diff --git a/proxy-mysql/rhel/docker-entrypoint.sh b/proxy-mysql/rhel/docker-entrypoint.sh index 59210c305..9fdf41782 100755 --- a/proxy-mysql/rhel/docker-entrypoint.sh +++ b/proxy-mysql/rhel/docker-entrypoint.sh @@ -265,7 +265,7 @@ create_db_schema_mysql() { zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ ${DB_SERVER_DBNAME} 1>/dev/null fi } diff --git a/server-mysql/rhel/docker-entrypoint.sh b/server-mysql/rhel/docker-entrypoint.sh index 34f28d365..2a6629615 100755 --- a/server-mysql/rhel/docker-entrypoint.sh +++ b/server-mysql/rhel/docker-entrypoint.sh @@ -189,8 +189,12 @@ check_db_connect_mysql() { WAIT_TIMEOUT=5 + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do + --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done @@ -200,8 +204,12 @@ mysql_query() { query=$1 local result="" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) echo $result } @@ -246,9 +254,13 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ ${DB_SERVER_DBNAME} 1>/dev/null fi } @@ -268,6 +280,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" + fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" @@ -295,7 +316,6 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" @@ -378,6 +398,9 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + if [ "$(id -u)" != '0' ]; then update_config_var $ZBX_CONFIG "User" "$(whoami)" else diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index 04266e0b1..cc9d10176 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -20,9 +20,6 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index d5aa5fc3f..a781bf7d8 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -20,9 +20,6 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index d00832998..3ca979b6a 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -20,9 +20,6 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" diff --git a/web-nginx-mysql/alpine/docker-entrypoint.sh b/web-nginx-mysql/alpine/docker-entrypoint.sh index 7443d87e1..eef39a80a 100755 --- a/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index da9459134..5f8136703 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" diff --git a/web-nginx-mysql/rhel/docker-entrypoint.sh b/web-nginx-mysql/rhel/docker-entrypoint.sh index da9459134..5f8136703 100755 --- a/web-nginx-mysql/rhel/docker-entrypoint.sh +++ b/web-nginx-mysql/rhel/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index ae19a2123..ec4b1b5f3 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -20,9 +20,6 @@ ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} # Default timezone for web interface PHP_TZ=${PHP_TZ:-"Europe/Riga"} -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix"