Added information about Web and DB encryption

2025-08-09 08:35:05 +02:00 · 2020-08-05 17:48:32 -04:00
parent 00ae9cf653 a349fc645a
commit 5bcb06e8c7
13 changed files with 325 additions and 20 deletions
--- a/web-nginx-mysql/ubuntu/README.md
+++ b/web-nginx-mysql/ubuntu/README.md
@ -163,10 +163,35 @@ The varable is PHP ``upload_max_filesize`` option. By default, value is `2M`.

 The varable is PHP ``max_input_time`` option. By default, value is `300`.

+
 ### `ZBX_SESSION_NAME`
-                                                                                               
+
 The variable is Zabbix frontend [definition](https://www.zabbix.com/documentation/4.2/manual/web_interface/definitions). String used as the name of the Zabbix frontend session cookie. By default, value is `zbx_sessionid`.

+### `ZBX_DB_ENCRYPTION`
+
+The variable allows to activate encryption for connections to Zabbix database. Even if no other environment variables are specified, connections will be TLS-encrypted if `ZBX_DB_ENCRYPTION=true` specified. Available since 5.0.0. Disabled by default.
+
+### `ZBX_DB_KEY_FILE`
+
+The variable allows to specify the full path to a valid TLS key file. Available since 5.0.0.
+
+### `ZBX_DB_CERT_FILE`
+
+The variable allows to specify the full path to a valid TLS certificate file. Available since 5.0.0.
+
+### `ZBX_DB_CA_FILE`
+
+The variable allows to specify the full path to a valid TLS certificate authority file. Available since 5.0.0.
+
+### `ZBX_DB_VERIFY_HOST`
+
+The variable allows to activate host verification. Available since 5.0.0.
+
+### `ZBX_DB_CIPHER_LIST`
+
+The variable allows to specify a custom list of valid ciphers. The format of the cipher list must conform to the OpenSSL standard. Available since 5.0.0.
+
 ## Allowed volumes for the Zabbix web interface container

 ### ``/etc/ssl/nginx``