extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-02-03 03:19:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improved password usage in MySQL tools

Browse Source
This commit is contained in:
Alexey Pustovalov 2020-09-08 17:24:29 -04:00
commit 9afb8412c0
15 changed files with 133 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
proxy-mysql/alpine/docker-entrypoint.sh
View File

@ -222,11 +222,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -235,8 +239,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -283,10 +291,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

26
proxy-mysql/centos/docker-entrypoint.sh
View File

@ -181,11 +181,8 @@ db_tls_params() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -203,7 +200,6 @@ db_tls_params() {
echo $result
}
check_db_connect_mysql() {
echo "********************"
echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}"
@ -223,11 +219,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -236,8 +236,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -284,10 +288,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

8
proxy-mysql/rhel/docker-entrypoint.sh
View File

@ -181,11 +181,8 @@ db_tls_params() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -203,7 +200,6 @@ db_tls_params() {
echo $result
}
check_db_connect_mysql() {
echo "********************"
echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}"

18
proxy-mysql/ubuntu/docker-entrypoint.sh
View File

@ -219,11 +219,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -232,8 +236,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -280,10 +288,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

18
server-mysql/alpine/docker-entrypoint.sh
View File

@ -217,11 +217,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -230,8 +234,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -278,10 +286,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

25
server-mysql/centos/docker-entrypoint.sh
View File

@ -176,11 +176,8 @@ db_tls_params() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -217,11 +214,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -230,8 +231,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -278,10 +283,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

9
server-mysql/rhel/docker-entrypoint.sh
View File

@ -176,11 +176,8 @@ db_tls_params() {
local result=""
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
result="--ssl"
if [ "${ZBX_DBTLSCONNECT}" != "required" ]; then
result="${result} --ssl-verify-server-cert"
fi
ssl_mode=${ZBX_DBTLSCONNECT//verify_full/verify_identity}
result="--ssl-mode=$ssl_mode"
if [ -n "${ZBX_DBTLSCAFILE}" ]; then
result="${result} --ssl-ca=${ZBX_DBTLSCAFILE}"
@ -287,10 +284,12 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

18
server-mysql/ubuntu/docker-entrypoint.sh
View File

@ -214,11 +214,15 @@ check_db_connect_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
mysql_query() {
@ -227,8 +231,12 @@ mysql_query() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts)
-u ${DB_SERVER_ROOT_USER} -e "$query" $ssl_opts)
unset MYSQL_PWD
echo $result
}
@ -275,10 +283,14 @@ create_db_schema_mysql() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \
-h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \
-u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \
-u ${DB_SERVER_ROOT_USER} $ssl_opts \
${DB_SERVER_DBNAME} 1>/dev/null
unset MYSQL_PWD
fi
}

6
web-apache-mysql/alpine/docker-entrypoint.sh
View File

@ -195,11 +195,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
prepare_web_server() {

8
web-apache-mysql/centos/docker-entrypoint.sh
View File

@ -158,7 +158,7 @@ db_tls_params() {
local result=""
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
result="--ssl"
result="--ssl-mode=required"
if [ -n "${ZBX_DB_CA_FILE}" ]; then
result="${result} --ssl-ca=${ZBX_DB_CA_FILE}"
@ -195,11 +195,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
prepare_web_server() {

6
web-apache-mysql/ubuntu/docker-entrypoint.sh
View File

@ -195,11 +195,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
prepare_web_server() {

6
web-nginx-mysql/alpine/docker-entrypoint.sh
View File

@ -214,11 +214,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
prepare_web_server() {

8
web-nginx-mysql/centos/docker-entrypoint.sh
View File

@ -176,7 +176,7 @@ db_tls_params() {
local result=""
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
result="--ssl"
result="--ssl-mode=required"
if [ -n "${ZBX_DB_CA_FILE}" ]; then
result="${result} --ssl-ca=${ZBX_DB_CA_FILE}"
@ -214,11 +214,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
prepare_web_server() {

2
web-nginx-mysql/rhel/docker-entrypoint.sh
View File

@ -176,7 +176,7 @@ db_tls_params() {
local result=""
if [ "${ZBX_DB_ENCRYPTION}" == "true" ]; then
result="--ssl"
result="--ssl-mode=required"
if [ -n "${ZBX_DB_CA_FILE}" ]; then
result="${result} --ssl-ca=${ZBX_DB_CA_FILE}"

6
web-nginx-mysql/ubuntu/docker-entrypoint.sh
View File

@ -214,11 +214,15 @@ check_db_connect() {
ssl_opts="$(db_tls_params)"
export MYSQL_PWD="${DB_SERVER_ROOT_PASS}"
while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \
--password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do
--silent --connect_timeout=10 $ssl_opts)" ]; do
echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset MYSQL_PWD
}
prepare_web_server() {