From 1d6c9d73f50343ad2658579560f87e9756edfdd5 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Wed, 25 May 2022 01:49:10 +0300 Subject: [PATCH] Fixed SSL mode option for PostgreSQL --- Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh | 12 ++++++++---- Dockerfiles/server-pgsql/centos/docker-entrypoint.sh | 12 ++++++++---- Dockerfiles/server-pgsql/ol/docker-entrypoint.sh | 12 ++++++++---- Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh | 12 ++++++++---- .../web-apache-pgsql/alpine/docker-entrypoint.sh | 3 ++- .../web-apache-pgsql/centos/docker-entrypoint.sh | 3 ++- Dockerfiles/web-apache-pgsql/ol/docker-entrypoint.sh | 3 ++- .../web-apache-pgsql/ubuntu/docker-entrypoint.sh | 3 ++- .../web-nginx-pgsql/alpine/docker-entrypoint.sh | 3 ++- .../web-nginx-pgsql/centos/docker-entrypoint.sh | 3 ++- Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh | 3 ++- .../web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 3 ++- 12 files changed, 48 insertions(+), 24 deletions(-) diff --git a/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh b/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh index c080b0ab8..d967ffdbd 100755 --- a/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh @@ -182,7 +182,8 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -221,7 +222,8 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -256,7 +258,8 @@ create_db_database_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -304,7 +307,8 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh b/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh index c080b0ab8..d967ffdbd 100755 --- a/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh @@ -182,7 +182,8 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -221,7 +222,8 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -256,7 +258,8 @@ create_db_database_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -304,7 +307,8 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh b/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh index c080b0ab8..d967ffdbd 100755 --- a/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh @@ -182,7 +182,8 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -221,7 +222,8 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -256,7 +258,8 @@ create_db_database_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -304,7 +307,8 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh b/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh index d19ee3ad9..e9d352817 100755 --- a/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh @@ -182,7 +182,8 @@ check_db_connect_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -221,7 +222,8 @@ psql_query() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -256,7 +258,8 @@ create_db_database_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} @@ -304,7 +307,8 @@ create_db_schema_postgresql() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-apache-pgsql/alpine/docker-entrypoint.sh b/Dockerfiles/web-apache-pgsql/alpine/docker-entrypoint.sh index 7dfaadd8c..23fd41220 100755 --- a/Dockerfiles/web-apache-pgsql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/web-apache-pgsql/alpine/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-apache-pgsql/centos/docker-entrypoint.sh b/Dockerfiles/web-apache-pgsql/centos/docker-entrypoint.sh index 519a4bc8b..e6f98bdcb 100755 --- a/Dockerfiles/web-apache-pgsql/centos/docker-entrypoint.sh +++ b/Dockerfiles/web-apache-pgsql/centos/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-apache-pgsql/ol/docker-entrypoint.sh b/Dockerfiles/web-apache-pgsql/ol/docker-entrypoint.sh index 519a4bc8b..e6f98bdcb 100755 --- a/Dockerfiles/web-apache-pgsql/ol/docker-entrypoint.sh +++ b/Dockerfiles/web-apache-pgsql/ol/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/Dockerfiles/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 1102d2ac1..47b6365f9 100755 --- a/Dockerfiles/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh index 1a8fe5eee..1b1fdc47a 100755 --- a/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh index 67656445a..9185bcaff 100755 --- a/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh index 67656445a..9185bcaff 100755 --- a/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE} diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index ba7c49528..8304fe236 100755 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -97,7 +97,8 @@ check_db_connect() { fi if [ -n "${ZBX_DBTLSCONNECT}" ]; then - export PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + PGSSLMODE=${ZBX_DBTLSCONNECT//_/-} + export PGSSLMODE=${PGSSLMODE//required/require} export PGSSLROOTCERT=${ZBX_DBTLSCAFILE} export PGSSLCERT=${ZBX_DBTLSCERTFILE} export PGSSLKEY=${ZBX_DBTLSKEYFILE}