemDrive\mingw.7z" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\mingw.7z -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Mingw-w64 failed!"; ` exit 1; ` }; ` ` Write-Host 'Installing ...'; ` - Start-Process -FilePath "7z" -Wait -ArgumentList """x $env:SystemDrive\mingw.7z"""; ` - Remove-Item -Force -Path "$env:SystemDrive\mingw.7z"; ` + 7z x $env:SystemDrive\mingw.7z; ` + Remove-Item -Force -Path $env:SystemDrive\mingw.7z; ` + $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("mingw32-make -v") ...'; ` + mingw32-make -v; ` ` Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + ` Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` - cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` + cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` + --quiet ` + --wait ` + --norestart ` + --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` @@ -114,76 +127,81 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` ` Write-Host 'Visual Studio components installation cleanup'; ` - Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` + Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` - Remove-Item -Force -Recurse "$env:TEMP\*"; ` + Remove-Item -Force -Recurse $env:TEMP\*; ` Write-Host 'Build environment is ready...'; RUN Set-Location -Path $env:SystemDrive\.; ` ` - Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` - Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` ` Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Uri $env:PCRE_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` - if ((Get-FileHash "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Algorithm sha256).Hash -ne $sha256) { ` + if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum PCRE library failed!"; ` exit 1; ` }; ` Write-Host 'Extracting archive ...'; ` - Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive; ` - Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build_mingw"; ` + Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` + Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` + Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` ` - Set-Location -Path "$env:SystemDrive\pcre_build_mingw"; ` + Set-Location -Path $env:SystemDrive\pcre_build; ` Write-Host 'Building PCRE library ...'; ` - cmake ` - -G """MinGW Makefiles""" ` + cmake --log-level=ERROR ` + -G 'MinGW Makefiles' ` -DBUILD_SHARED_LIBS=OFF ` -DCMAKE_C_COMPILER=gcc ` - -DCMAKE_C_FLAGS="""-O2 -g""" ` - -DCMAKE_CXX_FLAGS="""-O2 -g""" ` - -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output_mingw""" . ; ` + -DCMAKE_C_FLAGS='-O2 -g' ` + -DCMAKE_CXX_FLAGS='-O2 -g' ` + -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output""" . ; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install; ` - Write-Host 'PCRE is ready...'; ` - Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" + Write-Host 'PCRE is ready...'; -RUN Set-Location -Path $env:SystemDrive\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` - (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup-x86_64.exe"""); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup.exe"""); ` + ` $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\setup-x86_64.exe" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\setup.exe -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Cygwin failed!"; ` exit 1; ` }; ` Write-Host 'Installing ...'; ` - Start-Process "$env:SystemDrive\setup-x86_64.exe" -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" -Wait -NoNewWindow; ` + Start-Process $env:SystemDrive\setup.exe ` + -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" ` + -Wait ` + -NoNewWindow; ` ` + Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Uri $env:OPENSSL_URL; ` + Invoke-WebRequest -OutFile "$env:SystemDrive\openssl.tar.gz" -Uri $env:OPENSSL_URL; ` ` $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash "$env:SystemDrive\openssl.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum OpenSSL library failed!"; ` exit 1; ` }; ` ` Write-Host 'Extracting archive ...'; ` - tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` - Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build_mingw"; ` + tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` ` Write-Host 'Building OpenSSL library...'; ` - Set-Location -Path "$env:SystemDrive\openssl_build_mingw"; ` - $env:PATH+=""";$env:SystemDrive\mingw64\bin;$env:SystemDrive\cygwin\bin"""; ` + Set-Location -Path $env:SystemDrive\openssl_build; ` + $env:PATH+=""";$env:SystemDrive\cygwin\bin"""; ` perl Configure ` mingw64 ` no-shared ` @@ -192,13 +210,12 @@ RUN Set-Location -Path $env:SystemDrive\; ` # enable-capieng ` no-capieng ` --api=1.1.0 ` - --prefix="$env:SystemDrive\openssl_output" ` - --openssldir="$env:SystemDrive\openssl_output_ssl"; ` + --prefix=$env:SystemDrive\openssl_output ` + --openssldir=$env:SystemDrive\openssl_output_ssl; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` Write-Host 'OpenSSL is ready...'; ` - Remove-Item -Recurse -Force -Path "$env:SystemDrive\cygwin"; ` - Remove-Item -Force -Path "$env:SystemDrive\setup-x86_64.exe" + Remove-Item -Recurse -Force -Path $env:SystemDrive\cygwin; FROM builder_base as builder_zabbix @@ -213,35 +230,34 @@ ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSI RUN Set-Location -Path $env:SystemDrive\.; ` ` - Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` - Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` ` Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` - Start-Process -FilePath "git" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` + git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` ` Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` - Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION"; ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` $ZbxRevision=(git rev-parse --short HEAD); ` (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` - $env:PATH+=""";$env:SystemDrive\mingw64\bin"""; ` - Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw"; ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" ` # CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output\lib -L$env:SystemDrive\pcre_output\lib""" ` - PCRE="$env:SystemDrive\pcre_output_mingw" ` - OPENSSL="$env:SystemDrive\openssl_output" ` + PCRE=$env:SystemDrive\pcre_output ` + OPENSSL=$env:SystemDrive\openssl_output ` RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` ` Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` ` - New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2" | Out-Null; ` - New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\sbin" | Out-Null; ` - New-Item -ItemType directory -Path "$env:SystemDrive\zabbix2\conf" | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix2 | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\sbin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\conf | Out-Null; ` ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe" "$env:SystemDrive\zabbix2\sbin"; ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf" "$env:SystemDrive\zabbix2\conf"; ` - Write-Host 'Zabbix is ready...'; + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe $env:SystemDrive\zabbix2\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf $env:SystemDrive\zabbix2\conf; ` + Write-Host 'Zabbix binaries are compiled...'; FROM $BASE_IMAGE @@ -268,22 +284,24 @@ COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator -RUN setx /M PATH """$env:PATH;$env:SystemDrive\zabbix\sbin;$env:SystemDrive\zabbix\bin;"""; ` - setx /M ZbxDir """$env:SystemDrive\zabbix""" +RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); RUN Set-Location -Path "$env:SystemDrive"\; ` - New-Item -ItemType directory -Path "$env:ZbxDir\conf\zabbix_agentd.d" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\enc" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\modules" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZbxDir\buffer" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBX_HOME\conf\zabbix_agentd.d" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBX_HOME\enc" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBX_HOME\modules" | Out-Null; ` + New-Item -ItemType directory -Path "$env:ZBX_HOME\buffer" | Out-Null; ` net user /add zabbix; ` - $acl = Get-Acl -Path $env:ZbxDir; ` + $acl = Get-Acl -Path $env:ZBX_HOME; ` $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` $acl.AddAccessRule($ace); ` - Set-Acl -AclObject $acl -Path $env:ZbxDir + Set-Acl -AclObject $acl -Path $env:ZBX_HOME; USER zabbix EXPOSE 10050/TCP 31999/TCP -CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agent2.exe -c c:\zabbix\conf\zabbix_agent2.win.conf -f +CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agent2.exe -c C:\zabbix\conf\zabbix_agent2.win.conf -f From 24d47aab16729a85f0ed40a404edb5464a4d1add Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 17 Sep 2021 00:11:04 +0300 Subject: [PATCH 170/253] Updated Zabbix agent 2 for Windows --- Dockerfiles/agent2/windows/Dockerfile | 190 +++++++++++++------------- 1 file changed, 95 insertions(+), 95 deletions(-) diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index b85c0be54..b668e5993 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -31,91 +31,91 @@ ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` - ` + ` $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\git.zip" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum GIT for Windows failed!"; ` exit 1; ` }; ` - ` - Write-Host 'Installing ...'; ` + ` + Write-Host 'Installing ...'; ` Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` Remove-Item -Force -Path $env:SystemDrive\git.zip; ` - $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("git version") ...'; ` - git version; ` - ` + $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("git version") ...'; ` + git version; ` + ` Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` Invoke-WebRequest -OutFile $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi -Uri $env:GOLANG_URL; ` $sha256 = '7a360967708350354ea479500a8eada6a032e07eac5bd43142367ee5b0ab1df9'; ` - ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Go Lang failed!"; ` exit 1; ` }; ` - Write-Host 'Installing ...'; ` + Write-Host 'Installing ...'; ` Start-Process -FilePath $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi -Wait -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi; ` - ` - $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - Write-Host 'Verifying install ("go version") ...'; ` - go version; ` - ` + ` + $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + Write-Host 'Verifying install ("go version") ...'; ` + go version; ` + ` Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` Invoke-WebRequest -OutFile $env:SystemDrive\7z.msi -Uri $env:SEVEN_ZIP_URL; ` - ` - $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + ` + $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\7z.msi -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum 7-zip failed!"; ` exit 1; ` }; ` - ` - Write-Host 'Installing ...'; ` + ` + Write-Host 'Installing ...'; ` Start-Process -FilePath $env:SystemDrive\7z.msi -Wait -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` - $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("7z -h") ...'; ` - 7z -h | Select -first 2; ` - ` + $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("7z -h") ...'; ` + 7z -h | Select -first 2; ` + ` Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` - ` - $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + ` + $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\mingw.7z -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Mingw-w64 failed!"; ` exit 1; ` }; ` - ` - Write-Host 'Installing ...'; ` - 7z x $env:SystemDrive\mingw.7z; ` + ` + Write-Host 'Installing ...'; ` + 7z x $env:SystemDrive\mingw.7z; ` Remove-Item -Force -Path $env:SystemDrive\mingw.7z; ` - $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("mingw32-make -v") ...'; ` - mingw32-make -v; ` - ` - Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` - ` + $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("mingw32-make -v") ...'; ` + mingw32-make -v; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + ` Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` - --quiet ` - --wait ` - --norestart ` - --nocache modify ` + --quiet ` + --wait ` + --norestart ` + --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` @@ -125,35 +125,35 @@ RUN Set-Location -Path $env:SystemDrive\.; ` }; ` Wait-Process -name msiexec; ` Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` - ` - Write-Host 'Visual Studio components installation cleanup'; ` + ` + Write-Host 'Visual Studio components installation cleanup'; ` Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` Remove-Item -Force -Recurse $env:TEMP\*; ` - Write-Host 'Build environment is ready...'; + Write-Host 'Build environment is ready...'; RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` - ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum PCRE library failed!"; ` exit 1; ` }; ` - Write-Host 'Extracting archive ...'; ` + Write-Host 'Extracting archive ...'; ` Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` - ` + ` Set-Location -Path $env:SystemDrive\pcre_build; ` - Write-Host 'Building PCRE library ...'; ` + Write-Host 'Building PCRE library ...'; ` cmake --log-level=ERROR ` -G 'MinGW Makefiles' ` -DBUILD_SHARED_LIBS=OFF ` @@ -163,43 +163,43 @@ RUN Set-Location -Path $env:SystemDrive\.; ` -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output""" . ; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install; ` - Write-Host 'PCRE is ready...'; + Write-Host 'PCRE is ready...'; RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup.exe"""); ` - ` + ` $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\setup.exe -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum Cygwin failed!"; ` exit 1; ` }; ` - Write-Host 'Installing ...'; ` + Write-Host 'Installing ...'; ` Start-Process $env:SystemDrive\setup.exe ` - -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" ` - -Wait ` - -NoNewWindow; ` - ` + -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" ` + -Wait ` + -NoNewWindow; ` + ` Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` - Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile "$env:SystemDrive\openssl.tar.gz" -Uri $env:OPENSSL_URL; ` - ` + ` $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash "$env:SystemDrive\openssl.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` Write-Host "Checksum OpenSSL library failed!"; ` exit 1; ` }; ` - ` - Write-Host 'Extracting archive ...'; ` + ` + Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl.tar.gz; ` Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` - ` - Write-Host 'Building OpenSSL library...'; ` + ` + Write-Host 'Building OpenSSL library...'; ` Set-Location -Path $env:SystemDrive\openssl_build; ` $env:PATH+=""";$env:SystemDrive\cygwin\bin"""; ` perl Configure ` @@ -214,7 +214,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` --openssldir=$env:SystemDrive\openssl_output_ssl; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` - Write-Host 'OpenSSL is ready...'; ` + Write-Host 'OpenSSL is ready...'; ` Remove-Item -Recurse -Force -Path $env:SystemDrive\cygwin; FROM builder_base as builder_zabbix @@ -229,14 +229,14 @@ ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` + ` + Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` - ` - Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` + ` + Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` $ZbxRevision=(git rev-parse --short HEAD); ` (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` @@ -246,18 +246,18 @@ RUN Set-Location -Path $env:SystemDrive\.; ` PCRE=$env:SystemDrive\pcre_output ` OPENSSL=$env:SystemDrive\openssl_output ` RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` - ` - Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` + ` + Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` - ` + ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix2 | Out-Null; ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\sbin | Out-Null; ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\conf | Out-Null; ` - ` + ` Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe $env:SystemDrive\zabbix2\sbin; ` Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf $env:SystemDrive\zabbix2\conf; ` - Write-Host 'Zabbix binaries are compiled...'; + Write-Host 'Zabbix binaries are compiled...'; FROM $BASE_IMAGE @@ -285,9 +285,9 @@ COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` - [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); RUN Set-Location -Path "$env:SystemDrive"\; ` New-Item -ItemType directory -Path "$env:ZBX_HOME\conf\zabbix_agentd.d" | Out-Null; ` From 98ab8d4d69d7dab676ca384afe7c9d996f852341 Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 17 Sep 2021 00:14:49 +0300 Subject: [PATCH 171/253] Updated Zabbix agent 2 for Windows --- Dockerfiles/agent2/windows/Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index b668e5993..0a22a5365 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -286,14 +286,17 @@ USER ContainerAdministrator RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); -RUN Set-Location -Path "$env:SystemDrive"\; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` New-Item -ItemType directory -Path "$env:ZBX_HOME\conf\zabbix_agentd.d" | Out-Null; ` New-Item -ItemType directory -Path "$env:ZBX_HOME\enc" | Out-Null; ` New-Item -ItemType directory -Path "$env:ZBX_HOME\modules" | Out-Null; ` New-Item -ItemType directory -Path "$env:ZBX_HOME\buffer" | Out-Null; ` + ` net user /add zabbix; ` $acl = Get-Acl -Path $env:ZBX_HOME; ` $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` From 675b3ee1e0b2ab6ada39dea96397546a28f1d1db Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 17 Sep 2021 02:19:15 +0300 Subject: [PATCH 172/253] Updated Zabbix agent 2 for Windows --- Dockerfiles/agent/windows/Dockerfile | 283 ++++++++++++++------------ Dockerfiles/agent2/windows/Dockerfile | 52 +++-- 2 files changed, 184 insertions(+), 151 deletions(-) diff --git a/Dockerfiles/agent/windows/Dockerfile b/Dockerfiles/agent/windows/Dockerfile index 59265d108..2a2e99770 100644 --- a/Dockerfiles/agent/windows/Dockerfile +++ b/Dockerfiles/agent/windows/Dockerfile @@ -7,6 +7,8 @@ FROM $BUILD_BASE_IMAGE as builder_base ARG PCRE_VERSION=8.45 ARG OPENSSL_VERSION=1.1.1l ARG LIBMODBUS_VERSION=master +ARG BUILD_ARCH=x64 +ARG CPU_MODEL=AMD64 ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-installer-x64.exe @@ -16,63 +18,73 @@ ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz ARG LIBMODBUS_URL=https://github.com/stephane/libmodbus.git -ENV BUILD_ARCH=x64 CPU_MODEL=AMD64 ` +ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION LIBMODBUS_VERSION=$LIBMODBUS_VERSION ` GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\git.zip" -Uri $env:GIT_URL; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` + ` $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\git.zip" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum GIT for Windows failed!"; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum GIT for Windows failed!'; ` exit 1; ` }; ` - Write-Host 'Installing ...'; ` - Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` - Remove-Item -Force -Path "$env:SystemDrive\git.zip"; ` - $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("git version") ...'; ` - git version; ` - ` + ` + Write-Host 'Installing ...'; ` + Expand-Archive ` + -Path git.zip ` + -DestinationPath $env:SystemDrive\git\.; ` + Remove-Item -Force -Path $env:SystemDrive\git.zip; ` + $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("git version") ...'; ` + git version; ` + ` Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\nasm-installer.exe" -Uri $env:NASM_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\nasm_installer.exe -Uri $env:NASM_URL; ` $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\nasm-installer.exe" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum NASM failed!"; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\nasm_installer.exe -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum NASM failed!'; ` exit 1; ` }; ` Write-Host 'Installing ...'; ` - Start-Process -FilePath "$env:SystemDrive\nasm-installer.exe" -argumentlist '/S' -Wait; ` - Remove-Item -Force -Path "$env:SystemDrive\nasm-installer.exe"; ` + Start-Process ` + -FilePath $env:SystemDrive\nasm_installer.exe ` + -ArgumentList '/S' -Wait; ` + Remove-Item -Force -Path $env:SystemDrive\nasm_installer.exe; ` + ` $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` Write-Host 'Verifying install ("nasm -v") ...'; ` nasm -v; ` ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\perl-installer.msi" -Uri $env:PERL_URL; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\perl_installer.msi -Uri $env:PERL_URL; ` ` $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\perl-installer.msi" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum Strawberry Perl failed!"; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\perl_installer.msi -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum Strawberry Perl failed!'; ` exit 1; ` }; ` Write-Host 'Installing ...'; ` - Start-Process -FilePath "msiexec.exe" -argumentlist """/i C:\perl-installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" -wait; ` - Remove-Item -Force -Path "$env:SystemDrive\perl-installer.msi"; ` + Start-Process ` + -FilePath 'msiexec.exe' ` + -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` + -Wait; ` + Remove-Item -Force -Path $env:SystemDrive\perl_installer.msi; ` $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` ` @@ -82,11 +94,16 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Write-Host 'Installing Text::Template...'; ` cpan Text::Template; ` ` - Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" -Uri $env:VS_BUILDTOOLS_URL; ` - Write-Host "Visual Studio components installing..."; ` - cmd /C start /w "$env:SystemDrive\vs_buildtools.exe" --quiet --wait --norestart --nocache modify ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` + ` + Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` + cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` + --quiet ` + --wait ` + --norestart ` + --nocache modify ` --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` @@ -95,76 +112,75 @@ RUN Set-Location -Path $env:SystemDrive\.; ` throw $err; ` }; ` Wait-Process -name msiexec; ` - Write-Host "Visual Studio components installed"; ` - ` - Write-Host "Visual Studio components installation cleanup"; ` - Remove-Item -Force -Path "$env:SystemDrive\vs_buildtools.exe"; ` - Get-ChildItem -Path ('{0}\Microsoft Visual Studio\Installer' -f ${env:ProgramFiles(x86)}) -Directory -Recurse | Remove-Item -Force –Recurse; ` - Remove-Item -Force -Recurse "$env:TEMP\*"; ` - Write-Host 'Build environment is ready...'; + Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` + ` + Write-Host 'Visual Studio components installation cleanup'; ` + Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` + Remove-Item -Force -Recurse $env:TEMP\*; ` + Write-Host 'Build environment is ready...'; RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` - Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Uri $env:PCRE_URL; ` - ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` + ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum PCRE library failed!"; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum PCRE library failed!'; ` exit 1; ` }; ` - ` - Write-Host 'Extracting archive ...'; ` - Expand-Archive -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" -DestinationPath $env:SystemDrive ; ` - Rename-Item -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION" -NewName "$env:SystemDrive\pcre_build"; ` - New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` - ` - Set-Location -Path "$env:SystemDrive\pcre_build\build"; ` - Write-Host 'Building PCRE library ...'; ` + Write-Host 'Extracting archive ...'; ` + Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` + Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` + Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` + New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` + ` + Set-Location -Path $env:SystemDrive\pcre_build\build; ` + Write-Host 'Building PCRE library ...'; ` cmake --log-level=ERROR ` - -G """Visual Studio 16 2019""" ` + -G 'Visual Studio 16 2019' ` -A $env:BUILD_ARCH ` -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` -DPCRE_SUPPORT_UTF=ON ` - -DCMAKE_C_FLAGS_RELEASE:string="/MT" ..; ` + -DCMAKE_C_FLAGS_RELEASE:string="""/MT""" ..; ` msbuild PCRE.sln ` -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` /verbosity:quiet ` - /property:Configuration="Release" ` - /property:Platform="$env:BUILD_ARCH" ` + /property:Configuration=Release ` + /property:Platform=$env:BUILD_ARCH ` /target:pcre; ` ` - Write-Host 'PCRE is ready...'; ` - Remove-Item -Force -Path "$env:SystemDrive\pcre-$env:PCRE_VERSION.zip" + Write-Host 'PCRE is ready...'; RUN Set-Location -Path $env:SystemDrive\.; ` ` - $env:PATH+=""";$env:SystemDrive\Strawberry\perl\bin;$env:SystemDrive\Program Files\NASM"""; ` - Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` - Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Uri $env:OPENSSL_URL; ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` + ` $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` - Write-Host ('Verifying sha256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum OpenSSL library failed!"; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum OpenSSL library failed!'; ` exit 1; ` }; ` - ` - Write-Host 'Extracting archive ...'; ` - tar -zxf $env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz; ` - Rename-Item -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION" -NewName "$env:SystemDrive\openssl_build"; ` - ` - Write-Host 'Building OpenSSL library...'; ` - Set-Location -Path "$env:SystemDrive\openssl_build"; ` + ` + Write-Host 'Extracting archive ...'; ` + tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` + Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` + ` + Write-Host 'Building OpenSSL library...'; ` + Set-Location -Path $env:SystemDrive\openssl_build; ` perl $env:SystemDrive\openssl_build\Configure ` VC-WIN64A ` no-shared ` @@ -173,13 +189,12 @@ RUN Set-Location -Path $env:SystemDrive\.; ` # enable-capieng ` no-capieng ` --api=1.1.0 ` - --prefix="$env:SystemDrive\openssl_output_$env:BUILD_ARCH" ` - --openssldir="$env:SystemDrive\openssl_output_ssl"; ` + --prefix=$env:SystemDrive\openssl_output ` + --openssldir=$env:SystemDrive\openssl_output_ssl; ` set CL=/MP; ` nmake /S; ` nmake /S install_sw; ` - Write-Host 'OpenSSL is ready...'; ` - Remove-Item -Force -Path "$env:SystemDrive\openssl-$env:OPENSSL_VERSION.tar.gz" + Write-Host 'OpenSSL is ready...'; COPY modbus.vs16.vcxproj c:\ COPY modbus.vs16.sln c:\ @@ -187,23 +202,23 @@ COPY modbus.vs16.vcxproj.filters c:\ RUN Set-Location -Path $env:SystemDrive\.; ` ` - Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` - Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` ` Write-Host ('Checkout GIT {0} repository ...' -f $env:LIBMODBUS_URL); ` - Start-Process -FilePath "git" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch libmodbus"""; ` + git -c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch $env:SystemDrive\libmodbus; ` ` Write-Host 'Building Libmodbus library...'; ` - Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj"; ` - Copy-Item -Path "$env:SystemDrive\modbus.vs16.sln" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln"; ` - Copy-Item -Path "$env:SystemDrive\modbus.vs16.vcxproj.filters" "$env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters"; ` - Set-Location -Path "$env:SystemDrive\libmodbus\src\win32"; ` + Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj; ` + Copy-Item -Path $env:SystemDrive\modbus.vs16.sln $env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln; ` + Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj.filters $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters; ` + Set-Location -Path $env:SystemDrive\libmodbus\src\win32; ` cscript .\configure.js; ` msbuild modbus.vs16.sln ` -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` /verbosity:quiet ` - /property:Configuration="Release" ` - /property:Platform="$env:BUILD_ARCH"; ` + /property:Configuration=Release ` + /property:Platform=$env:BUILD_ARCH; ` Write-Host 'Libmodbus is ready...'; FROM builder_base as builder_zabbix @@ -219,44 +234,44 @@ ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSI RUN Set-Location -Path $env:SystemDrive\.; ` ` - Import-Module """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; ` - Enter-VsDevShell -VsInstallPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` - Start-Process -FilePath "git" -Wait -ArgumentList """-c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch zabbix-$env:ZBX_VERSION"""; ` - ` - Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` - Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION"; ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` + git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + ` + Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` $ZbxRevision=(git rev-parse --short HEAD); ` (Get-Content include/version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include/version.h; ` - Set-Location -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project"; ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project; ` set CL=/MP; ` nmake /S -f Makefile ` CPU=$env:CPU_MODEL ` CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` - PCREINCDIR="$env:SystemDrive\pcre_build\build" ` - PCRELIBDIR="$env:SystemDrive\pcre_build\build\Release" TLS=openssl ` + PCREINCDIR=$env:SystemDrive\pcre_build\build ` + PCRELIBDIR=$env:SystemDrive\pcre_build\build\Release TLS=openssl ` RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` # LIBS="Crypt32.lib" ` - TLSINCDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\include" ` - TLSLIBDIR="$env:SystemDrive\openssl_output_$env:BUILD_ARCH\lib" ` - MODBINCDIR="$env:SystemDrive\libmodbus\src" ` - MODBLIBDIR="$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release" ` - $env:ZBX_COMPONENT; ` + TLSINCDIR=$env:SystemDrive\openssl_output\include ` + TLSLIBDIR=$env:SystemDrive\openssl_output\lib ` + MODBINCDIR=$env:SystemDrive\libmodbus\src ` + MODBLIBDIR=$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release ` + $env:ZBX_COMPONENT; ` ` - Write-Host 'Verifying build ("zabbix_agentd.exe -V") ...'; ` + Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` ` - New-Item -ItemType directory -Path "$env:SystemDrive\zabbix" | Out-Null; ` - New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\sbin" | Out-Null; ` - New-Item -ItemType directory -Path "$env:SystemDrive\zabbix\conf" | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix\sbin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix\conf | Out-Null; ` ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe" "$env:SystemDrive\zabbix\sbin"; ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe" "$env:SystemDrive\zabbix\sbin"; ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe" "$env:SystemDrive\zabbix\sbin"; ` - Copy-Item -Path "$env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf" "$env:SystemDrive\zabbix\conf"; ` - Write-Host 'Zabbix is ready...'; + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe $env:SystemDrive\zabbix\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe $env:SystemDrive\zabbix\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe $env:SystemDrive\zabbix\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf $env:SystemDrive\zabbix\conf; ` + Write-Host 'Zabbix binaries are compiled...'; FROM $BASE_IMAGE @@ -283,21 +298,27 @@ COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator -RUN setx /M PATH """$env:PATH;$env:SystemDrive\zabbix\sbin;$env:SystemDrive\zabbix\bin;"""; ` - setx /M ZBXDIR """$env:SystemDrive\zabbix""" +RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + $env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` + [Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); -RUN Set-Location -Path "$env:SystemDrive"\; ` - New-Item -ItemType directory -Path "$env:ZBXDIR\conf\zabbix_agentd.d" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZBXDIR\enc" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZBXDIR\modules" | Out-Null; ` +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + New-Item -ItemType directory -Path $env:ZBX_HOME\conf\zabbix_agentd.d | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\enc | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\modules | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\buffer | Out-Null; ` + ` net user /add zabbix; ` - $acl = Get-Acl -Path $env:ZBXDIR; ` - $ace = New-Object Security.AccessControl.FileSystemAccessRule('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` + $acl = Get-Acl -Path $env:ZBX_HOME; ` + $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` $acl.AddAccessRule($ace); ` - Set-Acl -AclObject $acl -Path $env:ZBXDIR + Set-Acl -AclObject $acl -Path $env:ZBX_HOME; USER zabbix EXPOSE 10050/TCP -CMD $env:SystemDrive\zabbix\docker-entrypoint.ps1 $env:SystemDrive\zabbix\sbin\zabbix_agentd.exe -c $env:SystemDrive\zabbix\conf\zabbix_agentd.win.conf -f +CMD C:\zabbix\docker-entrypoint.ps1 C:\zabbix\sbin\zabbix_agentd.exe -c C:\zabbix\conf\zabbix_agentd.win.conf -f diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index 0a22a5365..7e06009a5 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -33,12 +33,13 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` ` $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\git.zip" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum GIT for Windows failed!"; ` + if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum GIT for Windows failed!'; ` exit 1; ` }; ` ` @@ -52,17 +53,21 @@ RUN Set-Location -Path $env:SystemDrive\.; ` git version; ` ` Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` - Invoke-WebRequest -OutFile $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi -Uri $env:GOLANG_URL; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\go-amd64.msi -Uri $env:GOLANG_URL; ` $sha256 = '7a360967708350354ea479500a8eada6a032e07eac5bd43142367ee5b0ab1df9'; ` ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum Go Lang failed!"; ` + if ((Get-FileHash $env:SystemDrive\go-amd64.msi -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum Go Lang failed!'; ` exit 1; ` }; ` Write-Host 'Installing ...'; ` - Start-Process -FilePath $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi -Wait -ArgumentList '/qn /norestart'; ` - Remove-Item -Force -Path $env:SystemDrive\go$env:GOLANG_VERSION.windows-amd64.msi; ` + Start-Process ` + -FilePath $env:SystemDrive\go-amd64.msi ` + -Wait ` + -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path $env:SystemDrive\go-amd64.msi; ` ` $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -70,17 +75,21 @@ RUN Set-Location -Path $env:SystemDrive\.; ` go version; ` ` Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\7z.msi -Uri $env:SEVEN_ZIP_URL; ` ` $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\7z.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum 7-zip failed!"; ` + Write-Host 'Checksum 7-zip failed!'; ` exit 1; ` }; ` ` Write-Host 'Installing ...'; ` - Start-Process -FilePath $env:SystemDrive\7z.msi -Wait -ArgumentList '/qn /norestart'; ` + Start-Process ` + -FilePath $env:SystemDrive\7z.msi ` + -Wait ` + -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -89,12 +98,13 @@ RUN Set-Location -Path $env:SystemDrive\.; ` 7z -h | Select -first 2; ` ` Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\mingw.7z -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum Mingw-w64 failed!"; ` + Write-Host 'Checksum Mingw-w64 failed!'; ` exit 1; ` }; ` ` @@ -108,7 +118,8 @@ RUN Set-Location -Path $env:SystemDrive\.; ` mingw32-make -v; ` ` Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - Invoke-WebRequest -OutFile "$env:SystemDrive\vs_buildtools.exe" $env:VS_BUILDTOOLS_URL; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` ` Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` @@ -144,7 +155,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum PCRE library failed!"; ` + Write-Host 'Checksum PCRE library failed!'; ` exit 1; ` }; ` Write-Host 'Extracting archive ...'; ` @@ -174,7 +185,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\setup.exe -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum Cygwin failed!"; ` + Write-Host 'Checksum Cygwin failed!'; ` exit 1; ` }; ` Write-Host 'Installing ...'; ` @@ -186,17 +197,18 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile "$env:SystemDrive\openssl.tar.gz" -Uri $env:OPENSSL_URL; ` + Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` ` $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash "$env:SystemDrive\openssl.tar.gz" -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host "Checksum OpenSSL library failed!"; ` + if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum OpenSSL library failed!'; ` exit 1; ` }; ` ` Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` ` Write-Host 'Building OpenSSL library...'; ` @@ -292,10 +304,10 @@ RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemD RUN Set-Location -Path $env:SystemDrive\.; ` ` - New-Item -ItemType directory -Path "$env:ZBX_HOME\conf\zabbix_agentd.d" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZBX_HOME\enc" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZBX_HOME\modules" | Out-Null; ` - New-Item -ItemType directory -Path "$env:ZBX_HOME\buffer" | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\conf\zabbix_agentd.d | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\enc | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\modules | Out-Null; ` + New-Item -ItemType directory -Path $env:ZBX_HOME\buffer | Out-Null; ` ` net user /add zabbix; ` $acl = Get-Acl -Path $env:ZBX_HOME; ` From ab60fdaabd7af5eaf62cb9f9cea75489baa25541 Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 17 Sep 2021 02:47:46 +0300 Subject: [PATCH 173/253] Windows Docker files --- .github/workflows/images_build.yml | 24 +-- Dockerfiles/agent/windows/Dockerfile | 116 ++++++------ Dockerfiles/agent/windows/README.md | 244 -------------------------- Dockerfiles/agent2/windows/Dockerfile | 14 +- Dockerfiles/agent2/windows/README.md | 225 ------------------------ build.xml => build.json | 0 6 files changed, 77 insertions(+), 546 deletions(-) delete mode 100644 Dockerfiles/agent/windows/README.md delete mode 100644 Dockerfiles/agent2/windows/README.md rename build.xml => build.json (100%) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index aa1191d77..89f84bc43 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -11,7 +11,7 @@ on: - 'env_vars/*' - 'docker-compose*.yaml' - 'Dockerfiles/*/rhel/*' - - '*/windows/*' + - 'Dockerfiles/*/windows/*' - "**.md" defaults: @@ -37,39 +37,39 @@ jobs: with: fetch-depth: 1 - - name: Check build.xml file + - name: Check build.json file id: build_exists run: | - if [[ ! -f "./build.xml" ]]; then - echo "::error::File build.xml is missing" + if [[ ! -f "./build.json" ]]; then + echo "::error::File build.json is missing" exit 1 fi - name: Prepare Operating System list id: os run: | - os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.xml") + os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") echo "::set-output name=list::$os_list" - name: Prepare Platform list id: platform_list run: | - platform_list=$(jq -r '.os | tostring | @json' "./build.xml") + platform_list=$(jq -r '.os | tostring | @json' "./build.json") echo "::set-output name=list::$platform_list" - name: Prepare Database engine list id: database run: | - database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.xml") + database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.json") echo "::set-output name=list::$database_list" - name: Prepare Zabbix component list id: components run: | - component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.xml") + component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.json") echo "::set-output name=list::$component_list" @@ -104,7 +104,7 @@ jobs: - name: Prepare Platform list id: platform run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") echo ::set-output name=list::$platform_list @@ -174,7 +174,7 @@ jobs: - name: Prepare Platform list id: platform run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") echo ::set-output name=list::$platform_list @@ -262,7 +262,7 @@ jobs: if [ "${{ matrix.os }}" == "alpine" ] && [ "${{ matrix.build }}" == "web-service" ]; then platform_list="linux/amd64,linux/arm64" else - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.xml") + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") fi echo ::set-output name=list::$platform_list @@ -270,7 +270,7 @@ jobs: - name: Detect Build Base Image id: build_base_image run: | - BUILD_BASE=$(jq -r '.components."${{ matrix.build }}"' "./build.xml") + BUILD_BASE=$(jq -r '.components."${{ matrix.build }}"' "./build.json") echo ::set-output name=build_base::${BUILD_BASE} diff --git a/Dockerfiles/agent/windows/Dockerfile b/Dockerfiles/agent/windows/Dockerfile index 2a2e99770..0269db6c6 100644 --- a/Dockerfiles/agent/windows/Dockerfile +++ b/Dockerfiles/agent/windows/Dockerfile @@ -39,8 +39,8 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Installing ...'; ` Expand-Archive ` - -Path git.zip ` - -DestinationPath $env:SystemDrive\git\.; ` + -Path git.zip ` + -DestinationPath $env:SystemDrive\git\.; ` Remove-Item -Force -Path $env:SystemDrive\git.zip; ` $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -48,50 +48,50 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Write-Host 'Verifying install ("git version") ...'; ` git version; ` ` - Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\nasm_installer.exe -Uri $env:NASM_URL; ` $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\nasm_installer.exe -Algorithm sha256).Hash -ne $sha256) { ` Write-Host 'Checksum NASM failed!'; ` exit 1; ` }; ` - Write-Host 'Installing ...'; ` + Write-Host 'Installing ...'; ` Start-Process ` - -FilePath $env:SystemDrive\nasm_installer.exe ` - -ArgumentList '/S' -Wait; ` + -FilePath $env:SystemDrive\nasm_installer.exe ` + -ArgumentList '/S' -Wait; ` Remove-Item -Force -Path $env:SystemDrive\nasm_installer.exe; ` - ` - $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("nasm -v") ...'; ` - nasm -v; ` - ` - Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + ` + $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("nasm -v") ...'; ` + nasm -v; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\perl_installer.msi -Uri $env:PERL_URL; ` - ` + ` $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` if ((Get-FileHash $env:SystemDrive\perl_installer.msi -Algorithm sha256).Hash -ne $sha256) { ` Write-Host 'Checksum Strawberry Perl failed!'; ` exit 1; ` }; ` - Write-Host 'Installing ...'; ` + Write-Host 'Installing ...'; ` Start-Process ` - -FilePath 'msiexec.exe' ` - -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` - -Wait; ` + -FilePath 'msiexec.exe' ` + -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` + -Wait; ` Remove-Item -Force -Path $env:SystemDrive\perl_installer.msi; ` - $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("perl -V") ...'; ` - perl -V; ` - ` - Write-Host 'Installing Text::Template...'; ` + $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("perl -V") ...'; ` + perl -V; ` + ` + Write-Host 'Installing Text::Template...'; ` cpan Text::Template; ` ` Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` @@ -139,30 +139,30 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` - New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` + New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` ` Set-Location -Path $env:SystemDrive\pcre_build\build; ` Write-Host 'Building PCRE library ...'; ` cmake --log-level=ERROR ` - -G 'Visual Studio 16 2019' ` - -A $env:BUILD_ARCH ` - -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` - -DPCRE_SUPPORT_UTF=ON ` - -DCMAKE_C_FLAGS_RELEASE:string="""/MT""" ..; ` + -G 'Visual Studio 16 2019' ` + -A $env:BUILD_ARCH ` + -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` + -DPCRE_SUPPORT_UTF=ON ` + -DCMAKE_C_FLAGS_RELEASE:string="""/MT""" ..; ` msbuild PCRE.sln ` - -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` - /verbosity:quiet ` - /property:Configuration=Release ` - /property:Platform=$env:BUILD_ARCH ` - /target:pcre; ` - ` - Write-Host 'PCRE is ready...'; + -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /verbosity:quiet ` + /property:Configuration=Release ` + /property:Platform=$env:BUILD_ARCH ` + /target:pcre; ` + ` + Write-Host 'PCRE is ready...'; RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` + ` Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` @@ -176,7 +176,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl.tar.gz; ` - Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` + Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` ` Write-Host 'Building OpenSSL library...'; ` @@ -194,21 +194,21 @@ RUN Set-Location -Path $env:SystemDrive\.; ` set CL=/MP; ` nmake /S; ` nmake /S install_sw; ` - Write-Host 'OpenSSL is ready...'; + Write-Host 'OpenSSL is ready...'; COPY modbus.vs16.vcxproj c:\ COPY modbus.vs16.sln c:\ COPY modbus.vs16.vcxproj.filters c:\ RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Checkout GIT {0} repository ...' -f $env:LIBMODBUS_URL); ` + ` + Write-Host ('Checkout GIT {0} repository ...' -f $env:LIBMODBUS_URL); ` git -c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch $env:SystemDrive\libmodbus; ` - ` - Write-Host 'Building Libmodbus library...'; ` + ` + Write-Host 'Building Libmodbus library...'; ` Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj; ` Copy-Item -Path $env:SystemDrive\modbus.vs16.sln $env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln; ` Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj.filters $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters; ` @@ -216,10 +216,10 @@ RUN Set-Location -Path $env:SystemDrive\.; ` cscript .\configure.js; ` msbuild modbus.vs16.sln ` -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` - /verbosity:quiet ` + /verbosity:quiet ` /property:Configuration=Release ` /property:Platform=$env:BUILD_ARCH; ` - Write-Host 'Libmodbus is ready...'; + Write-Host 'Libmodbus is ready...'; FROM builder_base as builder_zabbix @@ -233,7 +233,7 @@ ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM RUN Set-Location -Path $env:SystemDrive\.; ` - ` + ` Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` ` @@ -258,15 +258,15 @@ RUN Set-Location -Path $env:SystemDrive\.; ` MODBINCDIR=$env:SystemDrive\libmodbus\src ` MODBLIBDIR=$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release ` $env:ZBX_COMPONENT; ` - ` + ` Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` - ` + ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix | Out-Null; ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix\sbin | Out-Null; ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix\conf | Out-Null; ` - ` + ` Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe $env:SystemDrive\zabbix\sbin; ` Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe $env:SystemDrive\zabbix\sbin; ` Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe $env:SystemDrive\zabbix\sbin; ` diff --git a/Dockerfiles/agent/windows/README.md b/Dockerfiles/agent/windows/README.md deleted file mode 100644 index 4cc642f18..000000000 --- a/Dockerfiles/agent/windows/README.md +++ /dev/null @@ -1,244 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix agent? - -Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). - -# Zabbix agent images - -These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), CentOS 8 and Oracle Linux 8 images. The available versions of Zabbix agent are: - - Zabbix agent 3.0 (tags: alpine-3.0-latest, ubuntu-3.0-latest, centos-3.0-latest) (unsupported) - Zabbix agent 3.0.* (tags: alpine-3.0.*, ubuntu-3.0.*, centos-3.0.*) (unsupported) - Zabbix agent 3.2 (tags: alpine-3.2-latest, ubuntu-3.2-latest, centos-3.2-latest) (unsupported) - Zabbix agent 3.2.* (tags: alpine-3.2.*, ubuntu-3.2.*, centos-3.2.*) (unsupported) - Zabbix agent 3.4 (tags: alpine-3.4-latest, ubuntu-3.4-latest, centos-3.4-latest) (unsupported) - Zabbix agent 3.4.* (tags: alpine-3.4.*, ubuntu-3.4.*, centos-3.4.*) (unsupported) - Zabbix agent 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest) - Zabbix agent 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*) - Zabbix agent 4.2 (tags: alpine-4.2-latest, ubuntu-4.2-latest, centos-4.2-latest) (unsupported) - Zabbix agent 4.2.* (tags: alpine-4.2.*, ubuntu-4.2.*, centos-4.2.*) (unsupported) - Zabbix agent 4.4 (tags: alpine-4.4-latest, ubuntu-4.4-latest, centos-4.4-latest) (unsupported) - Zabbix agent 4.4.* (tags: alpine-4.4.*, ubuntu-4.4.*, centos-4.4.*) (unsupported) - Zabbix agent 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) - Zabbix agent 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) - Zabbix agent 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) - Zabbix agent 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) - Zabbix agent 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) - Zabbix agent 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) - Zabbix agent 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -# How to use this image - -## Start `zabbix-agent` - -Start a Zabbix agent container as follows: - - docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent:tag - -Where `some-zabbix-agent` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent/tags/). - -## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) - -This image exposes the standard Zabbix agent port (``10050``) to perform passive checks, so container linking makes Zabbix agent instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent container: - -```console -$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent -d zabbix/zabbix-server:latest -``` - -## Connect to Zabbix server or Zabbix proxy containers (Active checks) - -This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent instance. Start your application container like this in order to link Zabbix agent to Zabbix server or Zabbix proxy containterns: - -```console -$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent:latest -``` - -## Container shell access and viewing Zabbix agent logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent` container: - -```console -$ docker exec -ti some-zabbix-agent /bin/bash -``` - -The Zabbix agent log is available through Docker's container log: - -```console -$ docker logs some-zabbix-agent -``` - -## Privileged mode - -By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent is designed to monitor system resources, to do that Zabbix agent container must be privileged or you may mount some system-wide volumes. For example: - -```console -$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent:latest -``` -```console -$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent:latest -``` - -## Environment Variables - -When you start the `zabbix-agent` image, you can adjust the configuration of the Zabbix agent by passing one or more environment variables on the `docker run` command line. - -### `ZBX_HOSTNAME` - -This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agentd.conf``. - -### `ZBX_SERVER_HOST` - -This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agentd.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. - -### `ZBX_PASSIVE_ALLOW` - -This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. - -### `ZBX_PASSIVESERVERS` - -The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. - -### `ZBX_ACTIVE_ALLOW` - -This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. - -### `ZBX_ACTIVESERVERS` - -The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. - -### `ZBX_LOADMODULE` - -The variable is list of comma separated loadable Zabbix modules. It works with volume ``/var/lib/zabbix/modules``. The syntax of the variable is ``dummy1.so,dummy2.so``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agentd.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``3``. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_SOURCEIP= -ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 -ZBX_LOGREMOTECOMMANDS=0 -ZBX_HOSTINTERFACE= # Available since 4.4.0 -ZBX_HOSTINTERFACEITEM= # Available since 4.4.0 -ZBX_STARTAGENTS=3 -ZBX_HOSTNAMEITEM=system.hostname -ZBX_METADATA= -ZBX_METADATAITEM= -ZBX_REFRESHACTIVECHECKS=120 -ZBX_BUFFERSEND=5 -ZBX_BUFFERSIZE=100 -ZBX_MAXLINESPERSECOND=20 -ZBX_LISTENIP= -ZBX_UNSAFEUSERPARAMETERS=0 -ZBX_TLSCONNECT=unencrypted -ZBX_TLSACCEPT=unencrypted -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSSERVERCERTISSUER= -ZBX_TLSSERVERCERTSUBJECT= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -ZBX_TLSPSKIDENTITY= -ZBX_TLSPSKFILE= -ZBX_TLSCIPHERALL= # Available since 4.4.7 -ZBX_TLSCIPHERALL13= # Available since 4.4.7 -ZBX_TLSCIPHERCERT= # Available since 4.4.7 -ZBX_TLSCIPHERCERT13= # Available since 4.4.7 -ZBX_TLSCIPHERPSK= # Available since 4.4.7 -ZBX_TLSCIPHERPSK13= # Available since 4.4.7 -ZBX_DENYKEY=system.run[*] # Available since 5.0.0 -ZBX_ALLOWKEY= # Available since 5.0.0 -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_agentd.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. - -Please use official documentation for [``zabbix_agentd.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agentd) to get more information about the variables. - -## Allowed volumes for the Zabbix agent container - -### ``/etc/zabbix/zabbix_agentd.d`` - -The volume allows include ``*.conf`` files and extend Zabbix agent using ``UserParameter`` feature. - -### ``/var/lib/zabbix/modules`` - -The volume allows load additional modules and extend Zabbix agent using ``LoadModule`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -# The image variants - -The `zabbix-agent` images come in many flavors, each designed for a specific use case. - -## `zabbix-agent:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -## `zabbix-agent:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-agent:ol-` - -Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`agent/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/agent) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues - -Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index 7e06009a5..d45535d58 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -64,9 +64,9 @@ RUN Set-Location -Path $env:SystemDrive\.; ` }; ` Write-Host 'Installing ...'; ` Start-Process ` - -FilePath $env:SystemDrive\go-amd64.msi ` - -Wait ` - -ArgumentList '/qn /norestart'; ` + -FilePath $env:SystemDrive\go-amd64.msi ` + -Wait ` + -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path $env:SystemDrive\go-amd64.msi; ` ` $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` @@ -87,9 +87,9 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Installing ...'; ` Start-Process ` - -FilePath $env:SystemDrive\7z.msi ` - -Wait ` - -ArgumentList '/qn /norestart'; ` + -FilePath $env:SystemDrive\7z.msi ` + -Wait ` + -ArgumentList '/qn /norestart'; ` Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -208,7 +208,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl.tar.gz; ` - Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` + Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` ` Write-Host 'Building OpenSSL library...'; ` diff --git a/Dockerfiles/agent2/windows/README.md b/Dockerfiles/agent2/windows/README.md deleted file mode 100644 index ca33c13f5..000000000 --- a/Dockerfiles/agent2/windows/README.md +++ /dev/null @@ -1,225 +0,0 @@ -![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) - -# What is Zabbix? - -Zabbix is an enterprise-class open source distributed monitoring solution. - -Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. - -For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com - -# What is Zabbix agent 2? - -Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). - -# Zabbix agent 2 images - -These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: - - Zabbix agent 2 4.4 (tags: alpine-4.4-latest) (unsupported) - Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) - Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) - Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) - Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) - Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) - Zabbix agent 2 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) - Zabbix agent 2 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) - Zabbix agent 2 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) - -Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. - -# How to use this image - -## Start `zabbix-agent2` - -Start a Zabbix agent 2 container as follows: - - docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent2:tag - -Where `some-zabbix-agent2` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent2/tags/). - -## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) - -This image exposes the standard Zabbix agent 2 port (``10050``) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container: - -```console -$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent2 -d zabbix/zabbix-server:latest -``` - -## Connect to Zabbix server or Zabbix proxy containers (Active checks) - -This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns: - -```console -$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent2:latest -``` - -## Container shell access and viewing Zabbix agent 2 logs - -The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent2` container: - -```console -$ docker exec -ti some-zabbix-agent /bin/bash -``` - -The Zabbix agent 2 log is available through Docker's container log: - -```console -$ docker logs some-zabbix-agent -``` - -## Privileged mode - -By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example: - -```console -$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent2:latest -``` -```console -$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent2:latest -``` - -## Environment Variables - -When you start the `zabbix-agent2` image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the `docker run` command line. - -### `ZBX_HOSTNAME` - -This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agent2.conf``. - -### `ZBX_SERVER_HOST` - -This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agent2.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. - -### `ZBX_PASSIVE_ALLOW` - -This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. - -### `ZBX_PASSIVESERVERS` - -The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. - -### `ZBX_ACTIVE_ALLOW` - -This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. - -### `ZBX_ACTIVESERVERS` - -The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. - -### `ZBX_DEBUGLEVEL` - -The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: -- ``0`` - basic information about starting and stopping of Zabbix processes; -- ``1`` - critical information -- ``2`` - error information -- ``3`` - warnings -- ``4`` - for debugging (produces lots of information) -- ``5`` - extended debugging (produces even more information) - -### `ZBX_TIMEOUT` - -The variable is used to specify timeout for processing checks. By default, value is ``3``. - -### Other variables - -Additionally the image allows to specify many other environment variables listed below: - -``` -ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 -ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 -ZBX_ENABLESTATUSPORT= -ZBX_SOURCEIP= -ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 -ZBX_LOGREMOTECOMMANDS=0 -ZBX_STARTAGENTS=3 -ZBX_HOSTNAMEITEM=system.hostname -ZBX_METADATA= -ZBX_METADATAITEM= -ZBX_REFRESHACTIVECHECKS=120 -ZBX_BUFFERSEND=5 -ZBX_BUFFERSIZE=100 -ZBX_MAXLINESPERSECOND=20 -ZBX_LISTENIP= -ZBX_UNSAFEUSERPARAMETERS=0 -ZBX_TLSCONNECT=unencrypted -ZBX_TLSACCEPT=unencrypted -ZBX_TLSCAFILE= -ZBX_TLSCRLFILE= -ZBX_TLSSERVERCERTISSUER= -ZBX_TLSSERVERCERTSUBJECT= -ZBX_TLSCERTFILE= -ZBX_TLSKEYFILE= -ZBX_TLSPSKIDENTITY= -ZBX_TLSPSKFILE= -ZBX_DENYKEY=system.run[*] # Available since 5.0.0 -ZBX_ALLOWKEY= # Available since 5.0.0 -``` - -Default values of these variables are specified after equal sign. - -The allowed variables are identical of parameters in official ``zabbix_agent2.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. - -Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2) to get more information about the variables. - -## Allowed volumes for the Zabbix agent 2 container - -### ``/etc/zabbix/zabbix_agentd.d`` - -The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. - -### ``/var/lib/zabbix/enc`` - -The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. - -### ``/var/lib/zabbix/buffer`` - -The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. - -# The image variants - -The `zabbix-agent2` images come in many flavors, each designed for a specific use case. - -## `zabbix-agent2:alpine-` - -This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. - -This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. - -To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). - -## `zabbix-agent2:ubuntu-` - -This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. - -## `zabbix-agent2:ol-` - -Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. - -# Supported Docker versions - -This image is officially supported on Docker version 1.12.0. - -Support for older versions (down to 1.6) is provided on a best-effort basis. - -Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. - -# User Feedback - -## Documentation - -Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/5.0/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. - -## Issues - -If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). - -### Known issues - -Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. - -## Contributing - -You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. - -Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/build.xml b/build.json similarity index 100% rename from build.xml rename to build.json From 76ea396d29f3629d53bd375fbd4cba2625cefee3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 17 Sep 2021 19:51:09 +0200 Subject: [PATCH 174/253] Removed libmodbus library from proxy and server images --- Dockerfiles/build-sqlite3/alpine/build.sh | 2 +- Dockerfiles/build-sqlite3/ubuntu/build.sh | 2 +- Dockerfiles/proxy-mysql/alpine/Dockerfile | 2 -- Dockerfiles/proxy-mysql/ubuntu/Dockerfile | 2 -- Dockerfiles/proxy-sqlite3/alpine/Dockerfile | 2 -- Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile | 2 -- Dockerfiles/server-mysql/alpine/Dockerfile | 1 - Dockerfiles/server-mysql/ubuntu/Dockerfile | 2 -- Dockerfiles/server-pgsql/alpine/Dockerfile | 2 -- Dockerfiles/server-pgsql/ubuntu/Dockerfile | 2 -- 10 files changed, 2 insertions(+), 17 deletions(-) diff --git a/Dockerfiles/build-sqlite3/alpine/build.sh b/Dockerfiles/build-sqlite3/alpine/build.sh index fcb4d4ee7..46b203134 120000 --- a/Dockerfiles/build-sqlite3/alpine/build.sh +++ b/Dockerfiles/build-sqlite3/alpine/build.sh @@ -1 +1 @@ -../../build.sh \ No newline at end of file +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/build-sqlite3/ubuntu/build.sh b/Dockerfiles/build-sqlite3/ubuntu/build.sh index fcb4d4ee7..46b203134 120000 --- a/Dockerfiles/build-sqlite3/ubuntu/build.sh +++ b/Dockerfiles/build-sqlite3/ubuntu/build.sh @@ -1 +1 @@ -../../build.sh \ No newline at end of file +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/proxy-mysql/alpine/Dockerfile b/Dockerfiles/proxy-mysql/alpine/Dockerfile index 7846db4ea..d3c635ac1 100644 --- a/Dockerfiles/proxy-mysql/alpine/Dockerfile +++ b/Dockerfiles/proxy-mysql/alpine/Dockerfile @@ -72,8 +72,6 @@ RUN set -eux && \ openipmi-libs \ pcre \ unixodbc \ -# Temporary!! - libmodbus \ fping && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ diff --git a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile index 05f9af33f..71e16b800 100644 --- a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile @@ -71,8 +71,6 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ -# Temporary! - libmodbus5 \ mysql-client \ snmp-mibs-downloader \ unixodbc && \ diff --git a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile index f2b62249d..a235d3d6b 100644 --- a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile @@ -67,8 +67,6 @@ RUN set -eux && \ libxml2 \ net-snmp-agent-libs \ openipmi-libs \ -# Temporary! - libmodbus \ pcre \ sqlite-libs \ unixodbc && \ diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile index f477dcb3d..4076497ac 100644 --- a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile @@ -69,8 +69,6 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ -# Temporary! - libmodbus5 \ snmp-mibs-downloader \ unixodbc && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ diff --git a/Dockerfiles/server-mysql/alpine/Dockerfile b/Dockerfiles/server-mysql/alpine/Dockerfile index f4cb2b7c1..a14c2e14d 100644 --- a/Dockerfiles/server-mysql/alpine/Dockerfile +++ b/Dockerfiles/server-mysql/alpine/Dockerfile @@ -69,7 +69,6 @@ RUN set -eux && \ libcurl \ libevent \ libldap \ - libmodbus \ libssh \ libxml2 \ mariadb-client \ diff --git a/Dockerfiles/server-mysql/ubuntu/Dockerfile b/Dockerfiles/server-mysql/ubuntu/Dockerfile index e65e8b3ea..810219b32 100644 --- a/Dockerfiles/server-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/server-mysql/ubuntu/Dockerfile @@ -76,8 +76,6 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ -# Temporary! - libmodbus5 \ mysql-client \ snmp-mibs-downloader \ unixodbc && \ diff --git a/Dockerfiles/server-pgsql/alpine/Dockerfile b/Dockerfiles/server-pgsql/alpine/Dockerfile index 73fc21aab..d75cbb6d9 100644 --- a/Dockerfiles/server-pgsql/alpine/Dockerfile +++ b/Dockerfiles/server-pgsql/alpine/Dockerfile @@ -75,8 +75,6 @@ RUN set -eux && \ net-snmp-agent-libs \ openipmi-libs \ pcre \ -# Termporay! - libmodbus \ postgresql-client \ postgresql-libs \ unixodbc && \ diff --git a/Dockerfiles/server-pgsql/ubuntu/Dockerfile b/Dockerfiles/server-pgsql/ubuntu/Dockerfile index 7c1e32f8a..8f2ab6710 100644 --- a/Dockerfiles/server-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/server-pgsql/ubuntu/Dockerfile @@ -77,8 +77,6 @@ RUN set -eux && \ libssh-4 \ libssl1.1 \ libxml2 \ -# Temporary! - libmodbus5 \ postgresql-client \ snmp-mibs-downloader \ unixodbc && \ From cb2d65a8b24eb2ba4f7e8f8633a9ef302c202516 Mon Sep 17 00:00:00 2001 From: dotneft Date: Fri, 17 Sep 2021 23:35:50 +0300 Subject: [PATCH 175/253] Prepared build base images for Zabbix agents on Windows --- Dockerfiles/agent/windows/Dockerfile | 281 +----------------- Dockerfiles/agent2/windows/Dockerfile | 279 +---------------- .../build-base/windows/Dockerfile.agent | 235 +++++++++++++++ .../build-base/windows/Dockerfile.agent2 | 242 +++++++++++++++ .../windows/modbus.vs16.sln | 0 .../windows/modbus.vs16.vcxproj | 0 .../windows/modbus.vs16.vcxproj.filters | 0 .../build-mysql/windows/Dockerfile.agent | 67 +++++ .../build-mysql/windows/Dockerfile.agent2 | 57 ++++ 9 files changed, 621 insertions(+), 540 deletions(-) create mode 100644 Dockerfiles/build-base/windows/Dockerfile.agent create mode 100644 Dockerfiles/build-base/windows/Dockerfile.agent2 rename Dockerfiles/{agent => build-base}/windows/modbus.vs16.sln (100%) rename Dockerfiles/{agent => build-base}/windows/modbus.vs16.vcxproj (100%) rename Dockerfiles/{agent => build-base}/windows/modbus.vs16.vcxproj.filters (100%) create mode 100644 Dockerfiles/build-mysql/windows/Dockerfile.agent create mode 100644 Dockerfiles/build-mysql/windows/Dockerfile.agent2 diff --git a/Dockerfiles/agent/windows/Dockerfile b/Dockerfiles/agent/windows/Dockerfile index 0269db6c6..d664d8a49 100644 --- a/Dockerfiles/agent/windows/Dockerfile +++ b/Dockerfiles/agent/windows/Dockerfile @@ -1,282 +1,21 @@ # syntax=docker/dockerfile:1 # escape=` -ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 -ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 -FROM $BUILD_BASE_IMAGE as builder_base - -ARG PCRE_VERSION=8.45 -ARG OPENSSL_VERSION=1.1.1l -ARG LIBMODBUS_VERSION=master -ARG BUILD_ARCH=x64 -ARG CPU_MODEL=AMD64 - -ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe -ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-installer-x64.exe -ARG PERL_URL=https://strawberryperl.com/download/5.32.1.1/strawberry-perl-5.32.1.1-64bit.msi -ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip -ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip -ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz -ARG LIBMODBUS_URL=https://github.com/stephane/libmodbus.git - -ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` - PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION LIBMODBUS_VERSION=$LIBMODBUS_VERSION ` - GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL - -SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` - ` - $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum GIT for Windows failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Installing ...'; ` - Expand-Archive ` - -Path git.zip ` - -DestinationPath $env:SystemDrive\git\.; ` - Remove-Item -Force -Path $env:SystemDrive\git.zip; ` - $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("git version") ...'; ` - git version; ` - ` - Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\nasm_installer.exe -Uri $env:NASM_URL; ` - $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\nasm_installer.exe -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum NASM failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` - Start-Process ` - -FilePath $env:SystemDrive\nasm_installer.exe ` - -ArgumentList '/S' -Wait; ` - Remove-Item -Force -Path $env:SystemDrive\nasm_installer.exe; ` - ` - $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("nasm -v") ...'; ` - nasm -v; ` - ` - Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\perl_installer.msi -Uri $env:PERL_URL; ` - ` - $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\perl_installer.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Strawberry Perl failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` - Start-Process ` - -FilePath 'msiexec.exe' ` - -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` - -Wait; ` - Remove-Item -Force -Path $env:SystemDrive\perl_installer.msi; ` - $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("perl -V") ...'; ` - perl -V; ` - ` - Write-Host 'Installing Text::Template...'; ` - cpan Text::Template; ` - ` - Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` - ` - Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` - cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` - --quiet ` - --wait ` - --norestart ` - --nocache modify ` - --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` - # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 - --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` - --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` - if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` - throw $err; ` - }; ` - Wait-Process -name msiexec; ` - Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` - ` - Write-Host 'Visual Studio components installation cleanup'; ` - Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` - Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` - Remove-Item -Force -Recurse $env:TEMP\*; ` - Write-Host 'Build environment is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` - ` - $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum PCRE library failed!'; ` - exit 1; ` - }; ` - Write-Host 'Extracting archive ...'; ` - Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` - Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` - Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` - New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` - ` - Set-Location -Path $env:SystemDrive\pcre_build\build; ` - Write-Host 'Building PCRE library ...'; ` - cmake --log-level=ERROR ` - -G 'Visual Studio 16 2019' ` - -A $env:BUILD_ARCH ` - -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` - -DPCRE_SUPPORT_UTF=ON ` - -DCMAKE_C_FLAGS_RELEASE:string="""/MT""" ..; ` - msbuild PCRE.sln ` - -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` - /verbosity:quiet ` - /property:Configuration=Release ` - /property:Platform=$env:BUILD_ARCH ` - /target:pcre; ` - ` - Write-Host 'PCRE is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` - ` - $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum OpenSSL library failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Extracting archive ...'; ` - tar -zxf $env:SystemDrive\openssl.tar.gz; ` - Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` - Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` - ` - Write-Host 'Building OpenSSL library...'; ` - Set-Location -Path $env:SystemDrive\openssl_build; ` - perl $env:SystemDrive\openssl_build\Configure ` - VC-WIN64A ` - no-shared ` - no-ui-console ` - no-tests ` -# enable-capieng ` - no-capieng ` - --api=1.1.0 ` - --prefix=$env:SystemDrive\openssl_output ` - --openssldir=$env:SystemDrive\openssl_output_ssl; ` - set CL=/MP; ` - nmake /S; ` - nmake /S install_sw; ` - Write-Host 'OpenSSL is ready...'; - -COPY modbus.vs16.vcxproj c:\ -COPY modbus.vs16.sln c:\ -COPY modbus.vs16.vcxproj.filters c:\ - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Checkout GIT {0} repository ...' -f $env:LIBMODBUS_URL); ` - git -c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch $env:SystemDrive\libmodbus; ` - ` - Write-Host 'Building Libmodbus library...'; ` - Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj; ` - Copy-Item -Path $env:SystemDrive\modbus.vs16.sln $env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln; ` - Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj.filters $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters; ` - Set-Location -Path $env:SystemDrive\libmodbus\src\win32; ` - cscript .\configure.js; ` - msbuild modbus.vs16.sln ` - -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` - /verbosity:quiet ` - /property:Configuration=Release ` - /property:Platform=$env:BUILD_ARCH; ` - Write-Host 'Libmodbus is ready...'; - -FROM builder_base as builder_zabbix - -SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] - ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 -ARG ZABBIX_VERSION_RC_NUM=2400 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-agent:ltsc2022-agent-${ZBX_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ARG ZBX_COMPONENT=all -ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM +ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` - git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` - ` - Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` - $ZbxRevision=(git rev-parse --short HEAD); ` - (Get-Content include/version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include/version.h; ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project; ` - set CL=/MP; ` - nmake /S -f Makefile ` - CPU=$env:CPU_MODEL ` - CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` - PCREINCDIR=$env:SystemDrive\pcre_build\build ` - PCRELIBDIR=$env:SystemDrive\pcre_build\build\Release TLS=openssl ` - RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` -# LIBS="Crypt32.lib" ` - TLSINCDIR=$env:SystemDrive\openssl_output\include ` - TLSLIBDIR=$env:SystemDrive\openssl_output\lib ` - MODBINCDIR=$env:SystemDrive\libmodbus\src ` - MODBLIBDIR=$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release ` - $env:ZBX_COMPONENT; ` - ` - Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` - & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` - dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` - ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix\sbin | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix\conf | Out-Null; ` - ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe $env:SystemDrive\zabbix\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe $env:SystemDrive\zabbix\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe $env:SystemDrive\zabbix\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf $env:SystemDrive\zabbix\conf; ` - Write-Host 'Zabbix binaries are compiled...'; +FROM ${BUILD_BASE_IMAGE} as builder FROM $BASE_IMAGE +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git LABEL org.opencontainers.image.title="Zabbix agent" ` @@ -293,7 +32,7 @@ SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop';"] WORKDIR C:\zabbix\ -COPY --from=builder_zabbix ["C:\\zabbix", "C:\\zabbix"] +COPY --from=builder ["C:\\zabbix", "C:\\zabbix"] COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator diff --git a/Dockerfiles/agent2/windows/Dockerfile b/Dockerfiles/agent2/windows/Dockerfile index d45535d58..065d8d39b 100644 --- a/Dockerfiles/agent2/windows/Dockerfile +++ b/Dockerfiles/agent2/windows/Dockerfile @@ -1,280 +1,21 @@ # syntax=docker/dockerfile:1 # escape=` -ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 -ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 -FROM $BUILD_BASE_IMAGE as builder_base - -ARG PCRE_VERSION=8.45 -ARG OPENSSL_VERSION=1.1.1l -ARG ZLIB_VERSION=1.2.11 -ARG GOLANG_VERSION=1.17.1 -ARG SEVEN_ZIP_VERSION=1900 -ARG BUILD_ARCH=x64 -ARG CPU_MODEL=AMD64 - -ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe - -ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip -ARG MINGW_URL=https://deac-riga.dl.sourceforge.net/project/mingw-w64/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z -ARG GOLANG_URL=https://golang.org/dl/go$GOLANG_VERSION.windows-amd64.msi -ARG CYGWIN_URL=https://cygwin.com/setup-x86_64.exe -ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip -ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz -ARG SEVEN_ZIP_URL=https://www.7-zip.org/a/7z$SEVEN_ZIP_VERSION-$BUILD_ARCH.msi - -ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` - PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION ZLIB_VERSION=$ZLIB_VERSION ` - GOLANG_VERSION=$GOLANG_VERSION SEVEN_ZIP_VERSION=$SEVEN_ZIP_VERSION ` - GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL GOLANG_URL=$GOLANG_URL SEVEN_ZIP_URL=$SEVEN_ZIP_URL ` - PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL - -SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` - ` - $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum GIT for Windows failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Installing ...'; ` - Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` - Remove-Item -Force -Path $env:SystemDrive\git.zip; ` - $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("git version") ...'; ` - git version; ` - ` - Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\go-amd64.msi -Uri $env:GOLANG_URL; ` - $sha256 = '7a360967708350354ea479500a8eada6a032e07eac5bd43142367ee5b0ab1df9'; ` - ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\go-amd64.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Go Lang failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` - Start-Process ` - -FilePath $env:SystemDrive\go-amd64.msi ` - -Wait ` - -ArgumentList '/qn /norestart'; ` - Remove-Item -Force -Path $env:SystemDrive\go-amd64.msi; ` - ` - $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - Write-Host 'Verifying install ("go version") ...'; ` - go version; ` - ` - Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\7z.msi -Uri $env:SEVEN_ZIP_URL; ` - ` - $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\7z.msi -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum 7-zip failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Installing ...'; ` - Start-Process ` - -FilePath $env:SystemDrive\7z.msi ` - -Wait ` - -ArgumentList '/qn /norestart'; ` - Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` - $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("7z -h") ...'; ` - 7z -h | Select -first 2; ` - ` - Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` - ` - $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\mingw.7z -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Mingw-w64 failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Installing ...'; ` - 7z x $env:SystemDrive\mingw.7z; ` - Remove-Item -Force -Path $env:SystemDrive\mingw.7z; ` - $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` - [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` - ` - Write-Host 'Verifying install ("mingw32-make -v") ...'; ` - mingw32-make -v; ` - ` - Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` - ` - Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` - cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` - --quiet ` - --wait ` - --norestart ` - --nocache modify ` - --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` - # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 - --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` - --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` - if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` - throw $err; ` - }; ` - Wait-Process -name msiexec; ` - Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` - ` - Write-Host 'Visual Studio components installation cleanup'; ` - Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` - Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` - Remove-Item -Force -Recurse $env:TEMP\*; ` - Write-Host 'Build environment is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` - ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` - if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum PCRE library failed!'; ` - exit 1; ` - }; ` - Write-Host 'Extracting archive ...'; ` - Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` - Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` - Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` - ` - Set-Location -Path $env:SystemDrive\pcre_build; ` - Write-Host 'Building PCRE library ...'; ` - cmake --log-level=ERROR ` - -G 'MinGW Makefiles' ` - -DBUILD_SHARED_LIBS=OFF ` - -DCMAKE_C_COMPILER=gcc ` - -DCMAKE_C_FLAGS='-O2 -g' ` - -DCMAKE_CXX_FLAGS='-O2 -g' ` - -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output""" . ; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install; ` - Write-Host 'PCRE is ready...'; - -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup.exe"""); ` - ` - $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\setup.exe -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum Cygwin failed!'; ` - exit 1; ` - }; ` - Write-Host 'Installing ...'; ` - Start-Process $env:SystemDrive\setup.exe ` - -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" ` - -Wait ` - -NoNewWindow; ` - ` - Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` - Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` - ` - $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` - Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` - if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` - Write-Host 'Checksum OpenSSL library failed!'; ` - exit 1; ` - }; ` - ` - Write-Host 'Extracting archive ...'; ` - tar -zxf $env:SystemDrive\openssl.tar.gz; ` - Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` - Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` - ` - Write-Host 'Building OpenSSL library...'; ` - Set-Location -Path $env:SystemDrive\openssl_build; ` - $env:PATH+=""";$env:SystemDrive\cygwin\bin"""; ` - perl Configure ` - mingw64 ` - no-shared ` - no-ui-console ` - no-tests ` -# enable-capieng ` - no-capieng ` - --api=1.1.0 ` - --prefix=$env:SystemDrive\openssl_output ` - --openssldir=$env:SystemDrive\openssl_output_ssl; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` - Write-Host 'OpenSSL is ready...'; ` - Remove-Item -Recurse -Force -Path $env:SystemDrive\cygwin; - -FROM builder_base as builder_zabbix - -SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] - ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 -ARG ZABBIX_VERSION_RC_NUM=2400 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-agent:ltsc2022-agent2-${ZBX_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ARG ZBX_COMPONENT=all -ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION +ARG BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022 -RUN Set-Location -Path $env:SystemDrive\.; ` - ` - Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` - Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` - ` - Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` - git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` - ` - Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` - $ZbxRevision=(git rev-parse --short HEAD); ` - (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` - Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw; ` - mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" ` -# CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output\lib -L$env:SystemDrive\pcre_output\lib""" ` - PCRE=$env:SystemDrive\pcre_output ` - OPENSSL=$env:SystemDrive\openssl_output ` - RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` - ` - Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` - & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` - dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` - ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix2 | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\sbin | Out-Null; ` - New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\conf | Out-Null; ` - ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe $env:SystemDrive\zabbix2\sbin; ` - Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf $env:SystemDrive\zabbix2\conf; ` - Write-Host 'Zabbix binaries are compiled...'; +FROM ${BUILD_BASE_IMAGE} as builder FROM $BASE_IMAGE +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git LABEL org.opencontainers.image.title="Zabbix agent 2" ` @@ -291,7 +32,7 @@ SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop';"] WORKDIR C:\zabbix\ -COPY --from=builder_zabbix ["C:\\zabbix2", "C:\\zabbix"] +COPY --from=builder ["C:\\zabbix2", "C:\\zabbix"] COPY [".\\docker-entrypoint.ps1", "C:\\zabbix"] USER ContainerAdministrator diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent b/Dockerfiles/build-base/windows/Dockerfile.agent new file mode 100644 index 000000000..b8254f6fa --- /dev/null +++ b/Dockerfiles/build-base/windows/Dockerfile.agent @@ -0,0 +1,235 @@ +# syntax=docker/dockerfile:1 +# escape=` +ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 +FROM $BUILD_BASE_IMAGE + +ARG PCRE_VERSION=8.45 +ARG OPENSSL_VERSION=1.1.1l +ARG LIBMODBUS_VERSION=master +ARG BUILD_ARCH=x64 +ARG CPU_MODEL=AMD64 + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe +ARG NASM_URL=https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-installer-x64.exe +ARG PERL_URL=https://strawberryperl.com/download/5.32.1.1/strawberry-perl-5.32.1.1-64bit.msi +ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip +ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip +ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz +ARG LIBMODBUS_URL=https://github.com/stephane/libmodbus.git + +ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` + PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION LIBMODBUS_VERSION=$LIBMODBUS_VERSION ` + GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL + +LABEL org.opencontainers.image.title="Zabbix agent build base for Windows" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` + ` + $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum GIT for Windows failed!'; ` + exit 1; ` + }; ` + ` + Write-Host 'Installing ...'; ` + Expand-Archive ` + -Path git.zip ` + -DestinationPath $env:SystemDrive\git\.; ` + Remove-Item -Force -Path $env:SystemDrive\git.zip; ` + $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("git version") ...'; ` + git version; ` + ` + Write-Host ('Downloading {0} ...' -f $env:NASM_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\nasm_installer.exe -Uri $env:NASM_URL; ` + $sha256 = 'a02325b9fe54f917f5d6a3036637b38dbb6addf6f7ba9d344d9b943a143fe7d0'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\nasm_installer.exe -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum NASM failed!'; ` + exit 1; ` + }; ` + Write-Host 'Installing ...'; ` + Start-Process ` + -FilePath $env:SystemDrive\nasm_installer.exe ` + -ArgumentList '/S' -Wait; ` + Remove-Item -Force -Path $env:SystemDrive\nasm_installer.exe; ` + ` + $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("nasm -v") ...'; ` + nasm -v; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PERL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\perl_installer.msi -Uri $env:PERL_URL; ` + ` + $sha256 = '241a881670164feb0b91bb69d39fbbf84c981bec0d9f8c19959f8f48fd177768'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\perl_installer.msi -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum Strawberry Perl failed!'; ` + exit 1; ` + }; ` + Write-Host 'Installing ...'; ` + Start-Process ` + -FilePath 'msiexec.exe' ` + -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` + -Wait; ` + Remove-Item -Force -Path $env:SystemDrive\perl_installer.msi; ` + $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("perl -V") ...'; ` + perl -V; ` + ` + Write-Host 'Installing Text::Template...'; ` + cpan Text::Template; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` + ` + Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` + cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` + --quiet ` + --wait ` + --norestart ` + --nocache modify ` + --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` + # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 + --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` + --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` + if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` + throw $err; ` + }; ` + Wait-Process -name msiexec; ` + Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` + ` + Write-Host 'Visual Studio components installation cleanup'; ` + Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` + Remove-Item -Force -Recurse $env:TEMP\*; ` + Write-Host 'Build environment is ready...'; + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` + ` + $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum PCRE library failed!'; ` + exit 1; ` + }; ` + Write-Host 'Extracting archive ...'; ` + Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` + Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` + Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` + New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` + ` + Set-Location -Path $env:SystemDrive\pcre_build\build; ` + Write-Host 'Building PCRE library ...'; ` + cmake --log-level=ERROR ` + -G 'Visual Studio 16 2019' ` + -A $env:BUILD_ARCH ` + -DPCRE_SUPPORT_UNICODE_PROPERTIES=ON ` + -DPCRE_SUPPORT_UTF=ON ` + -DCMAKE_C_FLAGS_RELEASE:string="""/MT""" ..; ` + msbuild PCRE.sln ` + -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /verbosity:quiet ` + /property:Configuration=Release ` + /property:Platform=$env:BUILD_ARCH ` + /target:pcre; ` + ` + Write-Host 'PCRE is ready...'; + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` + ` + $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum OpenSSL library failed!'; ` + exit 1; ` + }; ` + ` + Write-Host 'Extracting archive ...'; ` + tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` + Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` + ` + Write-Host 'Building OpenSSL library...'; ` + Set-Location -Path $env:SystemDrive\openssl_build; ` + perl $env:SystemDrive\openssl_build\Configure ` + VC-WIN64A ` + no-shared ` + no-ui-console ` + no-tests ` +# enable-capieng ` + no-capieng ` + --api=1.1.0 ` + --prefix=$env:SystemDrive\openssl_output ` + --openssldir=$env:SystemDrive\openssl_output_ssl; ` + set CL=/MP; ` + nmake /S; ` + nmake /S install_sw; ` + Write-Host 'OpenSSL is ready...'; + +COPY modbus.vs16.vcxproj c:\ +COPY modbus.vs16.sln c:\ +COPY modbus.vs16.vcxproj.filters c:\ + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Checkout GIT {0} repository ...' -f $env:LIBMODBUS_URL); ` + git -c advice.detachedHead=false clone $env:LIBMODBUS_URL --branch $env:LIBMODBUS_VERSION --depth 1 --single-branch $env:SystemDrive\libmodbus; ` + ` + Write-Host 'Building Libmodbus library...'; ` + Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj; ` + Copy-Item -Path $env:SystemDrive\modbus.vs16.sln $env:SystemDrive\libmodbus\src\win32\modbus.vs16.sln; ` + Copy-Item -Path $env:SystemDrive\modbus.vs16.vcxproj.filters $env:SystemDrive\libmodbus\src\win32\modbus.vs16.vcxproj.filters; ` + Set-Location -Path $env:SystemDrive\libmodbus\src\win32; ` + cscript .\configure.js; ` + msbuild modbus.vs16.sln ` + -maxcpucount:"""$env:NUMBER_OF_PROCESSORS""" ` + /verbosity:quiet ` + /property:Configuration=Release ` + /property:Platform=$env:BUILD_ARCH; ` + Write-Host 'Libmodbus is ready...'; diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 new file mode 100644 index 000000000..7ef2b3feb --- /dev/null +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -0,0 +1,242 @@ +# syntax=docker/dockerfile:1 +# escape=` +ARG BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-ltsc2022 +FROM $BUILD_BASE_IMAGE as builder_base + +ARG PCRE_VERSION=8.45 +ARG OPENSSL_VERSION=1.1.1l +ARG ZLIB_VERSION=1.2.11 +ARG GOLANG_VERSION=1.17.1 +ARG SEVEN_ZIP_VERSION=1900 +ARG BUILD_ARCH=x64 +ARG CPU_MODEL=AMD64 + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe +ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip +ARG MINGW_URL=https://deac-riga.dl.sourceforge.net/project/mingw-w64/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z +ARG GOLANG_URL=https://golang.org/dl/go$GOLANG_VERSION.windows-amd64.msi +ARG CYGWIN_URL=https://cygwin.com/setup-x86_64.exe +ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip +ARG OPENSSL_URL=https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz +ARG SEVEN_ZIP_URL=https://www.7-zip.org/a/7z$SEVEN_ZIP_VERSION-$BUILD_ARCH.msi + +ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` + PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION ZLIB_VERSION=$ZLIB_VERSION ` + GOLANG_VERSION=$GOLANG_VERSION SEVEN_ZIP_VERSION=$SEVEN_ZIP_VERSION ` + GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL GOLANG_URL=$GOLANG_URL SEVEN_ZIP_URL=$SEVEN_ZIP_URL ` + PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL + +LABEL org.opencontainers.image.title="Zabbix agent 2 build base for Windows" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent 2 images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GIT_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\git.zip -Uri $env:GIT_URL; ` + ` + $sha256 = '273f55e881094d00877d64f56570b0c997c4da5dedcb26738d56481033c1eba1'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\git.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum GIT for Windows failed!'; ` + exit 1; ` + }; ` + ` + Write-Host 'Installing ...'; ` + Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` + Remove-Item -Force -Path $env:SystemDrive\git.zip; ` + $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("git version") ...'; ` + git version; ` + ` + Write-Host ('Downloading {0} ...' -f $env:GOLANG_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\go-amd64.msi -Uri $env:GOLANG_URL; ` + $sha256 = '7a360967708350354ea479500a8eada6a032e07eac5bd43142367ee5b0ab1df9'; ` + ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\go-amd64.msi -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum Go Lang failed!'; ` + exit 1; ` + }; ` + Write-Host 'Installing ...'; ` + Start-Process ` + -FilePath $env:SystemDrive\go-amd64.msi ` + -Wait ` + -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path $env:SystemDrive\go-amd64.msi; ` + ` + $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + Write-Host 'Verifying install ("go version") ...'; ` + go version; ` + ` + Write-Host ('Downloading {0} ...' -f $env:SEVEN_ZIP_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\7z.msi -Uri $env:SEVEN_ZIP_URL; ` + ` + $sha256 = 'a7803233eedb6a4b59b3024ccf9292a6fffb94507dc998aa67c5b745d197a5dc'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\7z.msi -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum 7-zip failed!'; ` + exit 1; ` + }; ` + ` + Write-Host 'Installing ...'; ` + Start-Process ` + -FilePath $env:SystemDrive\7z.msi ` + -Wait ` + -ArgumentList '/qn /norestart'; ` + Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` + $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("7z -h") ...'; ` + 7z -h | Select -first 2; ` + ` + Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` + ` + $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\mingw.7z -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum Mingw-w64 failed!'; ` + exit 1; ` + }; ` + ` + Write-Host 'Installing ...'; ` + 7z x $env:SystemDrive\mingw.7z; ` + Remove-Item -Force -Path $env:SystemDrive\mingw.7z; ` + $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` + [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` + ` + Write-Host 'Verifying install ("mingw32-make -v") ...'; ` + mingw32-make -v; ` + ` + Write-Host ('Downloading {0} ...' -f $env:VS_BUILDTOOLS_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\vs_buildtools.exe $env:VS_BUILDTOOLS_URL; ` + ` + Write-Host ('{0} - Visual Studio components installing...' -f $(Get-Date -format 'u')); ` + cmd /C start /w $env:SystemDrive\vs_buildtools.exe ` + --quiet ` + --wait ` + --norestart ` + --nocache modify ` + --installPath """${env:ProgramFiles(x86)}\Microsoft Visual Studio\2019\BuildTools""" ` + # https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2019 + --add Microsoft.VisualStudio.Component.Windows10SDK.19041 ` + --add Microsoft.VisualStudio.Component.VC.CMake.Project; ` + if ($err = dir $Env:TEMP -Filter dd_setup_*_errors.log | where Length -gt 0 | Get-Content) { ` + throw $err; ` + }; ` + Wait-Process -name msiexec; ` + Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` + ` + Write-Host 'Visual Studio components installation cleanup'; ` + Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` + Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` + Remove-Item -Force -Recurse $env:TEMP\*; ` + Write-Host 'Build environment is ready...'; + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Downloading {0} ...' -f $env:PCRE_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\pcre.zip -Uri $env:PCRE_URL; ` + ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + $sha256 = '5b709aa45ea3b8bb73052947200ad187f651a2049158fb5bbfed329e4322a977'; ` + if ((Get-FileHash $env:SystemDrive\pcre.zip -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum PCRE library failed!'; ` + exit 1; ` + }; ` + Write-Host 'Extracting archive ...'; ` + Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` + Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` + Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` + ` + Set-Location -Path $env:SystemDrive\pcre_build; ` + Write-Host 'Building PCRE library ...'; ` + cmake --log-level=ERROR ` + -G 'MinGW Makefiles' ` + -DBUILD_SHARED_LIBS=OFF ` + -DCMAKE_C_COMPILER=gcc ` + -DCMAKE_C_FLAGS='-O2 -g' ` + -DCMAKE_CXX_FLAGS='-O2 -g' ` + -DCMAKE_INSTALL_PREFIX="""$env:SystemDrive\pcre_output""" . ; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install; ` + Write-Host 'PCRE is ready...'; + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Write-Host ('Downloading {0} ...' -f $env:CYGWIN_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + (New-Object Net.WebClient).DownloadFile("""$env:CYGWIN_URL""", """$env:SystemDrive\setup.exe"""); ` + ` + $sha256 = 'b9219acd1241ffa4d38e19587f1ccc2854f951e451f3858efc9d2e1fe19d375c'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\setup.exe -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum Cygwin failed!'; ` + exit 1; ` + }; ` + Write-Host 'Installing ...'; ` + Start-Process $env:SystemDrive\setup.exe ` + -ArgumentList """-qnNdO -a x86_64 -R $env:SystemDrive\cygwin --site http://cygwin.mirror.constant.com -l $env:SystemDrive\cygwin\var\cache\setup --packages perl""" ` + -Wait ` + -NoNewWindow; ` + ` + Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` + Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + Invoke-WebRequest -OutFile $env:SystemDrive\openssl.tar.gz -Uri $env:OPENSSL_URL; ` + ` + $sha256 = '0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1'; ` + Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` + if ((Get-FileHash $env:SystemDrive\openssl.tar.gz -Algorithm sha256).Hash -ne $sha256) { ` + Write-Host 'Checksum OpenSSL library failed!'; ` + exit 1; ` + }; ` + ` + Write-Host 'Extracting archive ...'; ` + tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` + Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` + ` + Write-Host 'Building OpenSSL library...'; ` + Set-Location -Path $env:SystemDrive\openssl_build; ` + $env:PATH+=""";$env:SystemDrive\cygwin\bin"""; ` + perl Configure ` + mingw64 ` + no-shared ` + no-ui-console ` + no-tests ` +# enable-capieng ` + no-capieng ` + --api=1.1.0 ` + --prefix=$env:SystemDrive\openssl_output ` + --openssldir=$env:SystemDrive\openssl_output_ssl; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` + Write-Host 'OpenSSL is ready...'; ` + Remove-Item -Recurse -Force -Path $env:SystemDrive\cygwin; diff --git a/Dockerfiles/agent/windows/modbus.vs16.sln b/Dockerfiles/build-base/windows/modbus.vs16.sln similarity index 100% rename from Dockerfiles/agent/windows/modbus.vs16.sln rename to Dockerfiles/build-base/windows/modbus.vs16.sln diff --git a/Dockerfiles/agent/windows/modbus.vs16.vcxproj b/Dockerfiles/build-base/windows/modbus.vs16.vcxproj similarity index 100% rename from Dockerfiles/agent/windows/modbus.vs16.vcxproj rename to Dockerfiles/build-base/windows/modbus.vs16.vcxproj diff --git a/Dockerfiles/agent/windows/modbus.vs16.vcxproj.filters b/Dockerfiles/build-base/windows/modbus.vs16.vcxproj.filters similarity index 100% rename from Dockerfiles/agent/windows/modbus.vs16.vcxproj.filters rename to Dockerfiles/build-base/windows/modbus.vs16.vcxproj.filters diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent b/Dockerfiles/build-mysql/windows/Dockerfile.agent new file mode 100644 index 000000000..90588ae9b --- /dev/null +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent @@ -0,0 +1,67 @@ +# syntax=docker/dockerfile:1 +# escape=` +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ltsc2022-agent-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ARG ZABBIX_VERSION_RC_NUM=2400 +ARG ZBX_COMPONENT=all +ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM + +LABEL org.opencontainers.image.title="Zabbix agent build (Windows)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build for agent images based on Windows" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` + git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + ` + Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + $ZbxRevision=(git rev-parse --short HEAD); ` + (Get-Content include/version.h).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content include/version.h; ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\win32\project; ` + set CL=/MP; ` + nmake /S -f Makefile ` + CPU=$env:CPU_MODEL ` + CFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D HAVE_LIBMODBUS_STATIC""" ` + PCREINCDIR=$env:SystemDrive\pcre_build\build ` + PCRELIBDIR=$env:SystemDrive\pcre_build\build\Release TLS=openssl ` + RFLAGS="""/D ZABBIX_VERSION_REVISION=$ZbxRevision /D ZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM""" ` +# LIBS="Crypt32.lib" ` + TLSINCDIR=$env:SystemDrive\openssl_output\include ` + TLSLIBDIR=$env:SystemDrive\openssl_output\lib ` + MODBINCDIR=$env:SystemDrive\libmodbus\src ` + MODBLIBDIR=$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release ` + $env:ZBX_COMPONENT; ` + ` + Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` + & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` + ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix\sbin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix\conf | Out-Null; ` + ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe $env:SystemDrive\zabbix\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_get.exe $env:SystemDrive\zabbix\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_sender.exe $env:SystemDrive\zabbix\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\conf\zabbix_agentd.win.conf $env:SystemDrive\zabbix\conf; ` + Write-Host 'Zabbix binaries are compiled...'; diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent2 b/Dockerfiles/build-mysql/windows/Dockerfile.agent2 new file mode 100644 index 000000000..69176f5b5 --- /dev/null +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent2 @@ -0,0 +1,57 @@ +# syntax=docker/dockerfile:1 +# escape=` +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:ltsc2022-agent2-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION}.0 +ARG ZABBIX_VERSION_RC_NUM=2400 +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ARG ZBX_COMPONENT=all +ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION + +LABEL org.opencontainers.image.title="Zabbix agent 2 build (Windows)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build for agent 2 images based on Windows" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN Set-Location -Path $env:SystemDrive\.; ` + ` + Import-Module ('{0}\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\Microsoft.VisualStudio.DevShell.dll' -f ${env:ProgramFiles(x86)} ); ` + Enter-VsDevShell -VsInstallPath ('{0}\Microsoft Visual Studio\2019\BuildTools' -f ${env:ProgramFiles(x86)}) -DevCmdArguments """-arch=$env:BUILD_ARCH"""; ` + ` + Write-Host ('Checkout GIT {0} (master) repository ...' -f $env:ZBX_SOURCES); ` + git -c advice.detachedHead=false clone $env:ZBX_SOURCES --branch master --depth 1 --single-branch $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + ` + Write-Host ('Building Zabbix {0} version ...' -f $env:ZBX_VERSION); ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION; ` + $ZbxRevision=(git rev-parse --short HEAD); ` + (Get-Content src\go\pkg\version\version.go).replace('{ZABBIX_REVISION}', $ZbxRevision) | Set-Content src\go\pkg\version\version.go; ` + Set-Location -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\build\mingw; ` + mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" ` +# CGO_LDFLAGS="""-lssl -lcrypto -lcrypt32 -L$env:SystemDrive\openssl_output\lib -L$env:SystemDrive\pcre_output\lib""" ` + PCRE=$env:SystemDrive\pcre_output ` + OPENSSL=$env:SystemDrive\openssl_output ` + RFLAGS="""-DZABBIX_VERSION_RC_NUM=$env:ZABBIX_VERSION_RC_NUM"""; ` + ` + Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` + & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe -V; ` + dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe; ` + ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix2 | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\sbin | Out-Null; ` + New-Item -ItemType directory -Path $env:SystemDrive\zabbix2\conf | Out-Null; ` + ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agent2.exe $env:SystemDrive\zabbix2\sbin; ` + Copy-Item -Path $env:SystemDrive\zabbix-$env:ZBX_VERSION\src\go\conf\zabbix_agent2.win.conf $env:SystemDrive\zabbix2\conf; ` + Write-Host 'Zabbix binaries are compiled...'; From 0904331e8a4ef19c1e51d9445548994539fcc993 Mon Sep 17 00:00:00 2001 From: dotneft Date: Sat, 18 Sep 2021 04:08:26 +0300 Subject: [PATCH 176/253] Fix building Zabbix agent on Windows --- Dockerfiles/build-base/windows/Dockerfile.agent | 16 ++++++++-------- Dockerfiles/build-base/windows/Dockerfile.agent2 | 16 ++++++++-------- Dockerfiles/build-mysql/windows/Dockerfile.agent | 16 ++++++++-------- .../build-mysql/windows/Dockerfile.agent2 | 16 ++++++++-------- 4 files changed, 32 insertions(+), 32 deletions(-) diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent b/Dockerfiles/build-base/windows/Dockerfile.agent index b8254f6fa..2316b3e26 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent +++ b/Dockerfiles/build-base/windows/Dockerfile.agent @@ -25,14 +25,14 @@ ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` PCRE_VERSION=$PCRE_VERSION OPENSSL_VERSION=$OPENSSL_VERSION LIBMODBUS_VERSION=$LIBMODBUS_VERSION ` GIT_URL=$GIT_URL NASM_URL=$NASM_URL PERL_URL=$PERL_URL LIBMODBUS_URL=$LIBMODBUS_URL PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL -LABEL org.opencontainers.image.title="Zabbix agent build base for Windows" \ - org.opencontainers.image.authors="Alexey Pustovalov " \ - org.opencontainers.image.vendor="Zabbix LLC" \ - org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent images" \ - org.opencontainers.image.licenses="GPL v2.0" \ - org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ +LABEL org.opencontainers.image.title="Zabbix agent build base for Windows" ` + org.opencontainers.image.authors="Alexey Pustovalov " ` + org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.url="https://zabbix.com/" ` + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent images" ` + org.opencontainers.image.licenses="GPL v2.0" ` + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" ` + org.opencontainers.image.version="${ZBX_VERSION}" ` org.opencontainers.image.source="${ZBX_SOURCES}" SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index 7ef2b3feb..4067cb937 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -30,14 +30,14 @@ ENV BUILD_ARCH=$BUILD_ARCH CPU_MODEL=$CPU_MODEL ` GIT_URL=$GIT_URL MINGW_URL=$MINGW_URL CYGWIN_URL=$CYGWIN_URL GOLANG_URL=$GOLANG_URL SEVEN_ZIP_URL=$SEVEN_ZIP_URL ` PCRE_URL=$PCRE_URL OPENSSL_URL=$OPENSSL_URL -LABEL org.opencontainers.image.title="Zabbix agent 2 build base for Windows" \ - org.opencontainers.image.authors="Alexey Pustovalov " \ - org.opencontainers.image.vendor="Zabbix LLC" \ - org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent 2 images" \ - org.opencontainers.image.licenses="GPL v2.0" \ - org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ +LABEL org.opencontainers.image.title="Zabbix agent 2 build base for Windows" ` + org.opencontainers.image.authors="Alexey Pustovalov " ` + org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.url="https://zabbix.com/" ` + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix agent 2 images" ` + org.opencontainers.image.licenses="GPL v2.0" ` + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" ` + org.opencontainers.image.version="${ZBX_VERSION}" ` org.opencontainers.image.source="${ZBX_SOURCES}" SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent b/Dockerfiles/build-mysql/windows/Dockerfile.agent index 90588ae9b..3b66ed6ae 100644 --- a/Dockerfiles/build-mysql/windows/Dockerfile.agent +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent @@ -13,14 +13,14 @@ ARG ZABBIX_VERSION_RC_NUM=2400 ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION ZABBIX_VERSION_RC_NUM=$ZABBIX_VERSION_RC_NUM -LABEL org.opencontainers.image.title="Zabbix agent build (Windows)" \ - org.opencontainers.image.authors="Alexey Pustovalov " \ - org.opencontainers.image.vendor="Zabbix LLC" \ - org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix build for agent images based on Windows" \ - org.opencontainers.image.licenses="GPL v2.0" \ - org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ +LABEL org.opencontainers.image.title="Zabbix agent build (Windows)" ` + org.opencontainers.image.authors="Alexey Pustovalov " ` + org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.url="https://zabbix.com/" ` + org.opencontainers.image.description="Zabbix build for agent images based on Windows" ` + org.opencontainers.image.licenses="GPL v2.0" ` + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" ` + org.opencontainers.image.version="${ZBX_VERSION}" ` org.opencontainers.image.source="${ZBX_SOURCES}" SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent2 b/Dockerfiles/build-mysql/windows/Dockerfile.agent2 index 69176f5b5..3585c431c 100644 --- a/Dockerfiles/build-mysql/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent2 @@ -15,14 +15,14 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG ZBX_COMPONENT=all ENV ZBX_SOURCES=$ZBX_SOURCES MAJOR_VERSION=$MAJOR_VERSION ZBX_VERSION=$ZBX_VERSION -LABEL org.opencontainers.image.title="Zabbix agent 2 build (Windows)" \ - org.opencontainers.image.authors="Alexey Pustovalov " \ - org.opencontainers.image.vendor="Zabbix LLC" \ - org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix build for agent 2 images based on Windows" \ - org.opencontainers.image.licenses="GPL v2.0" \ - org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ +LABEL org.opencontainers.image.title="Zabbix agent 2 build (Windows)" ` + org.opencontainers.image.authors="Alexey Pustovalov " ` + org.opencontainers.image.vendor="Zabbix LLC" ` + org.opencontainers.image.url="https://zabbix.com/" ` + org.opencontainers.image.description="Zabbix build for agent 2 images based on Windows" ` + org.opencontainers.image.licenses="GPL v2.0" ` + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" ` + org.opencontainers.image.version="${ZBX_VERSION}" ` org.opencontainers.image.source="${ZBX_SOURCES}" RUN Set-Location -Path $env:SystemDrive\.; ` From 706a021f5e9395c6bf7bb1b0b19f2e32c5d43279 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 23 Sep 2021 19:14:51 +0500 Subject: [PATCH 177/253] Updated kubernetes YAML --- kubernetes.yaml | 935 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 861 insertions(+), 74 deletions(-) diff --git a/kubernetes.yaml b/kubernetes.yaml index 61a5859fd..c35fe41c8 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -5,6 +5,42 @@ metadata: labels: name: zabbix --- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: zabbix-agent + namespace: zabbix +rules: +- verbs: + - use + apiGroups: + - security.openshift.io + resources: + - securitycontextconstraints + resourceNames: + - privileged + - hostaccess + - hostnetwork +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: zabbix-agent + namespace: zabbix +subjects: +- kind: ServiceAccount + name: zabbix-agent +roleRef: + kind: Role + name: zabbix-agent + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: zabbix-agent + namespace: zabbix +--- apiVersion: v1 kind: Service metadata: @@ -22,8 +58,8 @@ spec: name: web-https selector: name: zabbix-web - externalIPs: - - + sessionAffinity: None + type: ClusterIP --- apiVersion: v1 kind: Service @@ -59,8 +95,8 @@ spec: name: snmp-trap selector: name: zabbix-server - externalIPs: - - + sessionAffinity: None + type: ClusterIP --- apiVersion: v1 kind: Service @@ -80,6 +116,8 @@ spec: name: snmp-trap selector: name: zabbix-proxy-sqlite3 + sessionAffinity: None + type: ClusterIP --- apiVersion: v1 kind: Service @@ -117,6 +155,21 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: zabbix-web-service + labels: + app: zabbix + namespace: zabbix +spec: + ports: + - port: 10053 + targetPort: 10053 + name: zabbix-web-svc + selector: + name: zabbix-web-service +--- +apiVersion: v1 +kind: Service metadata: name: zabbix-agent labels: @@ -146,10 +199,14 @@ spec: name: zabbix-web app: zabbix spec: + volumes: + - name: mysql-tls-certs + secret: + secretName: zabbix-mysql-client-tls-certs containers: - name: zabbix-web image: zabbix/zabbix-web-nginx-mysql:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent ports: - containerPort: 8080 name: web-http @@ -184,9 +241,11 @@ spec: failureThreshold: 5 env: - name: ZBX_SERVER_NAME - value: "Zabbix kubernetes" + value: "Zabbix Kubernetes" - name: PHP_TZ value: "Europe/Riga" + - name: DB_SERVER_HOST + value: "mysql-server" - name: MYSQL_USER valueFrom: secretKeyRef: @@ -204,17 +263,49 @@ spec: key: db-root-pass - name: MYSQL_DATABASE value: "zabbix" + - name: ZBX_DB_ENCRYPTION + value: "true" + - name: ZBX_DB_CA_FILE + value: "/tmp/secrets/root-ca.pem" + - name: ZBX_DB_CERT_FILE + value: "/tmp/secrets/client-cert.pem" + - name: ZBX_DB_KEY_FILE + value: "/tmp/secrets/client-key.pem" + - name: ZBX_DB_VERIFY_HOST + value: "false" + - name: ZBX_DB_CIPHER_LIST + value: "" +# - name: ZBX_HISTORYSTORAGEURL +# value: "" +# - name: ZBX_HISTORYSTORAGETYPES +# value: "" +# - name: ZBX_MAXEXECUTIONTIME +# value: "" +# - name: ZBX_MEMORYLIMIT +# value: "" +# - name: ZBX_POSTMAXSIZE +# value: "" +# - name: ZBX_UPLOADMAXFILESIZE +# value: "" +# - name: ZBX_MAXINPUTTIME +# value: "" +# - name: ZBX_SESSION_NAME +# value: "" +# - name: DB_DOUBLE_IEEE754 +# value: "true" + - name: ZBX_SSO_SETTINGS + value: "[]" + - name: ENABLE_WEB_ACCESS_LOG + value: "true" + - name: DEBUG_MODE + value: "false" volumeMounts: - - name: zabbix-web-ssl - mountPath: /etc/ssl/nginx + - mountPath: "/tmp/secrets" + name: mysql-tls-certs readOnly: true - volumes: - - hostPath: - path: ./zbx_env/etc/ssl/nginx/ - name: zabbix-web-ssl --- -apiVersion: v1 -kind: ReplicationController +apiVersion: apps/v1 +kind: Deployment metadata: name: mysql-server labels: @@ -222,7 +313,13 @@ metadata: tier: mysql-server namespace: zabbix spec: - replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + name: mysql-server + app: zabbix + tier: mysql-server template: metadata: labels: @@ -234,12 +331,38 @@ spec: - name: zabbix-mysql-data persistentVolumeClaim: claimName: zabbix-mysql-data-claim + - name: mysql-tls-certs + secret: + secretName: zabbix-mysql-server-tls-certs containers: - name: zabbix-db - image: mysql:5.7 + image: mysql:8.0 + args: + - mysqld + - --character-set-server=utf8 + - --collation-server=utf8_bin + - --default-authentication-plugin=mysql_native_password + - --require-secure-transport + - --ssl-ca=/tmp/secrets/root-ca.pem + - --ssl-cert=/tmp/secrets/server-cert.pem + - --ssl-key=/tmp/secrets/server-key.pem + - --tls-version=TLSv1.2,TLSv1.3 ports: - containerPort: 3306 name: mysql + livenessProbe: + exec: + command: ["bash", "-c", "mysqladmin -u root -p$MYSQL_ROOT_PASSWORD ping"] + timeoutSeconds: 3 + failureThreshold: 3 + periodSeconds: 10 + startupProbe: + exec: + command: ["bash", "-c", "mysql -u root -p$MYSQL_ROOT_PASSWORD -e 'SELECT 1'"] + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 30 env: - name: MYSQL_USER valueFrom: @@ -259,12 +382,18 @@ spec: - name: MYSQL_DATABASE value: "zabbix" volumeMounts: - - mountPath: "/var/lib/mysql/" + - mountPath: "/var/lib/mysql" name: zabbix-mysql-data readOnly: false + - mountPath: "/tmp/secrets" + name: mysql-tls-certs + readOnly: true + securityContext: + capabilities: {} + privileged: false --- -apiVersion: v1 -kind: ReplicationController +apiVersion: apps/v1 +kind: Deployment metadata: name: zabbix-server labels: @@ -273,17 +402,30 @@ metadata: environment: dev namespace: zabbix spec: - replicas: 1 + strategy: + type: Recreate + rollingUpdate: null + selector: + matchLabels: + name: zabbix-server + app: zabbix template: metadata: labels: name: zabbix-server app: zabbix spec: + volumes: + - name: zabbix-snmptraps + persistentVolumeClaim: + claimName: zabbix-snmptraps-claim + - name: mysql-tls-certs + secret: + secretName: zabbix-mysql-client-tls-certs containers: - name: zabbix-server image: zabbix/zabbix-server-mysql:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent ports: - containerPort: 10051 protocol: TCP @@ -316,38 +458,178 @@ spec: key: db-root-pass - name: MYSQL_DATABASE value: "zabbix" + - name: ZBX_DBTLSCONNECT + value: "required" + - name: ZBX_DBTLSCAFILE + value: "/tmp/secrets/root-ca.pem" + - name: ZBX_DBTLSCERTFILE + value: "/tmp/secrets/client-cert.pem" + - name: ZBX_DBTLSKEYFILE + value: "/tmp/secrets/client-key.pem" + - name: ZBX_DBTLSCIPHER + value: "" + - name: ZBX_DBTLSCIPHER13 + value: "" + - name: ZBX_HISTORYSTORAGEURL + value: "" + - name: ZBX_HISTORYSTORAGETYPES + value: "" + - name: ZBX_HISTORYSTORAGEDATEINDEX + value: "1" + - name: ZBX_STARTREPORTWRITERS + value: "3" + - name: ZBX_WEBSERVICEURL + value: "http://zabbix-web-service:10053/report" + - name: ZBX_DEBUGLEVEL + value: "3" + - name: ZBX_STARTPOLLERS + value: "" + - name: ZBX_STARTPREPROCESSORS + value: "" + - name: ZBX_STARTPOLLERSUNREACHABLE + value: "" + - name: ZBX_STARTTRAPPERS + value: "" + - name: ZBX_STARTPINGERS + value: "" + - name: ZBX_STARTDISCOVERERS + value: "" + - name: ZBX_STARTHTTPPOLLERS + value: "" + - name: ZBX_IPMIPOLLERS + value: "" + - name: ZBX_STARTTIMERS + value: "" + - name: ZBX_STARTESCALATORS + value: "" + - name: ZBX_STARTALERTERS + value: "" - name: ZBX_JAVAGATEWAY_ENABLE value: "true" + - name: ZBX_JAVAGATEWAY + value: "zabbix-java-gateway" + - name: ZBX_JAVAGATEWAYPORT + value: "10052" - name: ZBX_STARTJAVAPOLLERS value: "5" + - name: ZBX_STARTLLDPROCESSORS + value: "" + - name: ZBX_STATSALLOWEDIP + value: "" + - name: ZBX_STARTVMWARECOLLECTORS + value: "" + - name: ZBX_VMWAREFREQUENCY + value: "" + - name: ZBX_VMWAREPERFFREQUENCY + value: "" + - name: ZBX_VMWARECACHESIZE + value: "" + - name: ZBX_VMWARETIMEOUT + value: "" - name: ZBX_ENABLE_SNMP_TRAPS value: "true" + - name: ZBX_HOUSEKEEPINGFREQUENCY + value: "" + - name: ZBX_MAXHOUSEKEEPERDELETE + value: "" + - name: ZBX_CACHESIZE + value: "" + - name: ZBX_CACHEUPDATEFREQUENCY + value: "" + - name: ZBX_STARTDBSYNCERS + value: "" + - name: ZBX_HISTORYCACHESIZE + value: "" + - name: ZBX_HISTORYINDEXCACHESIZE + value: "" + - name: ZBX_TRENDCACHESIZE + value: "" + - name: ZBX_VALUECACHESIZE + value: "" + - name: ZBX_TIMEOUT + value: "4" + - name: ZBX_TRAPPERIMEOUT + value: "" + - name: ZBX_UNREACHABLEPERIOD + value: "" + - name: ZBX_UNAVAILABLEDELAY + value: "" + - name: ZBX_UNREACHABLEDELAY + value: "" + - name: ZBX_LOGSLOWQUERIES + value: "3000" - name: ZBX_STARTPROXYPOLLERS - value: "5" + value: "" - name: ZBX_PROXYCONFIGFREQUENCY - value: "60" + value: "" + - name: ZBX_PROXYDATAFREQUENCY + value: "" + - name: ZBX_EXPORTFILESIZE + value: "" + - name: ZBX_LOADMODULE + value: "" + - name: ZBX_TLSCAFILE + value: "" + - name: ZBX_TLSCRLFILE + value: "" + - name: ZBX_TLSCERTFILE + value: "" + - name: ZBX_TLSKEYFILE + value: "" + - name: ZBX_TLSCIPHERALL + value: "" + - name: ZBX_TLSCIPHERALL13 + value: "" + - name: ZBX_TLSCIPHERCERT + value: "" + - name: ZBX_TLSCIPHERCERT13 + value: "" + - name: ZBX_TLSCIPHERPSK + value: "" + - name: ZBX_TLSCIPHERPSK13 + value: "" + - name: DEBUG_MODE + value: "false" volumeMounts: - - name: zabbix-db-storage - mountPath: /var/lib/zabbix/snmptraps/ + - name: zabbix-snmptraps + mountPath: "/var/lib/zabbix/snmptraps" readOnly: true + - mountPath: "/tmp/secrets" + name: mysql-tls-certs + readOnly: true + startupProbe: + tcpSocket: + port: 10051 + initialDelaySeconds: 15 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 40 + livenessProbe: + tcpSocket: + port: 10051 + timeoutSeconds: 3 + failureThreshold: 3 + periodSeconds: 10 + securityContext: + capabilities: {} + privileged: false - name: zabbix-snmptraps image: zabbix/zabbix-snmptraps:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent ports: - containerPort: 1162 protocol: UDP name: snmp-trap volumeMounts: - - name: zabbix-db-storage + - name: zabbix-snmptraps mountPath: /var/lib/zabbix/snmptraps/ readOnly: false - volumes: - - hostPath: - path: /zabbix/ - name: zabbix-db-storage + securityContext: + capabilities: {} + privileged: false --- -apiVersion: v1 -kind: ReplicationController +apiVersion: apps/v1 +kind: Deployment metadata: name: zabbix-proxy-sqlite3 labels: @@ -355,7 +637,13 @@ metadata: tier: proxy namespace: zabbix spec: - replicas: 1 + strategy: + type: Recreate + rollingUpdate: null + selector: + matchLabels: + name: zabbix-proxy-sqlite3 + app: zabbix template: metadata: labels: @@ -365,21 +653,140 @@ spec: containers: - name: zabbix-proxy-sqlite3 image: zabbix/zabbix-proxy-sqlite3:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent ports: - containerPort: 10051 protocol: TCP name: zabbix-trapper + startupProbe: + tcpSocket: + port: 10051 + initialDelaySeconds: 15 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 40 + livenessProbe: + tcpSocket: + port: 10051 + timeoutSeconds: 3 + failureThreshold: 3 + periodSeconds: 10 env: - - name: ZBX_HOSTNAME - value: "zabbix-proxy-passive" - - name: ZBX_CONFIGFREQUENCY - value: "60" - name: ZBX_PROXYMODE value: "1" + - name: ZBX_SERVER_HOST + value: "" + - name: ZBX_SERVER_PORT + value: "" + - name: ZBX_HOSTNAME + value: "zabbix-proxy-sqlite" + - name: ZBX_ENABLEREMOTECOMMANDS + value: "0" + - name: ZBX_LOGREMOTECOMMANDS + value: "1" + - name: ZBX_HOSTNAMEITEM + value: "" + - name: ZBX_DEBUGLEVEL + value: "3" + - name: ZBX_PROXYLOCALBUFFER + value: "" + - name: ZBX_PROXYOFFLINEBUFFER + value: "" + - name: ZBX_STARTPOLLERS + value: "" + - name: ZBX_IPMIPOLLERS + value: "" + - name: ZBX_STARTPOLLERSUNREACHABLE + value: "" + - name: ZBX_STARTTRAPPERS + value: "" + - name: ZBX_STARTPINGERS + value: "" + - name: ZBX_STARTDISCOVERERS + value: "" + - name: ZBX_STARTHTTPPOLLERS + value: "" + - name: ZBX_JAVAGATEWAY_ENABLE + value: "true" + - name: ZBX_JAVAGATEWAY + value: "zabbix-java-gateway" + - name: ZBX_JAVAGATEWAYPORT + value: "10052" + - name: ZBX_STARTJAVAPOLLERS + value: "5" + - name: ZBX_STARTVMWARECOLLECTORS + value: "" + - name: ZBX_VMWAREFREQUENCY + value: "" + - name: ZBX_VMWAREPERFFREQUENCY + value: "" + - name: ZBX_VMWARECACHESIZE + value: "" + - name: ZBX_VMWARETIMEOUT + value: "" + - name: ZBX_HOUSEKEEPINGFREQUENCY + value: "" + - name: ZBX_CACHESIZE + value: "" + - name: ZBX_STARTDBSYNCERS + value: "" + - name: ZBX_HISTORYCACHESIZE + value: "" + - name: ZBX_HISTORYINDEXCACHESIZE + value: "" + - name: ZBX_TIMEOUT + value: "4" + - name: ZBX_TRAPPERIMEOUT + value: "" + - name: ZBX_UNREACHABLEPERIOD + value: "" + - name: ZBX_UNAVAILABLEDELAY + value: "" + - name: ZBX_UNREACHABLEDELAY + value: "" + - name: ZBX_LOGSLOWQUERIES + - name: ZBX_LOADMODULE + value: "" + - name: ZBX_TLSCONNECT + value: "" + - name: ZBX_TLSACCEPT + value: "" + - name: ZBX_TLSCAFILE + value: "" + - name: ZBX_TLSCRLFILE + value: "" + - name: ZBX_TLSSERVERCERTISSUER + value: "" + - name: ZBX_TLSSERVERCERTSUBJECT + value: "" + - name: ZBX_TLSCERTFILE + value: "" + - name: ZBX_TLSKEYFILE + value: "" + - name: ZBX_TLSPSKIDENTITY + value: "" + - name: ZBX_TLSPSKFILE + value: "" + - name: ZBX_TLSCIPHERALL + value: "" + - name: ZBX_TLSCIPHERALL13 + value: "" + - name: ZBX_TLSCIPHERCERT + value: "" + - name: ZBX_TLSCIPHERCERT13 + value: "" + - name: ZBX_TLSCIPHERPSK + value: "" + - name: ZBX_TLSCIPHERPSK13 + value: "" + - name: DEBUG_MODE + value: "false" + securityContext: + capabilities: {} + privileged: false --- -apiVersion: v1 -kind: ReplicationController +apiVersion: apps/v1 +kind: Deployment metadata: name: zabbix-proxy-mysql labels: @@ -387,21 +794,41 @@ metadata: tier: proxy namespace: zabbix spec: - replicas: 1 + strategy: + type: Recreate + rollingUpdate: null + selector: + matchLabels: + name: zabbix-proxy-mysql + app: zabbix template: metadata: labels: name: zabbix-proxy-mysql app: zabbix spec: + volumes: + - name: mysql-tls-certs + secret: + secretName: zabbix-mysql-client-tls-certs containers: - name: zabbix-proxy-mysql image: zabbix/zabbix-proxy-mysql:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent ports: - containerPort: 10051 protocol: TCP name: zabbix-trapper + readinessProbe: + tcpSocket: + port: zabbix-trapper + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + tcpSocket: + port: zabbix-trapper + initialDelaySeconds: 15 + periodSeconds: 20 env: - name: MYSQL_USER valueFrom: @@ -420,9 +847,144 @@ spec: key: db-root-pass - name: MYSQL_DATABASE value: "zabbix_proxy" + - name: ZBX_DBTLSCONNECT + value: "required" + - name: ZBX_DBTLSCAFILE + value: "/tmp/secrets/root-ca.pem" + - name: ZBX_DBTLSCERTFILE + value: "/tmp/secrets/client-cert.pem" + - name: ZBX_DBTLSKEYFILE + value: "/tmp/secrets/client-key.pem" + - name: ZBX_DBTLSCIPHER + value: "" + - name: ZBX_DBTLSCIPHER13 + value: "" + - name: ZBX_PROXYMODE + value: "0" + - name: ZBX_SERVER_HOST + value: "zabbix-server" + - name: ZBX_SERVER_PORT + value: "10051" + - name: ZBX_HOSTNAME + value: "zabbix-proxy-mysql" + - name: ZBX_ENABLEREMOTECOMMANDS + value: "0" + - name: ZBX_LOGREMOTECOMMANDS + value: "1" + - name: ZBX_HOSTNAMEITEM + value: "" + - name: ZBX_DEBUGLEVEL + value: "3" + - name: ZBX_PROXYLOCALBUFFER + value: "" + - name: ZBX_PROXYOFFLINEBUFFER + value: "" + - name: ZBX_PROXYHEARTBEATFREQUENCY + value: "" + - name: ZBX_CONFIGFREQUENCY + value: "" + - name: ZBX_DATASENDERFREQUENCY + value: "" + - name: ZBX_STARTPOLLERS + value: "" + - name: ZBX_IPMIPOLLERS + value: "" + - name: ZBX_STARTPOLLERSUNREACHABLE + value: "" + - name: ZBX_STARTTRAPPERS + value: "" + - name: ZBX_STARTPINGERS + value: "" + - name: ZBX_STARTDISCOVERERS + value: "" + - name: ZBX_STARTHTTPPOLLERS + value: "" + - name: ZBX_JAVAGATEWAY_ENABLE + value: "true" + - name: ZBX_JAVAGATEWAY + value: "zabbix-java-gateway" + - name: ZBX_JAVAGATEWAYPORT + value: "10052" + - name: ZBX_STARTJAVAPOLLERS + value: "5" + - name: ZBX_STARTVMWARECOLLECTORS + value: "" + - name: ZBX_VMWAREFREQUENCY + value: "" + - name: ZBX_VMWAREPERFFREQUENCY + value: "" + - name: ZBX_VMWARECACHESIZE + value: "" + - name: ZBX_VMWARETIMEOUT + value: "" + - name: ZBX_HOUSEKEEPINGFREQUENCY + value: "" + - name: ZBX_CACHESIZE + value: "" + - name: ZBX_STARTDBSYNCERS + value: "" + - name: ZBX_HISTORYCACHESIZE + value: "" + - name: ZBX_HISTORYINDEXCACHESIZE + value: "" + - name: ZBX_TIMEOUT + value: "4" + - name: ZBX_TRAPPERIMEOUT + value: "" + - name: ZBX_UNREACHABLEPERIOD + value: "" + - name: ZBX_UNAVAILABLEDELAY + value: "" + - name: ZBX_UNREACHABLEDELAY + value: "" + - name: ZBX_LOGSLOWQUERIES + value: "" + - name: ZBX_LOADMODULE + value: "" + - name: ZBX_TLSCONNECT + value: "" + - name: ZBX_TLSACCEPT + value: "" + - name: ZBX_TLSCAFILE + value: "" + - name: ZBX_TLSCRLFILE + value: "" + - name: ZBX_TLSSERVERCERTISSUER + value: "" + - name: ZBX_TLSSERVERCERTSUBJECT + value: "" + - name: ZBX_TLSCERTFILE + value: "" + - name: ZBX_TLSKEYFILE + value: "" + - name: ZBX_TLSPSKIDENTITY + value: "" + - name: ZBX_TLSPSKFILE + value: "" + - name: ZBX_TLSCIPHERALL + value: "" + - name: ZBX_TLSCIPHERALL13 + value: "" + - name: ZBX_TLSCIPHERCERT + value: "" + - name: ZBX_TLSCIPHERCERT13 + value: "" + - name: ZBX_TLSCIPHERPSK + value: "" + - name: ZBX_TLSCIPHERPSK13 + value: "" + - name: DEBUG_MODE + value: "false" + volumeMounts: + - mountPath: "/tmp/secrets" + name: mysql-tls-certs + readOnly: true + securityContext: + capabilities: {} + privileged: false --- -apiVersion: v1 -kind: ReplicationController +apiVersion: apps/v1 +kind: Deployment metadata: name: zabbix-java-gateway labels: @@ -430,7 +992,10 @@ metadata: tier: java namespace: zabbix spec: - replicas: 1 + selector: + matchLabels: + name: zabbix-java-gateway + app: zabbix template: metadata: labels: @@ -440,14 +1005,94 @@ spec: containers: - name: zabbix-java-gateway image: zabbix/zabbix-java-gateway:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent ports: - containerPort: 10052 protocol: TCP - name: zabbix-jmx + name: zabbix-java + livenessProbe: + tcpSocket: + port: 10052 + initialDelaySeconds: 5 + failureThreshold: 3 + periodSeconds: 2 env: - - name: ZBX_TIMEOUT + - name: ZBX_START_POLLERS value: "5" + - name: ZBX_TIMEOUT + value: "3" + - name: ZBX_DEBUGLEVEL + value: "info" + - name: JAVA_OPTIONS + value: "" + - name: DEBUG_MODE + value: "false" + securityContext: + capabilities: {} + privileged: false +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zabbix-web-service + labels: + app: zabbix + tier: web-service + namespace: zabbix +spec: + selector: + matchLabels: + name: zabbix-web-service + app: zabbix + template: + metadata: + labels: + name: zabbix-web-service + app: zabbix + spec: + containers: + - name: zabbix-web-service + image: zabbix/zabbix-web-service:alpine-trunk + imagePullPolicy: IfNotPresent + resources: + limits: + cpu: 100m + memory: 512Mi + requests: + cpu: 100m + memory: 512Mi + ports: + - containerPort: 10053 + protocol: TCP + name: zabbix-web-svc + livenessProbe: + tcpSocket: + port: 10053 + initialDelaySeconds: 5 + failureThreshold: 3 + periodSeconds: 2 + env: + - name: ZBX_ALLOWEDIP + value: "0.0.0.0/0" + - name: ZBX_LISTENPORT + value: "10053" + - name: ZBX_DEBUGLEVEL + value: "3" + - name: ZBX_TIMEOUT + value: "3" + - name: ZBX_TLSACCEPT + value: "" + - name: ZBX_TLSCAFILE + value: "" + - name: ZBX_TLSCERTFILE + value: "" + - name: ZBX_TLSKEYFILE + value: "" + - name: DEBUG_MODE + value: "false" + securityContext: + capabilities: {} + privileged: false --- apiVersion: apps/v1 kind: DaemonSet @@ -471,10 +1116,17 @@ spec: name: zabbix-agent app: zabbix spec: + hostNetwork: true + hostIPC: true + hostPID: true + automountServiceAccountToken: true + serviceAccountName: zabbix-agent + nodeSelector: + beta.kubernetes.io/os: linux containers: - name: zabbix-agent image: zabbix/zabbix-agent:alpine-trunk - imagePullPolicy: Always + imagePullPolicy: IfNotPresent resources: limits: cpu: 100m @@ -485,17 +1137,134 @@ spec: ports: - containerPort: 10050 name: zabbix-agent + livenessProbe: + tcpSocket: + port: 10050 + initialDelaySeconds: 5 + failureThreshold: 3 + periodSeconds: 2 env: - - name: ZBX_SERVER_HOST - value: "zabbix-server" - - name: ZBX_PASSIVE_ALLOW - value: "true" - - name: ZBX_STARTAGENTS - value: "3" - - name: ZBX_TIMEOUT - value: "10" + - name: ZBX_DEBUGLEVEL + value: "3" + - name: ZBX_DENYKEY + value: "system.run[*]" + - name: ZBX_ALLOWKEY + value: "" + - name: ZBX_LOGREMOTECOMMANDS + value: "1" + - name: ZBX_SERVER_HOST + value: "zabbix-server" + - name: ZBX_PASSIVE_ALLOW + value: "true" + - name: ZBX_PASSIVESERVERS + value: "" + - name: ZBX_ACTIVE_ALLOW + value: "true" + - name: ZBX_ACTIVESERVERS + value: "" + - name: ZBX_STARTAGENTS + value: "" + - name: ZBX_HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: ZBX_HOSTNAMEITEM + value: "" + - name: ZBX_METADATA + value: "" + - name: ZBX_METADATAITEM + value: "" + - name: ZBX_TIMEOUT + value: "" + - name: ZBX_BUFFERSEND + value: "" + - name: ZBX_BUFFERSIZE + value: "" + - name: ZBX_MAXLINESPERSECOND + value: "" + - name: ZBX_UNSAFEUSERPARAMETERS + value: "0" + - name: ZBX_LOADMODULE + value: "" + - name: ZBX_HOSTINTERFACE + value: "" + - name: ZBX_HOSTINTERFACEITEM + value: "" + - name: ZBX_REFRESHACTIVECHECKS + value: "" + - name: DEBUG_MODE + value: "3" + - name: ZBX_TLSCONNECT + value: "" + - name: ZBX_TLSACCEPT + value: "" + - name: ZBX_TLSCAFILE + value: "" + - name: ZBX_TLSCRLFILE + value: "" + - name: ZBX_TLSSERVERCERTISSUER + value: "" + - name: ZBX_TLSSERVERCERTSUBJECT + value: "" + - name: ZBX_TLSCERTFILE + value: "" + - name: ZBX_TLSKEYFILE + value: "" + - name: ZBX_TLSPSKIDENTITY + value: "" + - name: ZBX_TLSPSKFILE + value: "" + - name: ZBX_TLSCIPHERALL + value: "" + - name: ZBX_TLSCIPHERALL13 + value: "" + - name: ZBX_TLSCIPHERCERT + value: "" + - name: ZBX_TLSCIPHERCERT13 + value: "" + - name: ZBX_TLSCIPHERPSK + value: "" + - name: ZBX_TLSCIPHERPSK13 + value: "" securityContext: + capabilities: {} privileged: true + readOnlyRootFilesystem: false + runAsNonRoot: true + volumeMounts: + - name: dev-volume + mountPath: /node/dev + - name: procfs-volume + readOnly: true + mountPath: /node/proc + - name: boot-volume + readOnly: true + mountPath: /node/boot + - name: run-volume + mountPath: /node/run + - name: var-run-volume + mountPath: /node/var/run + volumes: + - name: dev-volume + hostPath: + path: /dev + type: '' + - name: procfs-volume + hostPath: + path: /proc + type: '' + - name: boot-volume + hostPath: + path: /boot + type: '' + - name: run-volume + hostPath: + path: /run + type: '' + - name: var-run-volume + hostPath: + path: /var/run + type: '' --- apiVersion: autoscaling/v2beta1 kind: HorizontalPodAutoscaler @@ -515,33 +1284,29 @@ spec: name: cpu targetAverageUtilization: 70 --- -kind: PersistentVolume apiVersion: v1 -metadata: - name: zabbix-mysql-data - labels: - type: local - namespace: zabbix -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteOnce - hostPath: - path: "/data" ---- kind: PersistentVolumeClaim -apiVersion: v1 metadata: name: zabbix-mysql-data-claim namespace: zabbix +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: zabbix-snmptraps-claim + namespace: zabbix spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi - volumeName: zabbix-mysql-data --- apiVersion: v1 kind: List @@ -558,3 +1323,25 @@ items: db-root-pass: "c29tZV90ZXN0X3Bhc3M=" db-zbx-user: "emFiYml4" db-zbx-pass: "emJ4X3Bhc3N3b3Jk" +--- +apiVersion: v1 +data: + root-ca.pem: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURVekNDQWp1Z0F3SUJBZ0lKQUxNWTFSWlB5VVZsTUEwR0NTcUdTSWIzRFFFQkN3VUFNRUF4RXpBUkJnb0oKa2lhSmsvSXNaQUVaRmdOamIyMHhGekFWQmdvSmtpYUprL0lzWkFFWkZnZGxlR0Z0Y0d4bE1SQXdEZ1lEVlFRRApEQWRHWVd0bExVTkJNQjRYRFRJeE1Ea3lNakV4TlRJMU1Gb1hEVE14TURnd01URXhOVEkxTUZvd1FERVRNQkVHCkNnbVNKb21UOGl4a0FSa1dBMk52YlRFWE1CVUdDZ21TSm9tVDhpeGtBUmtXQjJWNFlXMXdiR1V4RURBT0JnTlYKQkFNTUIwWmhhMlV0UTBFd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURqRjQ1NApXTVVKc1NqZ3ZzSk4rNE5na3dET2thUWdOMjdXVnJyVWRIVjhoVW9sYU4vMWdSeE80cTNES2lPRnhIZlBITzVXCmg0am1YQ3VVSTA0NXRwaEVaZDlCZDd4eUU2dUF3VGtya2pVWTczMExQRmZsYzJYQXE3TkYvMElidHB1aXQ3cFIKdUV2dTc0aVNMampLWVFaWHlxUGJLazlIaitWa2xCcTV2MjJUNTlxUmwzeFV5QUNRZGVEWVdPbTg2ZFgrY2FUVAorWWt6VXhDOHFRVVdBT2JUVThBWWZXbHA3NjRpY0NuMEdab3BCalN2dXQrZWxoTnl2eHk2alhRdU0xemZYMXUrCm56bVdiQzdOMTFqK2JDZWxVd2kwQUhIZUZrRFFrcHdPaGdycW9hbG5XUHk4VVNjMDFJRTIwZnlmTEptc3ZaVU4KZ3pnK0EwOGNqOThwemF2REFnTUJBQUdqVURCT01CMEdBMVVkRGdRV0JCVGtEenFQVEV0UGFHWWhBSzkrNjB6dgpBdklmS1RBZkJnTlZIU01FR0RBV2dCVGtEenFQVEV0UGFHWWhBSzkrNjB6dkF2SWZLVEFNQmdOVkhSTUVCVEFECkFRSC9NQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUURaY1A2cmJPWFMvSFcray8yczU1Nk14VU9vTkRNenRhdlIKQXJCa01HUGk5N2FGSW1MV2h6MVJqWGw3UjZKUmE0a3VVSGdiRXBuL3F1OUFISk1LejZ6UnVSRW9EM2UzTlIwVApJL3hkbHFJOVBzTmdIaDVwSzcvb281TzUrR21vTURoK3pRTHlnbXVYcWlSenpXV3NBOVcwaXpoMFJiZHRwQzR5CmdSYmxLMVBsTVhNeWs0eFArcHljV0treExMbWhqOWhuTDdkQlR3KzQzOW13eW5MZjlhSkdHajZaNmI2ZjJTS1EKWGlPZUNFOTVQRlR4S1BCbzRvQmdjOHI2NGFxc0FNelVCa0lQZWtnQ2xQWkJJSnJtKzZZdU9HbUROVUFtUCs3RApKdmRIbGVucGJ3RXJBZ3FKYWx4NjdxVGM2eVUzWUY5bTZMTkprRHlCYXJ6VU01MVdQc1JUCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + server-cert.pem: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMrVENDQWVFQ0FRRXdEUVlKS29aSWh2Y05BUUVMQlFBd1FERVRNQkVHQ2dtU0pvbVQ4aXhrQVJrV0EyTnYKYlRFWE1CVUdDZ21TSm9tVDhpeGtBUmtXQjJWNFlXMXdiR1V4RURBT0JnTlZCQU1NQjBaaGEyVXRRMEV3SGhjTgpNakV3T1RJeU1URTFNalV4V2hjTk16RXdPREF4TVRFMU1qVXhXakJGTVJNd0VRWUtDWkltaVpQeUxHUUJHUllEClkyOXRNUmN3RlFZS0NaSW1pWlB5TEdRQkdSWUhaWGhoYlhCc1pURVZNQk1HQTFVRUF3d01iWGx6Y1d3dGMyVnkKZG1WeU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBb0U2OVRZcFNqMDhTMmZoNQorYUtIQVlwT2JmbkR1Z01XNTlsOXljUFdoYUVqVzNaaXp1UkNoMWV1eUR0YnFlUzRubnpIY3RlKzF2TE9xcHA2CnQ2RmM5azROcDFqYkMyRUoxUWUyRDNvVTdpdEVTMnBXV2g1Rm4xR1dwek5FOXhxM2c2MFdBd1BZTG1MMUdDTloKNUdpU0ZENjBSei85WTdUYjFrVDl1RzVPUUVLeUg2dk42QjZ0N2ZTRk9TRmhVaVc4QVc1bTBZNngxdHhNSkcvRgpqamJGTGdHTTV2SXhuTHlwRW5uNm01UXV5enlSbm9rQVNESCtieVVtV1hhWUcvODUwODNEN0FBblN2UmZzb2pyCjhaQkVPd0QwVUtmNFZDaVl0b0hPanFhWmdUMElSWmhabGozR3U1TG9uZkx1S3lMN0ZtZmhLRmwrZnNOVGx3OGEKMVlqSkN3SURBUUFCTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCaUMxWjNLcUV2clRZU0V6eDJPcExnNFpKMwo1OTFjUFI2UEs2OXBESmQ0MWFCdnY5Mko3TmdxVUpqZ0VvZ0FsUWpZZmFJNDQ4MUZTUngvbDBKeDdwaXNPSTY0Cm1BSy96bXh6bXEzKzJCY016aXc1a09ZUFpHVGh3a0NUYnRjaWNYSTBveVNNUC8yN3hjTmFyZEdyaVdRMGJBZFcKOEIyNTY5TFQwWDA2ZWtHdktOS0xucnBBQk5FanBJelJyZXgyaSsrQnEybUVhTHRYQWVMVmtvbmUxNzFjUDFBWgpuVktmekNqQ3U1T0ZsNm1ST2dCRnMyMUtiU2RnQzl2K0JITFhmK3pXeTB1NDZjUmg1U09vb0VDSkJPNVlEVERrCm5ldDB2dUZtdUFZS3NINjRLMm9jU3IwYjBBZVlmbFRnalBKZktTS2ZXbnhKQnFnMnJ5azBlT3lUQnRVTgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + server-key.pem: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBb0U2OVRZcFNqMDhTMmZoNSthS0hBWXBPYmZuRHVnTVc1OWw5eWNQV2hhRWpXM1ppCnp1UkNoMWV1eUR0YnFlUzRubnpIY3RlKzF2TE9xcHA2dDZGYzlrNE5wMWpiQzJFSjFRZTJEM29VN2l0RVMycFcKV2g1Rm4xR1dwek5FOXhxM2c2MFdBd1BZTG1MMUdDTlo1R2lTRkQ2MFJ6LzlZN1RiMWtUOXVHNU9RRUt5SDZ2Tgo2QjZ0N2ZTRk9TRmhVaVc4QVc1bTBZNngxdHhNSkcvRmpqYkZMZ0dNNXZJeG5MeXBFbm42bTVRdXl6eVJub2tBClNESCtieVVtV1hhWUcvODUwODNEN0FBblN2UmZzb2pyOFpCRU93RDBVS2Y0VkNpWXRvSE9qcWFaZ1QwSVJaaFoKbGozR3U1TG9uZkx1S3lMN0ZtZmhLRmwrZnNOVGx3OGExWWpKQ3dJREFRQUJBb0lCQUh0NWlxZmlCZ3RxSFp3VQpubWJnZjlwNDNFWXJIazMxT1R4bHNsU3BhbC9OS1AyMjV3NXlsS2ZJcXRDQm4rM3hSUjZWLzgzK1RYa2sxbmhqCnVtZ2NldzBnTzdZTlk5S1U4TXpNUHJnWEVXNE5sM0g3T3YzNDJTbUkzMkJ6eGdnSzVSVWdTWmNTNi8xMnJVL2wKVXNUeW9xbkRUbnFlMkI1blhQamlkUWNNdDJzWWUralpUcGRWVHhVUUxlUWZsVC9ZcWVsM2pxZTJwZXVzK25USAp6dHRGRkFvb05IN0xtVHpJSFJtNnhuSDVoMmptcFZOZVRudkczb09sRk9mNmlObWp5blE3d3p6U1BWRHNQa3lJCmdpMGwrT0VGZFY5bUwyS2xEbnlpL25xM1d1d3E5L1NpVStXbFNmUjhMd21JaXYrY0ZOSVl6SnYyUTAvSkRmRGwKN2g5Y3FkRUNnWUVBMHFMazZzZ3d2ckZqam5weHhKMmRsMi9IWGZoaUxRWC9FcXVQVUJUYllCM0EwMUR1dDlHQQp0T3V2VlVEQWREV2lpMkZMQ1pwdFh0OUZ5c1A1UW1USkxaY2JsNG14L2ptdmxvb2ZPQzNDY0JBaEZLOGdoU2FTCjNFMGZmWVJmalE2U2F4WkF3WEJwR3lUSHpYY2c5dzViNCtJWUx2TWg5aGZha0JpVFpwY09HVU1DZ1lFQXd0VU0KZ3F4Y3piK0dMQThpOHc4Z3hmM1FNWXpXWUtwSlVqRUV3SFJjcTlRdVFHVDFFVlMzNzJwbU5mRXZQWmVTKyszUQp2Y01KS1hpeXUwZ0FUaFVSMDhndkpxVXdscHFwSUsvQ2c2b0tYRzV2SjM1Z1ZJSExKSFFMK3UzUlRXVVhRTlRXCkUrdS9NeTMzYlhaUHlodWUrb2VYU1NVQ1kxaEw3OE5BbE5jaWtKa0NnWUFKMDBGY1ZrUTMwT3gwNis4OG5hR0oKTzlTUDVKTW55SHpTY1NBNU93L1VsdTYwckxURjdFYlZxWnkvSEVzZDRKYVphOHRsUWtmUndoWnVVOS9mb2ZYawpZNFVNOTRaTzluL2pSTVFhQ2NCbEc4dC9QSUFHMWZySnZlczNIcUthWU5DaG9DTWJJdFEwU08zcy9wNlNCNkJ2CnE4ODIrVzVmSFZPN252blpNamlkSXdLQmdFend4OHorOW5OR05GMUg2UHhsdUFLWWRsUnJFdW4vdFk3Z3pzaVYKNjFic0p3dkZFc2F5VnlVVU5xTU15U1FncktvU3c0RjgrU3hJZndUWXJVNG9vZTZwdW4wZmRTMjBqQi9kYVFxSAo1eW1UYnhBQXAxZ1lIYm9hbmZTTllEK1pNWEtuMnBicFhZdC9scHZDd2tYRlhLWUJUK3hSMGp5YlRQbTFlTmFPCmt4YlpBb0dBWjNiZk5EUGpBRlYwWjhYTktGZjcrTStHaHNaLzZRdFpGSFRBRnZEZk1KU1pBQmozZmJOQkRJSmoKemJTenlGT2xPSklaN21rWWNxNE50MGNseldUQ0FoRHlBbDdkbTZ2dkdQZ2xhOUZ2OHpKN0JhVEtRaVFGL1pPWQpOZGRpT3ZiMXBTUTFwL2ZOUkN2SUU2Z1hZeXdnUXN2VU80czV4OTg5OEZuMGtTMWRXK0E9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +kind: Secret +metadata: + name: zabbix-mysql-server-tls-certs + namespace: zabbix +type: Opaque +--- +apiVersion: v1 +data: + client-cert.pem: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4ekNDQWRzQ0FRRXdEUVlKS29aSWh2Y05BUUVMQlFBd1FERVRNQkVHQ2dtU0pvbVQ4aXhrQVJrV0EyTnYKYlRFWE1CVUdDZ21TSm9tVDhpeGtBUmtXQjJWNFlXMXdiR1V4RURBT0JnTlZCQU1NQjBaaGEyVXRRMEV3SGhjTgpNakV3T1RJeU1URTFNalV4V2hjTk16RXdPREF4TVRFMU1qVXhXakEvTVJNd0VRWUtDWkltaVpQeUxHUUJHUllEClkyOXRNUmN3RlFZS0NaSW1pWlB5TEdRQkdSWUhaWGhoYlhCc1pURVBNQTBHQTFVRUF3d0dZMnhwWlc1ME1JSUIKSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXVZTllXVUp3Y2Nsd0oxbnYwS1YyNGVncQpUQW1vM1N5cTFwMS9OTGZIdGd1UVcyZllSUXJkVFZ5OU80R0VyWmUwVCtmMnFwRUtPN2JoSExvVElnMFZXQmNoClU4K2g1dVhSZlVhZC90eHVKNWh0QnBIL1hpR0NEbVFpSFVtd0hxbHJwK0pDL3lmTzJwb3pDalpaOVF4RVBlYjgKQmEwaHgycUZXUEtKc1ZSY0JTejMzMm1tY1ZjeGE5YmtsWVVQZHgwUTVGSHFWZ1pXOTI0QXdHOC95QThxcUFiNApPcVkxbUZkUW9VaW9kTjRGUDQzSkVGSWxrMnExWUVjenlSMHlidVJIelBIQjhJUG1Fa2lNaHlpSitsdnJaSzZLCjR5NWZVSzQ0SXkxanYveEJDSnJ3TmNnVVZBdGFYTStiV2RXS3U4dDNudGV6ME02ZWU2Ym5WSHhTeDh0NWF3SUQKQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQW9SOE5SZEo4YUJsWnZBOWFCVzQ1SFdnWGF0Z1ExcGRpNwo3R1BpL3Qzem5MWTNNamMrUVZSdmZLUlFvU2wwc095NUZ5NFlZWHdwZDlQRUsxVXBReFRaK201SGtVWm9LR095CnlISzZ1aGZ6NFY5NXNRdkcvdGcvaS9ESHQvVlJYMEpsc2lpTW1zalFYRFpPcUpaOUNPTnhOYUlObkdSZGZEUVoKNVRneUEraXVyTU5mcThpUU9HcDhYRGkzNStvMlp4enpDWHl3SGRRVDExcTdSbThBZDNGaG5xKzJQVGR0UDduYwpZWFB4Ym1ibkxMeTBReFl3Y1BYQlkrWjNrTFlxbk1wK2ozajIwcE0rTE1sMkNBbTNDblJsdU9yKytrTTV1T29hCnkxOHN6QWJRSjF4L0RoMEFmQUZKOG90THMrUU9IU2prdUoveEJCelkxelNETnRNdmxUMDEKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + client-key.pem: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBdVlOWVdVSndjY2x3SjFudjBLVjI0ZWdxVEFtbzNTeXExcDEvTkxmSHRndVFXMmZZClJRcmRUVnk5TzRHRXJaZTBUK2YycXBFS083YmhITG9USWcwVldCY2hVOCtoNXVYUmZVYWQvdHh1SjVodEJwSC8KWGlHQ0RtUWlIVW13SHFscnArSkMveWZPMnBvekNqWlo5UXhFUGViOEJhMGh4MnFGV1BLSnNWUmNCU3ozMzJtbQpjVmN4YTlia2xZVVBkeDBRNUZIcVZnWlc5MjRBd0c4L3lBOHFxQWI0T3FZMW1GZFFvVWlvZE40RlA0M0pFRklsCmsycTFZRWN6eVIweWJ1Ukh6UEhCOElQbUVraU1oeWlKK2x2clpLNks0eTVmVUs0NEl5MWp2L3hCQ0pyd05jZ1UKVkF0YVhNK2JXZFdLdTh0M250ZXowTTZlZTZiblZIeFN4OHQ1YXdJREFRQUJBb0lCQUdYaVRlNVB2K091Und0RgpxS0RGanlJSTJOb0Q0QnNBZ2g3MlJydVVSM21pcGppZE1yalFlN1FXUDlOamtaT3BJcDFUL3pPMERwTzNIN0VnClBJdlI5YXY0b0JRZ2o0RjVMSEdLREJIQnpEbXd6QWYwdlBSY29NbjRrb2ZWUllYQmRGK3lzeXJoR1FrVDhQNGwKMVlmd29iWUJtdDRmTk5NSm5JeTZQNGNGbHJnOEJlcmVnRFp2Z3FqWlN3Q3RoUDV4QzMzeEFEaGtJazVuVk80QQpTNEpEUGNSTDNkaU5IK3YxRkVhY2EraGc3dzNpY09XZWQ4Y0xMQnJqZmpkaXJkTUpXRW52NnYrSlgzZ2N4bjg2CkxpeXZkSk9ZNTdqSFZpTndLQ0NwQlJOVUJmbWFhK2lXNEs5QTE3K0h5VmdUTFZnLzhoeGZwV292Nkc3UEh2NTcKaXlJelBya0NnWUVBOXpjV042bW95Q0VCc0ZYRzBDTk5DdE54RHVjU290ZVoxK0JqZENBbnZycnRiQVNubUZUOAppdG5LaFR3Nkl4K3lkNzJaeXNHWkI2MGloTXZsRlhMUnRtQ0pUVGpWY0xDOXVhM2t1OHZYUzdBdmQ4YWZUcmJoCmlLeVRLMmg5NklxYUpxQzR6R0tkNStLejhKZFM0RGpjdmRUTlhSOHp6MGQxLzg1c0hXZDhsNDhDZ1lFQXdCcjAKZXZpbFN0cjdhZGxWY0tONnQ0ZWxlVXJjVTdYdElSZDhncjNpSk5jUGo0MENVUW0xTXZ5WXhTckR5MEpTQVdLbwpHWkswQVE3S1oyY2FoK2JWV3dvUnVES1hBR0NHQVE3ODRrU3lqQisrQkpqaWhDNHZkNERrcGFpSVYvdVY1NEwxCnZQVDNQcC9PdncyQU4yU0lHcWJwMjM0SmJzWlNCWVVYbWVKNmNtVUNnWUFhN1BNTWlQd0xJQjB3K1lhMzhNQloKWjRJdTMxZ1dTR2xISy9kcEZIOS90SmhiWlg1amh3NGlpV29YYk9IZ0pYbW90UXZsRzRUeFl4Z1pZcVBHM0VTZgpHcENaeXBEa3Z6dEsxL2ZMeEgza2pvSDlCN01lUGFqKzI5MERvMVBqV2dWRUk4azg2WmpOUXRIYWFJRHNUd1VyCjM5dW1RdG0vdjhiSVg5RkN1cHpGWFFLQmdBbDhTejRYTVBJMVJkekFJbnZoVnBuaFZNWmNiK3lpT3djN1JhYWYKQVorWUR1aWpxYzJla1JmbmFST3pQTis0Y3B3bTV1MzhWRzhJNysyVEpiZzRLYWpKSW43WjRLTGdJVDNFSTdCNAplK2gzV01hWlZmWDQ0ZGNnd2lsNzNOK2JTSmVaMjlCc3VCaWJnM1hqa01VcmJaMERTT0RScEYyWDVVem9lWFhiCnZQZ1JBb0dBSjVvLzNIOWJCbEp3b3Z0WjF5VUY2KzRjaFpodGhiU1VJOS9zSXFueHllNEtZMGtMaEpxU013ZkEKZ1hPSW10cmxzNllxU3VkVGovaGNwbi85VDIzbnFOSEpyd3RKWXJVMk9zdUYrdnNHUE5DeFQwZTUrSXZlQ015QQplZFhuSU9BaTBjSXhxUjluWVNXNDR0cjFEcG8rN1c5SEZ5aXZ5eVZ4M09uMzlMUi9EUHM9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== + root-ca.pem: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURVekNDQWp1Z0F3SUJBZ0lKQUxNWTFSWlB5VVZsTUEwR0NTcUdTSWIzRFFFQkN3VUFNRUF4RXpBUkJnb0oKa2lhSmsvSXNaQUVaRmdOamIyMHhGekFWQmdvSmtpYUprL0lzWkFFWkZnZGxlR0Z0Y0d4bE1SQXdEZ1lEVlFRRApEQWRHWVd0bExVTkJNQjRYRFRJeE1Ea3lNakV4TlRJMU1Gb1hEVE14TURnd01URXhOVEkxTUZvd1FERVRNQkVHCkNnbVNKb21UOGl4a0FSa1dBMk52YlRFWE1CVUdDZ21TSm9tVDhpeGtBUmtXQjJWNFlXMXdiR1V4RURBT0JnTlYKQkFNTUIwWmhhMlV0UTBFd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURqRjQ1NApXTVVKc1NqZ3ZzSk4rNE5na3dET2thUWdOMjdXVnJyVWRIVjhoVW9sYU4vMWdSeE80cTNES2lPRnhIZlBITzVXCmg0am1YQ3VVSTA0NXRwaEVaZDlCZDd4eUU2dUF3VGtya2pVWTczMExQRmZsYzJYQXE3TkYvMElidHB1aXQ3cFIKdUV2dTc0aVNMampLWVFaWHlxUGJLazlIaitWa2xCcTV2MjJUNTlxUmwzeFV5QUNRZGVEWVdPbTg2ZFgrY2FUVAorWWt6VXhDOHFRVVdBT2JUVThBWWZXbHA3NjRpY0NuMEdab3BCalN2dXQrZWxoTnl2eHk2alhRdU0xemZYMXUrCm56bVdiQzdOMTFqK2JDZWxVd2kwQUhIZUZrRFFrcHdPaGdycW9hbG5XUHk4VVNjMDFJRTIwZnlmTEptc3ZaVU4KZ3pnK0EwOGNqOThwemF2REFnTUJBQUdqVURCT01CMEdBMVVkRGdRV0JCVGtEenFQVEV0UGFHWWhBSzkrNjB6dgpBdklmS1RBZkJnTlZIU01FR0RBV2dCVGtEenFQVEV0UGFHWWhBSzkrNjB6dkF2SWZLVEFNQmdOVkhSTUVCVEFECkFRSC9NQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUURaY1A2cmJPWFMvSFcray8yczU1Nk14VU9vTkRNenRhdlIKQXJCa01HUGk5N2FGSW1MV2h6MVJqWGw3UjZKUmE0a3VVSGdiRXBuL3F1OUFISk1LejZ6UnVSRW9EM2UzTlIwVApJL3hkbHFJOVBzTmdIaDVwSzcvb281TzUrR21vTURoK3pRTHlnbXVYcWlSenpXV3NBOVcwaXpoMFJiZHRwQzR5CmdSYmxLMVBsTVhNeWs0eFArcHljV0treExMbWhqOWhuTDdkQlR3KzQzOW13eW5MZjlhSkdHajZaNmI2ZjJTS1EKWGlPZUNFOTVQRlR4S1BCbzRvQmdjOHI2NGFxc0FNelVCa0lQZWtnQ2xQWkJJSnJtKzZZdU9HbUROVUFtUCs3RApKdmRIbGVucGJ3RXJBZ3FKYWx4NjdxVGM2eVUzWUY5bTZMTkprRHlCYXJ6VU01MVdQc1JUCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K +kind: Secret +metadata: + name: zabbix-mysql-client-tls-certs + namespace: zabbix +type: Opaque From 9eac8ecc77ac57f0e464aac411d72a00c2906f96 Mon Sep 17 00:00:00 2001 From: dotneft Date: Sat, 25 Sep 2021 01:55:53 +0500 Subject: [PATCH 178/253] Added verbose information to Windows images --- Dockerfiles/build-base/windows/Dockerfile.agent | 6 ++++++ Dockerfiles/build-base/windows/Dockerfile.agent2 | 9 +++++++++ 2 files changed, 15 insertions(+) diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent b/Dockerfiles/build-base/windows/Dockerfile.agent index 2316b3e26..c102b0c24 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent +++ b/Dockerfiles/build-base/windows/Dockerfile.agent @@ -54,6 +54,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Expand-Archive ` -Path git.zip ` -DestinationPath $env:SystemDrive\git\.; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\git.zip; ` $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -74,6 +75,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Start-Process ` -FilePath $env:SystemDrive\nasm_installer.exe ` -ArgumentList '/S' -Wait; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\nasm_installer.exe; ` ` $env:PATH = [string]::Format('{0}\NASM;', ${env:ProgramFiles}) + $env:PATH; ` @@ -97,6 +99,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` -FilePath 'msiexec.exe' ` -ArgumentList """/i $env:SystemDrive\perl_installer.msi /qn /norestart INSTALLDIR=$env:SystemDrive\Strawberry""" ` -Wait; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\perl_installer.msi; ` $env:PATH = [string]::Format('{0}\Strawberry\perl\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -128,6 +131,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` ` Write-Host 'Visual Studio components installation cleanup'; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` Remove-Item -Force -Recurse $env:TEMP\*; ` @@ -150,6 +154,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` }; ` Write-Host 'Extracting archive ...'; ` Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` New-Item -ItemType directory -Path "$env:SystemDrive\pcre_build\build" | Out-Null; ` @@ -189,6 +194,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` ` diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index 4067cb937..a17e2b6d1 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -57,6 +57,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Installing ...'; ` Expand-Archive -Path git.zip -DestinationPath $env:SystemDrive\git\.; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\git.zip; ` $env:PATH = [string]::Format('{0}\git\cmd;{0}\git\mingw64\bin;{0}\git\usr\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -79,6 +80,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` -FilePath $env:SystemDrive\go-amd64.msi ` -Wait ` -ArgumentList '/qn /norestart'; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\go-amd64.msi; ` ` $env:PATH = [string]::Format('{0}\Go\bin;', ${env:ProgramFiles}) + $env:PATH; ` @@ -102,6 +104,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` -FilePath $env:SystemDrive\7z.msi ` -Wait ` -ArgumentList '/qn /norestart'; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\7z.msi; ` $env:PATH = [string]::Format('{0}\7-Zip;', ${env:ProgramFiles}) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -122,6 +125,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Installing ...'; ` 7z x $env:SystemDrive\mingw.7z; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\mingw.7z; ` $env:PATH = [string]::Format('{0}\mingw64\bin;', $env:SystemDrive) + $env:PATH; ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` @@ -150,6 +154,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` Write-Host ('{0} - Visual Studio components installed' -f $(Get-Date -format 'u')); ` ` Write-Host 'Visual Studio components installation cleanup'; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\vs_buildtools.exe; ` Get-ChildItem -Path """${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer""" -Directory -Recurse | Remove-Item -Force –Recurse; ` Remove-Item -Force -Recurse $env:TEMP\*; ` @@ -172,6 +177,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` }; ` Write-Host 'Extracting archive ...'; ` Expand-Archive -Path $env:SystemDrive\pcre.zip -DestinationPath $env:SystemDrive; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\pcre.zip; ` Rename-Item -Path $env:SystemDrive\pcre-$env:PCRE_VERSION -NewName $env:SystemDrive\pcre_build; ` ` @@ -206,6 +212,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` -Wait ` -NoNewWindow; ` ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\setup.exe; ` Write-Host ('Downloading {0} ...' -f $env:OPENSSL_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` @@ -220,6 +227,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host 'Extracting archive ...'; ` tar -zxf $env:SystemDrive\openssl.tar.gz; ` + Write-Host 'Removing downloaded...'; ` Remove-Item -Force -Path $env:SystemDrive\openssl.tar.gz; ` Rename-Item -Path $env:SystemDrive\openssl-$env:OPENSSL_VERSION -NewName $env:SystemDrive\openssl_build; ` ` @@ -239,4 +247,5 @@ RUN Set-Location -Path $env:SystemDrive\.; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS"""; ` mingw32-make -s -j"""$env:NUMBER_OF_PROCESSORS""" install_sw; ` Write-Host 'OpenSSL is ready...'; ` + Write-Host 'Removing cygwin...'; ` Remove-Item -Recurse -Force -Path $env:SystemDrive\cygwin; From 317a3d36a8cbecb8cb185da18bc313352c41d3fb Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 25 Sep 2021 04:18:27 +0500 Subject: [PATCH 179/253] Use volumes for snmptraps and Zabbix proxy Sqlite3 DB --- kubernetes.yaml | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/kubernetes.yaml b/kubernetes.yaml index c35fe41c8..72e3a192e 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -199,6 +199,7 @@ spec: name: zabbix-web app: zabbix spec: + serviceAccountName: zabbix-monitoring volumes: - name: mysql-tls-certs secret: @@ -417,8 +418,7 @@ spec: spec: volumes: - name: zabbix-snmptraps - persistentVolumeClaim: - claimName: zabbix-snmptraps-claim + emptyDir: {} - name: mysql-tls-certs secret: secretName: zabbix-mysql-client-tls-certs @@ -650,6 +650,9 @@ spec: name: zabbix-proxy-sqlite3 app: zabbix spec: + volumes: + - name: proxy-sqlite-data + emptyDir: {} containers: - name: zabbix-proxy-sqlite3 image: zabbix/zabbix-proxy-sqlite3:alpine-trunk @@ -781,6 +784,9 @@ spec: value: "" - name: DEBUG_MODE value: "false" + volumeMounts: + - mountPath: "/var/lib/zabbix/db_data" + name: proxy-sqlite-data securityContext: capabilities: {} privileged: false @@ -1297,18 +1303,6 @@ spec: storage: 20Gi --- apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: zabbix-snmptraps-claim - namespace: zabbix -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 kind: List metadata: namespace: zabbix From 29cf8e407894c84970476b1a9d9b582ce00b3d50 Mon Sep 17 00:00:00 2001 From: dotneft Date: Mon, 27 Sep 2021 19:09:07 +0500 Subject: [PATCH 180/253] Fixed kubernetes YAML --- kubernetes.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/kubernetes.yaml b/kubernetes.yaml index 72e3a192e..363f7833d 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -199,7 +199,6 @@ spec: name: zabbix-web app: zabbix spec: - serviceAccountName: zabbix-monitoring volumes: - name: mysql-tls-certs secret: From b746d9cf3108f73300b3f172847ec76561bb1b7c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 6 Oct 2021 17:42:20 +0200 Subject: [PATCH 181/253] Fixed path to env variables --- docker-compose_v3_ol_mysql_local.yaml | 30 +++++++++++++-------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/docker-compose_v3_ol_mysql_local.yaml b/docker-compose_v3_ol_mysql_local.yaml index 4f8725c21..c88be3d9b 100644 --- a/docker-compose_v3_ol_mysql_local.yaml +++ b/docker-compose_v3_ol_mysql_local.yaml @@ -64,8 +64,8 @@ services: cpus: '0.5' memory: 512M env_file: - - ./env_vars/env_db_mysql - - ./env_vars/env_srv + - ./env_vars/.env_db_mysql + - ./env_vars/.env_srv secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -134,8 +134,8 @@ services: cpus: '0.3' memory: 256M env_file: - - ./env_vars/env_prx - - ./env_vars/env_prx_sqlite3 + - ./env_vars/.env_prx + - ./env_vars/.env_prx_sqlite3 depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -190,9 +190,9 @@ services: cpus: '0.3' memory: 256M env_file: - - ./env_vars/env_db_mysql_proxy - - ./env_vars/env_prx - - ./env_vars/env_prx_mysql + - ./env_vars/.env_db_mysql_proxy + - ./env_vars/.env_prx + - ./env_vars/.env_prx_mysql depends_on: - mysql-server - zabbix-java-gateway @@ -247,8 +247,8 @@ services: cpus: '0.5' memory: 256M env_file: - - ./env_vars/env_db_mysql - - ./env_vars/env_web + - ./env_vars/.env_db_mysql + - ./env_vars/.env_web secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -308,8 +308,8 @@ services: cpus: '0.5' memory: 256M env_file: - - ./env_vars/env_db_mysql - - ./env_vars/env_web + - ./env_vars/.env_db_mysql + - ./env_vars/.env_web secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -374,7 +374,7 @@ services: memory: 64M mode: global env_file: - - ./env_vars/env_agent + - ./env_vars/.env_agent privileged: true pid: "host" depends_on: @@ -414,7 +414,7 @@ services: cpus: '0.25' memory: 256M env_file: - - ./env_vars/env_java + - ./env_vars/.env_java depends_on: - zabbix-build-mysql networks: @@ -488,7 +488,7 @@ services: cpus: '0.25' memory: 256M env_file: - - ./env_vars/env_web_service + - ./env_vars/.env_web_service depends_on: - zabbix-build-mysql networks: @@ -517,7 +517,7 @@ services: volumes: - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw env_file: - - ./env_vars/env_db_mysql + - ./env_vars/.env_db_mysql secrets: - MYSQL_USER - MYSQL_PASSWORD From a285e26e08c1da25821c929b657203ec26e069ac Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 6 Oct 2021 22:39:49 +0200 Subject: [PATCH 182/253] Implemented build for CentOS --- Dockerfiles/agent/centos/Dockerfile | 129 ++++------ Dockerfiles/agent2/centos/.dockerignore | 1 + Dockerfiles/agent2/centos/Dockerfile | 84 +++++++ Dockerfiles/agent2/centos/README.md | 225 ++++++++++++++++++ Dockerfiles/agent2/centos/build.sh | 1 + .../agent2/centos/docker-entrypoint.sh | 217 +++++++++++++++++ Dockerfiles/agent2/centos/hooks/build | 13 + Dockerfiles/build-base/centos/.dockerignore | 1 + Dockerfiles/build-base/centos/Dockerfile | 73 ++++++ Dockerfiles/build-base/centos/build.sh | 1 + Dockerfiles/build-mysql/centos/.dockerignore | 1 + Dockerfiles/build-mysql/centos/Dockerfile | 70 ++++++ Dockerfiles/build-mysql/centos/build.sh | 1 + Dockerfiles/build-pgsql/centos/.dockerignore | 1 + Dockerfiles/build-pgsql/centos/Dockerfile | 71 ++++++ Dockerfiles/build-pgsql/centos/build.sh | 1 + .../build-sqlite3/centos/.dockerignore | 1 + Dockerfiles/build-sqlite3/centos/Dockerfile | 58 +++++ Dockerfiles/build-sqlite3/centos/build.sh | 1 + Dockerfiles/java-gateway/centos/Dockerfile | 83 +++---- .../java-gateway/centos/docker-entrypoint.sh | 12 +- Dockerfiles/proxy-mysql/centos/Dockerfile | 148 ++++-------- Dockerfiles/proxy-sqlite3/centos/Dockerfile | 144 +++-------- Dockerfiles/server-mysql/centos/Dockerfile | 149 ++++-------- Dockerfiles/server-pgsql/centos/Dockerfile | 152 ++++-------- Dockerfiles/server-pgsql/ol/Dockerfile | 3 + .../web-apache-mysql/centos/Dockerfile | 80 ++++--- .../web-apache-pgsql/centos/Dockerfile | 83 +++---- Dockerfiles/web-nginx-mysql/centos/Dockerfile | 79 +++--- Dockerfiles/web-nginx-pgsql/centos/Dockerfile | 78 +++--- Dockerfiles/web-service/centos/Dockerfile | 83 +++---- build.json | 7 +- docker-compose_v3_centos_mysql_local.yaml | 56 +++++ docker-compose_v3_centos_pgsql_local.yaml | 69 +++++- 34 files changed, 1391 insertions(+), 785 deletions(-) create mode 100644 Dockerfiles/agent2/centos/.dockerignore create mode 100644 Dockerfiles/agent2/centos/Dockerfile create mode 100644 Dockerfiles/agent2/centos/README.md create mode 120000 Dockerfiles/agent2/centos/build.sh create mode 100755 Dockerfiles/agent2/centos/docker-entrypoint.sh create mode 100755 Dockerfiles/agent2/centos/hooks/build create mode 100644 Dockerfiles/build-base/centos/.dockerignore create mode 100644 Dockerfiles/build-base/centos/Dockerfile create mode 120000 Dockerfiles/build-base/centos/build.sh create mode 100644 Dockerfiles/build-mysql/centos/.dockerignore create mode 100644 Dockerfiles/build-mysql/centos/Dockerfile create mode 120000 Dockerfiles/build-mysql/centos/build.sh create mode 100644 Dockerfiles/build-pgsql/centos/.dockerignore create mode 100644 Dockerfiles/build-pgsql/centos/Dockerfile create mode 120000 Dockerfiles/build-pgsql/centos/build.sh create mode 100644 Dockerfiles/build-sqlite3/centos/.dockerignore create mode 100644 Dockerfiles/build-sqlite3/centos/Dockerfile create mode 120000 Dockerfiles/build-sqlite3/centos/build.sh diff --git a/Dockerfiles/agent/centos/Dockerfile b/Dockerfiles/agent/centos/Dockerfile index c44987c5a..9f31686b0 100644 --- a/Dockerfiles/agent/centos/Dockerfile +++ b/Dockerfiles/agent/centos/Dockerfile @@ -1,27 +1,37 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} LABEL org.opencontainers.image.title="Zabbix agent" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd", "/usr/sbin/zabbix_agentd"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -35,84 +45,27 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/modules && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - libcurl-minimal \ - zlib \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="bash \ + tini \ tzdata \ - openssl-libs && \ - dnf -y upgrade && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - pcre-devel \ - libcurl-devel \ - make \ - openssl-devel \ - openldap-devel \ - git \ - gcc && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --with-libcurl \ - --with-ldap \ - --with-openssl \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - dnf -y clean all && \ + iputils \ + pcre \ + libcurl-minimal \ + openssl-libs \ + zlib" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -122,7 +75,7 @@ WORKDIR /var/lib/zabbix COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/Dockerfiles/agent2/centos/.dockerignore b/Dockerfiles/agent2/centos/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/Dockerfiles/agent2/centos/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/Dockerfiles/agent2/centos/Dockerfile b/Dockerfiles/agent2/centos/Dockerfile new file mode 100644 index 000000000..7861d9884 --- /dev/null +++ b/Dockerfiles/agent2/centos/Dockerfile @@ -0,0 +1,84 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.title="Zabbix agent 2" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +STOPSIGNAL SIGTERM + +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2", "/usr/sbin/zabbix_agent2"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf", "/etc/zabbix/zabbix_agent2.conf"] + +RUN set -eux && \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/buffer && \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="bash \ + tini \ + tzdata \ + iputils \ + pcre \ + libcurl-minimal \ + openssl-libs" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10050/TCP 31999/TCP + +WORKDIR /var/lib/zabbix + +VOLUME ["/var/lib/zabbix/enc"] + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agent2", "--foreground", "-c", "/etc/zabbix/zabbix_agent2.conf"] diff --git a/Dockerfiles/agent2/centos/README.md b/Dockerfiles/agent2/centos/README.md new file mode 100644 index 000000000..ca33c13f5 --- /dev/null +++ b/Dockerfiles/agent2/centos/README.md @@ -0,0 +1,225 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent 2? + +Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent 2 images + +These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: + + Zabbix agent 2 4.4 (tags: alpine-4.4-latest) (unsupported) + Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-5.2-latest, ubuntu-5.2-latest, ol-5.2-latest) + Zabbix agent 2 5.2.* (tags: alpine-5.2.*, ubuntu-5.2.*, ol-5.2.*) + Zabbix agent 2 5.4 (tags: alpine-5.4-latest, ubuntu-5.4-latest, ol-5.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest) + Zabbix agent 2 5.4.* (tags: alpine-5.4.*, ubuntu-5.4.*, ol-5.4.*) + Zabbix agent 2 6.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent2` + +Start a Zabbix agent 2 container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent2:tag + +Where `some-zabbix-agent2` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent2/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent 2 port (``10050``) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent2 -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent2:latest +``` + +## Container shell access and viewing Zabbix agent 2 logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent2` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent 2 log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent2:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent2:latest +``` + +## Environment Variables + +When you start the `zabbix-agent2` image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agent2.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agent2.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 +ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 +ZBX_ENABLESTATUSPORT= +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agent2.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2) to get more information about the variables. + +## Allowed volumes for the Zabbix agent 2 container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/buffer`` + +The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. + +# The image variants + +The `zabbix-agent2` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +## `zabbix-agent2:ubuntu-` + +This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of. + +## `zabbix-agent2:ol-` + +Oracle Linux is an open-source operating system available under the GNU General Public License (GPLv2). Suitable for general purpose or Oracle workloads, it benefits from rigorous testing of more than 128,000 hours per day with real-world workloads and includes unique innovations such as Ksplice for zero-downtime kernel patching, DTrace for real-time diagnostics, the powerful Btrfs file system, and more. + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/5.0/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/Dockerfiles/agent2/centos/build.sh b/Dockerfiles/agent2/centos/build.sh new file mode 120000 index 000000000..46b203134 --- /dev/null +++ b/Dockerfiles/agent2/centos/build.sh @@ -0,0 +1 @@ +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/agent2/centos/docker-entrypoint.sh b/Dockerfiles/agent2/centos/docker-entrypoint.sh new file mode 100755 index 000000000..14229d7ab --- /dev/null +++ b/Dockerfiles/agent2/centos/docker-entrypoint.sh @@ -0,0 +1,217 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE,,}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix installation name +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_agent_config() { + echo "** Preparing Zabbix agent configuration file" + ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf + + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} + + [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS + + ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS + + [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS + + ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS + + update_config_var $ZBX_AGENT_CONFIG "PidFile" + update_config_var $ZBX_AGENT_CONFIG "LogType" "console" + update_config_var $ZBX_AGENT_CONFIG "LogFile" + update_config_var $ZBX_AGENT_CONFIG "LogFileSize" + update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_AGENT_CONFIG "SourceIP" + update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + : ${ZBX_PASSIVE_ALLOW:="true"} + if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then + echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" + update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "Server" + fi + + update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" + + : ${ZBX_ACTIVE_ALLOW:="true"} + if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then + echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" + update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "ServerActive" + fi + + if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" + else + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" + fi + + if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999" + fi + +# update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" +# update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" + + update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" + update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" + update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" + update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" + update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" + update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} + update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" + update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" + update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" +} + +prepare_agent() { + echo "** Preparing Zabbix agent" + prepare_zbx_agent_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agent2 "$@" +fi + +if [ "$1" == '/usr/sbin/zabbix_agent2' ]; then + prepare_agent +fi + +exec "$@" + +################################################# diff --git a/Dockerfiles/agent2/centos/hooks/build b/Dockerfiles/agent2/centos/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/Dockerfiles/agent2/centos/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . diff --git a/Dockerfiles/build-base/centos/.dockerignore b/Dockerfiles/build-base/centos/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/Dockerfiles/build-base/centos/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/Dockerfiles/build-base/centos/Dockerfile b/Dockerfiles/build-base/centos/Dockerfile new file mode 100644 index 000000000..709202187 --- /dev/null +++ b/Dockerfiles/build-base/centos/Dockerfile @@ -0,0 +1,73 @@ +# syntax=docker/dockerfile:1 +FROM centos:8 + +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + PATH=/usr/local/go/bin:$PATH + +LABEL org.opencontainers.image.title="Zabbix build base" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base image contains all required packages to build Zabbix images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ + dnf --quiet makecache && \ + dnf -y install epel-release && \ + dnf -y module enable mysql && \ + INSTALL_PKGS="autoconf \ + automake \ + bash \ + gcc \ + pcre-devel \ + libcurl-devel \ + libevent-devel \ + libssh-devel \ + libxml2-devel \ + openssl-devel \ + openldap-devel \ + make \ + mysql-devel \ + net-snmp-devel \ + OpenIPMI-devel \ + openldap-devel \ + sqlite-devel \ + postgresql-devel \ + java-1.8.0-openjdk-devel \ + git \ + wget \ + tar \ + gettext \ + unixODBC-devel" && \ + dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ + ${INSTALL_PKGS} && \ + ARCH_SUFFIX="$(arch)"; \ + case "$ARCH_SUFFIX" in \ + x86_64) \ + url='https://dl.google.com/go/go1.17.1.linux-amd64.tar.gz'; \ + sha256='dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef'; \ + ;; \ + aarch64) \ + url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ + sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ + ;; \ + *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ + esac; \ + wget -O go.tgz.asc "$url.asc" && \ + wget -O go.tgz "$url" --progress=dot:giga && \ + echo "$sha256 *go.tgz" | sha256sum -c - && \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796' && \ + gpg --batch --verify go.tgz.asc go.tgz && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" go.tgz.asc && \ + tar -C /usr/local -xzf go.tgz && \ + rm go.tgz diff --git a/Dockerfiles/build-base/centos/build.sh b/Dockerfiles/build-base/centos/build.sh new file mode 120000 index 000000000..46b203134 --- /dev/null +++ b/Dockerfiles/build-base/centos/build.sh @@ -0,0 +1 @@ +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/build-mysql/centos/.dockerignore b/Dockerfiles/build-mysql/centos/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/Dockerfiles/build-mysql/centos/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/Dockerfiles/build-mysql/centos/Dockerfile b/Dockerfiles/build-mysql/centos/Dockerfile new file mode 100644 index 000000000..7a5d6e0ec --- /dev/null +++ b/Dockerfiles/build-mysql/centos/Dockerfile @@ -0,0 +1,70 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:centos-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for MySQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-mysql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_server.sql.gz && \ + rm -rf database/mysql/create.sql && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \ + rm -rf database/mysql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/Dockerfiles/build-mysql/centos/build.sh b/Dockerfiles/build-mysql/centos/build.sh new file mode 120000 index 000000000..46b203134 --- /dev/null +++ b/Dockerfiles/build-mysql/centos/build.sh @@ -0,0 +1 @@ +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/build-pgsql/centos/.dockerignore b/Dockerfiles/build-pgsql/centos/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/Dockerfiles/build-pgsql/centos/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/Dockerfiles/build-pgsql/centos/Dockerfile b/Dockerfiles/build-pgsql/centos/Dockerfile new file mode 100644 index 000000000..be89c2bc0 --- /dev/null +++ b/Dockerfiles/build-pgsql/centos/Dockerfile @@ -0,0 +1,71 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:centos-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +LABEL org.opencontainers.image.title="Zabbix build base (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for PostgreSQL based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-server \ + --enable-proxy \ + --enable-webservice \ + --with-postgresql \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ +# --with-libmodbus \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + make -j"$(nproc)" -s gettext && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_server.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \ + rm -rf database/postgresql/create.sql && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender diff --git a/Dockerfiles/build-pgsql/centos/build.sh b/Dockerfiles/build-pgsql/centos/build.sh new file mode 120000 index 000000000..46b203134 --- /dev/null +++ b/Dockerfiles/build-pgsql/centos/build.sh @@ -0,0 +1 @@ +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/build-sqlite3/centos/.dockerignore b/Dockerfiles/build-sqlite3/centos/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/Dockerfiles/build-sqlite3/centos/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/Dockerfiles/build-sqlite3/centos/Dockerfile b/Dockerfiles/build-sqlite3/centos/Dockerfile new file mode 100644 index 000000000..5a5f93d84 --- /dev/null +++ b/Dockerfiles/build-sqlite3/centos/Dockerfile @@ -0,0 +1,58 @@ +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-base:centos-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +LABEL org.opencontainers.image.title="Zabbix build base (SQLite3)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix build base for SQLite3 based images" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +RUN set -eux && \ + cd /tmp/ && \ + git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --enable-agent \ + --enable-agent2 \ + --enable-proxy \ + --with-sqlite3 \ + --with-ldap \ + --with-libcurl \ + --with-libxml2 \ + --enable-java \ + --with-net-snmp \ + --with-openipmi \ + --with-openssl \ + --with-ssh \ + --with-unixodbc \ + --enable-ipv6 \ + --silent && \ + make -j"$(nproc)" -s dbschema && \ + make -j"$(nproc)" -s && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get && \ + strip /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender \ No newline at end of file diff --git a/Dockerfiles/build-sqlite3/centos/build.sh b/Dockerfiles/build-sqlite3/centos/build.sh new file mode 120000 index 000000000..46b203134 --- /dev/null +++ b/Dockerfiles/build-sqlite3/centos/build.sh @@ -0,0 +1 @@ +../../../build.sh \ No newline at end of file diff --git a/Dockerfiles/java-gateway/centos/Dockerfile b/Dockerfiles/java-gateway/centos/Dockerfile index 20428a2f9..c1c9d5516 100644 --- a/Dockerfiles/java-gateway/centos/Dockerfile +++ b/Dockerfiles/java-gateway/centos/Dockerfile @@ -1,14 +1,34 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -21,59 +41,22 @@ RUN set -eux && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - java-1.8.0-openjdk-headless && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - java-1.8.0-openjdk-devel \ - make \ - git \ - gcc && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java && \ - ./bootstrap.sh && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-java \ - --silent && \ - make -j"$(nproc)" -s && \ - mkdir -p /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ - cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ + REPOLIST="baseos,appstream" && \ + INSTALL_PKGS="java-1.8.0-openjdk-headless \ + findutils" && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ rm -rf /usr/sbin/zabbix_java/lib/logback.xml && \ mv /usr/sbin/zabbix_java/lib/logback-console.xml /etc/zabbix/zabbix_java_gateway_logback.xml && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - dnf -y clean all && \ chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/Dockerfiles/java-gateway/centos/docker-entrypoint.sh b/Dockerfiles/java-gateway/centos/docker-entrypoint.sh index c2bea7442..01ac14cd1 100755 --- a/Dockerfiles/java-gateway/centos/docker-entrypoint.sh +++ b/Dockerfiles/java-gateway/centos/docker-entrypoint.sh @@ -18,10 +18,14 @@ prepare_java_gateway_config() { ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - : ${ZBX_DEBUGLEVEL:="info"} - - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" + if [ -n "${ZBX_DEBUGLEVEL}" ]; then + echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" + if [ -f "$ZBX_GATEWAY_CONFIG" ]; then + sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" + else + echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" + fi + fi } prepare_java_gateway() { diff --git a/Dockerfiles/proxy-mysql/centos/Dockerfile b/Dockerfiles/proxy-mysql/centos/Dockerfile index 4037770dc..1f533a145 100644 --- a/Dockerfiles/proxy-mysql/centos/Dockerfile +++ b/Dockerfiles/proxy-mysql/centos/Dockerfile @@ -1,27 +1,40 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -43,15 +56,14 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ dnf -y module enable mysql && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - libcurl-minimal \ - libevent \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="libevent \ + tini \ + systemd \ libssh \ - fping \ file-libs \ + fping \ libxml2 \ mysql \ mysql-libs \ @@ -61,97 +73,19 @@ RUN set -eux && \ openssl-libs \ pcre \ zlib \ - unixODBC && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - mysql-devel \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - git \ - unixODBC-devel && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + unixODBC" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -163,7 +97,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/Dockerfiles/proxy-sqlite3/centos/Dockerfile b/Dockerfiles/proxy-sqlite3/centos/Dockerfile index 77288eb79..4ba55fb78 100644 --- a/Dockerfiles/proxy-sqlite3/centos/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/centos/Dockerfile @@ -1,27 +1,38 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:centos-${ZBX_VERSION} + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_proxy/zabbix_proxy", "/usr/sbin/zabbix_proxy"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -44,14 +55,13 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-proxy-sqlite3 && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - libcurl-minimal \ - libevent \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="libevent \ + tini \ libssh \ fping \ file-libs \ + systemd \ libxml2 \ net-snmp-libs \ OpenIPMI-libs \ @@ -59,97 +69,19 @@ RUN set -eux && \ openssl-libs \ pcre \ zlib \ - unixODBC && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - sqlite-devel \ - git \ - unixODBC-devel && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-agent \ - --enable-proxy \ - --with-sqlite3 \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ - cat database/sqlite3/schema.sql > database/sqlite3/create.sql && \ - gzip database/sqlite3/create.sql && \ - cp database/sqlite3/create.sql.gz /usr/share/doc/zabbix-proxy-sqlite3/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + unixODBC" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -161,7 +93,7 @@ VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/Dockerfiles/server-mysql/centos/Dockerfile b/Dockerfiles/server-mysql/centos/Dockerfile index f5d14f1a6..229c142aa 100644 --- a/Dockerfiles/server-mysql/centos/Dockerfile +++ b/Dockerfiles/server-mysql/centos/Dockerfile @@ -1,27 +1,40 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -45,15 +58,14 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-mysql && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ dnf -y module enable mysql && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - fping \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="fping \ + tini \ + file-libs \ tzdata \ iputils \ traceroute \ - libcurl-minimal \ libevent \ libxml2 \ libssh \ @@ -65,100 +77,19 @@ RUN set -eux && \ openssl-libs \ pcre \ zlib \ - file-libs \ - unixODBC && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - mysql-devel \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - git \ - unixODBC-devel && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-mysql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/mysql/schema.sql > database/mysql/create.sql && \ - cat database/mysql/images.sql >> database/mysql/create.sql && \ - cat database/mysql/data.sql >> database/mysql/create.sql && \ - gzip database/mysql/create.sql && \ - cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + unixODBC" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -170,7 +101,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 diff --git a/Dockerfiles/server-pgsql/centos/Dockerfile b/Dockerfiles/server-pgsql/centos/Dockerfile index b1ae74b57..ad86f2195 100644 --- a/Dockerfiles/server-pgsql/centos/Dockerfile +++ b/Dockerfiles/server-pgsql/centos/Dockerfile @@ -1,27 +1,40 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM -ENV TINI_VERSION=v0.19.0 +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_server/zabbix_server", "/usr/sbin/zabbix_server"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/usr/bin/zabbix_get"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/create_server.sql.gz", "/usr/share/doc/zabbix-server-postgresql/create.sql.gz"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb.sql", "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"] RUN set -eux && \ - ARCH_SUFFIX="$(arch)"; \ - case "$ARCH_SUFFIX" in \ - i686) export ARCH_SUFFIX='i386' ;; \ - x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \ - aarch64) export ARCH_SUFFIX='arm64' ;; \ - armv7l) export ARCH_SUFFIX='armhf' ;; \ - ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \ - s390x) export ARCH_SUFFIX='s390x' ;; \ - *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ - esac; \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ @@ -45,15 +58,13 @@ RUN set -eux && \ mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /usr/share/doc/zabbix-server-postgresql && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - fping \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="fping \ file-libs \ + tini \ iputils \ tzdata \ traceroute \ - libcurl-minimal \ libevent \ libssh \ libxml2 \ @@ -65,100 +76,19 @@ RUN set -eux && \ postgresql \ postgresql-libs \ zlib \ - unixODBC && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}" -o /sbin/tini && \ - curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${ARCH_SUFFIX}.asc" -o /tmp/tini.asc && \ - export GNUPGHOME="$(mktemp -d)" && \ - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - ipv4.pool.sks-keyservers.net \ - keyserver.ubuntu.com \ - keyserver.pgp.com \ - pgp.mit.edu) ; do \ - gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ - done && \ - gpg --batch --verify /tmp/tini.asc /sbin/tini && \ - rm -rf "$GNUPGHOME" /tmp/tini.asc && \ - chmod +x /sbin/tini && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - gcc \ - pcre-devel \ - libcurl-devel \ - libevent-devel \ - libssh-devel \ - libxml2-devel \ - make \ - net-snmp-devel \ - OpenIPMI-devel \ - openldap-devel \ - postgresql-devel \ - git \ - unixODBC-devel && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --enable-agent \ - --enable-server \ - --with-postgresql \ - --with-ldap \ - --with-libcurl \ - --with-libxml2 \ - --with-net-snmp \ - --with-openipmi \ - --with-openssl \ - --with-ssh \ - --with-unixodbc \ - --enable-ipv6 \ - --silent && \ - make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ - cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ - cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ - cat database/postgresql/schema.sql > database/postgresql/create.sql && \ - cat database/postgresql/images.sql >> database/postgresql/create.sql && \ - cat database/postgresql/data.sql >> database/postgresql/create.sql && \ - gzip database/postgresql/create.sql && \ - cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ - cp database/postgresql/timescaledb.sql /usr/share/doc/zabbix-server-postgresql/timescaledb.sql && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + unixODBC" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ - sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/CentOS-Linux-PowerTools.repo && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki @@ -170,8 +100,8 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] - +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + USER 1997 - + CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/Dockerfiles/server-pgsql/ol/Dockerfile b/Dockerfiles/server-pgsql/ol/Dockerfile index 14ccc79ad..f210cab63 100644 --- a/Dockerfiles/server-pgsql/ol/Dockerfile +++ b/Dockerfiles/server-pgsql/ol/Dockerfile @@ -85,6 +85,9 @@ RUN set -eux && \ --setopt=install_weak_deps=0 \ --best \ --nodocs ${INSTALL_PKGS} && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ microdnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/Dockerfiles/web-apache-mysql/centos/Dockerfile b/Dockerfiles/web-apache-mysql/centos/Dockerfile index 904d19317..1887a7d3d 100644 --- a/Dockerfiles/web-apache-mysql/centos/Dockerfile +++ b/Dockerfiles/web-apache-mysql/centos/Dockerfile @@ -1,14 +1,34 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -20,11 +40,11 @@ RUN set -eux && \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - dejavu-sans-fonts \ - curl \ + mkdir -p /etc/zabbix/web/certs && \ + dnf -y module enable mysql && \ + dnf -y module enable php:7.4 && \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="curl \ httpd \ mysql \ mod_ssl \ @@ -37,7 +57,17 @@ RUN set -eux && \ php-mysqlnd \ php-json \ php-xml \ - supervisor && \ + findutils \ + glibc-locale-source \ + supervisor" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ rm -f "/etc/httpd/conf.d/default.conf" && \ rm -f "/etc/httpd/conf.d/ssl.conf" && \ rm -f /etc/php-fpm.d/www.conf && \ @@ -46,36 +76,7 @@ RUN set -eux && \ -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ "/etc/httpd/conf/httpd.conf" && \ sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - glibc-locale-source && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -96,8 +97,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - dnf -y erase glibc-locale-source glibc-langpack-en && \ + dnf -y remove \ + findutils \ + glibc-locale-source && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/Dockerfiles/web-apache-pgsql/centos/Dockerfile b/Dockerfiles/web-apache-pgsql/centos/Dockerfile index 8ea539e0f..51119b728 100644 --- a/Dockerfiles/web-apache-pgsql/centos/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/centos/Dockerfile @@ -1,14 +1,34 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -20,11 +40,10 @@ RUN set -eux && \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - dejavu-sans-fonts \ - curl \ + mkdir -p /etc/zabbix/web/certs && \ + dnf -y module enable php:7.4 && \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="curl \ httpd \ mod_ssl \ php \ @@ -37,7 +56,17 @@ RUN set -eux && \ php-json \ php-xml \ postgresql \ - supervisor && \ + findutils \ + glibc-locale-source \ + supervisor" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ rm -f "/etc/httpd/conf.d/default.conf" && \ rm -f "/etc/httpd/conf.d/ssl.conf" && \ rm -f /etc/php-fpm.d/www.conf && \ @@ -46,36 +75,7 @@ RUN set -eux && \ -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ "/etc/httpd/conf/httpd.conf" && \ sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - glibc-locale-source && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -96,8 +96,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - dnf -y erase glibc-locale-source glibc-langpack-en && \ + dnf -y remove \ + findutils \ + glibc-locale-source && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/Dockerfiles/web-nginx-mysql/centos/Dockerfile b/Dockerfiles/web-nginx-mysql/centos/Dockerfile index 65eded321..82c0092fc 100644 --- a/Dockerfiles/web-nginx-mysql/centos/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/centos/Dockerfile @@ -1,14 +1,34 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -20,11 +40,12 @@ RUN set -eux && \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ + mkdir -p /etc/zabbix/web/certs && \ mkdir -p /var/lib/php/session && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - curl \ + dnf -y module enable mysql && \ + dnf -y module enable php:7.4 nginx:1.18 && \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="curl \ mysql \ nginx \ php-bcmath \ @@ -35,39 +56,20 @@ RUN set -eux && \ php-mysqlnd \ php-json \ php-xml \ - supervisor && \ + findutils \ + glibc-locale-source \ + supervisor" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ rm -f /etc/nginx/conf.d/*.conf && \ rm -f /etc/php-fpm.d/www.conf && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - glibc-locale-source && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -88,8 +90,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - dnf -y erase glibc-locale-source glibc-langpack-en && \ + dnf -y remove \ + findutils \ + glibc-locale-source && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/Dockerfiles/web-nginx-pgsql/centos/Dockerfile b/Dockerfiles/web-nginx-pgsql/centos/Dockerfile index 02b0d08f9..ef7842f33 100644 --- a/Dockerfiles/web-nginx-pgsql/centos/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/centos/Dockerfile @@ -1,14 +1,34 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"] +COPY ["conf/etc/", "/etc/"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -20,11 +40,11 @@ RUN set -eux && \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ + mkdir -p /etc/zabbix/web/certs && \ mkdir -p /var/lib/php/session && \ - dnf --quiet makecache && \ - dnf -y install epel-release && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - supervisor \ + dnf -y module enable php:7.4 nginx:1.18 && \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="supervisor \ curl \ nginx \ postgresql \ @@ -35,39 +55,20 @@ RUN set -eux && \ php-mbstring \ php-pgsql \ php-json \ - php-xml && \ + findutils \ + glibc-locale-source \ + php-xml" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ rm -f /etc/nginx/conf.d/*.conf && \ rm -f /etc/php-fpm.d/www.conf && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -COPY ["conf/etc/", "/etc/"] - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - glibc-locale-source && \ - dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \ - gettext \ - git && \ - cd /usr/share/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /usr/share/zabbix/ && \ - cp -R /usr/share/zabbix-${ZBX_VERSION}/ui/* /usr/share/zabbix/ && \ - rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ cd /usr/share/zabbix/ && \ - ./locale/make_mo.sh && \ rm -f conf/zabbix.conf.php conf/maintenance.inc.php conf/zabbix.conf.php.example && \ rm -rf tests && \ rm -f locale/add_new_language.sh locale/update_po.sh locale/make_mo.sh && \ @@ -88,8 +89,9 @@ RUN set -eux && \ chown --quiet -R zabbix:root /usr/share/zabbix/include/defines.inc.php && \ chgrp -R 0 /usr/share/zabbix/include/defines.inc.php && \ chmod -R g=u /usr/share/zabbix/include/defines.inc.php && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ - dnf -y erase glibc-locale-source glibc-langpack-en && \ + dnf -y remove \ + findutils \ + glibc-locale-source && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/Dockerfiles/web-service/centos/Dockerfile b/Dockerfiles/web-service/centos/Dockerfile index 2bb527780..cb39e4933 100644 --- a/Dockerfiles/web-service/centos/Dockerfile +++ b/Dockerfiles/web-service/centos/Dockerfile @@ -1,14 +1,32 @@ -FROM centos:centos8 +# syntax=docker/dockerfile:1 +ARG MAJOR_VERSION=6.0 +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +FROM ${BUILD_BASE_IMAGE} as builder + +FROM centos:8 + +ARG MAJOR_VERSION +ARG ZBX_VERSION +ARG ZBX_SOURCES LABEL org.opencontainers.image.title="Zabbix web service" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix web service for performing various tasks using headless web browser" \ - org.opencontainers.image.licenses="GPL v2.0" + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" STOPSIGNAL SIGTERM +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service", "/usr/sbin/zabbix_web_service"] +COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf", "/etc/zabbix/zabbix_web_service.conf"] + RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ @@ -21,60 +39,21 @@ RUN set -eux && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - epel-release && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - chromium \ + REPOLIST="baseos,appstream,epel" && \ + INSTALL_PKGS="chromium \ openssl-libs \ - zlib && \ - dnf -y clean all && \ - rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ - rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki - -ARG MAJOR_VERSION=6.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git - -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.opencontainers.image.version="${ZBX_VERSION}" \ - org.opencontainers.image.source="${ZBX_SOURCES}" - -RUN set -eux && \ - dnf --quiet makecache && \ - dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \ - autoconf \ - automake \ - gcc \ - make \ - golang \ - git && \ - cd /tmp/ && \ - git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - cd /tmp/zabbix-${ZBX_VERSION} && \ - zabbix_revision=`git rev-parse --short HEAD` && \ - sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ - ./bootstrap.sh && \ - export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ - ./configure \ - --datadir=/usr/lib \ - --libdir=/usr/lib/zabbix \ - --prefix=/usr \ - --sysconfdir=/etc/zabbix \ - --prefix=/usr \ - --enable-webservice \ - --silent && \ - make -j"$(nproc)" -s && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \ - cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \ - cd /tmp/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + zlib" && \ + dnf -y install epel-release && \ + dnf -y install \ + --disablerepo "*" \ + --enablerepo "${REPOLIST}" \ + --setopt=tsflags=nodocs \ + --setopt=install_weak_deps=False \ + --best \ + ${INSTALL_PKGS} && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ - dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ dnf -y clean all && \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki diff --git a/build.json b/build.json index d9be52bae..4066c408a 100644 --- a/build.json +++ b/build.json @@ -14,7 +14,12 @@ "linux/amd64", "linux/arm/v7", "linux/arm64" - ] + ], + "centos": [ + "linux/amd64", + "linux/arm64", + "linux/ppc64le" + ], }, "components": { "agent": "build-mysql", diff --git a/docker-compose_v3_centos_mysql_local.yaml b/docker-compose_v3_centos_mysql_local.yaml index 677976d48..3c5a4d2bc 100644 --- a/docker-compose_v3_centos_mysql_local.yaml +++ b/docker-compose_v3_centos_mysql_local.yaml @@ -1,10 +1,41 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./Dockerfiles/build-base/centos + cache_from: + - centos:centos8 + image: zabbix-build-base:centos-local + + zabbix-build-mysql: + build: + context: ./Dockerfiles/build-mysql/centos + cache_from: + - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-base:centos-local + image: zabbix-build-mysql:centos-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./Dockerfiles/build-sqlite3/centos + cache_from: + - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-base:centos-local + image: zabbix-build-sqlite3:centos-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./Dockerfiles/server-mysql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-server-mysql:centos-local ports: - "10051:10051" @@ -44,6 +75,7 @@ services: # - root-ca.pem depends_on: - mysql-server + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -72,6 +104,8 @@ services: context: ./Dockerfiles/proxy-sqlite3/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-sqlite3:centos-local image: zabbix-proxy-sqlite3:centos-local profiles: - all @@ -105,6 +139,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-sqlite3 networks: zbx_net_backend: aliases: @@ -125,6 +160,8 @@ services: context: ./Dockerfiles/proxy-mysql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-proxy-mysql:centos-local profiles: - all @@ -160,6 +197,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -187,6 +225,8 @@ services: context: ./Dockerfiles/web-apache-mysql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-web-apache-mysql:centos-local profiles: - all @@ -218,6 +258,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -247,6 +288,8 @@ services: context: ./Dockerfiles/web-nginx-mysql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-web-nginx-mysql:centos-local ports: - "80:8080" @@ -276,6 +319,7 @@ services: depends_on: - mysql-server - zabbix-server + - zabbix-build-mysql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -305,6 +349,8 @@ services: context: ./Dockerfiles/agent/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-agent:centos-local profiles: - full @@ -331,6 +377,8 @@ services: - ./env_vars/.env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -349,6 +397,8 @@ services: context: ./Dockerfiles/java-gateway/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-java-gateway:centos-local profiles: - full @@ -365,6 +415,8 @@ services: memory: 256M env_file: - ./env_vars/.env_java + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -415,6 +467,8 @@ services: context: ./Dockerfiles/web-service/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-web-service:centos-local profiles: - full @@ -435,6 +489,8 @@ services: memory: 256M env_file: - ./env_vars/.env_web_service + depends_on: + - zabbix-build-mysql networks: zbx_net_backend: aliases: diff --git a/docker-compose_v3_centos_pgsql_local.yaml b/docker-compose_v3_centos_pgsql_local.yaml index b16ecd4e9..a33baee3e 100644 --- a/docker-compose_v3_centos_pgsql_local.yaml +++ b/docker-compose_v3_centos_pgsql_local.yaml @@ -1,10 +1,52 @@ version: '3.5' services: + zabbix-build-base: + build: + context: ./Dockerfiles/build-base/centos + cache_from: + - centos:centos8 + image: zabbix-build-base:centos-local + + zabbix-build-pgsql: + build: + context: ./Dockerfiles/build-pgsql/centos + cache_from: + - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-base:centos-local + image: zabbix-build-pgsql:centos-local + depends_on: + - zabbix-build-base + + zabbix-build-mysql: + build: + context: ./Dockerfiles/build-mysql/centos + cache_from: + - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-base:centos-local + image: zabbix-build-mysql:centos-local + depends_on: + - zabbix-build-base + + zabbix-build-sqlite3: + build: + context: ./Dockerfiles/build-sqlite3/centos + cache_from: + - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-base:centos-local + image: zabbix-build-sqlite3:centos-local + depends_on: + - zabbix-build-base + zabbix-server: build: context: ./Dockerfiles/server-pgsql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-server-pgsql:centos-local ports: - "10051:10051" @@ -43,6 +85,7 @@ services: - POSTGRES_PASSWORD depends_on: - postgres-server + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -71,6 +114,8 @@ services: context: ./Dockerfiles/proxy-sqlite3/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-proxy-sqlite3:centos-local profiles: - all @@ -104,6 +149,7 @@ services: depends_on: - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -124,6 +170,8 @@ services: context: ./Dockerfiles/proxy-mysql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-mysql:centos-local image: zabbix-proxy-mysql:centos-local profiles: - all @@ -163,6 +211,7 @@ services: - mysql-server - zabbix-java-gateway - zabbix-snmptraps + - zabbix-build-mysql networks: zbx_net_backend: aliases: @@ -183,6 +232,8 @@ services: context: ./Dockerfiles/web-apache-pgsql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-web-apache-pgsql:centos-local profiles: - all @@ -214,6 +265,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -243,6 +295,8 @@ services: context: ./Dockerfiles/web-nginx-pgsql/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-web-nginx-pgsql:centos-local ports: - "80:8080" @@ -272,6 +326,7 @@ services: depends_on: - postgres-server - zabbix-server + - zabbix-build-pgsql healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 10s @@ -301,6 +356,8 @@ services: context: ./Dockerfiles/agent/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-agent:centos-local profiles: - full @@ -327,6 +384,8 @@ services: - ./env_vars/.env_agent privileged: true pid: "host" + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -345,6 +404,8 @@ services: context: ./Dockerfiles/java-gateway/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-java-gateway:centos-local profiles: - full @@ -361,6 +422,8 @@ services: memory: 256M env_file: - ./env_vars/.env_java + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: @@ -375,7 +438,7 @@ services: zabbix-snmptraps: build: - context: ./snmptraps/centos + context: ./Dockerfiles/snmptraps/centos cache_from: - centos:centos8 image: zabbix-snmptraps:centos-local @@ -411,6 +474,8 @@ services: context: ./Dockerfiles/web-service/centos cache_from: - centos:centos8 + args: + BUILD_BASE_IMAGE: zabbix-build-pgsql:centos-local image: zabbix-web-service:centos-local profiles: - full @@ -431,6 +496,8 @@ services: memory: 256M env_file: - ./env_vars/.env_web_service + depends_on: + - zabbix-build-pgsql networks: zbx_net_backend: aliases: From 3e0864f704e6a6bdd649658a388ab11ccf9741a0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 6 Oct 2021 22:41:16 +0200 Subject: [PATCH 183/253] Implemented build for CentOS --- build.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.json b/build.json index 4066c408a..aa70f6025 100644 --- a/build.json +++ b/build.json @@ -19,7 +19,7 @@ "linux/amd64", "linux/arm64", "linux/ppc64le" - ], + ] }, "components": { "agent": "build-mysql", From b634276b44494afd92c7a014fd7f882eb14d96db Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 6 Oct 2021 22:51:47 +0200 Subject: [PATCH 184/253] Implemented build for CentOS --- Dockerfiles/build-base/centos/Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfiles/build-base/centos/Dockerfile b/Dockerfiles/build-base/centos/Dockerfile index 709202187..84b8bcb0a 100644 --- a/Dockerfiles/build-base/centos/Dockerfile +++ b/Dockerfiles/build-base/centos/Dockerfile @@ -59,6 +59,10 @@ RUN set -eux && \ url='https://dl.google.com/go/go1.17.1.linux-arm64.tar.gz'; \ sha256='53b29236fa03ed862670a5e5e2ab2439a2dc288fe61544aa392062104ac0128c'; \ ;; \ + ppc64le) \ + url='https://golang.org/dl/go1.17.1.linux-ppc64le.tar.gz'; \ + sha256='df4fa945512c3b472cf3d2dcb2e4ae5b34819607bc63f3223f5bc0c17b637dd0'; \ + ;; \ *) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \ esac; \ wget -O go.tgz.asc "$url.asc" && \ From 1f68d44d7b7454e7cb93dc15c0f55f27a645dd82 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 6 Oct 2021 23:55:37 +0200 Subject: [PATCH 185/253] Implemented build for CentOS --- build.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build.json b/build.json index aa70f6025..45b482722 100644 --- a/build.json +++ b/build.json @@ -17,8 +17,7 @@ ], "centos": [ "linux/amd64", - "linux/arm64", - "linux/ppc64le" + "linux/arm64" ] }, "components": { From c2acaa00498c91a69b39ba26b4e36755398a8faa Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 00:13:22 +0200 Subject: [PATCH 186/253] New build design --- .github/workflows/images_build.yml | 22 ++++---- .../java-gateway/centos/docker-entrypoint.sh | 12 ++--- .../java-gateway/ol/docker-entrypoint.sh | 12 ++--- Dockerfiles/java-gateway/rhel/Dockerfile | 2 - .../java-gateway/rhel/docker-entrypoint.sh | 12 ++--- .../web-apache-pgsql/centos/Dockerfile | 4 +- Dockerfiles/web-apache-pgsql/ol/Dockerfile | 4 +- Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile | 4 +- docker-compose_v3_ol_pgsql_latest.yaml | 50 +++++++++---------- docker-compose_v3_ol_pgsql_local.yaml | 50 +++++++++---------- docker-compose_v3_ubuntu_pgsql_local.yaml | 8 +-- 11 files changed, 85 insertions(+), 95 deletions(-) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index 89f84bc43..93761a95a 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -7,12 +7,11 @@ on: push: branches: - 'trunk' - paths-ignore: - - 'env_vars/*' - - 'docker-compose*.yaml' - - 'Dockerfiles/*/rhel/*' - - 'Dockerfiles/*/windows/*' - - "**.md" + paths: + - 'Dockerfiles/**' + - '!Dockerfiles/*/rhel/*' + - '!Dockerfiles/*/windows/*' + - '.github/workflows/images_build.yml' defaults: run: @@ -31,6 +30,7 @@ jobs: os: ${{ steps.os.outputs.list }} database: ${{ steps.database.outputs.list }} components: ${{ steps.components.outputs.list }} + is_default_branch: ${{ steps.branch_info.outputs.is_default }} steps: - name: Checkout repository uses: actions/checkout@v2.3.4 @@ -73,6 +73,10 @@ jobs: echo "::set-output name=list::$component_list" + - name: Get branch info + id: branch_info + uses: tj-actions/branch-names@v5 + build_base: timeout-minutes: 70 name: Build base on ${{ matrix.os }} @@ -117,7 +121,7 @@ jobs: type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} flavor: | - latest=auto + latest=false - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} and push id: docker_build @@ -187,7 +191,7 @@ jobs: type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} flavor: | - latest=auto + latest=false - name: Download SHA256 tag build-base:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 @@ -283,7 +287,7 @@ jobs: type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} flavor: | - latest=auto + latest=false - name: Download SHA256 tag for ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 diff --git a/Dockerfiles/java-gateway/centos/docker-entrypoint.sh b/Dockerfiles/java-gateway/centos/docker-entrypoint.sh index 01ac14cd1..c2bea7442 100755 --- a/Dockerfiles/java-gateway/centos/docker-entrypoint.sh +++ b/Dockerfiles/java-gateway/centos/docker-entrypoint.sh @@ -18,14 +18,10 @@ prepare_java_gateway_config() { ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi + : ${ZBX_DEBUGLEVEL:="info"} + + echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" + sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" } prepare_java_gateway() { diff --git a/Dockerfiles/java-gateway/ol/docker-entrypoint.sh b/Dockerfiles/java-gateway/ol/docker-entrypoint.sh index 01ac14cd1..c2bea7442 100755 --- a/Dockerfiles/java-gateway/ol/docker-entrypoint.sh +++ b/Dockerfiles/java-gateway/ol/docker-entrypoint.sh @@ -18,14 +18,10 @@ prepare_java_gateway_config() { ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi + : ${ZBX_DEBUGLEVEL:="info"} + + echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" + sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" } prepare_java_gateway() { diff --git a/Dockerfiles/java-gateway/rhel/Dockerfile b/Dockerfiles/java-gateway/rhel/Dockerfile index 61225eedc..cd161bc23 100644 --- a/Dockerfiles/java-gateway/rhel/Dockerfile +++ b/Dockerfiles/java-gateway/rhel/Dockerfile @@ -60,8 +60,6 @@ RUN set -eux && INSTALL_PKGS="bash \ rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -COPY ["conf/etc/", "/etc/"] - RUN set -eux && INSTALL_PKGS="autoconf \ automake \ pkgconf \ diff --git a/Dockerfiles/java-gateway/rhel/docker-entrypoint.sh b/Dockerfiles/java-gateway/rhel/docker-entrypoint.sh index 01ac14cd1..c2bea7442 100755 --- a/Dockerfiles/java-gateway/rhel/docker-entrypoint.sh +++ b/Dockerfiles/java-gateway/rhel/docker-entrypoint.sh @@ -18,14 +18,10 @@ prepare_java_gateway_config() { ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi + : ${ZBX_DEBUGLEVEL:="info"} + + echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" + sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" } prepare_java_gateway() { diff --git a/Dockerfiles/web-apache-pgsql/centos/Dockerfile b/Dockerfiles/web-apache-pgsql/centos/Dockerfile index 51119b728..900c4dd49 100644 --- a/Dockerfiles/web-apache-pgsql/centos/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/centos/Dockerfile @@ -14,11 +14,11 @@ ARG ZBX_SOURCES ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ org.opencontainers.image.licenses="GPL v2.0" \ org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ org.opencontainers.image.version="${ZBX_VERSION}" \ diff --git a/Dockerfiles/web-apache-pgsql/ol/Dockerfile b/Dockerfiles/web-apache-pgsql/ol/Dockerfile index 4bb6b4097..becce1b42 100644 --- a/Dockerfiles/web-apache-pgsql/ol/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/ol/Dockerfile @@ -14,11 +14,11 @@ ARG ZBX_SOURCES ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ org.opencontainers.image.licenses="GPL v2.0" \ org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ org.opencontainers.image.version="${ZBX_VERSION}" \ diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile index b660ca185..bd524a476 100644 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile @@ -14,11 +14,11 @@ ARG ZBX_SOURCES ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ +LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.vendor="Zabbix LLC" \ org.opencontainers.image.url="https://zabbix.com/" \ - org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ org.opencontainers.image.licenses="GPL v2.0" \ org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ org.opencontainers.image.version="${ZBX_VERSION}" \ diff --git a/docker-compose_v3_ol_pgsql_latest.yaml b/docker-compose_v3_ol_pgsql_latest.yaml index 7eca27a98..0403c5bbc 100644 --- a/docker-compose_v3_ol_pgsql_latest.yaml +++ b/docker-compose_v3_ol_pgsql_latest.yaml @@ -15,9 +15,9 @@ services: - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro -# - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro ulimits: nproc: 65535 nofile: @@ -32,8 +32,8 @@ services: cpus: '0.5' memory: 512M env_file: - - ./env_vars/env_db_pgsql - - ./env_vars/env_srv + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_srv secrets: - POSTGRES_USER - POSTGRES_PASSWORD @@ -91,8 +91,8 @@ services: cpus: '0.3' memory: 256M env_file: - - ./env_vars/env_prx - - ./env_vars/env_prx_sqlite3 + - ./env_vars/.env_prx + - ./env_vars/.env_prx_sqlite3 depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -140,9 +140,9 @@ services: cpus: '0.3' memory: 256M env_file: - - ./env_vars/env_db_mysql_proxy - - ./env_vars/env_prx - - ./env_vars/env_prx_mysql + - ./env_vars/.env_db_mysql_proxy + - ./env_vars/.env_prx + - ./env_vars/.env_prx_mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -178,9 +178,9 @@ services: - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro deploy: resources: limits: @@ -190,8 +190,8 @@ services: cpus: '0.5' memory: 256M env_file: - - ./env_vars/env_db_pgsql - - ./env_vars/env_web + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web secrets: - POSTGRES_USER - POSTGRES_PASSWORD @@ -232,9 +232,9 @@ services: - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro deploy: resources: limits: @@ -244,8 +244,8 @@ services: cpus: '0.5' memory: 256M env_file: - - ./env_vars/env_db_pgsql - - ./env_vars/env_web + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web secrets: - POSTGRES_USER - POSTGRES_PASSWORD @@ -300,7 +300,7 @@ services: memory: 64M mode: global env_file: - - ./env_vars/env_agent + - ./env_vars/.env_agent privileged: true pid: "host" networks: @@ -332,7 +332,7 @@ services: cpus: '0.25' memory: 256M env_file: - - ./env_vars/env_java + - ./env_vars/.env_java networks: zbx_net_backend: aliases: @@ -394,7 +394,7 @@ services: cpus: '0.25' memory: 256M env_file: - - ./env_vars/env_web_service + - ./env_vars/.env_web_service networks: zbx_net_backend: aliases: @@ -419,7 +419,7 @@ services: volumes: - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw env_file: - - ./env_vars/env_db_mysql + - ./env_vars/.env_db_mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -441,7 +441,7 @@ services: - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/server-cert.pem:ro - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/server-key.pem:ro env_file: - - ./env_vars/env_db_pgsql + - ./env_vars/.env_db_pgsql secrets: - POSTGRES_USER - POSTGRES_PASSWORD diff --git a/docker-compose_v3_ol_pgsql_local.yaml b/docker-compose_v3_ol_pgsql_local.yaml index 3275e0b58..e7347f72f 100644 --- a/docker-compose_v3_ol_pgsql_local.yaml +++ b/docker-compose_v3_ol_pgsql_local.yaml @@ -61,9 +61,9 @@ services: - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro -# - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro ulimits: nproc: 65535 nofile: @@ -78,8 +78,8 @@ services: cpus: '0.5' memory: 512M env_file: - - ./env_vars/env_db_pgsql - - ./env_vars/env_srv + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_srv secrets: - POSTGRES_USER - POSTGRES_PASSWORD @@ -144,8 +144,8 @@ services: cpus: '0.3' memory: 256M env_file: - - ./env_vars/env_prx - - ./env_vars/env_prx_sqlite3 + - ./env_vars/.env_prx + - ./env_vars/.env_prx_sqlite3 depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -200,9 +200,9 @@ services: cpus: '0.3' memory: 256M env_file: - - ./env_vars/env_db_mysql_proxy - - ./env_vars/env_prx - - ./env_vars/env_prx_mysql + - ./env_vars/.env_db_mysql_proxy + - ./env_vars/.env_prx + - ./env_vars/.env_prx_mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -245,9 +245,9 @@ services: - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro deploy: resources: limits: @@ -257,8 +257,8 @@ services: cpus: '0.5' memory: 256M env_file: - - ./env_vars/env_db_pgsql - - ./env_vars/env_web + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web secrets: - POSTGRES_USER - POSTGRES_PASSWORD @@ -306,9 +306,9 @@ services: - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro deploy: resources: limits: @@ -318,8 +318,8 @@ services: cpus: '0.5' memory: 256M env_file: - - ./env_vars/env_db_pgsql - - ./env_vars/env_web + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web secrets: - POSTGRES_USER - POSTGRES_PASSWORD @@ -381,7 +381,7 @@ services: memory: 64M mode: global env_file: - - ./env_vars/env_agent + - ./env_vars/.env_agent privileged: true pid: "host" depends_on: @@ -421,7 +421,7 @@ services: cpus: '0.25' memory: 256M env_file: - - ./env_vars/env_java + - ./env_vars/.env_java depends_on: - zabbix-build-pgsql networks: @@ -495,7 +495,7 @@ services: cpus: '0.25' memory: 256M env_file: - - ./env_vars/env_web_service + - ./env_vars/.env_web_service depends_on: - zabbix-build-pgsql networks: @@ -522,7 +522,7 @@ services: volumes: - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw env_file: - - ./env_vars/env_db_mysql + - ./env_vars/.env_db_mysql secrets: - MYSQL_USER - MYSQL_PASSWORD @@ -544,7 +544,7 @@ services: - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/server-cert.pem:ro - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/server-key.pem:ro env_file: - - ./env_vars/env_db_pgsql + - ./env_vars/.env_db_pgsql secrets: - POSTGRES_USER - POSTGRES_PASSWORD diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index 41ad4d8a4..83b8b7a53 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -2,14 +2,14 @@ version: '3.5' services: zabbix-build-base: build: - context: ./build-base/ubuntu + context: ./Dockerfiles/build-base/ubuntu cache_from: - ubuntu:focal image: zabbix-build-base:ubuntu-local zabbix-build-pgsql: build: - context: ./build-pgsql/ubuntu + context: ./Dockerfiles/build-pgsql/ubuntu cache_from: - ubuntu:focal args: @@ -20,7 +20,7 @@ services: zabbix-build-mysql: build: - context: ./build-mysql/ubuntu + context: ./Dockerfiles/build-mysql/ubuntu cache_from: - ubuntu:focal args: @@ -31,7 +31,7 @@ services: zabbix-build-sqlite3: build: - context: ./build-sqlite3/ubuntu + context: ./Dockerfiles/build-sqlite3/ubuntu cache_from: - ubuntu:focal args: From a388663b9f63cec92d1930db5af6527372343a71 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:16:50 +0200 Subject: [PATCH 187/253] New build design --- .github/workflows/images_build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index 93761a95a..56acc716b 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -236,7 +236,7 @@ jobs: build_images: timeout-minutes: 70 needs: [ "build_base_database", "init_build"] - name: Build ${{ matrix.build }} base on ${{ matrix.os }} + name: Build ${{ matrix.build }} on ${{ matrix.os }} strategy: fail-fast: false matrix: From 3e2becb70d9c5c614a1e77e90e50201aa0d22941 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:23:51 +0200 Subject: [PATCH 188/253] New build design --- .github/workflows/images_build_windows.yml | 321 +++++++++++++++++++++ 1 file changed, 321 insertions(+) create mode 100644 .github/workflows/images_build_windows.yml diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml new file mode 100644 index 000000000..46aa1238a --- /dev/null +++ b/.github/workflows/images_build_windows.yml @@ -0,0 +1,321 @@ +name: Build images (DockerHub, Windows) + +on: + release: + types: + - published + push: + branches: + - 'trunk' + paths: + - 'Dockerfiles/*/windows/*' + - '.github/workflows/images_build_windows.yml' + +defaults: + run: + shell: powershell + +env: + DOCKER_REPOSITORY: "zabbix" + LATEST_BRANCH: ${{ github.event.repository.default_branch }} + BASE_BUILD_NAME: "build-base" + +jobs: + init_build: + name: Initialize build + runs-on: ubuntu-latest + outputs: + os: ${{ steps.os.outputs.list }} + database: ${{ steps.database.outputs.list }} + components: ${{ steps.components.outputs.list }} + is_default_branch: ${{ steps.branch_info.outputs.is_default }} + steps: + - name: Checkout repository + uses: actions/checkout@v2.3.4 + with: + fetch-depth: 1 + + - name: Check build.json file + id: build_exists + run: | + if [[ ! -f "./build.json" ]]; then + echo "::error::File build.json is missing" + exit 1 + fi + + - name: Prepare Operating System list + id: os + run: | + os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") + + echo "::set-output name=list::$os_list" + + - name: Prepare Platform list + id: platform_list + run: | + platform_list=$(jq -r '.os | tostring | @json' "./build.json") + + echo "::set-output name=list::$platform_list" + + - name: Prepare Database engine list + id: database + run: | + database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.json") + + echo "::set-output name=list::$database_list" + + - name: Prepare Zabbix component list + id: components + run: | + component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.json") + + echo "::set-output name=list::$component_list" + + - name: Get branch info + id: branch_info + uses: tj-actions/branch-names@v5 + + build_base: + timeout-minutes: 70 + name: Build base on ${{ matrix.os }} + needs: init_build + strategy: + fail-fast: false + matrix: + os: ${{ fromJson(needs.init_build.outputs.os) }} + + runs-on: windows-2022 + steps: + - name: Checkout repository + uses: actions/checkout@v2.3.4 + with: + fetch-depth: 1 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Prepare Platform list + id: platform + run: | + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + + echo ::set-output name=list::$platform_list + + - name: Generate tags + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} + tags: | + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} + flavor: | + latest=false + + - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} + file: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: false + tags: ${{ steps.meta.outputs.tags }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + + - name: Image digest + run: | + echo ${{ steps.docker_build.outputs.digest }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} + + - name: Upload SHA256 tag + uses: actions/upload-artifact@v2.2.4 + with: + name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} + path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} + if-no-files-found: error + + build_base_database: + timeout-minutes: 70 + needs: [ "build_base", "init_build"] + name: Build ${{ matrix.build }} base on ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + build: ${{ fromJson(needs.init_build.outputs.database) }} + os: ${{ fromJson(needs.init_build.outputs.os) }} + + runs-on: windows-2022 + steps: + - name: Checkout repository + uses: actions/checkout@v2.3.4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Prepare Platform list + id: platform + run: | + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + + echo ::set-output name=list::$platform_list + + - name: Generate tags + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} + tags: | + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} + flavor: | + latest=false + + - name: Download SHA256 tag build-base:${{ matrix.os }} + uses: actions/download-artifact@v2.0.10 + with: + name: build-base_${{ matrix.os }} + + - name: Retrieve build-base:${{ matrix.os }} SHA256 tag + id: base_build + run: | + BASE_TAG=$(cat build-base_${{ matrix.os }}) + BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${BASE_TAG} + + echo ::set-output name=base_tag::${BASE_TAG} + echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} + + - name: Build ${{ matrix.build }}/${{ matrix.os }} and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }} + file: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: false + tags: ${{ steps.meta.outputs.tags }} + build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + + - name: Image digest + run: | + echo ${{ steps.docker_build.outputs.digest }} + echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} + + - name: Upload SHA256 tag + uses: actions/upload-artifact@v2.2.4 + with: + name: ${{ matrix.build }}_${{ matrix.os }} + path: ${{ matrix.build }}_${{ matrix.os }} + if-no-files-found: error + + build_images: + timeout-minutes: 70 + needs: [ "build_base_database", "init_build"] + name: Build ${{ matrix.build }} on ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + build: ${{ fromJson(needs.init_build.outputs.components) }} + os: ${{ fromJson(needs.init_build.outputs.os) }} + + runs-on: windows-2022 + steps: + - uses: actions/checkout@v2.3.4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Prepare Platform list + id: platform + run: | + # Chromium on Alpine is available only on linux/amd64, linux/arm64 platforms + if [ "${{ matrix.os }}" == "alpine" ] && [ "${{ matrix.build }}" == "web-service" ]; then + platform_list="linux/amd64,linux/arm64" + else + platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + fi + + echo ::set-output name=list::$platform_list + + - name: Detect Build Base Image + id: build_base_image + run: | + BUILD_BASE=$(jq -r '.components."${{ matrix.build }}"' "./build.json") + + echo ::set-output name=build_base::${BUILD_BASE} + + - name: Generate tags + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} + tags: | + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} + flavor: | + latest=false + + - name: Download SHA256 tag for ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} + uses: actions/download-artifact@v2.0.10 + if: ${{ matrix.build != 'snmptraps' }} + with: + name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} + + - name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag + id: base_build + if: ${{ matrix.build != 'snmptraps' }} + run: | + BASE_TAG=$(cat ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}) + BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${BASE_TAG} + + echo ::set-output name=base_tag::${BASE_TAG} + echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} + + - name: Build ${{ matrix.build }}/${{ matrix.os }} and push + id: docker_build + uses: docker/build-push-action@v2 + with: + context: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }} + file: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }}/Dockerfile + platforms: ${{ steps.platform.outputs.list }} + push: false + tags: ${{ steps.meta.outputs.tags }} + build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} From 891e70aa43f8a6c5a258b430a36e6a14979f36f0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:27:10 +0200 Subject: [PATCH 189/253] New build design --- .github/workflows/images_build_windows.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 46aa1238a..e273f85e8 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -13,7 +13,7 @@ on: defaults: run: - shell: powershell + shell: pwsh env: DOCKER_REPOSITORY: "zabbix" @@ -47,6 +47,7 @@ jobs: id: os run: | os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") + os_list='windows' echo "::set-output name=list::$os_list" @@ -54,6 +55,7 @@ jobs: id: platform_list run: | platform_list=$(jq -r '.os | tostring | @json' "./build.json") + platform_list='amd64' echo "::set-output name=list::$platform_list" @@ -61,6 +63,7 @@ jobs: id: database run: | database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.json") + database_list='' echo "::set-output name=list::$database_list" @@ -68,6 +71,7 @@ jobs: id: components run: | component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.json") + component_list='agent,agent2' echo "::set-output name=list::$component_list" @@ -91,12 +95,6 @@ jobs: with: fetch-depth: 1 - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -107,6 +105,7 @@ jobs: id: platform run: | platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + platform_list='amd64' echo ::set-output name=list::$platform_list From 18e1207070cafe47b8afa54df26eb597904b9da4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:30:24 +0200 Subject: [PATCH 190/253] New build design --- .github/workflows/images_build_windows.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index e273f85e8..8e7deee3a 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -38,10 +38,9 @@ jobs: - name: Check build.json file id: build_exists run: | - if [[ ! -f "./build.json" ]]; then - echo "::error::File build.json is missing" - exit 1 - fi + if (-not(Test-Path -Path $ConfigPath -PathType Leaf)) { + throw "::error::File build.json is missing" + } - name: Prepare Operating System list id: os From 7fb4f629c3cbefd05100290b99da67a6315591f4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:31:16 +0200 Subject: [PATCH 191/253] New build design --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 8e7deee3a..943862990 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -38,7 +38,7 @@ jobs: - name: Check build.json file id: build_exists run: | - if (-not(Test-Path -Path $ConfigPath -PathType Leaf)) { + if (-not(Test-Path -Path "./build.json" -PathType Leaf)) { throw "::error::File build.json is missing" } From 549a36c63196ad9a45ddffe1c92f9532961f6a1f Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:45:31 +0200 Subject: [PATCH 192/253] New build design --- .github/workflows/images_build_windows.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 943862990..54b8f419c 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -45,32 +45,32 @@ jobs: - name: Prepare Operating System list id: os run: | - os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") - os_list='windows' + $os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") + $os_list='windows' echo "::set-output name=list::$os_list" - name: Prepare Platform list id: platform_list run: | - platform_list=$(jq -r '.os | tostring | @json' "./build.json") - platform_list='amd64' + $platform_list=$(jq -r '.os | tostring | @json' "./build.json") + $platform_list='amd64' echo "::set-output name=list::$platform_list" - name: Prepare Database engine list id: database run: | - database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.json") - database_list='' + $database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.json") + $database_list='' echo "::set-output name=list::$database_list" - name: Prepare Zabbix component list id: components run: | - component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.json") - component_list='agent,agent2' + $component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.json") + $component_list='agent,agent2' echo "::set-output name=list::$component_list" @@ -103,8 +103,8 @@ jobs: - name: Prepare Platform list id: platform run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") - platform_list='amd64' + $platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + $platform_list='amd64' echo ::set-output name=list::$platform_list From e20026a8ae8e69934ae6cbc62c8dd748c7258c44 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 12:53:30 +0200 Subject: [PATCH 193/253] New build design --- .github/workflows/images_build_windows.yml | 37 +++------------------- 1 file changed, 5 insertions(+), 32 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 54b8f419c..d7eac0bda 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -26,7 +26,6 @@ jobs: runs-on: ubuntu-latest outputs: os: ${{ steps.os.outputs.list }} - database: ${{ steps.database.outputs.list }} components: ${{ steps.components.outputs.list }} is_default_branch: ${{ steps.branch_info.outputs.is_default }} steps: @@ -45,32 +44,14 @@ jobs: - name: Prepare Operating System list id: os run: | - $os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") - $os_list='windows' + $os_list='["windows"]' echo "::set-output name=list::$os_list" - - name: Prepare Platform list - id: platform_list - run: | - $platform_list=$(jq -r '.os | tostring | @json' "./build.json") - $platform_list='amd64' - - echo "::set-output name=list::$platform_list" - - - name: Prepare Database engine list - id: database - run: | - $database_list=$(jq -r '[.components | values[] ] | sort | unique | del(.. | select ( . == "" ) ) | [ .[] | tostring ] | @json' "./build.json") - $database_list='' - - echo "::set-output name=list::$database_list" - - name: Prepare Zabbix component list id: components run: | - $component_list=$(jq -r '.components | keys | [ .[] | tostring ] | @json' "./build.json") - $component_list='agent,agent2' + $component_list='["agent","agent2"]' echo "::set-output name=list::$component_list" @@ -86,6 +67,7 @@ jobs: fail-fast: false matrix: os: ${{ fromJson(needs.init_build.outputs.os) }} + build: ${{ fromJson(needs.init_build.outputs.components) }} runs-on: windows-2022 steps: @@ -100,14 +82,6 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Prepare Platform list - id: platform - run: | - $platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") - $platform_list='amd64' - - echo ::set-output name=list::$platform_list - - name: Generate tags id: meta uses: docker/metadata-action@v3 @@ -119,13 +93,12 @@ jobs: flavor: | latest=false - - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} and push + - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build uses: docker/build-push-action@v2 with: context: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} - file: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile - platforms: ${{ steps.platform.outputs.list }} + file: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile.${{ matrix.build }} push: false tags: ${{ steps.meta.outputs.tags }} labels: | From 4c274f0d661c7be3d5cb00b4350850e7d4d352b4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 13:11:17 +0200 Subject: [PATCH 194/253] New build design --- .github/workflows/images_build_windows.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index d7eac0bda..7f52ad3e6 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -95,10 +95,13 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build - uses: docker/build-push-action@v2 + uses: mr-smithers-excellent/docker-build-push@v5 with: - context: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} + directory: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} file: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile.${{ matrix.build }} + registry: docker.io + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} push: false tags: ${{ steps.meta.outputs.tags }} labels: | From 7919b0886fa664c1eb47ffbeddc08c3a0f1563d3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 13:14:20 +0200 Subject: [PATCH 195/253] Updated build script --- .github/workflows/images_build_windows.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 7f52ad3e6..81a281185 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -102,7 +102,6 @@ jobs: registry: docker.io username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - push: false tags: ${{ steps.meta.outputs.tags }} labels: | org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} From 922ea12f6c128de3c1de5064cf1c78acf111074c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 13:41:53 +0200 Subject: [PATCH 196/253] Updated build script --- .github/workflows/images_build_windows.yml | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 81a281185..ace24aa35 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -95,17 +95,8 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build - uses: mr-smithers-excellent/docker-build-push@v5 - with: - directory: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }} - file: ./Dockerfiles/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile.${{ matrix.build }} - registry: docker.io - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - tags: ${{ steps.meta.outputs.tags }} - labels: | - org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + run: | + docker build -f .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\${{ matrix.os }}\Dockerfile.${{ matrix.build }} .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\${{ matrix.os }}\ - name: Image digest run: | From f87562ca6933891aa6bcd2382c903c920f0150d5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 14:34:44 +0200 Subject: [PATCH 197/253] Updated build script --- .github/workflows/images_build_windows.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index ace24aa35..41c1b947e 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -44,7 +44,7 @@ jobs: - name: Prepare Operating System list id: os run: | - $os_list='["windows"]' + $os_list='["ltsc2022"]' echo "::set-output name=list::$os_list" @@ -96,7 +96,11 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - docker build -f .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\${{ matrix.os }}\Dockerfile.${{ matrix.build }} .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\${{ matrix.os }}\ + $tags=$(echo '${{ steps.meta.outputs.tags }}' | jq -r '. | map("""--tag=""" + .) | join(""" """)') + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} + docker logout - name: Image digest run: | From ee3a0537d18bb6399fa7386ecefdf83a6af42002 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 14:37:57 +0200 Subject: [PATCH 198/253] Updated build script --- .github/workflows/images_build_windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 41c1b947e..e054eeb70 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -61,7 +61,7 @@ jobs: build_base: timeout-minutes: 70 - name: Build base on ${{ matrix.os }} + name: Build ${{ matrix.build }} base on ${{ matrix.os }} needs: init_build strategy: fail-fast: false @@ -96,7 +96,7 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags=$(echo '${{ steps.meta.outputs.tags }}' | jq -r '. | map("""--tag=""" + .) | join(""" """)') + $tags=$(echo '${{ fromJson(steps.meta.outputs.tags) }}' | jq -r '. | map("""--tag=""" + .) | join(""" """)') docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} From 1f8d491215ea057180a59452b57ad26abeda9a64 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 14:39:58 +0200 Subject: [PATCH 199/253] Updated build script --- .github/workflows/images_build_windows.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index e054eeb70..88b4d4e5d 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -96,7 +96,8 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags=$(echo '${{ fromJson(steps.meta.outputs.tags) }}' | jq -r '. | map("""--tag=""" + .) | join(""" """)') + $tags='${{ steps.meta.outputs.tags }}' + echo $tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} From 3ea8fb7c427b7bf4d10b3c7c602d7eb403a95a81 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 14:52:53 +0200 Subject: [PATCH 200/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 88b4d4e5d..c0dabc4d4 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -96,7 +96,7 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags='${{ steps.meta.outputs.tags }}' + $tags='${{ steps.meta.outputs.tags }}' -split "`r`n" echo $tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ From 5d339f2f6ead76dc5f343f24f62ef9bd5b1e6e17 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:12:05 +0200 Subject: [PATCH 201/253] Updated build script --- .github/workflows/images_build_windows.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index c0dabc4d4..b8d584726 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -96,23 +96,27 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags='${{ steps.meta.outputs.tags }}' -split "`r`n" - echo $tags + $tags='${{ steps.meta.outputs.tags }}' + $result_tags = '' + foreach ($line in $tags) { + $result_tags = $result_tags + '--tag ' + $line + } docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $result_tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} docker logout - name: Image digest run: | - echo ${{ steps.docker_build.outputs.digest }} - echo "${{ steps.docker_build.outputs.digest }}" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} + $digest=$(docker inspect ${{ steps.meta.outputs.tags[0] }} --format "{{.Id}}") + echo $digest + echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} - path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }} + name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} + path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} if-no-files-found: error build_base_database: From 0d2a096061417d0dbb869949c714a3e018be19eb Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:14:40 +0200 Subject: [PATCH 202/253] Updated build script --- .github/workflows/images_build_windows.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index b8d584726..316543b41 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -99,8 +99,9 @@ jobs: $tags='${{ steps.meta.outputs.tags }}' $result_tags = '' foreach ($line in $tags) { - $result_tags = $result_tags + '--tag ' + $line + $result_tags = $result_tags + ' --tag=' + $line } + echo $result_tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $result_tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} From 44b4bc16de1de1b2d52c372e9eab79fcb3e73a33 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:23:28 +0200 Subject: [PATCH 203/253] Updated build script --- .github/workflows/images_build_windows.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 316543b41..cbe750187 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -96,14 +96,10 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags='${{ steps.meta.outputs.tags }}' - $result_tags = '' - foreach ($line in $tags) { - $result_tags = $result_tags + ' --tag=' + $line - } - echo $result_tags + $tags=$(echo "steps.meta.outputs.tags" | jq --raw-input . | jq --slurp . | jq -r '. | map("""--tag=""" + .) | join(""" """)') + echo $tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $result_tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} docker logout From dd1e4dd5d87399eced3494923777f0d3f14c3252 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:24:52 +0200 Subject: [PATCH 204/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index cbe750187..bec9158d2 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -96,7 +96,7 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags=$(echo "steps.meta.outputs.tags" | jq --raw-input . | jq --slurp . | jq -r '. | map("""--tag=""" + .) | join(""" """)') + $tags=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '. | map("""--tag=""" + .) | join(""" """)') echo $tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ From bf59a55cd5664d7db2e1144e179360186198d4eb Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:30:12 +0200 Subject: [PATCH 205/253] Updated build script --- .github/workflows/images_build_windows.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index bec9158d2..804b342e1 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -99,8 +99,10 @@ jobs: $tags=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '. | map("""--tag=""" + .) | join(""" """)') echo $tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ - docker push image push --all-tags ${{ steps.meta.outputs.tags[0] }} + $main_tag=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '.[0]') + docker push image push --all-tags $main_tag docker logout - name: Image digest From 7324b217bfc116f411ab00a0ba11849d515e7f32 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:33:19 +0200 Subject: [PATCH 206/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 804b342e1..d0edc9433 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -96,7 +96,7 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '. | map("""--tag=""" + .) | join(""" """)') + $tags=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '. | map("""-t """ + .) | join(""" """)') echo $tags docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" From 521bf35c9eee4bf87236130bdacd269ca42d271e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:42:43 +0200 Subject: [PATCH 207/253] Updated build script --- .github/workflows/images_build_windows.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index d0edc9433..bded4ed63 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -37,6 +37,7 @@ jobs: - name: Check build.json file id: build_exists run: | + docker build --help if (-not(Test-Path -Path "./build.json" -PathType Leaf)) { throw "::error::File build.json is missing" } @@ -96,13 +97,12 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '. | map("""-t """ + .) | join(""" """)') - echo $tags + $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") | Foreach-Object { "--tag=$_" } ) + $tags=$( $tags_array - Join ' ' ) docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ - $main_tag=$(echo "${{ steps.meta.outputs.tags}}" | jq --raw-input . | jq --slurp . | jq -r '.[0]') - docker push image push --all-tags $main_tag + docker push image push --all-tags $tags_array[0] docker logout - name: Image digest @@ -112,7 +112,8 @@ jobs: echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} - name: Upload SHA256 tag - uses: actions/upload-artifact@v2.2.4 + uses: actions/upload-ar +tifact@v2.2.4 with: name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} From 07d18b8dd92549cdbb13e92fa7d78a92be34c47d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:43:13 +0200 Subject: [PATCH 208/253] Updated build script --- .github/workflows/images_build_windows.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index bded4ed63..c091c48e0 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -112,8 +112,7 @@ jobs: echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} - name: Upload SHA256 tag - uses: actions/upload-ar -tifact@v2.2.4 + uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} From 724269eafbc59e51aa2bbe3da90cdbd912941051 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:45:12 +0200 Subject: [PATCH 209/253] Updated build script --- .github/workflows/images_build_windows.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index c091c48e0..63100eb79 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -97,10 +97,10 @@ jobs: - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") | Foreach-Object { "--tag=$_" } ) - $tags=$( $tags_array - Join ' ' ) + $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") | Foreach-Object { "$_" } ) + $tags=$( $tags_array -Join ',' ) docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" + echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags $tags_array[0] docker logout From 13fb0de4a39f034dcd81a1060507ac02cf6f283b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:48:47 +0200 Subject: [PATCH 210/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 63100eb79..0322ee12a 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -100,7 +100,7 @@ jobs: $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") | Foreach-Object { "$_" } ) $tags=$( $tags_array -Join ',' ) docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" + echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t 'zabbix/zabbix-build-base:ltsc2022-trunk' -t 'zabbix/zabbix-build-base:trunk-ltsc2022' .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags $tags_array[0] docker logout From d8f7b20b4ab02dfe5bcf633db5ef790f6d391a40 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:50:41 +0200 Subject: [PATCH 211/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 0322ee12a..0d799f1da 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -101,7 +101,7 @@ jobs: $tags=$( $tags_array -Join ',' ) docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t 'zabbix/zabbix-build-base:ltsc2022-trunk' -t 'zabbix/zabbix-build-base:trunk-ltsc2022' .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" - docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t 'zabbix/zabbix-build-base:ltsc2022-trunk' -t 'zabbix/zabbix-build-base:trunk-ltsc2022' .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags $tags_array[0] docker logout From 8ff4032b2ffca2d201136f5ef76846a36e0b6353 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:56:05 +0200 Subject: [PATCH 212/253] Updated build script --- .github/workflows/images_build_windows.yml | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 0d799f1da..0aef74c07 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -89,25 +89,23 @@ jobs: with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} tags: | - type=ref,event=branch,prefix=${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }} + type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- flavor: | latest=false - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push id: docker_build run: | - $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") | Foreach-Object { "$_" } ) - $tags=$( $tags_array -Join ',' ) + $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) + $tags=$($tags_array | Foreach-Object { "-t '$_'" }) -Join ' ' docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t 'zabbix/zabbix-build-base:ltsc2022-trunk' -t 'zabbix/zabbix-build-base:trunk-ltsc2022' .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" - docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} -t 'zabbix/zabbix-build-base:ltsc2022-trunk' -t 'zabbix/zabbix-build-base:trunk-ltsc2022' .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" + docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ docker push image push --all-tags $tags_array[0] docker logout - - name: Image digest - run: | - $digest=$(docker inspect ${{ steps.meta.outputs.tags[0] }} --format "{{.Id}}") + $digest=$(docker inspect ${{ $tags_array[0] }} --format "{{.Id}}") echo $digest echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} From ab21113d69a5c136d368b9ab21aa22dc9bd5bdba Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 15:57:08 +0200 Subject: [PATCH 213/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 0aef74c07..494b54174 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -105,7 +105,7 @@ jobs: docker push image push --all-tags $tags_array[0] docker logout - $digest=$(docker inspect ${{ $tags_array[0] }} --format "{{.Id}}") + $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") echo $digest echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} From 4b4e4887374c4b8535b5cd966bb1c47b3851c032 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 16:09:18 +0200 Subject: [PATCH 214/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 494b54174..f8f3d85ec 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -98,7 +98,7 @@ jobs: id: docker_build run: | $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) - $tags=$($tags_array | Foreach-Object { "-t '$_'" }) -Join ' ' + $tags=$($tags_array | Foreach-Object { "--tag=$_" }) docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ From 64c484ab3d0060d08417d571745f050ef9a648c6 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 16:18:42 +0200 Subject: [PATCH 215/253] Updated build script --- .github/workflows/images_build_windows.yml | 3 +++ Dockerfiles/build-base/windows/Dockerfile.agent2 | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index f8f3d85ec..2fe75d9fc 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -99,9 +99,12 @@ jobs: run: | $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) $tags=$($tags_array | Foreach-Object { "--tag=$_" }) + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + docker push image push --all-tags $tags_array[0] docker logout diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index a17e2b6d1..ce6a59ed5 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -17,7 +17,7 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG VS_BUILDTOOLS_URL=https://aka.ms/vs/16/release/vs_buildtools.exe ARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v2.33.0.windows.2/MinGit-2.33.0.2-busybox-64-bit.zip -ARG MINGW_URL=https://deac-riga.dl.sourceforge.net/project/mingw-w64/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z +ARG MINGW_URL=https://sourceforge.net/projects/mingw-w64/files/Toolchains%20targetting%20Win64/Personal%20Builds/mingw-builds/8.1.0/threads-win32/sjlj/x86_64-8.1.0-release-win32-sjlj-rt_v6-rev0.7z ARG GOLANG_URL=https://golang.org/dl/go$GOLANG_VERSION.windows-amd64.msi ARG CYGWIN_URL=https://cygwin.com/setup-x86_64.exe ARG PCRE_URL=https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.zip From c5cc9be0bad22d18eb9cd8b80e6d5ae55c6f1e80 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 16:58:11 +0200 Subject: [PATCH 216/253] Updated build script --- .github/workflows/images_build_windows.yml | 9 ++------- Dockerfiles/build-base/windows/Dockerfile.agent2 | 1 + 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 2fe75d9fc..43d8e84d8 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -77,12 +77,6 @@ jobs: with: fetch-depth: 1 - - name: Login to DockerHub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Generate tags id: meta uses: docker/metadata-action@v3 @@ -105,7 +99,8 @@ jobs: echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ - docker push image push --all-tags $tags_array[0] + echo "docker push image push --all-tags $tags_array[0]" + docker image push --all-tags $tags_array[0] docker logout $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index ce6a59ed5..ca6293423 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -114,6 +114,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` ` Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }; ` Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` From ea0698786f93a4cc4a7947f8516c5b42eab9729c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 17:08:55 +0200 Subject: [PATCH 217/253] Updated build script --- .github/workflows/images_build_windows.yml | 91 +++++-------------- .../build-base/windows/Dockerfile.agent2 | 3 +- 2 files changed, 27 insertions(+), 67 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 43d8e84d8..0e3c7a325 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -37,7 +37,6 @@ jobs: - name: Check build.json file id: build_exists run: | - docker build --help if (-not(Test-Path -Path "./build.json" -PathType Leaf)) { throw "::error::File build.json is missing" } @@ -141,62 +140,55 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Prepare Platform list - id: platform - run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") - - echo ::set-output name=list::$platform_list - - name: Generate tags id: meta uses: docker/metadata-action@v3 with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} tags: | - type=ref,event=branch,prefix=${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }} + type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- flavor: | latest=false - name: Download SHA256 tag build-base:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: - name: build-base_${{ matrix.os }} + name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} - name: Retrieve build-base:${{ matrix.os }} SHA256 tag id: base_build run: | - BASE_TAG=$(cat build-base_${{ matrix.os }}) + BASE_TAG=$(cat build-base_${{ matrix.os }}_${{ matrix.build }}) BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${BASE_TAG} echo ::set-output name=base_tag::${BASE_TAG} echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} - - name: Build ${{ matrix.build }}/${{ matrix.os }} and push + - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push id: docker_build - uses: docker/build-push-action@v2 - with: - context: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }} - file: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }}/Dockerfile - platforms: ${{ steps.platform.outputs.list }} - push: false - tags: ${{ steps.meta.outputs.tags }} - build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} - labels: | - org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - - - name: Image digest run: | - echo ${{ steps.docker_build.outputs.digest }} - echo "${{ steps.docker_build.outputs.digest }}" > ${{ matrix.build }}_${{ matrix.os }} + $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) + $tags=$($tags_array | Foreach-Object { "--tag=$_" }) + + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + + echo "docker build --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\" + docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ + + echo "docker push image push --all-tags $tags_array[0]" + docker image push --all-tags $tags_array[0] + docker logout + + $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + echo $digest + echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }}) - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: ${{ matrix.build }}_${{ matrix.os }} - path: ${{ matrix.build }}_${{ matrix.os }} + name: base-mysql_${{ matrix.os }}_${{ matrix.build }}) + path: base-mysql_${{ matrix.os }}_${{ matrix.build }}) if-no-files-found: error build_images: @@ -213,37 +205,6 @@ jobs: steps: - uses: actions/checkout@v2.3.4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to DockerHub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Prepare Platform list - id: platform - run: | - # Chromium on Alpine is available only on linux/amd64, linux/arm64 platforms - if [ "${{ matrix.os }}" == "alpine" ] && [ "${{ matrix.build }}" == "web-service" ]; then - platform_list="linux/amd64,linux/arm64" - else - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") - fi - - echo ::set-output name=list::$platform_list - - - name: Detect Build Base Image - id: build_base_image - run: | - BUILD_BASE=$(jq -r '.components."${{ matrix.build }}"' "./build.json") - - echo ::set-output name=build_base::${BUILD_BASE} - - name: Generate tags id: meta uses: docker/metadata-action@v3 @@ -257,16 +218,14 @@ jobs: - name: Download SHA256 tag for ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 - if: ${{ matrix.build != 'snmptraps' }} with: - name: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }} + name: base-mysql_${{ matrix.os }}_${{ matrix.build }} - name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag id: base_build - if: ${{ matrix.build != 'snmptraps' }} run: | - BASE_TAG=$(cat ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}) - BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-${{ steps.build_base_image.outputs.build_base }}@${BASE_TAG} + BASE_TAG=$(cat ${{ base-mysql_${{ matrix.os }}_${{ matrix.build }} ) + BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@${BASE_TAG} echo ::set-output name=base_tag::${BASE_TAG} echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index ca6293423..46a4d5530 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -113,8 +113,9 @@ RUN Set-Location -Path $env:SystemDrive\.; ` 7z -h | Select -first 2; ` ` Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12; ` [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12; ` Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` From 07bc4333c7d9262ed794246e7d66229ed48df1c3 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 17:10:08 +0200 Subject: [PATCH 218/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 0e3c7a325..32e073956 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -224,7 +224,7 @@ jobs: - name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag id: base_build run: | - BASE_TAG=$(cat ${{ base-mysql_${{ matrix.os }}_${{ matrix.build }} ) + BASE_TAG=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@${BASE_TAG} echo ::set-output name=base_tag::${BASE_TAG} From 291aaf7bf6aafca00f1284999d5b77b654845198 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 17:25:53 +0200 Subject: [PATCH 219/253] Updated build script --- Dockerfiles/build-base/windows/Dockerfile.agent2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index 46a4d5530..5daa27cb6 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -116,7 +116,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12; ` [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }; ` [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12; ` - Invoke-WebRequest -OutFile $env:SystemDrive\mingw.7z -Uri $env:MINGW_URL; ` + (new-object System.Net.WebClient).DownloadFile("""$env:MINGW_URL""","""$env:SystemDrive\mingw.7z"""); ` ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` Write-Host ('Verifying SHA256 ({0}) ...' -f $sha256); ` From 21742c7d73c031ff210cbfb4bd33845bbf5f41b5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 18:16:41 +0200 Subject: [PATCH 220/253] Updated build script --- .github/workflows/images_build_windows.yml | 12 ++++++++++-- Dockerfiles/build-base/windows/Dockerfile.agent2 | 4 +--- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 32e073956..304eca6fc 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -170,17 +170,25 @@ jobs: run: | $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) $tags=$($tags_array | Foreach-Object { "--tag=$_" }) + $tags_list=$($tags_array -Join ' ') docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + if (-not $?) {throw "Failed"} echo "docker build --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\" docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ + if (-not $?) {throw "Failed"} - echo "docker push image push --all-tags $tags_array[0]" - docker image push --all-tags $tags_array[0] + echo "docker push image push --all-tags $tags_list" + Foreach ($tag in $test2) { + docker image push $tag + if (-not $?) {throw "Failed"} + } docker logout + if (-not $?) {throw "Failed"} $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + if (-not $?) {throw "Failed"} echo $digest echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }}) diff --git a/Dockerfiles/build-base/windows/Dockerfile.agent2 b/Dockerfiles/build-base/windows/Dockerfile.agent2 index 5daa27cb6..2045cf900 100644 --- a/Dockerfiles/build-base/windows/Dockerfile.agent2 +++ b/Dockerfiles/build-base/windows/Dockerfile.agent2 @@ -113,9 +113,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` 7z -h | Select -first 2; ` ` Write-Host ('Downloading {0} ...' -f $env:MINGW_URL); ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12; ` - [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }; ` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12; ` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; ` (new-object System.Net.WebClient).DownloadFile("""$env:MINGW_URL""","""$env:SystemDrive\mingw.7z"""); ` ` $sha256 = 'e8c65ddc655534b0330f66f7b480565621e8617cda9937d76ba141a22bf3b2fa'; ` From 2d0414f5cbaa83bd2e0b05a340f9f8b87f20b2da Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 18:46:04 +0200 Subject: [PATCH 221/253] Updated build script --- .github/workflows/images_build_windows.yml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 304eca6fc..9db193ec2 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -94,15 +94,22 @@ jobs: $tags=$($tags_array | Foreach-Object { "--tag=$_" }) docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + if (-not $?) {throw "Failed"} echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + if (-not $?) {throw "Failed"} - echo "docker push image push --all-tags $tags_array[0]" - docker image push --all-tags $tags_array[0] + Foreach ($tag in $test2) { + echo "docker push image push --all-tags $tag" + docker image push $tag + if (-not $?) {throw "Failed"} + } docker logout + if (-not $?) {throw "Failed"} $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + if (-not $?) {throw "Failed"} echo $digest echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} @@ -120,7 +127,7 @@ jobs: strategy: fail-fast: false matrix: - build: ${{ fromJson(needs.init_build.outputs.database) }} + build: ${{ fromJson(needs.init_build.outputs.components) }} os: ${{ fromJson(needs.init_build.outputs.os) }} runs-on: windows-2022 @@ -179,7 +186,6 @@ jobs: docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ if (-not $?) {throw "Failed"} - echo "docker push image push --all-tags $tags_list" Foreach ($tag in $test2) { docker image push $tag if (-not $?) {throw "Failed"} From 5d84a982dbb95064d706a427c285531288fc6738 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 19:16:47 +0200 Subject: [PATCH 222/253] Updated build script --- .github/workflows/images_build_windows.yml | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 9db193ec2..bc901c4df 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -100,8 +100,8 @@ jobs: docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ if (-not $?) {throw "Failed"} - Foreach ($tag in $test2) { - echo "docker push image push --all-tags $tag" + Foreach ($tag in $tags_array) { + echo "docker image push $tag" docker image push $tag if (-not $?) {throw "Failed"} } @@ -123,7 +123,7 @@ jobs: build_base_database: timeout-minutes: 70 needs: [ "build_base", "init_build"] - name: Build ${{ matrix.build }} base on ${{ matrix.os }} + name: Build ${{ matrix.build }} sources on ${{ matrix.os }} strategy: fail-fast: false matrix: @@ -135,18 +135,6 @@ jobs: - name: Checkout repository uses: actions/checkout@v2.3.4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to DockerHub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Generate tags id: meta uses: docker/metadata-action@v3 @@ -177,7 +165,6 @@ jobs: run: | $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) $tags=$($tags_array | Foreach-Object { "--tag=$_" }) - $tags_list=$($tags_array -Join ' ') docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} if (-not $?) {throw "Failed"} @@ -186,7 +173,7 @@ jobs: docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ if (-not $?) {throw "Failed"} - Foreach ($tag in $test2) { + Foreach ($tag in $tags_array) { docker image push $tag if (-not $?) {throw "Failed"} } From cbc35af60506db94db5f8fcc187f35a1b5a20ba0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 19:51:53 +0200 Subject: [PATCH 223/253] Updated build script --- .github/workflows/images_build_windows.yml | 51 ++++++++++++---------- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index bc901c4df..95c1f2726 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -154,11 +154,11 @@ jobs: - name: Retrieve build-base:${{ matrix.os }} SHA256 tag id: base_build run: | - BASE_TAG=$(cat build-base_${{ matrix.os }}_${{ matrix.build }}) - BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@${BASE_TAG} + $base_tag=$(cat build-base_${{ matrix.os }}_${{ matrix.build }}) + $build_base_image=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@$base_tag - echo ::set-output name=base_tag::${BASE_TAG} - echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} + echo ::set-output name=base_tag::$base_tag + echo ::set-output name=base_build_image::$build_base_image - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push id: docker_build @@ -225,25 +225,32 @@ jobs: - name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag id: base_build run: | - BASE_TAG=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) - BUILD_BASE_IMAGE=${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@${BASE_TAG} + $base_tag=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) + $build_base_image=${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@$base_tag - echo ::set-output name=base_tag::${BASE_TAG} - echo ::set-output name=base_build_image::${BUILD_BASE_IMAGE} + echo ::set-output name=base_tag::$base_tag + echo ::set-output name=base_build_image::$build_base_image - - name: Build ${{ matrix.build }}/${{ matrix.os }} and push + - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push id: docker_build - uses: docker/build-push-action@v2 - with: - context: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }} - file: ./Dockerfiles/${{ matrix.build }}/${{ matrix.os }}/Dockerfile - platforms: ${{ steps.platform.outputs.list }} - push: false - tags: ${{ steps.meta.outputs.tags }} - build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} - labels: | - org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + run: | + $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) + $tags=$($tags_array | Foreach-Object { "--tag=$_" }) - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + if (-not $?) {throw "Failed"} + + echo "docker build --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ matrix.build }}\windows\" + docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ matrix.build }}\windows\ + if (-not $?) {throw "Failed"} + + Foreach ($tag in $tags_array) { + docker image push $tag + if (-not $?) {throw "Failed"} + } + docker logout + if (-not $?) {throw "Failed"} + + $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + if (-not $?) {throw "Failed"} + echo $digest From d384bbb9356033539b0d958fcf30505f87496c86 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 20:50:24 +0200 Subject: [PATCH 224/253] Updated build script --- .github/workflows/images_build_windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 95c1f2726..22e18dba7 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -155,7 +155,7 @@ jobs: id: base_build run: | $base_tag=$(cat build-base_${{ matrix.os }}_${{ matrix.build }}) - $build_base_image=${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@$base_tag + $build_base_image="${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@" + $base_tag echo ::set-output name=base_tag::$base_tag echo ::set-output name=base_build_image::$build_base_image @@ -226,7 +226,7 @@ jobs: id: base_build run: | $base_tag=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) - $build_base_image=${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@$base_tag + $build_base_image="${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@" + $base_tag echo ::set-output name=base_tag::$base_tag echo ::set-output name=base_build_image::$build_base_image From f5490e2be5f79cfb953f97a1ea361295297b128c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 21:25:22 +0200 Subject: [PATCH 225/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 22e18dba7..b3f2f6b45 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -183,7 +183,7 @@ jobs: $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") if (-not $?) {throw "Failed"} echo $digest - echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }}) + echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }} - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 From c402ce0ca3811d7efa1612a24dd5944fa13a091a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 22:27:30 +0200 Subject: [PATCH 226/253] Updated build script --- .github/workflows/images_build_windows.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index b3f2f6b45..60437ff5a 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -108,7 +108,7 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + $digest=$(docker inspect $tags_array[0] --format "{{.RepoDigests}}").Split(':')[-1] if (-not $?) {throw "Failed"} echo $digest echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} @@ -157,8 +157,8 @@ jobs: $base_tag=$(cat build-base_${{ matrix.os }}_${{ matrix.build }}) $build_base_image="${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@" + $base_tag - echo ::set-output name=base_tag::$base_tag - echo ::set-output name=base_build_image::$build_base_image + echo "::set-output name=base_tag::$base_tag" + echo "::set-output name=base_build_image::$build_base_image" - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push id: docker_build @@ -180,7 +180,7 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + $digest=$(docker inspect $tags_array[0] --format "{{.RepoDigests}}").Split(':')[-1] if (-not $?) {throw "Failed"} echo $digest echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }} @@ -228,8 +228,8 @@ jobs: $base_tag=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) $build_base_image="${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@" + $base_tag - echo ::set-output name=base_tag::$base_tag - echo ::set-output name=base_build_image::$build_base_image + echo "::set-output name=base_tag::$base_tag" + echo "::set-output name=base_build_image::$build_base_image" - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push id: docker_build From 68b4cdf5e433eab81e63918ce8e623311114a951 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 23:13:14 +0200 Subject: [PATCH 227/253] Updated build script --- .github/workflows/images_build_windows.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 60437ff5a..6285f9aa2 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -108,7 +108,7 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{.RepoDigests}}").Split(':')[-1] + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split(':')[-1] if (-not $?) {throw "Failed"} echo $digest echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} @@ -180,7 +180,7 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{.RepoDigests}}").Split(':')[-1] + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split(':')[-1] if (-not $?) {throw "Failed"} echo $digest echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }} @@ -251,6 +251,6 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{.Id}}") + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split(':')[-1] if (-not $?) {throw "Failed"} echo $digest From d49dc149d5cbc88f23a05312143dcbd0bb546bad Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 8 Oct 2021 23:27:11 +0200 Subject: [PATCH 228/253] Updated build script --- .github/workflows/images_build_windows.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 6285f9aa2..b4b9893ca 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -108,7 +108,7 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split(':')[-1] + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} @@ -180,7 +180,7 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split(':')[-1] + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }} @@ -251,6 +251,6 @@ jobs: docker logout if (-not $?) {throw "Failed"} - $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split(':')[-1] + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest From 3a6fecf3bc08d561f8c26b172d122e4b8a62876e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 00:00:45 +0200 Subject: [PATCH 229/253] Updated build script --- .github/workflows/images_build_windows.yml | 14 +++++++------- Dockerfiles/build-mysql/windows/Dockerfile.agent | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index b4b9893ca..615c42262 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -120,7 +120,7 @@ jobs: path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} if-no-files-found: error - build_base_database: + build_components: timeout-minutes: 70 needs: [ "build_base", "init_build"] name: Build ${{ matrix.build }} sources on ${{ matrix.os }} @@ -146,7 +146,7 @@ jobs: flavor: | latest=false - - name: Download SHA256 tag build-base:${{ matrix.os }} + - name: Download SHA256 tag build-base:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} @@ -188,13 +188,13 @@ jobs: - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: base-mysql_${{ matrix.os }}_${{ matrix.build }}) - path: base-mysql_${{ matrix.os }}_${{ matrix.build }}) + name: base-mysql_${{ matrix.os }}_${{ matrix.build }} + path: base-mysql_${{ matrix.os }}_${{ matrix.build }} if-no-files-found: error build_images: timeout-minutes: 70 - needs: [ "build_base_database", "init_build"] + needs: [ "build_components", "init_build"] name: Build ${{ matrix.build }} on ${{ matrix.os }} strategy: fail-fast: false @@ -217,12 +217,12 @@ jobs: flavor: | latest=false - - name: Download SHA256 tag for ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} + - name: Download SHA256 tag for build-components:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: name: base-mysql_${{ matrix.os }}_${{ matrix.build }} - - name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag + - name: Retrieve build-components:${{ matrix.os }} SHA256 tag id: base_build run: | $base_tag=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) diff --git a/Dockerfiles/build-mysql/windows/Dockerfile.agent b/Dockerfiles/build-mysql/windows/Dockerfile.agent index 3b66ed6ae..f33915346 100644 --- a/Dockerfiles/build-mysql/windows/Dockerfile.agent +++ b/Dockerfiles/build-mysql/windows/Dockerfile.agent @@ -52,7 +52,7 @@ RUN Set-Location -Path $env:SystemDrive\.; ` MODBLIBDIR=$env:SystemDrive\libmodbus\src\win32\$env:BUILD_ARCH\Release ` $env:ZBX_COMPONENT; ` ` - Write-Host 'Verifying build ("zabbix_agent2.exe -V") ...'; ` + Write-Host 'Verifying build ("zabbix_agentd.exe -V") ...'; ` & $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe -V; ` dumpbin /dependents $env:SystemDrive\zabbix-$env:ZBX_VERSION\bin\win64\zabbix_agentd.exe; ` ` From bc5d2d5089d8390d04fff88cd555bb3a1b0a871a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 00:50:45 +0200 Subject: [PATCH 230/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 615c42262..a9a42cf1c 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -241,7 +241,7 @@ jobs: if (-not $?) {throw "Failed"} echo "docker build --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ matrix.build }}\windows\" - docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ matrix.build }}\windows\ + docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile $tags .\Dockerfiles\${{ matrix.build }}\windows\ if (-not $?) {throw "Failed"} Foreach ($tag in $tags_array) { From c07d2b55e58157282c41ae7335f7751d23be886b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 01:37:06 +0200 Subject: [PATCH 231/253] Updated build script --- .github/workflows/images_build_windows.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index a9a42cf1c..8b76181fe 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -97,7 +97,9 @@ jobs: if (-not $?) {throw "Failed"} echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" - docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` + --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` + --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ if (-not $?) {throw "Failed"} Foreach ($tag in $tags_array) { @@ -170,7 +172,9 @@ jobs: if (-not $?) {throw "Failed"} echo "docker build --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\" - docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ + docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` + --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` + --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ if (-not $?) {throw "Failed"} Foreach ($tag in $tags_array) { @@ -241,7 +245,9 @@ jobs: if (-not $?) {throw "Failed"} echo "docker build --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ matrix.build }}\windows\" - docker build --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile $tags .\Dockerfiles\${{ matrix.build }}\windows\ + docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` + --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` + --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile $tags .\Dockerfiles\${{ matrix.build }}\windows\ if (-not $?) {throw "Failed"} Foreach ($tag in $tags_array) { From a4de106c911588459ab34275e46b744929c40d02 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 01:43:01 +0200 Subject: [PATCH 232/253] Updated build script --- .github/workflows/images_build_windows.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 8b76181fe..c27a222b0 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -141,7 +141,7 @@ jobs: id: meta uses: docker/metadata-action@v3 with: - images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} + images: ${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql tags: | type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- @@ -216,8 +216,8 @@ jobs: with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} tags: | - type=ref,event=branch,prefix=${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }} + type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- flavor: | latest=false From 470f06072bd44bf20b08864044e6d76d98bb488d Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 05:50:03 +0200 Subject: [PATCH 233/253] Updated build script --- .github/workflows/images_build_windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index c27a222b0..34904a42b 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -216,8 +216,8 @@ jobs: with: images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} tags: | - type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- + type=ref,event=branch,prefix=${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }} flavor: | latest=false From f6714f00d902c0bb97a8299f46b2e03b0fb21766 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 07:33:57 +0200 Subject: [PATCH 234/253] Updated build script --- .github/workflows/images_build_windows.yml | 160 +++++++++++++-------- 1 file changed, 104 insertions(+), 56 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 34904a42b..c66ce249d 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -18,7 +18,9 @@ defaults: env: DOCKER_REPOSITORY: "zabbix" LATEST_BRANCH: ${{ github.event.repository.default_branch }} + IMAGE_PREFIX: "zabbix-" BASE_BUILD_NAME: "build-base" + COMPONENT_BASE_BUILD_NAME: "build-mysql" jobs: init_build: @@ -61,13 +63,15 @@ jobs: build_base: timeout-minutes: 70 - name: Build ${{ matrix.build }} base on ${{ matrix.os }} + name: Build ${{ matrix.component }} base on ${{ matrix.os }} needs: init_build + env: + BASE_BUILD_ARTIFACT_FILE=${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: os: ${{ fromJson(needs.init_build.outputs.os) }} - build: ${{ fromJson(needs.init_build.outputs.components) }} + component: ${{ fromJson(needs.init_build.outputs.components) }} runs-on: windows-2022 steps: @@ -76,187 +80,231 @@ jobs: with: fetch-depth: 1 + - name: Login to DockerHub + run: | + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + if (-not $?) {throw "Failed"} + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: - images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ env.BASE_BUILD_NAME }} + images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.BASE_BUILD_NAME }} tags: | - type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- + type=ref,event=branch,prefix=${{ matrix.component }}-${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.component }}- flavor: | latest=false - - name: Build ${{ env.BASE_BUILD_NAME }}/${{ matrix.build }}-${{ matrix.os }} and push + - name: Build image id: docker_build run: | - $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) - $tags=$($tags_array | Foreach-Object { "--tag=$_" }) + $context='.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\' + $dockerfile= $context + 'Dockerfile.${{ matrix.component }}' - docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - if (-not $?) {throw "Failed"} + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) + $tags=$( $tags_array | Foreach-Object { "--tag=$_" } ) - echo "docker build --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\" + echo "docker build --file=$dockerfile $tags $context" docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` - --file=.\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ env.BASE_BUILD_NAME }}\windows\ + --file=$dockerfile ` + $tags ` + $context if (-not $?) {throw "Failed"} + - name: Push image + run: | + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) + Foreach ($tag in $tags_array) { echo "docker image push $tag" docker image push $tag if (-not $?) {throw "Failed"} } - docker logout - if (-not $?) {throw "Failed"} + + - name: Image digest + run: | + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} + echo $digest - echo "$digest" > ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} + $digest | Set-Content ${{ env.BASE_BUILD_ARTIFACT_FILE }} - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} - path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} + name: ${{ env.BASE_BUILD_ARTIFACT_FILE }} + path: ${{ env.BASE_BUILD_ARTIFACT_FILE }} if-no-files-found: error + - name: Logout from DockerHub + run: | + docker logout + if (-not $?) {throw "Failed"} + build_components: timeout-minutes: 70 needs: [ "build_base", "init_build"] - name: Build ${{ matrix.build }} sources on ${{ matrix.os }} + name: Build ${{ matrix.component }} sources on ${{ matrix.os }} + env: + BASE_BUILD_ARTIFACT_FILE=${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + COMPONENT_BASE_BUILD_ARTIFACT_FILE=${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} strategy: - fail-fast: false + fail-fast: false matrix: - build: ${{ fromJson(needs.init_build.outputs.components) }} os: ${{ fromJson(needs.init_build.outputs.os) }} + component: ${{ fromJson(needs.init_build.outputs.components) }} runs-on: windows-2022 steps: - name: Checkout repository uses: actions/checkout@v2.3.4 + - name: Login to DockerHub + run: | + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + if (-not $?) {throw "Failed"} + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: - images: ${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql + images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.COMPONENT_BASE_BUILD_NAME }} tags: | - type=ref,event=branch,prefix=${{ matrix.build }}-${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.build }}- + type=ref,event=branch,prefix=${{ matrix.component }}-${{ matrix.os }}- + type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.component }}- flavor: | latest=false - name: Download SHA256 tag build-base:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: - name: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.build }} + name: ${{ env.BASE_BUILD_ARTIFACT_FILE }} - - name: Retrieve build-base:${{ matrix.os }} SHA256 tag + - name: Retrieve ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} SHA256 tag id: base_build run: | - $base_tag=$(cat build-base_${{ matrix.os }}_${{ matrix.build }}) - $build_base_image="${{ env.DOCKER_REPOSITORY }}/zabbix-build-base@" + $base_tag + $base_tag = Get-Content ${{ env.BASE_BUILD_ARTIFACT_FILE }} -Raw + $build_base_image="${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.BASE_BUILD_NAME }}@" + $base_tag echo "::set-output name=base_tag::$base_tag" echo "::set-output name=base_build_image::$build_base_image" - - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push + - name: Build image and push id: docker_build run: | - $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) + $context='.\Dockerfiles\${{ env.COMPONENT_BASE_BUILD_NAME }}\windows\' + $dockerfile= $context + 'Dockerfile.${{ matrix.component }}' + + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) $tags=$($tags_array | Foreach-Object { "--tag=$_" }) - docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - if (-not $?) {throw "Failed"} - - echo "docker build --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\" + echo "docker build --file=$dockerfile $tags $context" docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` - --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\build-mysql\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\build-mysql\windows\ + --file=$dockerfile ` + $tags ` + $context if (-not $?) {throw "Failed"} Foreach ($tag in $tags_array) { docker image push $tag if (-not $?) {throw "Failed"} } - docker logout - if (-not $?) {throw "Failed"} $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest - echo "$digest" > base-mysql_${{ matrix.os }}_${{ matrix.build }} + $digest | Set-Content ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} + + - name: Logout from DockerHub + run: | + docker logout + if (-not $?) {throw "Failed"} - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: base-mysql_${{ matrix.os }}_${{ matrix.build }} - path: base-mysql_${{ matrix.os }}_${{ matrix.build }} + name: ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} + path: ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} if-no-files-found: error build_images: timeout-minutes: 70 needs: [ "build_components", "init_build"] - name: Build ${{ matrix.build }} on ${{ matrix.os }} + name: Build ${{ matrix.component }} on ${{ matrix.os }} + env: + COMPONENT_BASE_BUILD_ARTIFACT_FILE=${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: - build: ${{ fromJson(needs.init_build.outputs.components) }} os: ${{ fromJson(needs.init_build.outputs.os) }} + component: ${{ fromJson(needs.init_build.outputs.components) }} runs-on: windows-2022 steps: - uses: actions/checkout@v2.3.4 + - name: Login to DockerHub + run: | + docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} + if (-not $?) {throw "Failed"} + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: - images: ${{ env.DOCKER_REPOSITORY }}/zabbix-${{ matrix.build }} + images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ matrix.component }} tags: | type=ref,event=branch,prefix=${{ matrix.os }}- type=ref,event=branch,suffix=-${{ matrix.os }} flavor: | latest=false - - name: Download SHA256 tag for build-components:${{ matrix.os }} + - name: Download SHA256 tag for ${{ env.COMPONENT_BASE_BUILD_NAME }}:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: - name: base-mysql_${{ matrix.os }}_${{ matrix.build }} + name: ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} - - name: Retrieve build-components:${{ matrix.os }} SHA256 tag + - name: ${{ env.COMPONENT_BASE_BUILD_NAME }}:${{ matrix.os }} SHA256 tag id: base_build run: | - $base_tag=$(cat base-mysql_${{ matrix.os }}_${{ matrix.build }} ) - $build_base_image="${{ env.DOCKER_REPOSITORY }}/zabbix-build-mysql@" + $base_tag + $base_tag = Get-Content ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} -Raw + $build_base_image="${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.COMPONENT_BASE_BUILD_NAME }}@" + $base_tag echo "::set-output name=base_tag::$base_tag" echo "::set-output name=base_build_image::$build_base_image" - - name: Build ${{ matrix.build }}/${{ matrix.os }}:${{ matrix.os }} and push + - name: Build ${{ matrix.component }}/${{ matrix.os }}:${{ matrix.os }} and push id: docker_build run: | - $tags_array=$( "${{ steps.meta.outputs.tags}}".Split("`r`n") ) + $context='.\Dockerfiles\${{ matrix.component }}\windows\' + $dockerfile= $context + 'Dockerfile' + + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) $tags=$($tags_array | Foreach-Object { "--tag=$_" }) - docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} - if (-not $?) {throw "Failed"} - - echo "docker build --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile.${{ matrix.build }} $tags .\Dockerfiles\${{ matrix.build }}\windows\" + echo "docker build --file=$dockerfile $tags $context" docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` - --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} --file=.\Dockerfiles\${{ matrix.build }}\windows\Dockerfile $tags .\Dockerfiles\${{ matrix.build }}\windows\ + --file=$dockerfile ` + $tags ` + $context if (-not $?) {throw "Failed"} Foreach ($tag in $tags_array) { docker image push $tag if (-not $?) {throw "Failed"} } - docker logout - if (-not $?) {throw "Failed"} $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest + + - name: Logout from DockerHub + run: | + docker logout + if (-not $?) {throw "Failed"} From 576c31306f770d82ecde9a39101fb83776b8d298 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 07:36:35 +0200 Subject: [PATCH 235/253] Updated build script --- .github/workflows/images_build_windows.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index c66ce249d..030d4c282 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -66,7 +66,7 @@ jobs: name: Build ${{ matrix.component }} base on ${{ matrix.os }} needs: init_build env: - BASE_BUILD_ARTIFACT_FILE=${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + BASE_BUILD_ARTIFACT_FILE: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: @@ -150,8 +150,8 @@ jobs: needs: [ "build_base", "init_build"] name: Build ${{ matrix.component }} sources on ${{ matrix.os }} env: - BASE_BUILD_ARTIFACT_FILE=${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} - COMPONENT_BASE_BUILD_ARTIFACT_FILE=${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + BASE_BUILD_ARTIFACT_FILE: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + COMPONENT_BASE_BUILD_ARTIFACT_FILE: ${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: @@ -237,7 +237,7 @@ jobs: needs: [ "build_components", "init_build"] name: Build ${{ matrix.component }} on ${{ matrix.os }} env: - COMPONENT_BASE_BUILD_ARTIFACT_FILE=${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + COMPONENT_BASE_BUILD_ARTIFACT_FILE: ${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: From 5434f4371ca20cc6a67fe101b236a594d9f8989c Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 07:40:18 +0200 Subject: [PATCH 236/253] Updated build script --- .github/workflows/images_build_windows.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 030d4c282..241bbd47f 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -66,7 +66,7 @@ jobs: name: Build ${{ matrix.component }} base on ${{ matrix.os }} needs: init_build env: - BASE_BUILD_ARTIFACT_FILE: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + BASE_BUILD_ARTIFACT_FILE: $BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: @@ -150,8 +150,8 @@ jobs: needs: [ "build_base", "init_build"] name: Build ${{ matrix.component }} sources on ${{ matrix.os }} env: - BASE_BUILD_ARTIFACT_FILE: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} - COMPONENT_BASE_BUILD_ARTIFACT_FILE: ${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + BASE_BUILD_ARTIFACT_FILE: $BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} + COMPONENT_BASE_BUILD_ARTIFACT_FILE: $COMPONENT_BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: @@ -237,7 +237,7 @@ jobs: needs: [ "build_components", "init_build"] name: Build ${{ matrix.component }} on ${{ matrix.os }} env: - COMPONENT_BASE_BUILD_ARTIFACT_FILE: ${{ env.COMPONENT_BASE_BUILD_NAME }}_${{ matrix.os }}_${{ matrix.component }} + COMPONENT_BASE_BUILD_ARTIFACT_FILE: $COMPONENT_BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} strategy: fail-fast: false matrix: From dcc36e745e280ce5b2c5e32f20ef445f8cfe6581 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 07:53:22 +0200 Subject: [PATCH 237/253] Updated build script --- .github/workflows/images_build_windows.yml | 28 +++++++++++----------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 241bbd47f..273959839 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -66,7 +66,7 @@ jobs: name: Build ${{ matrix.component }} base on ${{ matrix.os }} needs: init_build env: - BASE_BUILD_ARTIFACT_FILE: $BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} + BASE_BUILD_ARTIFACT_FILE_SUFFIX: "_${{ matrix.os }}_${{ matrix.component }}" strategy: fail-fast: false matrix: @@ -131,13 +131,13 @@ jobs: if (-not $?) {throw "Failed"} echo $digest - $digest | Set-Content ${{ env.BASE_BUILD_ARTIFACT_FILE }} + $digest | Set-Content ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: ${{ env.BASE_BUILD_ARTIFACT_FILE }} - path: ${{ env.BASE_BUILD_ARTIFACT_FILE }} + name: ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} + path: ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} if-no-files-found: error - name: Logout from DockerHub @@ -150,8 +150,8 @@ jobs: needs: [ "build_base", "init_build"] name: Build ${{ matrix.component }} sources on ${{ matrix.os }} env: - BASE_BUILD_ARTIFACT_FILE: $BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} - COMPONENT_BASE_BUILD_ARTIFACT_FILE: $COMPONENT_BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} + BASE_BUILD_ARTIFACT_FILE_SUFFIX: "_${{ matrix.os }}_${{ matrix.component }}" + COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX: "_${{ matrix.os }}_${{ matrix.component }}" strategy: fail-fast: false matrix: @@ -182,12 +182,12 @@ jobs: - name: Download SHA256 tag build-base:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: - name: ${{ env.BASE_BUILD_ARTIFACT_FILE }} + name: ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Retrieve ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} SHA256 tag id: base_build run: | - $base_tag = Get-Content ${{ env.BASE_BUILD_ARTIFACT_FILE }} -Raw + $base_tag = Get-Content ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} -Raw $build_base_image="${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.BASE_BUILD_NAME }}@" + $base_tag echo "::set-output name=base_tag::$base_tag" @@ -218,7 +218,7 @@ jobs: $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest - $digest | Set-Content ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} + $digest | Set-Content ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Logout from DockerHub run: | @@ -228,8 +228,8 @@ jobs: - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: - name: ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} - path: ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} + name: ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} + path: ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} if-no-files-found: error build_images: @@ -237,7 +237,7 @@ jobs: needs: [ "build_components", "init_build"] name: Build ${{ matrix.component }} on ${{ matrix.os }} env: - COMPONENT_BASE_BUILD_ARTIFACT_FILE: $COMPONENT_BASE_BUILD_NAME_${{ matrix.os }}_${{ matrix.component }} + COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX: "_${{ matrix.os }}_${{ matrix.component }}" strategy: fail-fast: false matrix: @@ -267,12 +267,12 @@ jobs: - name: Download SHA256 tag for ${{ env.COMPONENT_BASE_BUILD_NAME }}:${{ matrix.os }} uses: actions/download-artifact@v2.0.10 with: - name: ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} + name: ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: ${{ env.COMPONENT_BASE_BUILD_NAME }}:${{ matrix.os }} SHA256 tag id: base_build run: | - $base_tag = Get-Content ${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE }} -Raw + $base_tag = Get-Content ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} -Raw $build_base_image="${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.COMPONENT_BASE_BUILD_NAME }}@" + $base_tag echo "::set-output name=base_tag::$base_tag" From 103ea5e09927cd46f001701f45e024ac240cba7a Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 08:15:11 +0200 Subject: [PATCH 238/253] Updated build script --- .github/workflows/images_build_windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 273959839..a25b6e7e0 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -131,7 +131,7 @@ jobs: if (-not $?) {throw "Failed"} echo $digest - $digest | Set-Content ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} + $digest | Set-Content -Path ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 @@ -218,7 +218,7 @@ jobs: $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} echo $digest - $digest | Set-Content ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} + $digest | Set-Content -Path ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Logout from DockerHub run: | From 1e598415e0442ec670652cb818131731983f827e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 08:53:59 +0200 Subject: [PATCH 239/253] Updated build script --- .github/workflows/images_build_windows.yml | 32 ++++++++++++++++++---- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index a25b6e7e0..547845e4e 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -206,25 +206,31 @@ jobs: docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` --file=$dockerfile ` + --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} $tags ` $context if (-not $?) {throw "Failed"} + - name: Push image + run: | + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) + Foreach ($tag in $tags_array) { + echo "docker image push $tag" docker image push $tag if (-not $?) {throw "Failed"} } + - name: Image digest + run: | + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} + echo $digest $digest | Set-Content -Path ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - - name: Logout from DockerHub - run: | - docker logout - if (-not $?) {throw "Failed"} - - name: Upload SHA256 tag uses: actions/upload-artifact@v2.2.4 with: @@ -232,6 +238,11 @@ jobs: path: ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} if-no-files-found: error + - name: Logout from DockerHub + run: | + docker logout + if (-not $?) {throw "Failed"} + build_images: timeout-minutes: 70 needs: [ "build_components", "init_build"] @@ -291,17 +302,28 @@ jobs: docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` --file=$dockerfile ` + --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} $tags ` $context if (-not $?) {throw "Failed"} + - name: Push image + run: | + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) + Foreach ($tag in $tags_array) { + echo "docker image push $tag" docker image push $tag if (-not $?) {throw "Failed"} } + - name: Image digest + run: | + $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) + $digest=$(docker inspect $tags_array[0] --format "{{ index .RepoDigests 0}}").Split('@')[-1] if (-not $?) {throw "Failed"} + echo $digest - name: Logout from DockerHub From f2eaf0fb26e57ca019ec4b39c37cf123065faae7 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 09:03:23 +0200 Subject: [PATCH 240/253] Updated build script --- .github/workflows/images_build_windows.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 547845e4e..4a2ac0047 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -114,6 +114,7 @@ jobs: if (-not $?) {throw "Failed"} - name: Push image + if: ${{ secrets.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -124,6 +125,7 @@ jobs: } - name: Image digest + if: ${{ secrets.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -134,6 +136,7 @@ jobs: $digest | Set-Content -Path ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Upload SHA256 tag + if: ${{ secrets.AUTO_PUSH_IMAGES }} uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} @@ -193,7 +196,7 @@ jobs: echo "::set-output name=base_tag::$base_tag" echo "::set-output name=base_build_image::$build_base_image" - - name: Build image and push + - name: Build image id: docker_build run: | $context='.\Dockerfiles\${{ env.COMPONENT_BASE_BUILD_NAME }}\windows\' @@ -212,6 +215,7 @@ jobs: if (-not $?) {throw "Failed"} - name: Push image + if: ${{ secrets.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -222,6 +226,7 @@ jobs: } - name: Image digest + if: ${{ secrets.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -232,6 +237,7 @@ jobs: $digest | Set-Content -Path ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Upload SHA256 tag + if: ${{ secrets.AUTO_PUSH_IMAGES }} uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} @@ -289,7 +295,7 @@ jobs: echo "::set-output name=base_tag::$base_tag" echo "::set-output name=base_build_image::$build_base_image" - - name: Build ${{ matrix.component }}/${{ matrix.os }}:${{ matrix.os }} and push + - name: Build image id: docker_build run: | $context='.\Dockerfiles\${{ matrix.component }}\windows\' @@ -308,6 +314,7 @@ jobs: if (-not $?) {throw "Failed"} - name: Push image + if: ${{ secrets.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -318,6 +325,7 @@ jobs: } - name: Image digest + if: ${{ secrets.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) From 9534df088afde12a1558e33233178fae24db9504 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 09:06:48 +0200 Subject: [PATCH 241/253] Updated build script --- .github/workflows/images_build_windows.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 4a2ac0047..62c4a767a 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -21,6 +21,7 @@ env: IMAGE_PREFIX: "zabbix-" BASE_BUILD_NAME: "build-base" COMPONENT_BASE_BUILD_NAME: "build-mysql" + AUTO_PUSH_IMAGES: ${{ secrets.AUTO_PUSH_IMAGES }} jobs: init_build: @@ -114,7 +115,7 @@ jobs: if (-not $?) {throw "Failed"} - name: Push image - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -125,7 +126,7 @@ jobs: } - name: Image digest - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -136,7 +137,7 @@ jobs: $digest | Set-Content -Path ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Upload SHA256 tag - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.BASE_BUILD_NAME }}${{ env.BASE_BUILD_ARTIFACT_FILE_SUFFIX }} @@ -215,7 +216,7 @@ jobs: if (-not $?) {throw "Failed"} - name: Push image - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -226,7 +227,7 @@ jobs: } - name: Image digest - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -237,7 +238,7 @@ jobs: $digest | Set-Content -Path ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} - name: Upload SHA256 tag - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} uses: actions/upload-artifact@v2.2.4 with: name: ${{ env.COMPONENT_BASE_BUILD_NAME }}${{ env.COMPONENT_BASE_BUILD_ARTIFACT_FILE_SUFFIX }} @@ -314,7 +315,7 @@ jobs: if (-not $?) {throw "Failed"} - name: Push image - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) @@ -325,7 +326,7 @@ jobs: } - name: Image digest - if: ${{ secrets.AUTO_PUSH_IMAGES }} + if: ${{ env.AUTO_PUSH_IMAGES }} run: | $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) From 59c4acf189a39f9fb905637378e49ba21af87f73 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 10:12:02 +0200 Subject: [PATCH 242/253] Updated build script --- .github/workflows/images_build.yml | 10 +++--- .github/workflows/images_build_windows.yml | 38 ++++++++++++++++------ build.json | 7 +++- 3 files changed, 39 insertions(+), 16 deletions(-) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index 56acc716b..31e88fee1 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -48,14 +48,14 @@ jobs: - name: Prepare Operating System list id: os run: | - os_list=$(jq -r '.os | keys | [ .[] | tostring ] | @json' "./build.json") + os_list=$(jq -r '.["os-linux"] | keys | [ .[] | tostring ] | @json' "./build.json") echo "::set-output name=list::$os_list" - name: Prepare Platform list id: platform_list run: | - platform_list=$(jq -r '.os | tostring | @json' "./build.json") + platform_list=$(jq -r '.["os-linux"] | tostring | @json' "./build.json") echo "::set-output name=list::$platform_list" @@ -108,7 +108,7 @@ jobs: - name: Prepare Platform list id: platform run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + platform_list=$(jq -r '.["os-linux"].${{ matrix.os }} | join(",")' "./build.json") echo ::set-output name=list::$platform_list @@ -178,7 +178,7 @@ jobs: - name: Prepare Platform list id: platform run: | - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + platform_list=$(jq -r '.["os-linux"].${{ matrix.os }} | join(",")' "./build.json") echo ::set-output name=list::$platform_list @@ -266,7 +266,7 @@ jobs: if [ "${{ matrix.os }}" == "alpine" ] && [ "${{ matrix.build }}" == "web-service" ]; then platform_list="linux/amd64,linux/arm64" else - platform_list=$(jq -r '.os.${{ matrix.os }} | join(",")' "./build.json") + platform_list=$(jq -r '.["os-linux"].${{ matrix.os }} | join(",")' "./build.json") fi echo ::set-output name=list::$platform_list diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 62c4a767a..147a7de78 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -47,7 +47,7 @@ jobs: - name: Prepare Operating System list id: os run: | - $os_list='["ltsc2022"]' + os_list=$(jq -r '.["os-windows"] | keys | [ .[] | tostring ] | @json' ".\build.json") echo "::set-output name=list::$os_list" @@ -74,7 +74,7 @@ jobs: os: ${{ fromJson(needs.init_build.outputs.os) }} component: ${{ fromJson(needs.init_build.outputs.components) }} - runs-on: windows-2022 + runs-on: ${{ matrix.os }} steps: - name: Checkout repository uses: actions/checkout@v2.3.4 @@ -86,14 +86,20 @@ jobs: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} if (-not $?) {throw "Failed"} + - name: Base OS tag + id: base_os_tag + run: | + $os_tag=$(Get-Content -Path .\build.json | ConvertFrom-Json).'os-windows'.'${{ matrix.os }}' + echo "::set-output name=os_tag::$os_tag" + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.BASE_BUILD_NAME }} tags: | - type=ref,event=branch,prefix=${{ matrix.component }}-${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.component }}- + type=ref,event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- + type=ref,event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- flavor: | latest=false @@ -162,7 +168,7 @@ jobs: os: ${{ fromJson(needs.init_build.outputs.os) }} component: ${{ fromJson(needs.init_build.outputs.components) }} - runs-on: windows-2022 + runs-on: ${{ matrix.os }} steps: - name: Checkout repository uses: actions/checkout@v2.3.4 @@ -172,14 +178,20 @@ jobs: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} if (-not $?) {throw "Failed"} + - name: Base OS tag + id: base_os_tag + run: | + $os_tag=$(Get-Content -Path .\build.json | ConvertFrom-Json).'os-windows'.'${{ matrix.os }}' + echo "::set-output name=os_tag::$os_tag" + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ env.COMPONENT_BASE_BUILD_NAME }} tags: | - type=ref,event=branch,prefix=${{ matrix.component }}-${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }},prefix=${{ matrix.component }}- + type=ref,event=branch,prefix=${{ matrix.component }}-${{ steps.base_os_tag.outputs.os_tag }}- + type=ref,event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }},prefix=${{ matrix.component }}- flavor: | latest=false @@ -262,7 +274,7 @@ jobs: os: ${{ fromJson(needs.init_build.outputs.os) }} component: ${{ fromJson(needs.init_build.outputs.components) }} - runs-on: windows-2022 + runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v2.3.4 @@ -271,14 +283,20 @@ jobs: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} if (-not $?) {throw "Failed"} + - name: Base OS tag + id: base_os_tag + run: | + $os_tag=$(Get-Content -Path .\build.json | ConvertFrom-Json).'os-windows'.'${{ matrix.os }}' + echo "::set-output name=os_tag::$os_tag" + - name: Generate tags id: meta uses: docker/metadata-action@v3 with: images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGE_PREFIX }}${{ matrix.component }} tags: | - type=ref,event=branch,prefix=${{ matrix.os }}- - type=ref,event=branch,suffix=-${{ matrix.os }} + type=ref,event=branch,prefix=${{ steps.base_os_tag.outputs.os_tag }}- + type=ref,event=branch,suffix=-${{ steps.base_os_tag.outputs.os_tag }} flavor: | latest=false diff --git a/build.json b/build.json index 45b482722..0d0eb54b5 100644 --- a/build.json +++ b/build.json @@ -1,5 +1,5 @@ { - "os": { + "os-linux": { "alpine": [ "linux/amd64", "linux/arm/v6", @@ -20,6 +20,11 @@ "linux/arm64" ] }, + "os-windows": { + "windows-2022": "ltsc2022", + "windows-2019": "ltsc2019", + "windows-2016": "ltsc2016" + }, "components": { "agent": "build-mysql", "agent2": "build-mysql", From 46f528ee08d1d9ca7cfd6c65fb76824d6fb86efc Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 10:12:42 +0200 Subject: [PATCH 243/253] Updated build script --- .github/workflows/images_build_windows.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 147a7de78..88fed1282 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -222,7 +222,7 @@ jobs: docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` --file=$dockerfile ` - --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} + --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} ` $tags ` $context if (-not $?) {throw "Failed"} @@ -327,7 +327,7 @@ jobs: docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` --file=$dockerfile ` - --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} + --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} ` $tags ` $context if (-not $?) {throw "Failed"} From e208124b282c5fb754751139322abf76d03a48ea Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 10:14:15 +0200 Subject: [PATCH 244/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 88fed1282..b9683b539 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -47,7 +47,7 @@ jobs: - name: Prepare Operating System list id: os run: | - os_list=$(jq -r '.["os-windows"] | keys | [ .[] | tostring ] | @json' ".\build.json") + os_list=$(jq -r '.["os-windows"] | keys | [ .[] | tostring ] | @json' "./build.json") echo "::set-output name=list::$os_list" From 4e00f429a3274cb5372cab032ee2a009a92293dd Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 10:17:10 +0200 Subject: [PATCH 245/253] Updated build script --- .github/workflows/images_build_windows.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index b9683b539..cdbddebc2 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -39,13 +39,16 @@ jobs: - name: Check build.json file id: build_exists + shell: bash run: | - if (-not(Test-Path -Path "./build.json" -PathType Leaf)) { - throw "::error::File build.json is missing" - } + if [[ ! -f "./build.json" ]]; then + echo "::error::File build.json is missing" + exit 1 + fi - name: Prepare Operating System list id: os + shell: bash run: | os_list=$(jq -r '.["os-windows"] | keys | [ .[] | tostring ] | @json' "./build.json") @@ -53,8 +56,9 @@ jobs: - name: Prepare Zabbix component list id: components + shell: bash run: | - $component_list='["agent","agent2"]' + component_list='["agent","agent2"]' echo "::set-output name=list::$component_list" From 5781665dd1b26a919c4335199d782ca90b4d84a1 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 10:19:44 +0200 Subject: [PATCH 246/253] Updated build script --- .github/workflows/images_build_windows.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index cdbddebc2..28f9413b1 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -119,6 +119,7 @@ jobs: echo "docker build --file=$dockerfile $tags $context" docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` + --build-arg=BUILD_BASE_IMAGE=mcr.microsoft.com/dotnet/framework/sdk:4.8-windowsservercore-${{ steps.base_os_tag.outputs.os_tag }} ` --file=$dockerfile ` $tags ` $context From c263edeb7945e7cf0ea694b7fe0c1791e767c112 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 11:35:31 +0200 Subject: [PATCH 247/253] Updated build script --- build.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build.json b/build.json index 0d0eb54b5..6b15857ba 100644 --- a/build.json +++ b/build.json @@ -22,8 +22,7 @@ }, "os-windows": { "windows-2022": "ltsc2022", - "windows-2019": "ltsc2019", - "windows-2016": "ltsc2016" + "windows-2019": "ltsc2019" }, "components": { "agent": "build-mysql", From 200f7393663fbd04906a6a1001e846f27061f9ad Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 11:41:32 +0200 Subject: [PATCH 248/253] Updated build script --- .github/workflows/images_build_windows.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 28f9413b1..3df847bb3 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -333,6 +333,7 @@ jobs: --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` --file=$dockerfile ` --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} ` + --build-arg=BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-${{ steps.base_os_tag.outputs.os_tag }} ` $tags ` $context if (-not $?) {throw "Failed"} From 16dfc081031031ffb1c36fd44cfda02fa98bf084 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 11:51:37 +0200 Subject: [PATCH 249/253] Updated build script --- .github/workflows/images_build_windows.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 3df847bb3..6720c7cd5 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -328,12 +328,16 @@ jobs: $tags_array=$( "${{ steps.meta.outputs.tags }}".Split("`r`n") ) $tags=$($tags_array | Foreach-Object { "--tag=$_" }) + # PowerShell images based on LTSC 2019 and LTSC 2016 do not have "ltsc" prefix + $os_tag_suffix='${{ steps.base_os_tag.outputs.os_tag }}' + $os_tag_suffix=$os_tag_suffix -replace "ltsc(201[69])",'$1' + echo "docker build --file=$dockerfile $tags $context" docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` --label org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} ` --file=$dockerfile ` --build-arg=BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }} ` - --build-arg=BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-${{ steps.base_os_tag.outputs.os_tag }} ` + --build-arg=BASE_IMAGE=mcr.microsoft.com/powershell:lts-nanoserver-$os_tag_suffix ` $tags ` $context if (-not $?) {throw "Failed"} From f1375b0d1e18178d8cd28507672b7930761f7337 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 9 Oct 2021 13:02:03 +0200 Subject: [PATCH 250/253] Updated build script --- .github/workflows/images_build_windows.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/images_build_windows.yml b/.github/workflows/images_build_windows.yml index 6720c7cd5..ee75629c6 100644 --- a/.github/workflows/images_build_windows.yml +++ b/.github/workflows/images_build_windows.yml @@ -330,7 +330,7 @@ jobs: # PowerShell images based on LTSC 2019 and LTSC 2016 do not have "ltsc" prefix $os_tag_suffix='${{ steps.base_os_tag.outputs.os_tag }}' - $os_tag_suffix=$os_tag_suffix -replace "ltsc(201[69])",'$1' + $os_tag_suffix=$os_tag_suffix -replace "ltsc2019",'1809' echo "docker build --file=$dockerfile $tags $context" docker build --label org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} ` From 5eaeac8b9b6e4ecd5d6d4583bc6846f98524a9a0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 10 Oct 2021 01:39:32 +0300 Subject: [PATCH 251/253] Added missing variable --- env_vars/.env_web | 1 + 1 file changed, 1 insertion(+) diff --git a/env_vars/.env_web b/env_vars/.env_web index d71c9a3ef..ae96d1ad2 100644 --- a/env_vars/.env_web +++ b/env_vars/.env_web @@ -12,6 +12,7 @@ ZBX_SERVER_NAME=Composed installation # VAULT_TOKEN= # ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5 # ZBX_HISTORYSTORAGETYPES=['uint', 'dbl', 'str', 'text', 'log'] # Available since 3.4.5 +# ZBX_SSO_SETTINGS=[] # Available since 5.0.0 # ENABLE_WEB_ACCESS_LOG=true # ZBX_MAXEXECUTIONTIME=600 # ZBX_MEMORYLIMIT=128M From 131728aa0696ea1520e3a7a2c7401bbbdd157645 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 10 Oct 2021 00:43:37 +0200 Subject: [PATCH 252/253] Updated build script --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 9fadbd7eb..3b9cdda07 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ ![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) -![CI](https://github.com/zabbix/zabbix-docker/workflows/CI/badge.svg?branch=trunk&event=release) -![CI](https://github.com/zabbix/zabbix-docker/workflows/CI/badge.svg?branch=trunk&event=push) +[![Build images (DockerHub)](https://github.com/zabbix/zabbix-docker/actions/workflows/images_build.yml/badge.svg?branch=trunk&event=push)](https://github.com/zabbix/zabbix-docker/actions/workflows/images_build.yml) # What is Zabbix? From 09dbb306ef1b3b276495ff47441839472f0e5ebb Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sun, 10 Oct 2021 00:48:50 +0200 Subject: [PATCH 253/253] Updated build script --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 3b9cdda07..1ed7b6140 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ ![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) [![Build images (DockerHub)](https://github.com/zabbix/zabbix-docker/actions/workflows/images_build.yml/badge.svg?branch=trunk&event=push)](https://github.com/zabbix/zabbix-docker/actions/workflows/images_build.yml) +[![Build images (DockerHub, Windows)](https://github.com/zabbix/zabbix-docker/actions/workflows/images_build_windows.yml/badge.svg?branch=trunk&event=push)](https://github.com/zabbix/zabbix-docker/actions/workflows/images_build_windows.yml) # What is Zabbix?