Using env variables for zabbix user home and configuration files directory

2025-08-09 08:35:05 +02:00 · 2024-12-24 17:42:58 +09:00
parent 7d466bb1bc
commit 44eda29b60
126 changed files with 1242 additions and 1344 deletions
--- a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile
+++ b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile
@ -17,6 +17,8 @@ ENV TERM=xterm \
    ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
    NMAP_PRIVILEGED="" \
+    ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
+    ZABBIX_CONF_DIR="/etc/zabbix" \
    ZBX_FPINGLOCATION="/usr/sbin/fping"

 LABEL description="Zabbix proxy with SQLite3 database support" \
@ -49,7 +51,7 @@ STOPSIGNAL SIGTERM

 COPY ["licenses", "/licenses"]
 COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
-COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
+COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
 COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"]

 RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -116,34 +118,34 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
            -g zabbix \
            --uid 1997 \
            --shell /sbin/nologin \
-            --home-dir /var/lib/zabbix/ \
+            --home-dir ${ZABBIX_USER_HOME_DIR} \
        zabbix && \
    chgrp zabbix /usr/bin/nmap && \
    setcap cap_net_raw+eip /usr/bin/nmap && \
-    mkdir -p /etc/zabbix && \
-    mkdir -p /var/lib/zabbix && \
-    mkdir -p /var/lib/zabbix/db_data && \
-    mkdir -p /var/lib/zabbix/enc && \
-    mkdir -p /var/lib/zabbix/enc_internal && \
+    mkdir -p ${ZABBIX_CONF_DIR} && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR} && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/db_data && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
+    mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
    mkdir -p /usr/lib/zabbix/externalscripts && \
-    mkdir -p /var/lib/zabbix/mibs && \
-    mkdir -p /var/lib/zabbix/modules && \
-    mkdir -p /var/lib/zabbix/snmptraps && \
-    mkdir -p /var/lib/zabbix/ssh_keys && \
-    mkdir -p /var/lib/zabbix/ssl && \
-    mkdir -p /var/lib/zabbix/ssl/certs && \
-    mkdir -p /var/lib/zabbix/ssl/keys && \
-    mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
-    chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
-    chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
-    chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
+    chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/ ${ZABBIX_USER_HOME_DIR}/ && \
+    chgrp -R 0 ${ZABBIX_CONF_DIR}/ ${ZABBIX_USER_HOME_DIR}/ && \
+    chmod -R g=u ${ZABBIX_CONF_DIR}/ ${ZABBIX_USER_HOME_DIR}/ && \
    microdnf -y clean all

 EXPOSE 10051/TCP

-WORKDIR /var/lib/zabbix
+WORKDIR ${ZABBIX_USER_HOME_DIR}

-VOLUME ["/var/lib/zabbix/snmptraps"]
+VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]

 COPY ["docker-entrypoint.sh", "/usr/bin/"]

--- a/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh
+++ b/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh
@ -13,10 +13,6 @@ fi
 : ${ZBX_SERVER_HOST:="zabbix-server"}

 # Default directories
-# User 'zabbix' home directory
-ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
-# Configuration files directory
-ZABBIX_ETC_DIR="/etc/zabbix"
 # Internal directory for TLS related files, used when TLS*File specified as plain text values
 ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"

@ -128,7 +124,7 @@ file_process_from_env() {
 update_zbx_config() {
    echo "** Preparing Zabbix proxy configuration file"

-    ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
+    ZBX_CONFIG=${ZABBIX_CONF_DIR}/zabbix_proxy.conf

    update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
    update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
@ -158,10 +154,10 @@ update_zbx_config() {
    update_config_var $ZBX_CONFIG "DBHost"
    : ${ZBX_USE_NODE_NAME_AS_DB_NAME:="false"}
    if [ "${ZBX_USE_NODE_NAME_AS_DB_NAME,,}" == "false" ]; then
-        update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
+        update_config_var $ZBX_CONFIG "DBName" "${ZABBIX_USER_HOME_DIR}/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
    else
        node_name=$(uname -n)
-        update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/$node_name.sqlite"
+        update_config_var $ZBX_CONFIG "DBName" "${ZABBIX_USER_HOME_DIR}/db_data/$node_name.sqlite"
    fi
    update_config_var $ZBX_CONFIG "DBUser"
    update_config_var $ZBX_CONFIG "DBPort"
@ -224,7 +220,6 @@ update_zbx_config() {
    update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
    update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"

-    update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
    update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"

    update_config_var $ZBX_CONFIG "FpingLocation" "${ZBX_FPINGLOCATION}"