extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-08-09 16:45:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added ZBX_TLS variables to specify data without attached volume with encryption files

Browse Source
This commit is contained in:
Alexey Pustovalov
2024-08-21 20:26:24 +09:00
parent c90d6b00b1
commit 1a97a646bd
78 changed files with 748 additions and 185 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh
View File

@ -17,6 +17,8 @@ fi
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
escape_spec_char() {
local var_value=$1
@ -106,6 +108,19 @@ update_config_multiple_var() {
done
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
@ -224,22 +239,22 @@ update_zbx_config() {
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}"
update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"