extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-03-06 10:31:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed MySQL SSL options parsing for MySQL 8.0 client

Browse Source
This commit is contained in:
Alexey Pustovalov 2020-08-25 07:36:59 -04:00
parent d8dc57b539
commit 62555ae78b
18 changed files with 66 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env_srv
View File

@ -1,7 +1,7 @@
# ZBX_LISTENIP=
# ZBX_HISTORYSTORAGEURL=http://elasticsearch:9200/ # Available since 3.4.5
# ZBX_HISTORYSTORAGETYPES=uint,dbl,str,log,text # Available since 3.4.5
# ZBX_DBTLSCONNECT=require # Available since 5.0.0
# ZBX_DBTLSCONNECT=required # Available since 5.0.0
# ZBX_DBTLSCAFILE=/run/secrets/root-ca.pem # Available since 5.0.0
# ZBX_DBTLSCERTFILE=/run/secrets/client-cert.pem # Available since 5.0.0
# ZBX_DBTLSKEYFILE=/run/secrets/client-key.pem # Available since 5.0.0

4
agent/centos/Dockerfile
View File

@ -23,7 +23,7 @@ RUN set -eux && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/modules && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
libcurl-minimal \
openssl-libs && \
curl -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" -o /sbin/tini && \
@ -56,7 +56,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati
RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
pcre-devel \

4
java-gateway/centos/Dockerfile
View File

@ -18,7 +18,7 @@ RUN set -eux && \
mkdir -p /etc/zabbix/ && \
mkdir -p /usr/sbin/zabbix_java/ && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
java-1.8.0-openjdk-headless && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
@ -38,7 +38,7 @@ COPY ["conf/etc/", "/etc/"]
RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
java-1.8.0-openjdk-devel \

6
proxy-mysql/centos/Dockerfile
View File

@ -32,7 +32,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
dnf --quiet makecache && \
dnf -y install http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm --setopt=tsflags=nodocs && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
libcurl-minimal \
libevent \
libssh \
@ -76,7 +76,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati
RUN set -eux && \
sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
gcc \
@ -86,7 +86,7 @@ RUN set -eux && \
libssh-devel \
libxml2-devel \
make \
mariadb-devel \
mariadb-connector-c-devel \
net-snmp-devel \
OpenIPMI-devel \
openldap-devel \

9
proxy-mysql/ubuntu/docker-entrypoint.sh
View File

@ -195,7 +195,8 @@ check_db_connect_mysql() {
WAIT_TIMEOUT=5
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
fi
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
@ -210,7 +211,8 @@ mysql_query() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
fi
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
@ -260,7 +262,8 @@ create_db_schema_mysql() {
echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
fi
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \

4
proxy-sqlite3/centos/Dockerfile
View File

@ -32,7 +32,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-proxy-sqlite3 && \
dnf --quiet makecache && \
dnf -y install http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm --setopt=tsflags=nodocs && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
libcurl-minimal \
libevent \
libssh \
@ -75,7 +75,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati
RUN set -eux && \
sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
gcc \

6
server-mysql/centos/Dockerfile
View File

@ -34,7 +34,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs http://repo.zabbix.com/non-supported/rhel/8/x86_64/fping-3.16-1.el8.x86_64.rpm && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
iputils \
traceroute \
libcurl-minimal \
@ -80,7 +80,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati
RUN set -eux && \
sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
gcc \
@ -90,7 +90,7 @@ RUN set -eux && \
libssh-devel \
libxml2-devel \
make \
mariadb-devel \
mariadb-connector-c-devel \
net-snmp-devel \
OpenIPMI-devel \
openldap-devel \

15
server-mysql/centos/docker-entrypoint.sh
View File

@ -190,7 +190,10 @@ check_db_connect_mysql() {
WAIT_TIMEOUT=5
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
verify_cert="--ssl-verify-server-cert"
fi
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert"
fi
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
@ -205,7 +208,10 @@ mysql_query() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
verify_cert="--ssl-verify-server-cert"
fi
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert"
fi
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
@ -255,7 +261,10 @@ create_db_schema_mysql() {
echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
verify_cert="--ssl-verify-server-cert"
fi
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert"
fi
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \

15
server-mysql/rhel/docker-entrypoint.sh
View File

@ -190,7 +190,10 @@ check_db_connect_mysql() {
WAIT_TIMEOUT=5
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
verify_cert="--ssl-verify-server-cert"
fi
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert"
fi
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
@ -205,7 +208,10 @@ mysql_query() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
verify_cert="--ssl-verify-server-cert"
fi
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert"
fi
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
@ -255,7 +261,10 @@ create_db_schema_mysql() {
echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
verify_cert="--ssl-verify-server-cert"
fi
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE} $verify_cert"
fi
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \

9
server-mysql/ubuntu/docker-entrypoint.sh
View File

@ -190,7 +190,8 @@ check_db_connect_mysql() {
WAIT_TIMEOUT=5
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
fi
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
@ -205,7 +206,8 @@ mysql_query() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
fi
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
@ -255,7 +257,8 @@ create_db_schema_mysql() {
echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
ssl_opts="--ssl-mode=$ssl_mode --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}"
fi
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \

4
server-pgsql/centos/Dockerfile
View File

@ -34,7 +34,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs https://repo.zabbix.com/non-supported/rhel/7/x86_64/fping-3.10-1.el7.x86_64.rpm && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
iputils \
traceroute \
libcurl-minimal \
@ -81,7 +81,7 @@ LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentati
RUN set -eux && \
sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/CentOS-PowerTools.repo && \
dnf --quiet makecache && \
dnf -y install \
dnf -y install -setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
gcc \

2
web-apache-mysql/centos/Dockerfile
View File

@ -63,7 +63,7 @@ RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
glibc-locale-source && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
gettext \
git && \
cd /usr/share/ && \

6
web-apache-mysql/ubuntu/docker-entrypoint.sh
View File

@ -171,8 +171,12 @@ check_db_connect() {
WAIT_TIMEOUT=5
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
ssl_opts="--ssl-mode=required --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}"
fi
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done

2
web-apache-pgsql/centos/Dockerfile
View File

@ -63,7 +63,7 @@ RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
glibc-locale-source && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
gettext \
git && \
cd /usr/share/ && \

2
web-nginx-mysql/centos/Dockerfile
View File

@ -55,7 +55,7 @@ RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
glibc-locale-source && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
gettext \
git && \
cd /usr/share/ && \

6
web-nginx-mysql/ubuntu/docker-entrypoint.sh
View File

@ -190,8 +190,12 @@ check_db_connect() {
WAIT_TIMEOUT=5
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
ssl_opts="--ssl-mode=required --ssl-ca=${ZBX_DB_CA_FILE} --ssl-key=${ZBX_DB_KEY_FILE} --ssl-cert=${ZBX_DB_CERT_FILE}"
fi
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done

2
web-nginx-pgsql/centos/Dockerfile
View File

@ -55,7 +55,7 @@ RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
glibc-locale-source && \
dnf -y install --setopt=tsflags=nodocs \
dnf -y install --setopt=install_weak_deps=False --best --setopt=tsflags=nodocs \
gettext \
git && \
cd /usr/share/ && \

2
zabbix-appliance/rhel/Dockerfile
View File

@ -131,7 +131,7 @@ RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstr
libssh-devel \
libxml2-devel \
make \
mariadb-devel \
mariadb-connector-c-devel \
pcre-devel \
net-snmp-devel \
# OpenIPMI-devel \