mirror of
https://github.com/zabbix/zabbix-docker.git
synced 2025-06-19 17:38:43 +02:00
Added ZBX_ALLOWKEY and ZBX_DENYKEY variables processing
This commit is contained in:
Alexey Pustovalov
parent
3846f40090
commit
aa51ecd73d
@ -1,6 +1,6 @@
|
|||||||
# ZBX_SOURCEIP=
|
# ZBX_SOURCEIP=
|
||||||
# ZBX_DEBUGLEVEL=3
|
# ZBX_DEBUGLEVEL=3
|
||||||
# ZBX_ENABLEREMOTECOMMANDS=0
|
# ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0
|
||||||
# ZBX_LOGREMOTECOMMANDS=0
|
# ZBX_LOGREMOTECOMMANDS=0
|
||||||
# ZBX_HOSTINTERFACE= # Available since 4.4.0
|
# ZBX_HOSTINTERFACE= # Available since 4.4.0
|
||||||
# ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
# ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
||||||
@ -33,3 +33,5 @@
|
|||||||
# ZBX_TLSKEYFILE=
|
# ZBX_TLSKEYFILE=
|
||||||
# ZBX_TLSPSKIDENTITY=
|
# ZBX_TLSPSKIDENTITY=
|
||||||
# ZBX_TLSPSKFILE=
|
# ZBX_TLSPSKFILE=
|
||||||
|
# ZBX_DENYKEY=system.run[*]
|
||||||
|
# ZBX_ALLOWKEY=
|
||||||
|
|||||||
@ -137,7 +137,7 @@ Additionally the image allows to specify many other environment variables listed
|
|||||||
|
|
||||||
```
|
```
|
||||||
ZBX_SOURCEIP=
|
ZBX_SOURCEIP=
|
||||||
ZBX_ENABLEREMOTECOMMANDS=0
|
ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0
|
||||||
ZBX_LOGREMOTECOMMANDS=0
|
ZBX_LOGREMOTECOMMANDS=0
|
||||||
ZBX_HOSTINTERFACE= # Available since 4.4.0
|
ZBX_HOSTINTERFACE= # Available since 4.4.0
|
||||||
ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
||||||
@ -161,6 +161,8 @@ ZBX_TLSCERTFILE=
|
|||||||
ZBX_TLSKEYFILE=
|
ZBX_TLSKEYFILE=
|
||||||
ZBX_TLSPSKIDENTITY=
|
ZBX_TLSPSKIDENTITY=
|
||||||
ZBX_TLSPSKFILE=
|
ZBX_TLSPSKFILE=
|
||||||
|
ZBX_DENYKEY=system.run[*] # Available since 5.0.0
|
||||||
|
ZBX_ALLOWKEY= # Available since 5.0.0
|
||||||
```
|
```
|
||||||
|
|
||||||
Default values of these variables are specified after equal sign.
|
Default values of these variables are specified after equal sign.
|
||||||
|
|||||||
@ -86,9 +86,12 @@ update_config_var() {
|
|||||||
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
|
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
|
||||||
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
|
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
|
||||||
echo "added first occurrence"
|
echo "added first occurrence"
|
||||||
else
|
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
|
||||||
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
|
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
|
||||||
echo "added"
|
echo "added"
|
||||||
|
else
|
||||||
|
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
|
||||||
|
echo "added at the end"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -130,7 +133,6 @@ prepare_zbx_agent_config() {
|
|||||||
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
|
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
|
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
|
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
|
|
||||||
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
|
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
|
||||||
|
|
||||||
: ${ZBX_PASSIVE_ALLOW:="true"}
|
: ${ZBX_PASSIVE_ALLOW:="true"}
|
||||||
@ -182,6 +184,9 @@ prepare_zbx_agent_config() {
|
|||||||
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
|
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
|
update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
|
||||||
|
|
||||||
|
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
|
||||||
|
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
|
||||||
|
|
||||||
if [ "$(id -u)" != '0' ]; then
|
if [ "$(id -u)" != '0' ]; then
|
||||||
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
|
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
|
||||||
else
|
else
|
||||||
|
|||||||
@ -137,7 +137,7 @@ Additionally the image allows to specify many other environment variables listed
|
|||||||
|
|
||||||
```
|
```
|
||||||
ZBX_SOURCEIP=
|
ZBX_SOURCEIP=
|
||||||
ZBX_ENABLEREMOTECOMMANDS=0
|
ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0
|
||||||
ZBX_LOGREMOTECOMMANDS=0
|
ZBX_LOGREMOTECOMMANDS=0
|
||||||
ZBX_HOSTINTERFACE= # Available since 4.4.0
|
ZBX_HOSTINTERFACE= # Available since 4.4.0
|
||||||
ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
||||||
@ -161,6 +161,8 @@ ZBX_TLSCERTFILE=
|
|||||||
ZBX_TLSKEYFILE=
|
ZBX_TLSKEYFILE=
|
||||||
ZBX_TLSPSKIDENTITY=
|
ZBX_TLSPSKIDENTITY=
|
||||||
ZBX_TLSPSKFILE=
|
ZBX_TLSPSKFILE=
|
||||||
|
ZBX_DENYKEY=system.run[*] # Available since 5.0.0
|
||||||
|
ZBX_ALLOWKEY= # Available since 5.0.0
|
||||||
```
|
```
|
||||||
|
|
||||||
Default values of these variables are specified after equal sign.
|
Default values of these variables are specified after equal sign.
|
||||||
|
|||||||
@ -86,9 +86,12 @@ update_config_var() {
|
|||||||
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
|
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
|
||||||
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
|
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
|
||||||
echo "added first occurrence"
|
echo "added first occurrence"
|
||||||
else
|
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
|
||||||
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
|
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
|
||||||
echo "added"
|
echo "added"
|
||||||
|
else
|
||||||
|
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
|
||||||
|
echo "added at the end"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -130,7 +133,6 @@ prepare_zbx_agent_config() {
|
|||||||
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
|
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
|
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
|
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
|
|
||||||
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
|
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
|
||||||
|
|
||||||
: ${ZBX_PASSIVE_ALLOW:="true"}
|
: ${ZBX_PASSIVE_ALLOW:="true"}
|
||||||
@ -182,6 +184,9 @@ prepare_zbx_agent_config() {
|
|||||||
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
|
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
|
update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
|
||||||
|
|
||||||
|
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
|
||||||
|
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
|
||||||
|
|
||||||
if [ "$(id -u)" != '0' ]; then
|
if [ "$(id -u)" != '0' ]; then
|
||||||
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
|
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
|
||||||
else
|
else
|
||||||
|
|||||||
@ -137,7 +137,7 @@ Additionally the image allows to specify many other environment variables listed
|
|||||||
|
|
||||||
```
|
```
|
||||||
ZBX_SOURCEIP=
|
ZBX_SOURCEIP=
|
||||||
ZBX_ENABLEREMOTECOMMANDS=0
|
ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0
|
||||||
ZBX_LOGREMOTECOMMANDS=0
|
ZBX_LOGREMOTECOMMANDS=0
|
||||||
ZBX_HOSTINTERFACE= # Available since 4.4.0
|
ZBX_HOSTINTERFACE= # Available since 4.4.0
|
||||||
ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
ZBX_HOSTINTERFACEITEM= # Available since 4.4.0
|
||||||
@ -161,6 +161,8 @@ ZBX_TLSCERTFILE=
|
|||||||
ZBX_TLSKEYFILE=
|
ZBX_TLSKEYFILE=
|
||||||
ZBX_TLSPSKIDENTITY=
|
ZBX_TLSPSKIDENTITY=
|
||||||
ZBX_TLSPSKFILE=
|
ZBX_TLSPSKFILE=
|
||||||
|
ZBX_DENYKEY=system.run[*] # Available since 5.0.0
|
||||||
|
ZBX_ALLOWKEY= # Available since 5.0.0
|
||||||
```
|
```
|
||||||
|
|
||||||
Default values of these variables are specified after equal sign.
|
Default values of these variables are specified after equal sign.
|
||||||
|
|||||||
@ -86,9 +86,12 @@ update_config_var() {
|
|||||||
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
|
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
|
||||||
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
|
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
|
||||||
echo "added first occurrence"
|
echo "added first occurrence"
|
||||||
else
|
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
|
||||||
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
|
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
|
||||||
echo "added"
|
echo "added"
|
||||||
|
else
|
||||||
|
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
|
||||||
|
echo "added at the end"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -130,7 +133,6 @@ prepare_zbx_agent_config() {
|
|||||||
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
|
update_config_var $ZBX_AGENT_CONFIG "LogFileSize"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
|
update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
|
update_config_var $ZBX_AGENT_CONFIG "SourceIP"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}"
|
|
||||||
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
|
update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}"
|
||||||
|
|
||||||
: ${ZBX_PASSIVE_ALLOW:="true"}
|
: ${ZBX_PASSIVE_ALLOW:="true"}
|
||||||
@ -182,6 +184,9 @@ prepare_zbx_agent_config() {
|
|||||||
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
|
update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}"
|
||||||
update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
|
update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}"
|
||||||
|
|
||||||
|
update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}"
|
||||||
|
update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}"
|
||||||
|
|
||||||
if [ "$(id -u)" != '0' ]; then
|
if [ "$(id -u)" != '0' ]; then
|
||||||
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
|
update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)"
|
||||||
else
|
else
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user