extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-04-27 12:49:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improved password usage in MySQL tools

Browse Source
This commit is contained in:
Alexey Pustovalov 2020-09-08 17:41:01 -04:00
commit 0d9c30f10c
13 changed files with 142 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
.github/workflows/CI.yml vendored
View File

@ -6,10 +6,10 @@ on:
- published - published
push: push:
branches: branches:
- 3.0 - '3.0'
- 4.0 - '4.0'
- 5.0 - '5.0'
- trunk - 'trunk'
paths-ignore: paths-ignore:
- '.env*' - '.env*'
- 'docker-compose*.yaml' - 'docker-compose*.yaml'
@ -23,7 +23,7 @@ defaults:
jobs: jobs:
build: build:
env: env:
LATEST_BRANCH: "${{ github.event.repository.master_branch }}" LATEST_BRANCH: "${{ github.event.repository.default_branch }}"
DOCKER_REPOSITORY: "zabbix" DOCKER_REPOSITORY: "zabbix"
strategy: strategy:
fail-fast: false fail-fast: false
@ -108,7 +108,7 @@ jobs:
GIT_BRANCH="${{ github.ref }}" GIT_BRANCH="${{ github.ref }}"
GIT_BRANCH=${GIT_BRANCH:11} GIT_BRANCH=${GIT_BRANCH:11}
echo "::warning Branch - ${GIT_BRANCH}" echo "::debug::Branch - ${GIT_BRANCH}"
if [ "${GIT_BRANCH}" == "trunk" ]; then if [ "${GIT_BRANCH}" == "trunk" ]; then
TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}") TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${GIT_BRANCH}")
@ -126,7 +126,7 @@ jobs:
TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}") TAGS=$(printf -- "--tag %s " "${TAGS_ARRAY[@]}")
echo "::warning Tags - ${TAGS}" echo "::debug::Tags - ${TAGS}"
echo ::set-output name=image_name::${IMAGE_NAME} echo ::set-output name=image_name::${IMAGE_NAME}
echo ::set-output name=image_tag_versions::$(printf -- "|%s" "${TAGS_ARRAY[@]}") echo ::set-output name=image_tag_versions::$(printf -- "|%s" "${TAGS_ARRAY[@]}")
@ -137,7 +137,7 @@ jobs:
--file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }} --file ./${{ matrix.build }}/${{ matrix.os }}/Dockerfile ./${{ matrix.build }}/${{ matrix.os }}
- name: Prepare environment (release) - name: Prepare environment (release)
if: github.event_name == 'release' && github.event.action == 'created' if: github.event_name == 'release' && github.event.action == 'published'
id: prepare_release id: prepare_release
run: | run: |
TAGS_ARRAY=() TAGS_ARRAY=()
@ -147,7 +147,7 @@ jobs:
RELEASE_VERSION=${RELEASE_VERSION:10} RELEASE_VERSION=${RELEASE_VERSION:10}
GIT_BRANCH=${RELEASE_VERSION%.*} GIT_BRANCH=${RELEASE_VERSION%.*}
echo "::warning Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}" echo "::debug::Release version ${RELEASE_VERSION}. Branch ${GIT_BRANCH}"
TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}") TAGS_ARRAY+=("$IMAGE_NAME:${{ matrix.os }}-${RELEASE_VERSION}")
@ -173,6 +173,8 @@ jobs:
BUILDX_ARGS="${{ steps.prepare_push.outputs.buildx_args }}" BUILDX_ARGS="${{ steps.prepare_push.outputs.buildx_args }}"
elif [ ! -z "${{ steps.prepare_release.outputs.buildx_args }}" ]; then elif [ ! -z "${{ steps.prepare_release.outputs.buildx_args }}" ]; then
BUILDX_ARGS="${{ steps.prepare_release.outputs.buildx_args }}" BUILDX_ARGS="${{ steps.prepare_release.outputs.buildx_args }}"
else
exit 1
fi fi
docker buildx build --cache-to "type=local,dest=/tmp/.buildx-cache" \ docker buildx build --cache-to "type=local,dest=/tmp/.buildx-cache" \
@ -198,20 +200,20 @@ jobs:
fi fi
docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \ docker buildx build --cache-from "type=local,src=/tmp/.buildx-cache" \
--output "type=image,push=true" \ --output "type=image,push=${{ secrets.AUTO_PUSH_IMAGES }}" \
${BUILDX_ARGS} ${BUILDX_ARGS}
- name: Inspect images - name: Inspect images
run: | run: |
echo "::warning push - ${{ steps.prepare_push.outputs.buildx_args }}" echo "::debug::push - ${{ steps.prepare_push.outputs.buildx_args }}"
echo "::warning release - ${{ steps.prepare_release.outputs.buildx_args }}" echo "::debug::release - ${{ steps.prepare_release.outputs.buildx_args }}"
if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then if [ ! -z "${{ steps.prepare_push.outputs.image_tag_versions }}" ]; then
IMAGE_TAG_VERSIONS="${{ steps.prepare_push.outputs.image_tag_versions }}" IMAGE_TAG_VERSIONS="${{ steps.prepare_push.outputs.image_tag_versions }}"
echo "::warning tags push raw - $IMAGE_TAG_VERSIONS" echo "::debug::tags push raw - $IMAGE_TAG_VERSIONS"
elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then elif [ ! -z "${{ steps.prepare_release.outputs.image_tag_versions }}" ]; then
IMAGE_TAG_VERSIONS="${{ steps.prepare_release.outputs.image_tag_versions }}" IMAGE_TAG_VERSIONS="${{ steps.prepare_release.outputs.image_tag_versions }}"
echo "::warning tags release raw - $IMAGE_TAG_VERSIONS" echo "::debug::tags release raw - $IMAGE_TAG_VERSIONS"
fi fi
IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)} IMAGE_TAG_VERSIONS=${IMAGE_TAG_VERSIONS%%+(|)}

18
proxy-mysql/alpine/docker-entrypoint.sh
View File

@ -222,11 +222,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
mysql_query() { mysql_query() {
@ -235,8 +239,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result echo $result
} }
@ -283,10 +291,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ -u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null ${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi fi
} }

25
proxy-mysql/centos/docker-entrypoint.sh
View File

@ -181,11 +181,8 @@ db_tls_params() {
local result="" local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl" ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
if [ -n "${ZBX_DBTLSCAFILE}" ]; then if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -223,11 +220,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
mysql_query() { mysql_query() {
@ -236,8 +237,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result echo $result
} }
@ -284,10 +289,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ -u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null ${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi fi
} }

18
proxy-mysql/ubuntu/docker-entrypoint.sh
View File

@ -218,12 +218,16 @@ check_db_connect_mysql() {
WAIT_TIMEOUT=5 WAIT_TIMEOUT=5
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
mysql_query() { mysql_query() {
@ -232,8 +236,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result echo $result
} }
@ -280,10 +288,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ -u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null ${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi fi
} }

18
server-mysql/alpine/docker-entrypoint.sh
View File

@ -217,11 +217,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
mysql_query() { mysql_query() {
@ -230,8 +234,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result echo $result
} }
@ -278,10 +286,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ -u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null ${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi fi
} }

25
server-mysql/centos/docker-entrypoint.sh
View File

@ -176,11 +176,8 @@ db_tls_params() {
local result="" local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl" ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
if [ -n "${ZBX_DBTLSCAFILE}" ]; then if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}" result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -217,11 +214,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
mysql_query() { mysql_query() {
@ -230,8 +231,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result echo $result
} }
@ -278,10 +283,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ -u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null ${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi fi
} }

18
server-mysql/ubuntu/docker-entrypoint.sh
View File

@ -214,11 +214,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
mysql_query() { mysql_query() {
@ -227,8 +231,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) -u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result echo $result
} }
@ -275,10 +283,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ -u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null ${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi fi
} }

6
web-apache-mysql/alpine/docker-entrypoint.sh
View File

@ -195,11 +195,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
prepare_web_server() { prepare_web_server() {

8
web-apache-mysql/centos/docker-entrypoint.sh
View File

@ -158,7 +158,7 @@ db_tls_params() {
local result="" local result=""
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
result="--ssl" result="--ssl-mode=required"
if [ -n "${ZBX_DB_CA_FILE}" ]; then if [ -n "${ZBX_DB_CA_FILE}" ]; then
result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" result="${result} --ssl-ca=${ZBX_DB_CA_FILE}"
@ -195,11 +195,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
prepare_web_server() { prepare_web_server() {

6
web-apache-mysql/ubuntu/docker-entrypoint.sh
View File

@ -195,11 +195,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
prepare_web_server() { prepare_web_server() {

6
web-nginx-mysql/alpine/docker-entrypoint.sh
View File

@ -214,11 +214,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
prepare_web_server() { prepare_web_server() {

8
web-nginx-mysql/centos/docker-entrypoint.sh
View File

@ -176,7 +176,7 @@ db_tls_params() {
local result="" local result=""
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
result="--ssl" result="--ssl-mode=required"
if [ -n "${ZBX_DB_CA_FILE}" ]; then if [ -n "${ZBX_DB_CA_FILE}" ]; then
result="${result} --ssl-ca=${ZBX_DB_CA_FILE}" result="${result} --ssl-ca=${ZBX_DB_CA_FILE}"
@ -214,11 +214,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
prepare_web_server() { prepare_web_server() {

6
web-nginx-mysql/ubuntu/docker-entrypoint.sh
View File

@ -214,11 +214,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)" ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT sleep $WAIT_TIMEOUT
done done
unset MYSQL_PWD
} }
prepare_web_server() { prepare_web_server() {