Migrated images to use native Zabbix environment variables

This commit is contained in:
Alexey Pustovalov 2024-12-23 21:22:01 +09:00
parent 8e1eaecec1
commit 688ed8b9cb
186 changed files with 6297 additions and 5663 deletions

View File

@ -646,6 +646,7 @@ jobs:
context: ${{ format('{0}/{1}/{2}/', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
build-contexts: |
sources=./sources/
config_templates=./config_templates/
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true

View File

@ -405,6 +405,8 @@ jobs:
uses: redhat-actions/buildah-build@v2.13
with:
context: ${{ format('{0}/{1}/rhel', env.DOCKERFILES_DIRECTORY, matrix.build) }}
extra-args: |
--build-context config_templates=./config_templates/
layers: false
tags: ${{ steps.meta.outputs.tags }}
containerfiles: |

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/sbin/zabbix_agentd", "/usr/sbin/zabbix_agentd"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "${ZABBIX_CONF_DIR}/"]
RUN set -eux && \
INSTALL_PKGS="bash \
@ -56,21 +60,33 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR}
EXPOSE 10050/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
ZBX_SERVER_HOST=${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
ZBX_SERVER_PORT=${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -115,118 +111,90 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_AGENT_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}
prepare_agent() {
echo "** Preparing Zabbix agent"
prepare_zbx_agent_config
clear_zbx_env
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/sbin/zabbix_agentd", "/usr/sbin/zabbix_agentd"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
@ -72,17 +76,29 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10050/TCP

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
ZBX_SERVER_HOST=${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
ZBX_SERVER_PORT=${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -115,118 +111,90 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_AGENT_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}
prepare_agent() {
echo "** Preparing Zabbix agent"
prepare_zbx_agent_config
clear_zbx_env
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/sbin/zabbix_agentd", "/usr/sbin/zabbix_agentd"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "${ZABBIX_CONF_DIR}/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -60,22 +64,34 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10050/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
ZBX_SERVER_HOST=${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
ZBX_SERVER_PORT=${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -115,118 +111,90 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_AGENT_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}
prepare_agent() {
echo "** Preparing Zabbix agent"
prepare_zbx_agent_config
clear_zbx_env
}

View File

@ -14,7 +14,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules"
LABEL description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \
maintainer="alexey.pustovalov@zabbix.com" \
@ -47,7 +51,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/sbin/zabbix_agentd", "/usr/sbin/zabbix_agentd"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
@ -98,17 +102,29 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10050/TCP

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
ZBX_SERVER_HOST=${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
ZBX_SERVER_PORT=${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -115,118 +111,90 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_AGENT_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}
prepare_agent() {
echo "** Preparing Zabbix agent"
prepare_zbx_agent_config
clear_zbx_env
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/sbin/zabbix_agentd", "/usr/sbin/zabbix_agentd"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
@ -56,23 +60,35 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agentd.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agentd.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
apt-get -y autoremove && \
apt-get -y clean
EXPOSE 10050/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
ZBX_SERVER_HOST=${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
ZBX_SERVER_PORT=${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -115,118 +111,90 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_AGENT_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_AGENT_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}
prepare_agent() {
echo "** Preparing Zabbix agent"
prepare_zbx_agent_config
clear_zbx_env
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_PERSISTENTBUFFERFILE="$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/sbin/", "/usr/sbin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "${ZABBIX_CONF_DIR}/"]
RUN set -eux && \
INSTALL_PKGS="bash \
@ -53,23 +57,31 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/buffer && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agent2.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/buffer && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR}
EXPOSE 10050/TCP 31999/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
: ${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
: ${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -124,112 +120,90 @@ file_process_from_env() {
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
update_config_var $ZBX_AGENT_CONFIG "ForceActiveChecksOnStart" "${ZBX_FORCEACTIVECHECKSONSTART}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}"
else
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0"
export ZBX_ENABLEPERSISTENTBUFFER=1
fi
if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999"
export ZBX_STATUSPORT=${ZBX_STATUSPORT="31999"}
else
unset ZBX_PERSISTENTBUFFERFILE
fi
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agent2.d/plugins.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf" "true"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
}
prepare_zbx_agent_plugin_config() {
echo "** Preparing Zabbix agent plugin configuration files"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
if command -v nvidia-smi 2>&1 >/dev/null
then
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_PERSISTENTBUFFERFILE="$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/sbin/", "/usr/sbin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
@ -73,24 +77,32 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/buffer && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agent2.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/buffer && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10050/TCP 31999/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
: ${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
: ${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -124,112 +120,90 @@ file_process_from_env() {
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
update_config_var $ZBX_AGENT_CONFIG "ForceActiveChecksOnStart" "${ZBX_FORCEACTIVECHECKSONSTART}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}"
else
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0"
export ZBX_ENABLEPERSISTENTBUFFER=1
fi
if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999"
export ZBX_STATUSPORT=${ZBX_STATUSPORT="31999"}
else
unset ZBX_PERSISTENTBUFFERFILE
fi
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agent2.d/plugins.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf" "true"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
}
prepare_zbx_agent_plugin_config() {
echo "** Preparing Zabbix agent plugin configuration files"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
if command -v nvidia-smi 2>&1 >/dev/null
then
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_PERSISTENTBUFFERFILE="$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/sbin/", "/usr/sbin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "${ZABBIX_CONF_DIR}/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -60,24 +64,32 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/buffer && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agent2.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/buffer && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10050/TCP 31999/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
: ${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
: ${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -124,112 +120,90 @@ file_process_from_env() {
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
update_config_var $ZBX_AGENT_CONFIG "ForceActiveChecksOnStart" "${ZBX_FORCEACTIVECHECKSONSTART}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}"
else
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0"
export ZBX_ENABLEPERSISTENTBUFFER=1
fi
if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999"
export ZBX_STATUSPORT=${ZBX_STATUSPORT="31999"}
else
unset ZBX_PERSISTENTBUFFERFILE
fi
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agent2.d/plugins.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf" "true"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
}
prepare_zbx_agent_plugin_config() {
echo "** Preparing Zabbix agent plugin configuration files"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
if command -v nvidia-smi 2>&1 >/dev/null
then
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_PERSISTENTBUFFERFILE="$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
LABEL description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \
maintainer="alexey.pustovalov@zabbix.com" \
@ -47,7 +51,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/sbin/", "/usr/sbin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
@ -94,24 +98,32 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/buffer && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agent2.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/buffer && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR}
microdnf -y clean all
EXPOSE 10050/TCP 31999/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
: ${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
: ${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -124,112 +120,90 @@ file_process_from_env() {
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
update_config_var $ZBX_AGENT_CONFIG "ForceActiveChecksOnStart" "${ZBX_FORCEACTIVECHECKSONSTART}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}"
else
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0"
export ZBX_ENABLEPERSISTENTBUFFER=1
fi
if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999"
export ZBX_STATUSPORT=${ZBX_STATUSPORT="31999"}
else
unset ZBX_PERSISTENTBUFFERFILE
fi
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agent2.d/plugins.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf" "true"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
}
prepare_zbx_agent_plugin_config() {
echo "** Preparing Zabbix agent plugin configuration files"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
if command -v nvidia-smi 2>&1 >/dev/null
then
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -12,7 +12,11 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_PERSISTENTBUFFERFILE="$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \
@ -28,7 +32,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/sbin/", "/usr/sbin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/agent2/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
@ -56,25 +60,33 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /etc/zabbix/zabbix_agentd.d && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/buffer && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_CONF_DIR}/zabbix_agent2.d && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/buffer && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_agent2_item_keys.conf \
${ZABBIX_CONF_DIR}/zabbix_agent2.d/ \
${ZABBIX_USER_HOME_DIR}/ && \
chmod g=u ${ZABBIX_CONF_DIR} && \
apt-get -y autoremove && \
apt-get -y clean
EXPOSE 10050/TCP 31999/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -11,15 +11,11 @@ fi
# Default Zabbix installation name
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
: ${ZBX_SERVER_HOST="zabbix-server"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
: ${ZBX_SERVER_PORT="10051"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -124,112 +120,90 @@ file_process_from_env() {
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_agent_config() {
echo "** Preparing Zabbix agent configuration file"
ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf
: ${ZBX_PASSIVESERVERS=""}
: ${ZBX_ACTIVESERVERS=""}
: ${ZBX_PASSIVESERVERS:=""}
: ${ZBX_ACTIVESERVERS:=""}
if [ ! -z "$ZBX_SERVER_HOST" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST","$ZBX_PASSIVESERVERS
elif [ ! -z "$ZBX_SERVER_HOST" ]; then
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST
fi
[ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS
ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS
[ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS
update_config_var $ZBX_AGENT_CONFIG "PidFile"
update_config_var $ZBX_AGENT_CONFIG "LogType" "console"
update_config_var $ZBX_AGENT_CONFIG "LogFile"
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
if [ ! -z "$ZBX_SERVER_HOST" ]; then
if [ ! -z "$ZBX_SERVER_PORT" ] && [ "$ZBX_SERVER_PORT" != "10051" ]; then
ZBX_SERVER_HOST=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT
fi
if [ ! -z "$ZBX_ACTIVESERVERS" ]; then
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST","$ZBX_ACTIVESERVERS
else
ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST
fi
fi
: ${ZBX_PASSIVE_ALLOW:="true"}
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_PASSIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_PASSIVESERVERS" ]; then
echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks"
update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}"
export ZBX_PASSIVESERVERS="${ZBX_PASSIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "Server"
unset ZBX_PASSIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}"
: ${ZBX_ACTIVE_ALLOW:="true"}
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ]; then
if [ "${ZBX_ACTIVE_ALLOW,,}" == "true" ] && [ ! -z "$ZBX_ACTIVESERVERS" ]; then
echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks"
update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}"
export ZBX_ACTIVESERVERS="${ZBX_ACTIVESERVERS}"
else
update_config_var $ZBX_AGENT_CONFIG "ServerActive"
unset ZBX_ACTIVESERVERS
fi
update_config_var $ZBX_AGENT_CONFIG "HeartbeatFrequency" "${ZBX_HEARTBEAT_FREQUENCY}"
update_config_var $ZBX_AGENT_CONFIG "ForceActiveChecksOnStart" "${ZBX_FORCEACTIVECHECKSONSTART}"
unset ZBX_SERVER_HOST
unset ZBX_SERVER_PORT
if [ "${ZBX_ENABLEPERSISTENTBUFFER,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/agent2.db"
update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}"
else
update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0"
export ZBX_ENABLEPERSISTENTBUFFER=1
fi
if [ "${ZBX_ENABLESTATUSPORT,,}" == "true" ]; then
update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999"
export ZBX_STATUSPORT=${ZBX_STATUSPORT="31999"}
else
unset ZBX_PERSISTENTBUFFERFILE
fi
update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}"
update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_agentd_item_keys.conf" "AllowKey" "${ZBX_ALLOWKEY}"
update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}"
update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}"
update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}"
update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}"
update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}"
update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}"
# Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS}
update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agent2.d/plugins.d/*.conf"
update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/*.conf" "true"
update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}"
update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
}
prepare_zbx_agent_plugin_config() {
echo "** Preparing Zabbix agent plugin configuration files"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mongodb.conf" "Plugins.MongoDB.System.Path" "/usr/sbin/zabbix-agent2-plugin/mongodb"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/postgresql.conf" "Plugins.PostgreSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/postgresql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/mssql.conf" "Plugins.MSSQL.System.Path" "/usr/sbin/zabbix-agent2-plugin/mssql"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/ember.conf" "Plugins.EmberPlus.System.Path" "/usr/sbin/zabbix-agent2-plugin/ember-plus"
if command -v nvidia-smi 2>&1 >/dev/null
then
update_config_var "/etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
update_config_var "$ZABBIX_CONF_DIR/zabbix_agent2.d/plugins.d/nvidia.conf" "Plugins.NVIDIA.System.Path" "/usr/sbin/zabbix-agent2-plugin/nvidia-gpu"
fi
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -61,7 +62,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -117,19 +122,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -61,7 +62,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -117,19 +122,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -61,7 +62,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -117,19 +122,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -46,7 +46,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -72,7 +73,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -128,19 +133,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -61,7 +62,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -117,19 +122,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -63,7 +64,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -122,19 +127,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -63,7 +64,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -121,19 +126,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -63,7 +64,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -122,19 +127,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -46,7 +46,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -74,7 +75,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -133,19 +138,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,7 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -63,7 +64,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
patch -p1 < /tmp/chromedp_no_sandbox.patch && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -121,19 +126,24 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
strip ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_server/zabbix_server ${ZBX_OUTPUT_DIR}/server/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_server.conf ${ZBX_OUTPUT_DIR}/server/conf/zabbix_server.conf_template && \
cp /tmp/conf/server/* ${ZBX_OUTPUT_DIR}/server/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_web_service ${ZBX_OUTPUT_DIR}/web_service/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_web_service.conf ${ZBX_OUTPUT_DIR}/web_service/conf/zabbix_web_service.conf_template && \
cp /tmp/conf/web_service/* ${ZBX_OUTPUT_DIR}/web_service/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender ${ZBX_OUTPUT_DIR}/general/bin/ && \
make -s distclean && \

View File

@ -35,6 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -54,6 +56,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -98,13 +105,16 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get && \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \

View File

@ -35,6 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -54,6 +56,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -98,13 +105,16 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get && \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \

View File

@ -35,6 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -54,6 +56,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -98,13 +105,16 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get && \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \

View File

@ -46,6 +46,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=from=sources,target=/tmp/src \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -65,6 +67,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -109,13 +116,16 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get && \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \

View File

@ -35,6 +35,8 @@ ENV ZBX_SOURCES_DIR=/tmp/zabbix-${ZBX_VERSION} ZBX_OUTPUT_DIR=/tmp/zabbix-${ZBX_
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=src/,target=/tmp/src \
--mount=type=bind,source=patches/,target=/tmp/patches \
--mount=from=config_templates,target=/tmp/conf \
set -eux && \
cd /tmp/ && \
mkdir -p ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
@ -54,6 +56,11 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${GIT_BRANCH:-$ZBX_VERSION} --depth 1 --single-branch ${ZBX_SOURCES_DIR}; \
fi && \
cd ${ZBX_SOURCES_DIR} && \
for patch_filename in /tmp/patches/*.patch; do \
if [ -f "$patch_filename" ]; then \
patch -p1 < $patch_filename; \
fi \
done && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" include/version.h && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
@ -99,13 +106,16 @@ RUN --mount=type=cache,target=/root/.cache/go-build/ \
strip ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get && \
strip ${ZBX_SOURCES_DIR}/src/zabbix_sender/zabbix_sender && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_agent/zabbix_agentd ${ZBX_OUTPUT_DIR}/agent/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_agentd.conf ${ZBX_OUTPUT_DIR}/agent/conf/zabbix_agentd.conf_template && \
cp /tmp/conf/agent/* ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/conf/zabbix_agentd/ ${ZBX_OUTPUT_DIR}/agent/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/bin/zabbix_agent2 ${ZBX_OUTPUT_DIR}/agent2/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.conf ${ZBX_OUTPUT_DIR}/agent2/conf/zabbix_agent2.conf_template && \
cp /tmp/conf/agent2/* ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/go/conf/zabbix_agent2.d/ ${ZBX_OUTPUT_DIR}/agent2/conf/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_proxy/zabbix_proxy ${ZBX_OUTPUT_DIR}/proxy/sbin/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp ${ZBX_SOURCES_DIR}/conf/zabbix_proxy.conf ${ZBX_OUTPUT_DIR}/proxy/conf/zabbix_proxy.conf_template && \
cp /tmp/conf/proxy/* ${ZBX_OUTPUT_DIR}/proxy/conf/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/bin/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp -R ${ZBX_SOURCES_DIR}/src/zabbix_java/lib/ ${ZBX_OUTPUT_DIR}/java_gateway/sbin/ && \
cp ${ZBX_SOURCES_DIR}/src/zabbix_get/zabbix_get ${ZBX_OUTPUT_DIR}/general/bin/ && \

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/database/mysql/", "/usr/share/doc/zabbix-proxy-mysql/"]
RUN set -eux && \
@ -69,33 +80,36 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR}
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -143,16 +136,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -346,192 +343,47 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULTDBPATH}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/database/mysql/", "/usr/share/doc/zabbix-proxy-mysql/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -88,34 +99,37 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -143,16 +136,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -343,192 +340,47 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULTDBPATH}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/database/mysql/", "/usr/share/doc/zabbix-proxy-mysql/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
@ -75,34 +86,37 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -143,16 +136,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -343,192 +340,47 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULTDBPATH}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -16,7 +16,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL description="Zabbix proxy with MySQL database support" \
maintainer="alexey.pustovalov@zabbix.com" \
@ -49,7 +60,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/database/mysql/", "/usr/share/doc/zabbix-proxy-mysql/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -117,35 +128,38 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -143,16 +136,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -343,192 +340,47 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULTDBPATH}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/bin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/database/mysql/", "/usr/share/doc/zabbix-proxy-mysql/"]
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
@ -72,35 +83,38 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
apt-get -y autoremove && \
apt-get -y clean
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -143,16 +136,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -343,192 +340,47 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULTDBPATH}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,17 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@ -29,7 +39,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"]
RUN set -eux && \
@ -66,33 +76,36 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/db_data && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/db_data && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR}
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -109,175 +102,65 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "DBHost"
: ${ZBX_USE_NODE_NAME_AS_DB_NAME:="false"}
if [ "${ZBX_USE_NODE_NAME_AS_DB_NAME,,}" == "false" ]; then
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
else
node_name=$(uname -n)
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/$node_name.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/$node_name.sqlite"
fi
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPort"
update_config_var $ZBX_CONFIG "DBPassword"
unset ZBX_USE_NODE_NAME_AS_DB_NAME
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
if [ ! -z "${ZBX_HOSTNAMEITEM}" ]; then
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,17 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@ -29,7 +39,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -83,34 +93,37 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/db_data && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/db_data && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -109,175 +102,65 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "DBHost"
: ${ZBX_USE_NODE_NAME_AS_DB_NAME:="false"}
if [ "${ZBX_USE_NODE_NAME_AS_DB_NAME,,}" == "false" ]; then
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
else
node_name=$(uname -n)
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/$node_name.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/$node_name.sqlite"
fi
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPort"
update_config_var $ZBX_CONFIG "DBPassword"
unset ZBX_USE_NODE_NAME_AS_DB_NAME
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
if [ ! -z "${ZBX_HOSTNAMEITEM}" ]; then
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,17 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@ -29,7 +39,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
@ -70,34 +80,37 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/db_data && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/db_data && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -109,175 +102,65 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "DBHost"
: ${ZBX_USE_NODE_NAME_AS_DB_NAME:="false"}
if [ "${ZBX_USE_NODE_NAME_AS_DB_NAME,,}" == "false" ]; then
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
else
node_name=$(uname -n)
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/$node_name.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/$node_name.sqlite"
fi
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPort"
update_config_var $ZBX_CONFIG "DBPassword"
unset ZBX_USE_NODE_NAME_AS_DB_NAME
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
if [ ! -z "${ZBX_HOSTNAMEITEM}" ]; then
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -16,7 +16,17 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL description="Zabbix proxy with SQLite3 database support" \
maintainer="alexey.pustovalov@zabbix.com" \
@ -48,7 +58,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -114,34 +124,37 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/db_data && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/db_data && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -109,175 +102,65 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "DBHost"
: ${ZBX_USE_NODE_NAME_AS_DB_NAME:="false"}
if [ "${ZBX_USE_NODE_NAME_AS_DB_NAME,,}" == "false" ]; then
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
else
node_name=$(uname -n)
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/$node_name.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/$node_name.sqlite"
fi
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPort"
update_config_var $ZBX_CONFIG "DBPassword"
unset ZBX_USE_NODE_NAME_AS_DB_NAME
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
if [ ! -z "${ZBX_HOSTNAMEITEM}" ]; then
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,17 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_FPINGLOCATION="/usr/bin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@ -29,7 +39,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"]
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
@ -69,34 +79,37 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/db_data && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/db_data && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
apt-get -y autoremove
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,14 +9,7 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix server host
: ${ZBX_SERVER_HOST:="zabbix-server"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -118,166 +111,57 @@ file_process_from_env() {
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
update_zbx_config() {
echo "** Preparing Zabbix proxy configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf
update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}"
update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}"
if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then
update_config_var $ZBX_CONFIG "Hostname" ""
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
else
update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}"
fi
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
update_config_var $ZBX_CONFIG "DBHost"
: ${ZBX_USE_NODE_NAME_AS_DB_NAME:="false"}
if [ "${ZBX_USE_NODE_NAME_AS_DB_NAME,,}" == "false" ]; then
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}.sqlite"
else
node_name=$(uname -n)
update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/db_data/$node_name.sqlite"
export ZBX_DB_NAME="${ZABBIX_USER_HOME_DIR}/db_data/$node_name.sqlite"
fi
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPort"
update_config_var $ZBX_CONFIG "DBPassword"
unset ZBX_USE_NODE_NAME_AS_DB_NAME
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
export ZBX_SERVER_HOST="${ZBX_SERVER_HOST:="zabbix-server"}"
update_config_var $ZBX_CONFIG "ProxyBufferMode" "${ZBX_PROXYBUFFERMODE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferAge" "${ZBX_PROXYMEMORYBUFFERAGE}"
update_config_var $ZBX_CONFIG "ProxyMemoryBufferSize" "${ZBX_PROXYMEMORYBUFFERSIZE}"
update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}"
update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
if [ ! -z "${ZBX_HOSTNAMEITEM}" ]; then
export ZBX_HOSTNAME=""
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
export ZBX_HOSTNAME="${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_proxy_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}"
update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
file_process_from_env $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
file_process_from_env "ZBX_TLSPSKFILE" "${ZBX_TLSPSKFILE}" "${ZBX_TLSPSK}"
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/mysql/create.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN set -eux && \
@ -69,37 +80,40 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR} \
zabbix && \
adduser zabbix dialout && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR}
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,11 +9,6 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -140,16 +135,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -188,6 +187,7 @@ check_variables_mysql() {
# If root password is not specified use provided credentials
: ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}
[ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}}
DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"}
DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"}
@ -356,229 +356,50 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/mysql/create.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -102,33 +113,36 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,11 +9,6 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -140,16 +135,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -188,6 +187,7 @@ check_variables_mysql() {
# If root password is not specified use provided credentials
: ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}
[ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}}
DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"}
DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"}
@ -353,229 +353,50 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/mysql/create.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
@ -83,33 +94,36 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,11 +9,6 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -140,16 +135,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -188,6 +187,7 @@ check_variables_mysql() {
# If root password is not specified use provided credentials
: ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}
[ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}}
DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"}
DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"}
@ -353,229 +353,50 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -16,7 +16,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL description="Zabbix server with MySQL database support" \
maintainer="alexey.pustovalov@zabbix.com" \
@ -49,7 +60,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/mysql/create.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -130,33 +141,36 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,11 +9,6 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -140,16 +135,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -188,6 +187,7 @@ check_variables_mysql() {
# If root password is not specified use provided credentials
: ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}
[ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}}
DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"}
DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"}
@ -353,229 +353,50 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/bin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with MySQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/mysql/create.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
@ -75,38 +86,41 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
-G dialout \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
apt-get -y autoremove && \
apt-get -y clean
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -9,11 +9,6 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -140,16 +135,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for MySQL database
@ -188,6 +187,7 @@ check_variables_mysql() {
# If root password is not specified use provided credentials
: ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}
[ "${MYSQL_ALLOW_EMPTY_PASSWORD,,}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}}
DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"}
DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"}
@ -353,229 +353,50 @@ create_db_schema_mysql() {
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
export ZBX_DB_SOCKET="${DB_SERVER_SOCKET}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
if [ ! -n "${DB_SERVER_SOCKET}" ]; then
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
else
update_config_var $ZBX_CONFIG "DBHost"
update_config_var $ZBX_CONFIG "DBPort"
fi
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|MYSQL)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|MYSQL)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/postgresql/", "/usr/share/doc/zabbix-server-postgresql/"]
RUN set -eux && \
@ -68,37 +79,40 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR} \
zabbix && \
adduser zabbix dialout && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR}
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -13,10 +13,6 @@ fi
: ${ENABLE_TIMESCALEDB:="false"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -144,16 +140,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for PostgreSQL database
@ -179,7 +179,6 @@ check_variables_postgresql() {
if [ -n "${DB_SERVER_HOST}" ]; then
psql_connect_args="--host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT}"
else
DB_SERVER_HOST='""'
psql_connect_args="--port ${DB_SERVER_PORT}"
fi
}
@ -383,232 +382,55 @@ create_db_schema_postgresql() {
exec_sql_file "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"
fi
apply_db_scripts "/var/lib/zabbix/dbscripts/*.sql"
apply_db_scripts "${ZABBIX_USER_HOME_DIR}/dbscripts/*.sql"
fi
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_SCHEMA="${DB_SERVER_SCHEMA}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|POSTGRES)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|POSTGRES)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/postgresql/", "/usr/share/doc/zabbix-server-postgresql/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -103,37 +114,40 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-G dialout \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -13,10 +13,6 @@ fi
: ${ENABLE_TIMESCALEDB:="false"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -144,16 +140,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for PostgreSQL database
@ -179,7 +179,6 @@ check_variables_postgresql() {
if [ -n "${DB_SERVER_HOST}" ]; then
psql_connect_args="--host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT}"
else
DB_SERVER_HOST='""'
psql_connect_args="--port ${DB_SERVER_PORT}"
fi
}
@ -383,232 +382,55 @@ create_db_schema_postgresql() {
exec_sql_file "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"
fi
apply_db_scripts "/var/lib/zabbix/dbscripts/*.sql"
apply_db_scripts "${ZABBIX_USER_HOME_DIR}/dbscripts/*.sql"
fi
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_SCHEMA="${DB_SERVER_SCHEMA}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|POSTGRES)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|POSTGRES)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \
org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
@ -26,11 +37,11 @@ LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \
org.opencontainers.image.version="${ZBX_VERSION}" \
org.opencontainers.image.source="${ZBX_SOURCES}"
STOPSIGNAL SIGTERM
STOP]SIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/postgresql/", "/usr/share/doc/zabbix-server-postgresql/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
@ -85,37 +96,40 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-G dialout \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -13,10 +13,6 @@ fi
: ${ENABLE_TIMESCALEDB:="false"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -144,16 +140,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for PostgreSQL database
@ -179,7 +179,6 @@ check_variables_postgresql() {
if [ -n "${DB_SERVER_HOST}" ]; then
psql_connect_args="--host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT}"
else
DB_SERVER_HOST='""'
psql_connect_args="--port ${DB_SERVER_PORT}"
fi
}
@ -383,232 +382,55 @@ create_db_schema_postgresql() {
exec_sql_file "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"
fi
apply_db_scripts "/var/lib/zabbix/dbscripts/*.sql"
apply_db_scripts "${ZABBIX_USER_HOME_DIR}/dbscripts/*.sql"
fi
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_SCHEMA="${DB_SERVER_SCHEMA}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|POSTGRES)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|POSTGRES)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -16,7 +16,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/sbin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL description="Zabbix server with PostgreSQL database support" \
maintainer="alexey.pustovalov@zabbix.com" \
@ -49,7 +60,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/postgresql/", "/usr/share/doc/zabbix-server-postgresql/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -132,37 +143,40 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-G dialout \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
microdnf -y clean all
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -13,10 +13,6 @@ fi
: ${ENABLE_TIMESCALEDB:="false"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -144,16 +140,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for PostgreSQL database
@ -179,7 +179,6 @@ check_variables_postgresql() {
if [ -n "${DB_SERVER_HOST}" ]; then
psql_connect_args="--host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT}"
else
DB_SERVER_HOST='""'
psql_connect_args="--port ${DB_SERVER_PORT}"
fi
}
@ -383,232 +382,55 @@ create_db_schema_postgresql() {
exec_sql_file "/usr/share/doc/zabbix-server-postgresql/timescaledb.sql"
fi
apply_db_scripts "/var/lib/zabbix/dbscripts/*.sql"
apply_db_scripts "${ZABBIX_USER_HOME_DIR}/dbscripts/*.sql"
fi
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_SCHEMA="${DB_SERVER_SCHEMA}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|POSTGRES)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|POSTGRES)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -14,7 +14,18 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
NMAP_PRIVILEGED=""
NMAP_PRIVILEGED="" \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
ENV ZBX_DB_NAME="dummy_db_name" \
ZBX_FPINGLOCATION="/usr/bin/fping" \
ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_SNMPTRAPPERFILE="${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" \
ZBX_SSHKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssh_keys/" \
ZBX_SSLCERTLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/certs/" \
ZBX_SSLKEYLOCATION="${ZABBIX_USER_HOME_DIR}/ssl/keys/" \
ZBX_SSLCALOCATION="${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca/"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \
@ -30,7 +41,7 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/sbin/zabbix_server", "/usr/sbin/zabbix_server"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/*", "/usr/bin/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/conf/", "${ZABBIX_CONF_DIR}/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/server/database/postgresql/", "/usr/share/doc/zabbix-server-postgresql/"]
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
@ -75,38 +86,41 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
-G dialout \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR} \
zabbix && \
chgrp zabbix /usr/bin/nmap && \
setcap cap_net_raw+eip /usr/bin/nmap && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/dbscripts && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/export && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/mibs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/modules && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/snmptraps && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssh_keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/certs && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/keys && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/ssl/ssl_ca && \
mkdir -p /usr/lib/zabbix/alertscripts && \
mkdir -p /var/lib/zabbix/dbscripts && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
mkdir -p /var/lib/zabbix/export && \
mkdir -p /usr/lib/zabbix/externalscripts && \
mkdir -p /var/lib/zabbix/mibs && \
mkdir -p /var/lib/zabbix/modules && \
mkdir -p /var/lib/zabbix/snmptraps && \
mkdir -p /var/lib/zabbix/ssh_keys && \
mkdir -p /var/lib/zabbix/ssl && \
mkdir -p /var/lib/zabbix/ssl/certs && \
mkdir -p /var/lib/zabbix/ssl/keys && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
chown --quiet -R zabbix:root ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chown --quiet zabbix:root ${ZABBIX_CONF_DIR}/ && \
chgrp -R 0 ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chgrp 0 ${ZABBIX_CONF_DIR} && \
chmod -R g=u ${ZABBIX_CONF_DIR}/zabbix_server_modules.conf ${ZABBIX_USER_HOME_DIR} && \
chmod g=u ${ZABBIX_CONF_DIR} && \
apt-get -y autoremove && \
apt-get -y clean
EXPOSE 10051/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/export"]
VOLUME ["${ZABBIX_USER_HOME_DIR}/snmptraps", "${ZABBIX_USER_HOME_DIR}/export"]
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -13,10 +13,6 @@ fi
: ${ENABLE_TIMESCALEDB:="false"}
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
@ -144,16 +140,20 @@ update_config_multiple_var() {
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
# Check prerequisites for PostgreSQL database
@ -179,7 +179,6 @@ check_variables_postgresql() {
if [ -n "${DB_SERVER_HOST}" ]; then
psql_connect_args="--host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT}"
else
DB_SERVER_HOST='""'
psql_connect_args="--port ${DB_SERVER_PORT}"
fi
}
@ -388,227 +387,50 @@ create_db_schema_postgresql() {
}
update_zbx_config() {
echo "** Preparing Zabbix server configuration file"
export ZBX_DB_HOST="${DB_SERVER_HOST}"
export ZBX_DB_PORT="${DB_SERVER_PORT}"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf
update_config_var $ZBX_CONFIG "ListenIP" "${ZBX_LISTENIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "ListenBacklog" "${ZBX_LISTENBACKLOG}"
update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}"
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "PidFile"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}"
update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}"
update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}"
update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}"
update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}"
update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}"
fi
update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}"
update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}"
update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}"
update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}"
if [ -n "${ZBX_VAULT}" ] && [ -n "${ZBX_VAULTURL}" ]; then
update_config_var $ZBX_CONFIG "Vault" "${ZBX_VAULT}"
update_config_var $ZBX_CONFIG "VaultTLSCertFile" "${ZBX_VAULTTLSCERTFILE}"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile" "${ZBX_VAULTTLSKEYFILE}"
update_config_var $ZBX_CONFIG "VaultPrefix" "${ZBX_VAULTPREFIX}"
update_config_var $ZBX_CONFIG "VaultURL" "${ZBX_VAULTURL}"
update_config_var $ZBX_CONFIG "VaultDBPath" "${ZBX_VAULTDBPATH}"
if [ -n "${ZBX_VAULTDBPATH}" ]; then
update_config_var $ZBX_CONFIG "DBUser"
update_config_var $ZBX_CONFIG "DBPassword"
else
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
else
update_config_var $ZBX_CONFIG "Vault"
update_config_var $ZBX_CONFIG "VaultTLSCertFile"
update_config_var $ZBX_CONFIG "VaultTLSKeyFile"
update_config_var $ZBX_CONFIG "VaultPrefix"
update_config_var $ZBX_CONFIG "VaultURL"
update_config_var $ZBX_CONFIG "VaultDBPath"
update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}"
update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}"
fi
update_config_var $ZBX_CONFIG "AllowUnsupportedDBVersions" "${ZBX_ALLOWUNSUPPORTEDDBVERSIONS}"
update_config_var $ZBX_CONFIG "MaxConcurrentChecksPerPoller" "${ZBX_MAXCONCURRENTCHECKSPERPOLLER}"
update_config_var $ZBX_CONFIG "EnableGlobalScripts" "${ZBX_ENABLEGLOBALSCRIPTS}"
update_config_var $ZBX_CONFIG "StartReportWriters" "${ZBX_STARTREPORTWRITERS}"
: ${ZBX_WEBSERVICEURL:="http://zabbix-web-service:10053/report"}
update_config_var $ZBX_CONFIG "WebServiceURL" "${ZBX_WEBSERVICEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}"
update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}"
update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}"
update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}"
update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}"
update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}"
update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_STARTIPMIPOLLERS}"
update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}"
update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}"
update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}"
update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}"
update_config_var $ZBX_CONFIG "StartHistoryPollers" "${ZBX_STARTHISTORYPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPAgentPollers" "${ZBX_STARTHTTPAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}"
update_config_var $ZBX_CONFIG "StartODBCPollers" "${ZBX_STARTODBCPOLLERS}"
update_config_var $ZBX_CONFIG "StartSNMPPollers" "${ZBX_STARTSNMPPOLLERS}"
update_config_var $ZBX_CONFIG "StartConnectors" "${ZBX_STARTCONNECTORS}"
update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartAgentPollers" "${ZBX_STARTAGENTPOLLERS}"
update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}"
update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}"
update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}"
update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}"
: ${ZBX_JAVAGATEWAY_ENABLE:="false"}
if [ "${ZBX_JAVAGATEWAY_ENABLE,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}"
update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}"
update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}"
else
update_config_var $ZBX_CONFIG "JavaGateway"
update_config_var $ZBX_CONFIG "JavaGatewayPort"
update_config_var $ZBX_CONFIG "StartJavaPollers"
fi
update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}"
update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}"
update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}"
update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}"
export ZBX_DB_NAME="${DB_SERVER_DBNAME}"
export ZBX_DB_SCHEMA="${DB_SERVER_SCHEMA}"
export ZBX_DB_USER="${DB_SERVER_ZBX_USER}"
export ZBX_DB_PASSWORD="${DB_SERVER_ZBX_PASS}"
: ${ZBX_ENABLE_SNMP_TRAPS:="false"}
if [ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]; then
update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log"
update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1"
else
update_config_var $ZBX_CONFIG "SNMPTrapperFile"
update_config_var $ZBX_CONFIG "StartSNMPTrapper"
fi
[[ "${ZBX_ENABLE_SNMP_TRAPS,,}" == "true" ]] && export ZBX_STARTSNMPTRAPPER=1
unset ZBX_ENABLE_SNMP_TRAPS
update_config_var $ZBX_CONFIG "SocketDir" "/tmp/"
update_config_multiple_var "${ZABBIX_CONF_DIR}/zabbix_server_modules.conf" "LoadModule" "${ZBX_LOADMODULE}"
update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env "ZBX_TLSCRLFILE" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}"
update_config_var $ZBX_CONFIG "ProblemHousekeepingFrequency" "${ZBX_PROBLEMHOUSEKEEPINGFREQUENCY}"
update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}"
update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}"
update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}"
update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}"
update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}"
update_config_var $ZBX_CONFIG "TrendFunctionCacheSize" "${ZBX_TRENDFUNCTIONCACHESIZE}"
update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERTIMEOUT}"
update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}"
update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}"
update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}"
update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts"
update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts"
if [ -n "${ZBX_EXPORTFILESIZE}" ]; then
update_config_var $ZBX_CONFIG "ExportDir" "$ZABBIX_USER_HOME_DIR/export/"
update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}"
update_config_var $ZBX_CONFIG "ExportType" "${ZBX_EXPORTTYPE}"
fi
update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping"
update_config_var $ZBX_CONFIG "Fping6Location"
update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys"
update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}"
update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}"
update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}"
update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}"
update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/"
update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/"
update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/"
update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/"
update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" "${ZBX_TLSCRL}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
update_config_var $ZBX_CONFIG "TLSCipherAll" "${ZBX_TLSCIPHERALL}"
update_config_var $ZBX_CONFIG "TLSCipherAll13" "${ZBX_TLSCIPHERALL13}"
update_config_var $ZBX_CONFIG "TLSCipherCert" "${ZBX_TLSCIPHERCERT}"
update_config_var $ZBX_CONFIG "TLSCipherCert13" "${ZBX_TLSCIPHERCERT13}"
update_config_var $ZBX_CONFIG "TLSCipherPSK" "${ZBX_TLSCIPHERPSK}"
update_config_var $ZBX_CONFIG "TLSCipherPSK13" "${ZBX_TLSCIPHERPSK13}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "ServiceManagerSyncFrequency" "${ZBX_SERVICEMANAGERSYNCFREQUENCY}"
update_config_var $ZBX_CONFIG "AllowSoftwareUpdateCheck" "${ZBX_ALLOWSOFTWAREUPDATECHECK}"
update_config_var $ZBX_CONFIG "SMSDevices" "${ZBX_SMSDEVICES}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
if [ "${ZBX_AUTOHANODENAME}" == 'fqdn' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname -f)"
export ZBX_HANODENAME="$(hostname -f)"
elif [ "${ZBX_AUTOHANODENAME}" == 'hostname' ] && [ ! -n "${ZBX_HANODENAME}" ]; then
update_config_var $ZBX_CONFIG "HANodeName" "$(hostname)"
else
update_config_var $ZBX_CONFIG "HANodeName" "${ZBX_HANODENAME}"
export ZBX_HANODENAME="$(hostname)"
fi
: ${ZBX_NODEADDRESSPORT:="10051"}
if [ "${ZBX_AUTONODEADDRESS}" == 'fqdn' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname -f):${ZBX_NODEADDRESSPORT}"
export ZBX_NODEADDRESS="$(hostname -f):${ZBX_NODEADDRESSPORT}"
elif [ "${ZBX_AUTONODEADDRESS}" == 'hostname' ] && [ ! -n "${ZBX_NODEADDRESS}" ]; then
update_config_var $ZBX_CONFIG "NodeAddress" "$(hostname):${ZBX_NODEADDRESSPORT}"
else
update_config_var $ZBX_CONFIG "NodeAddress" "${ZBX_NODEADDRESS}"
export ZBX_NODEADDRESS="$(hostname):${ZBX_NODEADDRESSPORT}"
fi
if [ "$(id -u)" != '0' ]; then
update_config_var $ZBX_CONFIG "User" "$(whoami)"
export ZBX_USER="$(whoami)"
else
update_config_var $ZBX_CONFIG "AllowRoot" "1"
export ZBX_ALLOWROOT=1
fi
update_config_var $ZBX_CONFIG "WebDriverURL" "${ZBX_WEBDRIVERURL}"
update_config_var $ZBX_CONFIG "StartBrowserPollers" "${ZBX_STARTBROWSERPOLLERS}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^(ZBX|DB|POSTGRES)_"); do
for env_var in $(env | grep -E "^(ZABBIX|DB|POSTGRES)_"); do
unset "${env_var%%=*}"
done
}

View File

@ -12,7 +12,9 @@ ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix"
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.description="Zabbix web service for performing various tasks using headless web browser" \
@ -27,7 +29,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/sbin/zabbix_web_service", "/usr/sbin/zabbix_web_service"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "${ZABBIX_CONF_DIR}/"]
RUN set -eux && \
INSTALL_PKGS="bash \
@ -47,19 +49,19 @@ RUN set -eux && \
--uid 1997 \
--ingroup zabbix \
--shell /sbin/nologin \
--home /var/lib/zabbix/ \
--home ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
chown --quiet -R zabbix:root ${ZABBIX_USER_HOME_DIR}/ && \
chgrp -R 0 ${ZABBIX_USER_HOME_DIR}/ && \
chmod -R g=u ${ZABBIX_USER_HOME_DIR}/
EXPOSE 10053/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -10,124 +10,39 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//[$'\n']/}"
var_value="${var_value//\//\\/}"
var_value="${var_value//./\\.}"
var_value="${var_value//\*/\\*}"
var_value="${var_value//^/\\^}"
var_value="${var_value//\$/\\\$}"
var_value="${var_value//\&/\\\&}"
var_value="${var_value//\[/\\[}"
var_value="${var_value//\]/\\]}"
echo "$var_value"
}
update_config_var() {
local config_path=$1
local var_name=$2
local var_value=$3
local is_multiple=$4
if [ ! -f "$config_path" ]; then
echo "**** Configuration file '$config_path' does not exist"
return
fi
echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..."
# Remove configuration parameter definition in case of unset parameter value
if [ -z "$var_value" ]; then
sed -i -e "/^$var_name=/d" "$config_path"
echo "removed"
return
fi
# Remove value from configuration parameter in case of double quoted parameter value
if [ "$var_value" == '""' ]; then
sed -i -e "/^$var_name=/s/=.*/=/" "$config_path"
echo "undefined"
return
fi
# Use full path to a file for TLS related configuration parameters
if [[ $var_name =~ ^TLS.*File$ ]]; then
var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value
fi
# Escaping characters in parameter value and name
var_value=$(escape_spec_char "$var_value")
var_name=$(escape_spec_char "$var_name")
if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then
sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path"
echo "updated"
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
echo "added first occurrence"
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
echo "added"
else
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
echo "added at the end"
fi
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_web_service_config() {
echo "** Preparing Zabbix web service configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf
export ZBX_ALLOWEDIP=${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
: ${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "IgnoreURLCertErrors" "${ZBX_IGNOREURLCERTERRORS}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -13,6 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix" \
PATH=/usr/lib64/chromium-browser:$PATH
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
@ -28,7 +30,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/sbin/zabbix_web_service", "/usr/sbin/zabbix_web_service"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
@ -61,20 +63,20 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
chown --quiet -R zabbix:root ${ZABBIX_USER_HOME_DIR}/ && \
chgrp -R 0 ${ZABBIX_USER_HOME_DIR}/ && \
chmod -R g=u ${ZABBIX_USER_HOME_DIR}/ && \
microdnf -y clean all
EXPOSE 10053/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -10,124 +10,39 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//[$'\n']/}"
var_value="${var_value//\//\\/}"
var_value="${var_value//./\\.}"
var_value="${var_value//\*/\\*}"
var_value="${var_value//^/\\^}"
var_value="${var_value//\$/\\\$}"
var_value="${var_value//\&/\\\&}"
var_value="${var_value//\[/\\[}"
var_value="${var_value//\]/\\]}"
echo "$var_value"
}
update_config_var() {
local config_path=$1
local var_name=$2
local var_value=$3
local is_multiple=$4
if [ ! -f "$config_path" ]; then
echo "**** Configuration file '$config_path' does not exist"
return
fi
echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..."
# Remove configuration parameter definition in case of unset parameter value
if [ -z "$var_value" ]; then
sed -i -e "/^$var_name=/d" "$config_path"
echo "removed"
return
fi
# Remove value from configuration parameter in case of double quoted parameter value
if [ "$var_value" == '""' ]; then
sed -i -e "/^$var_name=/s/=.*/=/" "$config_path"
echo "undefined"
return
fi
# Use full path to a file for TLS related configuration parameters
if [[ $var_name =~ ^TLS.*File$ ]]; then
var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value
fi
# Escaping characters in parameter value and name
var_value=$(escape_spec_char "$var_value")
var_name=$(escape_spec_char "$var_name")
if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then
sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path"
echo "updated"
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
echo "added first occurrence"
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
echo "added"
else
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
echo "added at the end"
fi
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_web_service_config() {
echo "** Preparing Zabbix web service configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf
export ZBX_ALLOWEDIP=${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
: ${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "IgnoreURLCertErrors" "${ZBX_IGNOREURLCERTERRORS}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -13,6 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix" \
PATH=/usr/lib64/chromium-browser:$PATH
LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
@ -28,7 +30,7 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/sbin/zabbix_web_service", "/usr/sbin/zabbix_web_service"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "${ZABBIX_CONF_DIR}/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
@ -55,20 +57,20 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
chown --quiet -R zabbix:root ${ZABBIX_USER_HOME_DIR}/ && \
chgrp -R 0 ${ZABBIX_USER_HOME_DIR}/ && \
chmod -R g=u ${ZABBIX_USER_HOME_DIR}/ && \
microdnf -y clean all
EXPOSE 10053/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -10,124 +10,39 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//[$'\n']/}"
var_value="${var_value//\//\\/}"
var_value="${var_value//./\\.}"
var_value="${var_value//\*/\\*}"
var_value="${var_value//^/\\^}"
var_value="${var_value//\$/\\\$}"
var_value="${var_value//\&/\\\&}"
var_value="${var_value//\[/\\[}"
var_value="${var_value//\]/\\]}"
echo "$var_value"
}
update_config_var() {
local config_path=$1
local var_name=$2
local var_value=$3
local is_multiple=$4
if [ ! -f "$config_path" ]; then
echo "**** Configuration file '$config_path' does not exist"
return
fi
echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..."
# Remove configuration parameter definition in case of unset parameter value
if [ -z "$var_value" ]; then
sed -i -e "/^$var_name=/d" "$config_path"
echo "removed"
return
fi
# Remove value from configuration parameter in case of double quoted parameter value
if [ "$var_value" == '""' ]; then
sed -i -e "/^$var_name=/s/=.*/=/" "$config_path"
echo "undefined"
return
fi
# Use full path to a file for TLS related configuration parameters
if [[ $var_name =~ ^TLS.*File$ ]]; then
var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value
fi
# Escaping characters in parameter value and name
var_value=$(escape_spec_char "$var_value")
var_name=$(escape_spec_char "$var_name")
if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then
sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path"
echo "updated"
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
echo "added first occurrence"
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
echo "added"
else
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
echo "added at the end"
fi
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_web_service_config() {
echo "** Preparing Zabbix web service configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf
export ZBX_ALLOWEDIP=${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
: ${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "IgnoreURLCertErrors" "${ZBX_IGNOREURLCERTERRORS}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

View File

@ -15,6 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm \
ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
ZABBIX_USER_HOME_DIR="/var/lib/zabbix" \
ZABBIX_CONF_DIR="/etc/zabbix" \
PATH=/usr/lib64/chromium-browser:$PATH
LABEL description="Zabbix web service for performing various tasks using headless web browser" \
@ -47,7 +49,7 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/sbin/zabbix_web_service", "/usr/sbin/zabbix_web_service"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "/etc/zabbix/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/web_service/conf/", "${ZABBIX_CONF_DIR}/"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--mount=type=bind,target=/run/secrets/,src=secrets/ \
@ -86,20 +88,20 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
-g zabbix \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
--home-dir ${ZABBIX_USER_HOME_DIR}/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
mkdir -p /var/lib/zabbix/enc_internal && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
mkdir -p ${ZABBIX_CONF_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR} && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc && \
mkdir -p ${ZABBIX_USER_HOME_DIR}/enc_internal && \
chown --quiet -R zabbix:root ${ZABBIX_USER_HOME_DIR}/ && \
chgrp -R 0 ${ZABBIX_USER_HOME_DIR}/ && \
chmod -R g=u ${ZABBIX_USER_HOME_DIR}/ && \
microdnf -y clean all
EXPOSE 10053/TCP
WORKDIR /var/lib/zabbix
WORKDIR ${ZABBIX_USER_HOME_DIR}
COPY ["docker-entrypoint.sh", "/usr/bin/"]

View File

@ -10,124 +10,39 @@ if [ "${DEBUG_MODE,,}" == "true" ]; then
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Internal directory for TLS related files, used when TLS*File specified as plain text values
ZABBIX_INTERNAL_ENC_DIR="${ZABBIX_USER_HOME_DIR}/enc_internal"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//[$'\n']/}"
var_value="${var_value//\//\\/}"
var_value="${var_value//./\\.}"
var_value="${var_value//\*/\\*}"
var_value="${var_value//^/\\^}"
var_value="${var_value//\$/\\\$}"
var_value="${var_value//\&/\\\&}"
var_value="${var_value//\[/\\[}"
var_value="${var_value//\]/\\]}"
echo "$var_value"
}
update_config_var() {
local config_path=$1
local var_name=$2
local var_value=$3
local is_multiple=$4
if [ ! -f "$config_path" ]; then
echo "**** Configuration file '$config_path' does not exist"
return
fi
echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..."
# Remove configuration parameter definition in case of unset parameter value
if [ -z "$var_value" ]; then
sed -i -e "/^$var_name=/d" "$config_path"
echo "removed"
return
fi
# Remove value from configuration parameter in case of double quoted parameter value
if [ "$var_value" == '""' ]; then
sed -i -e "/^$var_name=/s/=.*/=/" "$config_path"
echo "undefined"
return
fi
# Use full path to a file for TLS related configuration parameters
if [[ $var_name =~ ^TLS.*File$ ]]; then
var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value
fi
# Escaping characters in parameter value and name
var_value=$(escape_spec_char "$var_value")
var_name=$(escape_spec_char "$var_name")
if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then
sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path"
echo "updated"
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
echo "added first occurrence"
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
echo "added"
else
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
echo "added at the end"
fi
}
file_process_from_env() {
local config_path=$1
local var_name=$2
local file_name=$3
local var_value=$4
local var_name=$1
local file_name=$2
local var_value=$3
if [ ! -z "$var_value" ]; then
echo -n "$var_value" > "${ZABBIX_INTERNAL_ENC_DIR}/$var_name"
file_name="${ZABBIX_INTERNAL_ENC_DIR}/${var_name}"
fi
update_config_var $config_path "$var_name" "$file_name"
if [ -n "$var_value" ]; then
export "$var_name"="$file_name"
fi
# Remove variable with plain text data
unset "${var_name%%FILE}"
}
prepare_zbx_web_service_config() {
echo "** Preparing Zabbix web service configuration file"
ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf
export ZBX_ALLOWEDIP=${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "LogType" "console"
update_config_var $ZBX_CONFIG "LogFile"
update_config_var $ZBX_CONFIG "LogFileSize"
update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
file_process_from_env "ZBX_TLSCAFILE" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
: ${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}"
update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
file_process_from_env $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" "${ZBX_TLSCA}"
file_process_from_env $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
update_config_var $ZBX_CONFIG "IgnoreURLCertErrors" "${ZBX_IGNOREURLCERTERRORS}"
file_process_from_env "ZBX_TLSCERTFILE" "${ZBX_TLSCERTFILE}" "${ZBX_TLSCERT}"
file_process_from_env "ZBX_TLSKEYFILE" "${ZBX_TLSKEYFILE}" "${ZBX_TLSKEY}"
}
clear_zbx_env() {
[[ "${ZBX_CLEAR_ENV}" == "false" ]] && return
for env_var in $(env | grep -E "^ZBX_"); do
for env_var in $(env | grep -E "^ZABBIX_"); do
unset "${env_var%%=*}"
done
}

Some files were not shown because too many files have changed in this diff Show More