extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-02-17 18:30:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Removed MySQL root secret for server and proxy containers

Browse Source
This commit is contained in:
Alexey Pustovalov 2024-01-19 01:13:10 +09:00
parent 76559f6767
commit 876699b347
5 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
compose_databases.yaml
View File

@ -6,8 +6,8 @@ services:
- mysqld - mysqld
- --character-set-server=utf8mb4 - --character-set-server=utf8mb4
- --collation-server=utf8mb4_bin - --collation-server=utf8mb4_bin
# Only during upgrade from versions prior 6.4 # Only during upgrade from versions prior 6.4 and new installations (schema deployment)
# - --log_bin_trust_function_creators=1 - --log_bin_trust_function_creators=1
# Use TLS encryption for connections to database # Use TLS encryption for connections to database
# - --require-secure-transport # - --require-secure-transport
# - --ssl-ca=/run/secrets/root-ca.pem # - --ssl-ca=/run/secrets/root-ca.pem
@ -16,9 +16,12 @@ services:
restart: "${RESTART_POLICY}" restart: "${RESTART_POLICY}"
volumes: volumes:
- ${DATA_DIRECTORY}/var/lib/mysql:/var/lib/mysql:rw - ${DATA_DIRECTORY}/var/lib/mysql:/var/lib/mysql:rw
- ${ENV_VARS_DIRECTORY}/mysql_init/init_proxy_db.sql:/docker-entrypoint-initdb.d/mysql_init_proxy.sql:ro
# - dbsocket:/var/run/mysqld/ # - dbsocket:/var/run/mysqld/
env_file: env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_mysql - ${ENV_VARS_DIRECTORY}/.env_db_mysql
environment:
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/MYSQL_ROOT_PASSWORD
secrets: secrets:
- MYSQL_USER - MYSQL_USER
- MYSQL_PASSWORD - MYSQL_PASSWORD

4
compose_zabbix_components.yaml
View File

@ -65,8 +65,6 @@ services:
secrets: secrets:
- MYSQL_USER - MYSQL_USER
- MYSQL_PASSWORD - MYSQL_PASSWORD
- MYSQL_ROOT_USER
- MYSQL_ROOT_PASSWORD
# - client-key.pem # - client-key.pem
# - client-cert.pem # - client-cert.pem
# - root-ca.pem # - root-ca.pem
@ -171,8 +169,6 @@ services:
secrets: secrets:
- MYSQL_USER - MYSQL_USER
- MYSQL_PASSWORD - MYSQL_PASSWORD
- MYSQL_ROOT_USER
- MYSQL_ROOT_PASSWORD
# - client-key.pem # - client-key.pem
# - client-cert.pem # - client-cert.pem
# - root-ca.pem # - root-ca.pem

2
env_vars/.env_db_mysql
View File

@ -6,7 +6,7 @@ MYSQL_USER_FILE=/run/secrets/MYSQL_USER
# MYSQL_PASSWORD=zabbix # MYSQL_PASSWORD=zabbix
MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD
# MYSQL_ROOT_PASSWORD= # MYSQL_ROOT_PASSWORD=
MYSQL_ROOT_PASSWORD_FILE=/run/secrets/MYSQL_ROOT_PASSWORD # MYSQL_ROOT_PASSWORD_FILE=/run/secrets/MYSQL_ROOT_PASSWORD
# MYSQL_ALLOW_EMPTY_PASSWORD=false # MYSQL_ALLOW_EMPTY_PASSWORD=false
# MYSQL_DATABASE=zabbix # MYSQL_DATABASE=zabbix
MYSQL_DATABASE=zabbix MYSQL_DATABASE=zabbix

1
env_vars/.env_db_mysql_proxy
View File

@ -8,7 +8,6 @@ MYSQL_USER=zabbix
MYSQL_PASSWORD=zabbix MYSQL_PASSWORD=zabbix
# MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD # MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD
# MYSQL_ROOT_PASSWORD= # MYSQL_ROOT_PASSWORD=
MYSQL_ROOT_PASSWORD=root_pwd
# MYSQL_ROOT_PASSWORD_FILE=/run/secrets/MYSQL_ROOT_PASSWORD # MYSQL_ROOT_PASSWORD_FILE=/run/secrets/MYSQL_ROOT_PASSWORD
# MYSQL_ALLOW_EMPTY_PASSWORD=false # MYSQL_ALLOW_EMPTY_PASSWORD=false
# MYSQL_DATABASE=zabbix_proxy # MYSQL_DATABASE=zabbix_proxy

2
env_vars/mysql_init/init_proxy_db.sql Normal file
View File

@ -0,0 +1,2 @@
CREATE DATABASE IF NOT EXISTS `zabbix_proxy`;
GRANT ALL ON `zabbix_proxy`.* TO 'zabbix'@'%';