mirror of
https://github.com/zabbix/zabbix-docker.git
synced 2024-12-25 15:59:01 +01:00
parent
2db7c83d92
commit
8466fff198
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
|
||||
rm -rf database/mysql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
|
||||
rm -rf database/mysql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
|
||||
rm -rf database/mysql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -82,7 +82,7 @@ RUN set -eux && \
|
||||
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
|
||||
rm -rf database/mysql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
|
||||
rm -rf database/mysql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
|
||||
rm -rf database/postgresql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
|
||||
rm -rf database/postgresql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
|
||||
rm -rf database/postgresql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -72,7 +72,7 @@ RUN set -eux && \
|
||||
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
|
||||
rm -rf database/postgresql/create.sql && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -58,7 +58,7 @@ RUN set -eux && \
|
||||
make -j"$(nproc)" -s dbschema && \
|
||||
make -j"$(nproc)" -s && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -58,7 +58,7 @@ RUN set -eux && \
|
||||
make -j"$(nproc)" -s dbschema && \
|
||||
make -j"$(nproc)" -s && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -58,7 +58,7 @@ RUN set -eux && \
|
||||
make -j"$(nproc)" -s dbschema && \
|
||||
make -j"$(nproc)" -s && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -68,7 +68,7 @@ RUN set -eux && \
|
||||
make -j"$(nproc)" -s dbschema && \
|
||||
make -j"$(nproc)" -s && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -58,7 +58,7 @@ RUN set -eux && \
|
||||
make -j"$(nproc)" -s dbschema && \
|
||||
make -j"$(nproc)" -s && \
|
||||
mkdir /tmp/fonts/ && \
|
||||
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
|
||||
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
|
||||
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
|
||||
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -1,6 +1,6 @@
|
||||
[nginx-stable]
|
||||
name=nginx stable repo
|
||||
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
|
||||
baseurl=https://nginx.org/packages/rhel/$releasever/$basearch/
|
||||
gpgcheck=1
|
||||
enabled=0
|
||||
gpgkey=https://nginx.org/keys/nginx_signing.key
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -59,7 +59,7 @@ RUN set -eux && \
|
||||
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx.gpg && \
|
||||
gpg --dry-run --quiet --import --import-options import-show /etc/apt/trusted.gpg.d/nginx.gpg && \
|
||||
DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \
|
||||
echo "deb http://nginx.org/packages/ubuntu $DISTRIB_CODENAME nginx" > /etc/apt/sources.list.d/nginx.list && \
|
||||
echo "deb https://nginx.org/packages/ubuntu $DISTRIB_CODENAME nginx" > /etc/apt/sources.list.d/nginx.list && \
|
||||
echo "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
|
||||
> /etc/apt/preferences.d/99nginx && \
|
||||
gpgconf --kill all && \
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
@ -59,7 +59,7 @@ RUN set -eux && \
|
||||
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx.gpg && \
|
||||
gpg --dry-run --quiet --import --import-options import-show /etc/apt/trusted.gpg.d/nginx.gpg && \
|
||||
DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \
|
||||
echo "deb http://nginx.org/packages/ubuntu $DISTRIB_CODENAME nginx" > /etc/apt/sources.list.d/nginx.list && \
|
||||
echo "deb https://nginx.org/packages/ubuntu $DISTRIB_CODENAME nginx" > /etc/apt/sources.list.d/nginx.list && \
|
||||
echo "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
|
||||
> /etc/apt/preferences.d/99nginx && \
|
||||
gpgconf --kill all && \
|
||||
|
@ -19,30 +19,48 @@ if (getenv('ZBX_SERVER_HOST')) {
|
||||
$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
|
||||
|
||||
// Used for TLS connection.
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
$DB['ENCRYPTION'] = getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
|
||||
$DB['KEY_FILE'] = getenv('ZBX_DB_KEY_FILE');
|
||||
$DB['CERT_FILE'] = getenv('ZBX_DB_CERT_FILE');
|
||||
$DB['CA_FILE'] = getenv('ZBX_DB_CA_FILE');
|
||||
$DB['VERIFY_HOST'] = getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
|
||||
$DB['CIPHER_LIST'] = getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
|
||||
|
||||
// Vault configuration. Used if database credentials are stored in Vault secrets manager.
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt') ? '/etc/zabbix/web/certs/vault.crt' : (file_exists(getenv('ZBX_VAULTCERTFILE')) ? getenv('ZBX_VAULTCERTFILE') : '');
|
||||
$DB['VAULT_KEY_FILE'] = file_exists('/etc/zabbix/web/certs/vault.key') ? '/etc/zabbix/web/certs/vault.key' : (file_exists(getenv('ZBX_VAULTKEYFILE')) ? getenv('ZBX_VAULTKEYFILE') : '');
|
||||
$DB['VAULT'] = getenv('ZBX_VAULT');
|
||||
$DB['VAULT_URL'] = getenv('ZBX_VAULTURL');
|
||||
$DB['VAULT_DB_PATH'] = getenv('ZBX_VAULTDBPATH');
|
||||
$DB['VAULT_TOKEN'] = getenv('VAULT_TOKEN');
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.crt')) {
|
||||
$DB['VAULT_CERT_FILE'] = file_exists('/etc/zabbix/web/certs/vault.crt');
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTCERTFILE'))) {
|
||||
$DB['VAULT_CERT_FILE'] = $DB['VAULT_CERT_FILE'];
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_CERT_FILE'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/vault.key')) {
|
||||
$DB['VAULT_KEY_FILE'] = '/etc/zabbix/web/certs/vault.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_VAULTKEYFILE'))) {
|
||||
$DB['VAULT_KEY_FILE'] = getenv('ZBX_VAULTKEYFILE');
|
||||
}
|
||||
else {
|
||||
$DB['VAULT_KEY_FILE'] = '';
|
||||
}
|
||||
|
||||
$DB['VAULT_CACHE'] = getenv('ZBX_VAULTCACHE') == 'true' ? true: false;
|
||||
|
||||
// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
|
||||
// This option is enabled by default for new Zabbix installations.
|
||||
// For upgraded installations, please read database upgrade notes before enabling this option.
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
$DB['DOUBLE_IEEE754'] = getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
|
||||
|
||||
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
|
||||
|
||||
// Elasticsearch url (can be string if same url is used for all types).
|
||||
$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
|
||||
@ -53,9 +71,35 @@ $storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
|
||||
$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types, true) : array();
|
||||
|
||||
// Used for SAML authentication.
|
||||
$SSO['SP_KEY'] = file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : (file_exists(getenv('ZBX_SSO_SP_KEY')) ? getenv('ZBX_SSO_SP_KEY') : '');
|
||||
$SSO['SP_CERT'] = file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : (file_exists(getenv('ZBX_SSO_SP_CERT')) ? getenv('ZBX_SSO_SP_CERT') : '');
|
||||
$SSO['IDP_CERT'] = file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : (file_exists(getenv('ZBX_SSO_IDP_CERT')) ? getenv('ZBX_SSO_IDP_CERT') : '');
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.key')) {
|
||||
$SSO['SP_KEY'] = '/etc/zabbix/web/certs/sp.key';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_KEY'))) {
|
||||
$SSO['SP_KEY'] = getenv('ZBX_SSO_SP_KEY');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_KEY'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/sp.crt')) {
|
||||
$SSO['SP_CERT'] = '/etc/zabbix/web/certs/sp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_SP_CERT'))) {
|
||||
$SSO['SP_CERT'] = getenv('ZBX_SSO_SP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['SP_CERT'] = '';
|
||||
}
|
||||
|
||||
if (file_exists('/etc/zabbix/web/certs/idp.crt')) {
|
||||
$SSO['IDP_CERT'] = '/etc/zabbix/web/certs/idp.crt';
|
||||
}
|
||||
elseif (file_exists(getenv('ZBX_SSO_IDP_CERT'))) {
|
||||
$SSO['IDP_CERT'] = getenv('ZBX_SSO_IDP_CERT');
|
||||
}
|
||||
else {
|
||||
$SSO['IDP_CERT'] = '';
|
||||
}
|
||||
|
||||
$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
$SSO['SETTINGS'] = (json_decode($sso_settings)) ? json_decode($sso_settings, true) : array();
|
||||
|
Loading…
Reference in New Issue
Block a user