diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 86916c57a..1d5ab4175 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -1,17 +1,55 @@ -FROM centos:centos7 as builder +FROM centos:centos7 -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" +LABEL org.opencontainers.image.title="Zabbix agent" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 + +RUN set -eux && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs \ + libldap \ + libcurl \ + openssl-libs && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=agent + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install \ + yum -y install --setopt=tsflags=nodocs \ autoconf \ automake \ libcurl-devel \ @@ -39,65 +77,20 @@ RUN set -eux && \ --with-openssl \ --enable-ipv6 \ --silent && \ - make -j"$(nproc)" -s - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=agent ZBX_DB_TYPE=none ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE} --link zabbix-server:zabbix-server -p 10050:10050 -d zabbix-${ZBX_TYPE}:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /etc/zabbix/zabbix_agentd.d && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /var/lib/zabbix/modules && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - libldap \ - libcurl \ - openssl-libs && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum && \ - chmod +x /sbin/tini + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki EXPOSE 10050/TCP @@ -108,3 +101,7 @@ VOLUME ["/etc/zabbix/zabbix_agentd.d", "/var/lib/zabbix/enc", "/var/lib/zabbix/m COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agentd", "--foreground", "-c", "/etc/zabbix/zabbix_agentd.conf"] diff --git a/agent/centos/docker-entrypoint.sh b/agent/centos/docker-entrypoint.sh index 2665cfd0d..2f3aafe31 100755 --- a/agent/centos/docker-entrypoint.sh +++ b/agent/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,151 +9,17 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} escape_spec_char() { local var_value=$1 @@ -236,707 +102,12 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - prepare_zbx_agent_config() { echo "** Preparing Zabbix agent configuration file" - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS @@ -955,7 +126,7 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} + : ${ZBX_PASSIVE_ALLOW:="true"} if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" @@ -967,7 +138,7 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} + : ${ZBX_ACTIVE_ALLOW:="true"} if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" @@ -1000,20 +171,11 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1" fi } @@ -1022,130 +184,16 @@ prepare_agent() { prepare_zbx_agent_config } -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} - ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agentd "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_agentd' ]; then + prepare_agent fi +exec "$@" + ################################################# diff --git a/docker-compose_v3_centos_mysql_latest.yaml b/docker-compose_v3_centos_mysql_latest.yaml index 180b746bb..e3d0e7863 100644 --- a/docker-compose_v3_centos_mysql_latest.yaml +++ b/docker-compose_v3_centos_mysql_latest.yaml @@ -37,7 +37,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root depends_on: - mysql-server - zabbix-java-gateway @@ -97,7 +96,6 @@ services: env_file: - .env_prx - .env_prx_sqlite3 - user: root depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -149,7 +147,6 @@ services: - .env_db_mysql_proxy - .env_prx - .env_prx_mysql - user: root depends_on: - mysql-server - zabbix-java-gateway @@ -172,8 +169,8 @@ services: zabbix-web-apache-mysql: image: zabbix/zabbix-web-apache-mysql:centos-latest ports: - - "80:80" - - "443:443" + - "80:8080" + - "443:8443" links: - mysql-server:mysql-server - zabbix-server:zabbix-server @@ -195,7 +192,6 @@ services: secrets: - MYSQL_USER - MYSQL_PASSWORD - user: root depends_on: - mysql-server - zabbix-server @@ -226,8 +222,8 @@ services: zabbix-web-nginx-mysql: image: zabbix/zabbix-web-nginx-mysql:centos-latest ports: - - "8081:80" - - "8443:443" + - "8081:8080" + - "8443:8443" links: - mysql-server:mysql-server - zabbix-server:zabbix-server @@ -249,7 +245,6 @@ services: secrets: - MYSQL_USER - MYSQL_PASSWORD - user: root depends_on: - mysql-server - zabbix-server @@ -301,7 +296,6 @@ services: mode: global env_file: - .env_agent - user: root privileged: true pid: "host" networks: @@ -331,7 +325,6 @@ services: memory: 256M env_file: - .env_java - user: root networks: zbx_net_backend: aliases: @@ -347,7 +340,7 @@ services: zabbix-snmptraps: image: zabbix/zabbix-snmptraps:centos-latest ports: - - "162:162/udp" + - "162:1162/udp" volumes: - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:rw deploy: @@ -358,7 +351,6 @@ services: reservations: cpus: '0.25' memory: 128M - user: root networks: zbx_net_frontend: aliases: @@ -382,7 +374,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root stop_grace_period: 1m networks: zbx_net_backend: diff --git a/docker-compose_v3_centos_mysql_local.yaml b/docker-compose_v3_centos_mysql_local.yaml index a76f142bd..fec4541b2 100644 --- a/docker-compose_v3_centos_mysql_local.yaml +++ b/docker-compose_v3_centos_mysql_local.yaml @@ -41,7 +41,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root depends_on: - mysql-server - zabbix-java-gateway @@ -105,7 +104,6 @@ services: env_file: - .env_prx - .env_prx_sqlite3 - user: root depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -161,7 +159,6 @@ services: - .env_db_mysql_proxy - .env_prx - .env_prx_mysql - user: root depends_on: - mysql-server - zabbix-java-gateway @@ -188,8 +185,8 @@ services: - centos:centos7 image: zabbix-web-apache-mysql:centos-local ports: - - "80:80" - - "443:443" + - "80:8080" + - "443:8443" links: - mysql-server:mysql-server - zabbix-server:zabbix-server @@ -211,7 +208,6 @@ services: secrets: - MYSQL_USER - MYSQL_PASSWORD - user: root depends_on: - mysql-server - zabbix-server @@ -246,8 +242,8 @@ services: - centos:centos7 image: zabbix-web-nginx-mysql:centos-local ports: - - "8081:80" - - "8443:443" + - "8081:8080" + - "8443:8443" links: - mysql-server:mysql-server - zabbix-server:zabbix-server @@ -269,7 +265,6 @@ services: secrets: - MYSQL_USER - MYSQL_PASSWORD - user: root depends_on: - mysql-server - zabbix-server @@ -325,7 +320,6 @@ services: mode: global env_file: - .env_agent - user: root privileged: true pid: "host" networks: @@ -359,7 +353,6 @@ services: memory: 256M env_file: - .env_java - user: root networks: zbx_net_backend: aliases: @@ -379,7 +372,7 @@ services: - centos:centos7 image: zabbix-snmptraps:centos-local ports: - - "162:162/udp" + - "162:1162/udp" volumes: - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:rw deploy: @@ -390,7 +383,6 @@ services: reservations: cpus: '0.25' memory: 128M - user: root networks: zbx_net_frontend: aliases: @@ -414,7 +406,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root stop_grace_period: 1m networks: zbx_net_backend: diff --git a/docker-compose_v3_centos_pgsql_latest.yaml b/docker-compose_v3_centos_pgsql_latest.yaml index 1a38b6bb4..7478c56c9 100644 --- a/docker-compose_v3_centos_pgsql_latest.yaml +++ b/docker-compose_v3_centos_pgsql_latest.yaml @@ -36,7 +36,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root depends_on: - postgres-server - zabbix-java-gateway @@ -96,7 +95,6 @@ services: env_file: - .env_prx - .env_prx_sqlite3 - user: root depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -152,7 +150,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root depends_on: - mysql-server - zabbix-java-gateway @@ -175,8 +172,8 @@ services: zabbix-web-apache-pgsql: image: zabbix/zabbix-web-apache-pgsql:centos-latest ports: - - "80:80" - - "443:443" + - "80:8080" + - "443:8443" links: - postgres-server:postgres-server - zabbix-server:zabbix-server @@ -198,7 +195,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root depends_on: - postgres-server - zabbix-server @@ -229,8 +225,8 @@ services: zabbix-web-nginx-pgsql: image: zabbix/zabbix-web-nginx-pgsql:centos-latest ports: - - "8081:80" - - "8443:443" + - "8081:8080" + - "8443:8443" links: - postgres-server:postgres-server - zabbix-server:zabbix-server @@ -252,7 +248,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root depends_on: - postgres-server - zabbix-server @@ -304,7 +299,6 @@ services: mode: global env_file: - .env_agent - user: root privileged: true pid: "host" networks: @@ -334,7 +328,6 @@ services: memory: 256M env_file: - .env_java - user: root networks: zbx_net_backend: aliases: @@ -350,7 +343,7 @@ services: zabbix-snmptraps: image: zabbix/zabbix-snmptraps:centos-latest ports: - - "162:162/udp" + - "162:1162/udp" volumes: - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:rw deploy: @@ -361,7 +354,6 @@ services: reservations: cpus: '0.25' memory: 128M - user: root networks: zbx_net_frontend: aliases: @@ -385,7 +377,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root stop_grace_period: 1m networks: zbx_net_backend: @@ -403,7 +394,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root stop_grace_period: 1m networks: zbx_net_backend: diff --git a/docker-compose_v3_centos_pgsql_local.yaml b/docker-compose_v3_centos_pgsql_local.yaml index e85a7316f..0cfccae68 100644 --- a/docker-compose_v3_centos_pgsql_local.yaml +++ b/docker-compose_v3_centos_pgsql_local.yaml @@ -37,7 +37,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root depends_on: - postgres-server - zabbix-java-gateway @@ -98,7 +97,6 @@ services: env_file: - .env_prx - .env_prx_sqlite3 - user: root depends_on: - zabbix-java-gateway - zabbix-snmptraps @@ -155,7 +153,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root depends_on: - mysql-server - zabbix-java-gateway @@ -180,8 +177,8 @@ services: build: ./web-apache-pgsql/centos image: zabbix-web-apache-pgsql:centos-local ports: - - "80:80" - - "443:443" + - "80:8080" + - "443:8443" links: - postgres-server:postgres-server - zabbix-server:zabbix-server @@ -203,7 +200,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root depends_on: - postgres-server - zabbix-server @@ -235,8 +231,8 @@ services: build: ./web-nginx-pgsql/centos image: zabbix-web-nginx-pgsql:centos-local ports: - - "8081:80" - - "8443:443" + - "8081:8080" + - "8443:8443" links: - postgres-server:postgres-server - zabbix-server:zabbix-server @@ -258,7 +254,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root depends_on: - postgres-server - zabbix-server @@ -311,7 +306,6 @@ services: mode: global env_file: - .env_agent - user: root privileged: true pid: "host" networks: @@ -342,7 +336,6 @@ services: memory: 256M env_file: - .env_java - user: root networks: zbx_net_backend: aliases: @@ -362,7 +355,7 @@ services: - centos:centos7 image: zabbix-snmptraps:centos-local ports: - - "162:162/udp" + - "162:1162/udp" volumes: - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:rw deploy: @@ -373,7 +366,6 @@ services: reservations: cpus: '0.25' memory: 128M - user: root networks: zbx_net_frontend: aliases: @@ -397,7 +389,6 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - user: root stop_grace_period: 1m networks: zbx_net_backend: @@ -415,7 +406,6 @@ services: secrets: - POSTGRES_USER - POSTGRES_PASSWORD - user: root stop_grace_period: 1m networks: zbx_net_backend: diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index 4e565aaed..db4f41a69 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -1,17 +1,42 @@ -FROM centos:centos7 as builder +FROM centos:centos7 + +LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +RUN set -eux && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix/ && \ + mkdir -p /usr/sbin/zabbix_java/ && \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs \ + java-1.8.0-openjdk-headless && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" - ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=java-gateway + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_DEV} install \ + yum --quiet makecache && \ + yum -y install \ autoconf \ automake \ java-1.8.0-openjdk-devel \ @@ -33,55 +58,19 @@ RUN set -eux && \ --enable-java \ --silent && \ make -j"$(nproc)" -s && \ - rm -rf src/zabbix_java/lib/*.xml - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=java-gateway ZBX_DB_TYPE=none ZBX_OPT_TYPE=none - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE} --link zabbix-server:zabbix-server -p 10052:10052 -d zabbix-${ZBX_TYPE}:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin/* /usr/sbin/zabbix_java/bin/ -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib/* /usr/sbin/zabbix_java/lib/ - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser --system --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix/ && \ - chown --quiet -R zabbix:root /etc/zabbix && \ mkdir -p /usr/sbin/zabbix_java/ && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - java-1.8.0-openjdk-headless && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ + cp -r src/zabbix_java/bin /usr/sbin/zabbix_java/ && \ + cp -r src/zabbix_java/lib /usr/sbin/zabbix_java/ && \ + rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ && \ + chmod -R g=u /etc/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki EXPOSE 10052/TCP @@ -92,3 +81,7 @@ COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_java_gateway"] diff --git a/java-gateway/centos/docker-entrypoint.sh b/java-gateway/centos/docker-entrypoint.sh index 2665cfd0d..ec5223733 100755 --- a/java-gateway/centos/docker-entrypoint.sh +++ b/java-gateway/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,998 +9,9 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - -escape_spec_char() { - local var_value=$1 - - var_value="${var_value//\\/\\\\}" - var_value="${var_value//[$'\n']/}" - var_value="${var_value//\//\\/}" - var_value="${var_value//./\\.}" - var_value="${var_value//\*/\\*}" - var_value="${var_value//^/\\^}" - var_value="${var_value//\$/\\\$}" - var_value="${var_value//\&/\\\&}" - var_value="${var_value//\[/\\[}" - var_value="${var_value//\]/\\]}" - - echo "$var_value" -} - -update_config_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - local is_multiple=$4 - - if [ ! -f "$config_path" ]; then - echo "**** Configuration file '$config_path' does not exist" - return - fi - - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " - - # Remove configuration parameter definition in case of unset parameter value - if [ -z "$var_value" ]; then - sed -i -e "/^$var_name=/d" "$config_path" - echo "removed" - return - fi - - # Remove value from configuration parameter in case of double quoted parameter value - if [ "$var_value" == '""' ]; then - sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" - echo "undefined" - return - fi - - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value - var_value=$(escape_spec_char "$var_value") - - if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then - sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" - echo "updated" - elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then - sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" - echo "added first occurrence" - else - sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" - echo "added" - fi - -} - -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} prepare_java_gateway_config() { echo "** Preparing Zabbix Java Gateway log configuration file" @@ -1017,53 +28,6 @@ prepare_java_gateway_config() { fi } -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - prepare_java_gateway() { echo "** Preparing Zabbix Java Gateway" @@ -1072,80 +36,11 @@ prepare_java_gateway() { ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_java_gateway' ]; then + prepare_java_gateway fi -prepare_system "$zbx_type" "$zbx_opt_type" +exec "$@" -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi ################################################# diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index b3dcc6fee..ab07d204e 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -1,17 +1,70 @@ -FROM centos:centos7 as builder +FROM centos:centos7 -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" +LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 + +RUN set -eux && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ + yum --quiet makecache && \ + yum -y install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm --setopt=tsflags=nodocs && \ + yum -y install --setopt=tsflags=nodocs \ + libcurl \ + libxml2 \ + mariadb \ + net-snmp-libs \ + OpenIPMI-libs \ + openldap \ + openssl-libs \ + pcre \ + unixODBC && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=proxy ZBX_DB_TYPE=mysql + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install \ + yum -y install --setopt=tsflags=nodocs \ autoconf \ automake \ gcc \ @@ -38,8 +91,8 @@ RUN set -eux && \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-proxy \ + --with-mysql \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -52,83 +105,22 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=proxy ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - libcurl \ - libxml2 \ - mariadb \ - net-snmp-libs \ - OpenIPMI-libs \ - openldap \ - openssl-libs \ - pcre \ - unixODBC && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ && \ - chmod +x /sbin/tini + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP @@ -140,3 +132,7 @@ VOLUME ["/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbi COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-mysql/centos/docker-entrypoint.sh b/proxy-mysql/centos/docker-entrypoint.sh index df34f9068..c21552632 100755 --- a/proxy-mysql/centos/docker-entrypoint.sh +++ b/proxy-mysql/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +51,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -238,18 +134,14 @@ update_config_multiple_var() { # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -275,37 +167,7 @@ check_variables_mysql() { DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} } check_db_connect_mysql() { @@ -320,7 +182,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -333,49 +194,6 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" @@ -386,30 +204,6 @@ mysql_query() { echo $result } -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - create_db_user_mysql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -426,20 +220,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -453,22 +233,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -479,240 +244,31 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix proxy configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" update_config_var $ZBX_CONFIG "LogFile" @@ -721,30 +277,20 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" @@ -754,12 +300,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -776,7 +317,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -786,26 +327,13 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" @@ -815,337 +343,61 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" } prepare_proxy() { - local db_type=$1 - echo "Preparing Zabbix proxy" - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" fi - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi +exec "$@" ################################################# diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 6b7288bab..5af9d52bd 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -1,17 +1,69 @@ -FROM centos:centos7 as builder +FROM centos:centos7 -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" +LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 + +RUN set -eux && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + mkdir -p /usr/share/doc/zabbix-proxy-sqlite3 && \ + yum --quiet makecache && \ + yum -y install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm --setopt=tsflags=nodocs && \ + yum -y install --setopt=tsflags=nodocs \ + libcurl \ + libxml2 \ + net-snmp-libs \ + OpenIPMI-libs \ + openldap \ + openssl-libs \ + pcre \ + unixODBC && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=proxy ZBX_DB_TYPE=sqlite3 + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install \ + yum -y install --setopt=tsflags=nodocs \ autoconf \ automake \ gcc \ @@ -38,8 +90,8 @@ RUN set -eux && \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-proxy \ + --with-sqlite3 \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -51,83 +103,23 @@ RUN set -eux && \ --enable-ipv6 \ --silent && \ make -j"$(nproc)" -s dbschema && \ - make -j"$(nproc)" -s && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=proxy ZBX_DB_TYPE=sqlite3 ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with SQLite3 database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link zabbix-server:zabbix-server -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - libcurl \ - libxml2 \ - net-snmp-libs \ - OpenIPMI-libs \ - openldap \ - openssl-libs \ - pcre \ - unixODBC && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ && \ - chmod +x /sbin/tini + make -j"$(nproc)" -s && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ + cat database/sqlite3/schema.sql > database/sqlite3/create.sql && \ + gzip database/sqlite3/create.sql && \ + cp database/sqlite3/create.sql.gz /usr/share/doc/zabbix-proxy-sqlite3/ && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP @@ -139,3 +131,7 @@ VOLUME ["/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbi COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-sqlite3/centos/docker-entrypoint.sh b/proxy-sqlite3/centos/docker-entrypoint.sh index 2665cfd0d..4d26679f5 100755 --- a/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/proxy-sqlite3/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,151 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} escape_spec_char() { local var_value=$1 @@ -236,483 +101,24 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix proxy configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" update_config_var $ZBX_CONFIG "LogFile" @@ -721,30 +127,19 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" + update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPort" + update_config_var $ZBX_CONFIG "DBPassword" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" @@ -754,12 +149,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -776,7 +166,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -786,26 +176,13 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" @@ -815,337 +192,54 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" } prepare_proxy() { - local db_type=$1 - echo "Preparing Zabbix proxy" - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy fi +exec "$@" + ################################################# diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index 7d6396c02..c16cdf3c1 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -1,19 +1,76 @@ -FROM centos:centos7 as builder +FROM centos:centos7 -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" +LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 + +RUN set -eux && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/export && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + mkdir -p /usr/share/doc/zabbix-server-mysql && \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-1.4-2.el7.centos.x86_64.rpm \ + https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ + yum -y install --setopt=tsflags=nodocs \ + iputils \ + traceroute \ + libcurl \ + libxml2 \ + mariadb \ + net-snmp-libs \ + OpenIPMI-libs \ + openldap \ + openssl-libs \ + pcre \ + unixODBC && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-devel-1.4-2.el7.centos.x86_64.rpm \ - https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-1.4-2.el7.centos.x86_64.rpm && \ - yum ${YUM_FLAGS_DEV} install \ + yum -y install https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-devel-1.4-2.el7.centos.x86_64.rpm --setopt=tsflags=nodocs && \ + yum -y install --setopt=tsflags=nodocs \ autoconf \ automake \ gcc \ @@ -40,8 +97,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-mysql \ --with-jabber \ --with-ldap \ --with-libcurl \ @@ -55,90 +112,24 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /var/lib/zabbix/export && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-1.4-2.el7.centos.x86_64.rpm \ - https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - iputils \ - traceroute \ - libcurl \ - libxml2 \ - mariadb \ - net-snmp-libs \ - OpenIPMI-libs \ - openldap \ - openssl-libs \ - pcre \ - unixODBC && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ && \ - chmod +x /sbin/tini + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP @@ -150,3 +141,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbi COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-mysql/centos/docker-entrypoint.sh b/server-mysql/centos/docker-entrypoint.sh index df34f9068..3e4c8c787 100755 --- a/server-mysql/centos/docker-entrypoint.sh +++ b/server-mysql/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,11 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +46,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -238,18 +129,14 @@ update_config_multiple_var() { # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -270,42 +157,12 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && [ "${USE_DB_ROOT_USER}" == "true" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } check_db_connect_mysql() { @@ -320,7 +177,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -333,49 +189,6 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" @@ -386,30 +199,6 @@ mysql_query() { echo $result } -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - create_db_user_mysql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -426,20 +215,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -453,22 +228,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -479,239 +239,19 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix server configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -721,31 +261,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" @@ -754,12 +278,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -776,7 +298,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -786,25 +308,19 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -815,26 +331,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -842,310 +347,41 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config } prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" fi - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi +exec "$@" ################################################# diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index baf64be55..8094f9ccb 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -1,19 +1,77 @@ -FROM centos:centos7 as builder +FROM centos:centos7 -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" +LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 + +RUN set -eux && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/export && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /var/lib/zabbix/mibs && \ + mkdir -p /var/lib/zabbix/modules && \ + mkdir -p /var/lib/zabbix/snmptraps && \ + mkdir -p /var/lib/zabbix/ssh_keys && \ + mkdir -p /var/lib/zabbix/ssl && \ + mkdir -p /var/lib/zabbix/ssl/certs && \ + mkdir -p /var/lib/zabbix/ssl/keys && \ + mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ + mkdir -p /usr/share/doc/zabbix-server-postgresql && \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-1.4-2.el7.centos.x86_64.rpm \ + https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ + yum -y install --setopt=tsflags=nodocs \ + iputils \ + traceroute \ + libcurl \ + libxml2 \ + net-snmp-libs \ + OpenIPMI-libs \ + openldap \ + openssl-libs \ + pcre \ + postgresql \ + postgresql-libs \ + unixODBC && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=server ZBX_DB_TYPE=postgresql ZBX_OPT_TYPE=none + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-devel-1.4-2.el7.centos.x86_64.rpm \ - https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-1.4-2.el7.centos.x86_64.rpm && \ - yum ${YUM_FLAGS_DEV} install \ + yum -y install https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-devel-1.4-2.el7.centos.x86_64.rpm --setopt=tsflags=nodocs && \ + yum -y install \ autoconf \ automake \ gcc \ @@ -40,8 +98,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-postgresql \ --with-jabber \ --with-ldap \ --with-libcurl \ @@ -55,91 +113,24 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql - -FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=postgresql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with PostgreSQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-pgsql --link postgres-server:postgres -p 10051:10051 -d zabbix-${ZBX_TYPE}-pgsql:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/create.sql.gz -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout \ - -d /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /var/lib/zabbix/export && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ - mkdir -p /var/lib/zabbix/mibs && \ - mkdir -p /var/lib/zabbix/modules && \ - mkdir -p /var/lib/zabbix/snmptraps && \ - mkdir -p /var/lib/zabbix/ssh_keys && \ - mkdir -p /var/lib/zabbix/ssl && \ - mkdir -p /var/lib/zabbix/ssl/certs && \ - mkdir -p /var/lib/zabbix/ssl/keys && \ - mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install https://repo.zabbix.com/non-supported/rhel/7/x86_64/iksemel-1.4-2.el7.centos.x86_64.rpm \ - https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - iputils \ - traceroute \ - libcurl \ - libxml2 \ - net-snmp-libs \ - OpenIPMI-libs \ - openldap \ - openssl-libs \ - pcre \ - postgresql \ - postgresql-libs \ - unixODBC && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ && \ - chmod +x /sbin/tini + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ + cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip database/postgresql/create.sql && \ + cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki EXPOSE 10051/TCP @@ -151,3 +142,7 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbi COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-pgsql/centos/docker-entrypoint.sh b/server-pgsql/centos/docker-entrypoint.sh index 2665cfd0d..7682c8b2b 100755 --- a/server-pgsql/centos/docker-entrypoint.sh +++ b/server-pgsql/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,11 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +46,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -236,62 +127,14 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - # Check prerequisites for PostgreSQL database check_variables_postgresql() { - local type=$1 - file_env POSTGRES_USER file_env POSTGRES_PASSWORD - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} + : ${DB_SERVER_HOST:="postgres-server"} + : ${DB_SERVER_PORT:="5432"} + : ${CREATE_ZBX_DB_USER:="false"} DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} @@ -299,38 +142,9 @@ check_variables_postgresql() { DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} + : ${DB_SERVER_SCHEMA:="public"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done + DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} } check_db_connect_postgresql() { @@ -354,7 +168,6 @@ check_db_connect_postgresql() { DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} fi - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then export PGPASSWORD="${DB_SERVER_ZBX_PASS}" fi @@ -375,17 +188,6 @@ check_db_connect_postgresql() { unset PGOPTIONS } - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - psql_query() { query=$1 db=$2 @@ -410,22 +212,6 @@ psql_query() { echo $result } -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - create_db_user_postgresql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -440,19 +226,6 @@ create_db_user_postgresql() { fi } -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - create_db_database_postgresql() { DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") @@ -466,29 +239,7 @@ create_db_database_postgresql() { psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" } -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - create_db_schema_postgresql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") @@ -509,7 +260,7 @@ create_db_schema_postgresql() { export PGOPTIONS fi - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ + zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql -q \ -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null @@ -518,200 +269,15 @@ create_db_schema_postgresql() { fi } -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { local type=$1 local db_type=$2 - echo "** Preparing Zabbix $type configuration file" + echo "** Preparing Zabbix server configuration file" - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -721,31 +287,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" @@ -754,12 +304,10 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -776,7 +324,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -786,25 +334,20 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -815,26 +358,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -842,310 +374,41 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config } prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_postgresql + check_db_connect_postgresql + create_db_user_postgresql + create_db_database_postgresql + create_db_schema_postgresql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server fi +exec "$@" + ################################################# diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index 95af73672..f679524e0 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -1,18 +1,38 @@ -FROM centos:centos7 as builder - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" +FROM centos:centos7 ARG MAJOR_VERSION=master ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + +LABEL org.opencontainers.image.title="zabbix-snmptraps-centos" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix SNMP traps receiver" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="https://anonscm.debian.org/gitweb/?p=collab-maint/snmptrapfmt.git" + +STOPSIGNAL SIGTERM COPY ["snmptrapfmt_1.14+nmu1ubuntu2.tar.gz", "/tmp/"] RUN set -eux && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_DEV} install \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + yum --quiet makecache && \ + yum -y install epel-release && \ + yum -y install --setopt=tsflags=nodocs \ + net-snmp \ + supervisor && \ + yum -y install \ autoconf \ automake \ gcc \ @@ -20,61 +40,19 @@ RUN set -eux && \ make \ libnsl-devel \ net-snmp-devel && \ - cd /tmp/ && \ - tar -zxf snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ - cd /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ - patch -p1 < ./patches/makefile.patch && \ - make -j"$(nproc)" -s - -FROM centos:centos7 -LABEL maintainer "Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - TERM=xterm MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.label-schema.name="zabbix-snmptraps-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix SNMP traps receiver" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="1.14" \ - org.label-schema.vcs-url="https://anonscm.debian.org/gitweb/?p=collab-maint/snmptrapfmt.git" \ - org.label-schema.docker.cmd="docker run --name zabbix-snmptraps --link zabbix-server:zabbix-server -p 162:162/UDP -d zabbix-snmptraps:centos-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/snmptrapfmt-1.14+nmu1ubuntu1/snmptrapfmthdlr /usr/sbin/snmptrapfmthdlr -COPY --from=builder /tmp/snmptrapfmt-1.14+nmu1ubuntu1/snmptrapfmt /usr/sbin/snmptrapfmt -COPY --from=builder /tmp/snmptrapfmt-1.14+nmu1ubuntu1/snmptrapfmt.conf /etc/snmp/snmptrapfmt.conf - -RUN set -eux && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ - zabbix && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install epel-release && \ - yum ${YUM_FLAGS_PERSISTENT} install \ - net-snmp \ - supervisor && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/snmptraps && \ mkdir -p /var/lib/zabbix/mibs && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ + cd /tmp/ && \ + tar -zxvf snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ + ls -lah && \ + cd /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ + patch -p1 < ./patches/makefile.patch && \ + patch -p1 < ./patches/pid_location.patch && \ + make -j"$(nproc)" -s && \ + cp snmptrapfmthdlr /usr/sbin/snmptrapfmthdlr && \ + cp snmptrapfmt /usr/sbin/snmptrapfmt && \ + cp snmptrapfmt.conf /etc/snmp/snmptrapfmt.conf && \ echo "disableAuthorization yes" >> "/etc/snmp/snmptrapd.conf" && \ echo "traphandle default /usr/sbin/snmptrapfmthdlr" >> "/etc/snmp/snmptrapd.conf" && \ sed -i \ @@ -82,10 +60,17 @@ RUN set -eux && \ -e '/^LOGFMT=/s/=.*/=\"$x ZBXTRAP $R $G $S $e $*\"/' \ -e "/^LOGFILE=/s/=.*/=\"\/var\/lib\/zabbix\/snmptraps\/snmptraps.log\"/" \ "/etc/snmp/snmptrapfmt.conf" && \ - yum ${YUM_FLAGS_COMMON} clean all && \ - rm -rf /var/cache/yum + rm -rf /tmp/snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ + rm -rf /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ + chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki -EXPOSE 162/UDP +EXPOSE 1162/UDP WORKDIR /var/lib/zabbix/snmptraps/ @@ -94,4 +79,6 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/mibs"] COPY ["conf/etc/supervisor/", "/etc/supervisor/"] COPY ["conf/etc/logrotate.d/zabbix_snmptraps", "/etc/logrotate.d/"] +USER 1997 + CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/web-apache-mysql/alpine/docker-entrypoint.sh b/web-apache-mysql/alpine/docker-entrypoint.sh index a48de6d75..c0df035c1 100755 --- a/web-apache-mysql/alpine/docker-entrypoint.sh +++ b/web-apache-mysql/alpine/docker-entrypoint.sh @@ -257,9 +257,9 @@ echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +elif [ -f "/usr/sbin/httpd" ]; then + echo "** Executing HTTPD" + exec /usr/sbin/httpd -D FOREGROUND else echo "Unknown instructions. Exiting..." exit 1 diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index 6f573b1a3..992b93899 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -1,71 +1,24 @@ -FROM centos:centos7 as builder - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} - -RUN set -eux && \ - yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install \ - gettext \ - git && \ - cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /tmp/zabbix/ && \ - cp -R /tmp/zabbix-${ZBX_VERSION}/frontends/php/* /tmp/zabbix/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - cd /tmp/zabbix/ && \ - rm -f conf/zabbix.conf.php && \ - rm -rf tests && \ - ./locale/make_mo.sh - FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=frontend ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=apache - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}:centos-${ZBX_VERSION}" +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM -COPY --from=builder /tmp/zabbix/ /usr/share/zabbix/ - RUN set -eux && \ - groupadd --system zabbix && \ + groupadd -g 1995 --system zabbix && \ adduser -r --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs \ dejavu-sans-fonts \ curl \ httpd \ @@ -78,22 +31,63 @@ RUN set -eux && \ php-mbstring \ php-mysql \ php-xml && \ + sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki + +ARG MAJOR_VERSION=master +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] + +RUN set -eux && \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs \ + gettext \ + git && \ + cd /usr/share/ && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + mkdir /usr/share/zabbix/ && \ + cp -R /usr/share/zabbix-${ZBX_VERSION}/frontends/php/* /usr/share/zabbix/ && \ + rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ + cd /usr/share/zabbix/ && \ + rm -f conf/zabbix.conf.php && \ + rm -rf tests && \ + ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ cut -d"'" -f 2 | sort | \ xargs -I '{}' bash -c 'echo "{}" && localedef -c -i {} -f UTF-8 {}.UTF-8 2>/dev/null' && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/httpd/ /etc/php.d/ /etc/php.ini && \ + chgrp -R 0 /etc/httpd/ /etc/php.d/ /etc/php.ini && \ + chmod -R g=u /etc/httpd/ /etc/php.d/ /etc/php.ini && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki -EXPOSE 80/TCP 443/TCP + +EXPOSE 8080/TCP 8443/TCP WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/apache2"] -COPY ["conf/etc/zabbix/apache.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/apache_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/php.d/99-zabbix.ini", "/etc/php.d/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] + +CMD ["/usr/sbin/httpd", "-D", "FOREGROUND"] diff --git a/web-apache-mysql/centos/conf/etc/php.d/99-zabbix.ini b/web-apache-mysql/centos/conf/etc/php.d/99-zabbix.ini index bf3b66c76..de8fc6904 100644 --- a/web-apache-mysql/centos/conf/etc/php.d/99-zabbix.ini +++ b/web-apache-mysql/centos/conf/etc/php.d/99-zabbix.ini @@ -6,4 +6,3 @@ max_input_time=300 always_populate_raw_post_data=-1 max_input_vars=10000 ; date.timezone=Europe/Riga -; session.save_path=/var/lib/php5 diff --git a/web-apache-mysql/centos/conf/etc/zabbix/apache.conf b/web-apache-mysql/centos/conf/etc/zabbix/apache.conf index 2a5aedc30..36def0c29 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/apache.conf +++ b/web-apache-mysql/centos/conf/etc/zabbix/apache.conf @@ -1,4 +1,4 @@ - + DocumentRoot /usr/share/zabbix/ ServerName zabbix DirectoryIndex index.php diff --git a/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf b/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf index 313003143..20cfd2841 100644 --- a/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf @@ -1,9 +1,9 @@ LoadModule ssl_module modules/mod_ssl.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so -Listen 443 +Listen 8443 - + SSLEngine on DocumentRoot /usr/share/zabbix/ diff --git a/web-apache-mysql/centos/docker-entrypoint.sh b/web-apache-mysql/centos/docker-entrypoint.sh index 2665cfd0d..b9714bc87 100755 --- a/web-apache-mysql/centos/docker-entrypoint.sh +++ b/web-apache-mysql/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,34 +9,22 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} +: ${ZBX_SERVER_NAME:="Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} +: ${ZBX_SERVER_PORT:="10051"} # Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${PHP_TZ:="Europe/Riga"} # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" # Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" +ZABBIX_WWW_ROOT="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -69,92 +57,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -199,11 +101,6 @@ update_config_var() { return fi - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - # Escaping characters in parameter value var_value=$(escape_spec_char "$var_value") @@ -220,37 +117,15 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - # Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} +check_variables() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" exit 1 @@ -270,45 +145,15 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -320,7 +165,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -333,582 +177,42 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi +prepare_web_server() { + APACHE_SITES_DIR=/etc/apache2/conf.d echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTP virtual host" fi - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - echo "** Adding Zabbix virtual host (HTTPS)" if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTPS virtual host" fi else echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi } -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" + PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - if [ -f "/usr/share/zabbix/conf/zabbix.conf.php" ]; then - rm -f "/usr/share/zabbix/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" # Escaping characters in parameter value server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") @@ -926,223 +230,36 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type } prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Apache) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +elif [ -f "/usr/sbin/httpd" ]; then + echo "** Executing HTTPD" + exec /usr/sbin/httpd -D FOREGROUND else echo "Unknown instructions. Exiting..." exit 1 diff --git a/web-apache-pgsql/alpine/docker-entrypoint.sh b/web-apache-pgsql/alpine/docker-entrypoint.sh index e3a2c7de4..ea586c597 100755 --- a/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -263,9 +263,9 @@ echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +elif [ -f "/usr/sbin/httpd" ]; then + echo "** Executing HTTPD" + exec /usr/sbin/httpd -D FOREGROUND else echo "Unknown instructions. Exiting..." exit 1 diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index ce0a49d9b..6af37b7db 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -1,74 +1,25 @@ -FROM centos:centos7 as builder - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_DEV="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=frontend ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx - -RUN set -eux && \ - yum --quiet makecache && \ - yum ${YUM_FLAGS_DEV} install \ - gettext \ - patch \ - git && \ - cd /tmp/ && \ - git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ - mkdir /tmp/zabbix/ && \ - cp -R /tmp/zabbix-${ZBX_VERSION}/frontends/php/* /tmp/zabbix/ && \ - rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - cd /tmp/zabbix/ && \ - rm -f conf/zabbix.conf.php && \ - rm -rf tests && \ - ./locale/make_mo.sh - FROM centos:centos7 -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG YUM_FLAGS_COMMON="-y" -ARG YUM_FLAGS_PERSISTENT="${YUM_FLAGS_COMMON}" - -ARG MAJOR_VERSION=master -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - ZBX_TYPE=frontend ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}-centos" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}:centos-${ZBX_VERSION}" +LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM -COPY --from=builder /tmp/zabbix/ /usr/share/zabbix/ - RUN set -eux && \ - groupadd --system zabbix && \ + groupadd -g 1995 --system zabbix && \ adduser -r --shell /sbin/nologin \ - -g zabbix \ - -d /var/lib/zabbix/ \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - yum ${YUM_FLAGS_COMMON} makecache && \ - yum ${YUM_FLAGS_PERSISTENT} install epel-release && \ - yum ${YUM_FLAGS_PERSISTENT} install \ + yum --quiet makecache && \ + yum -y install epel-release && \ + yum -y install --setopt=tsflags=nodocs \ curl \ mariadb \ nginx \ @@ -80,29 +31,60 @@ RUN set -eux && \ php-mysql \ php-xml \ supervisor && \ - rm -f /etc/nginx/conf.d/*.conf && \ + rm -f /etc/nginx/conf.d/*.conf && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki + +ARG MAJOR_VERSION=master +ARG ZBX_VERSION=${MAJOR_VERSION} +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] + +RUN set -eux && \ + yum --quiet makecache && \ + yum -y install --setopt=tsflags=nodocs \ + gettext \ + git && \ + cd /usr/share/ && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + mkdir /usr/share/zabbix/ && \ + cp -R /usr/share/zabbix-${ZBX_VERSION}/frontends/php/* /usr/share/zabbix/ && \ + rm -rf /usr/share/zabbix-${ZBX_VERSION}/ && \ + cd /usr/share/zabbix/ && \ + rm -f conf/zabbix.conf.php && \ + rm -rf tests && \ + ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ cut -d"'" -f 2 | sort | \ xargs -I '{}' bash -c 'echo "{}" && localedef -c -i {} -f UTF-8 {}.UTF-8 2>/dev/null' && \ - rm -f /etc/php-fpm.d/www.conf && \ - mkdir -p /var/lib/php/ && \ - chown --quiet -R nginx:nginx /var/lib/php/ && \ - yum ${YUM_FLAGS_PERSISTENT} clean all && \ - rm -rf /var/cache/yum/ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/php.d/ /etc/php.ini && \ + chgrp -R 0 /etc/nginx/ /etc/php.d/ /etc/php.ini && \ + chmod -R g=u /etc/nginx/ /etc/php.d/ /etc/php.ini && \ + yum -y history undo `yum -q history | sed -n 3p |column -t | cut -d' ' -f1` && \ + yum -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /etc/udev/hwdb.bin /root/.pki -EXPOSE 80/TCP 443/TCP +EXPOSE 8080/TCP 8443/TCP WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/nginx"] -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php-fpm.conf", "/etc/php-fpm.conf"] -COPY ["conf/etc/php.d/99-zabbix.ini", "/etc/php.d/99-zabbix.ini"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf b/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf index 6e1ae33ce..98bd9afaa 100644 --- a/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf +++ b/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf @@ -1,10 +1,10 @@ -user nginx; +#user nginx; worker_processes 5; worker_rlimit_nofile 256000; error_log /dev/fd/2 warn; -pid /var/run/nginx.pid; +pid /tmp/nginx.pid; events { worker_connections 5120; diff --git a/web-nginx-mysql/centos/conf/etc/php-fpm.conf b/web-nginx-mysql/centos/conf/etc/php-fpm.conf index 801c1ae13..7a71309b9 100644 --- a/web-nginx-mysql/centos/conf/etc/php-fpm.conf +++ b/web-nginx-mysql/centos/conf/etc/php-fpm.conf @@ -29,7 +29,7 @@ include = /etc/php-fpm.d/*.conf ; in a local file. ; Note: the default prefix is /var ; Default Value: log/php-fpm.log -error_log = /var/log/php-fpm.log +error_log = /dev/fd/2 ; syslog_facility is used to specify what type of program is logging the ; message. This lets syslogd specify that messages from different facilities @@ -146,8 +146,8 @@ error_log = /var/log/php-fpm.log ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = nginx -group = nginx +;user = nginx +;group = nginx ; The address on which to accept FastCGI requests. ; Valid syntaxes are: @@ -161,7 +161,7 @@ group = nginx ; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm.sock +listen = /tmp/php-fpm.sock ; Set listen(2) backlog. ; Default Value: 65535 (-1 on FreeBSD and OpenBSD) @@ -172,8 +172,8 @@ listen = /var/run/php5-fpm.sock ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0660 -listen.owner = nginx -listen.group = nginx +;listen.owner = nginx +;listen.group = nginx ;listen.mode = 0660 ; When POSIX Access Control Lists are supported you can set them using ; these options, value is a comma separated list of user/group names. diff --git a/web-nginx-mysql/centos/conf/etc/php.d/99-zabbix.ini b/web-nginx-mysql/centos/conf/etc/php.d/99-zabbix.ini index e87054b7d..6b922165e 100644 --- a/web-nginx-mysql/centos/conf/etc/php.d/99-zabbix.ini +++ b/web-nginx-mysql/centos/conf/etc/php.d/99-zabbix.ini @@ -6,4 +6,4 @@ max_input_time=300 always_populate_raw_post_data=-1 max_input_vars=10000 ; date.timezone=Europe/Riga -session.save_path=/var/lib/php/ +;session.save_path=/var/lib/php/ diff --git a/web-nginx-mysql/centos/conf/etc/supervisor/supervisord.conf b/web-nginx-mysql/centos/conf/etc/supervisor/supervisord.conf index 925bb1838..f8d80e461 100644 --- a/web-nginx-mysql/centos/conf/etc/supervisor/supervisord.conf +++ b/web-nginx-mysql/centos/conf/etc/supervisor/supervisord.conf @@ -1,17 +1,17 @@ ; supervisor config file [unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) +file = /tmp/supervisor.sock ; (the path to the socket file) chmod = 0700 ; sockef file mode (default 0700) username = zbx password = password [supervisord] logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +pidfile = /tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) critical = critical -user = root +;user = zabbix logfile_maxbytes = 0 logfile_backupcount = 0 loglevel = info @@ -23,7 +23,7 @@ loglevel = info supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket +serverurl = unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index 9d07320e5..2dc3da62c 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,16 +9,6 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} @@ -69,90 +59,8 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - prepare_system() { - local type=$1 - local web_server=$2 - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} } escape_spec_char() { @@ -237,20 +145,14 @@ update_config_multiple_var() { } # Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} +check_variables() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" exit 1 @@ -270,45 +172,15 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}.... [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -333,297 +205,9 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { +prepare_web_server() { NGINX_CONFD_DIR="/etc/nginx/conf.d" NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then @@ -643,226 +227,14 @@ prepare_web_server_nginx() { echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." fi - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi + ln -sf /dev/fd/2 /var/log/nginx/error.log } clear_deploy() { - local type=$1 echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases } -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" @@ -875,37 +247,14 @@ prepare_zbx_web_config() { ln -s "$ZBX_WEB_CONFIG" "/usr/share/zabbix/conf/zabbix.conf.php" - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi + PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" # Escaping characters in parameter value server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") @@ -923,220 +272,33 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type } prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Nginx) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi elif [ -f "/usr/bin/supervisord" ]; then echo "** Executing supervisord" exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf