From e018c3030378f1e83eed923f135ce1cbd4f9c564 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 5 Jul 2024 13:21:12 +0900 Subject: [PATCH] Fixed Nginx images running under root --- .../alpine/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-mysql/alpine/docker-entrypoint.sh | 13 +++++++++---- .../centos/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-mysql/centos/docker-entrypoint.sh | 13 +++++++++---- .../web-nginx-mysql/ol/conf/etc/nginx/nginx.conf | 2 +- Dockerfiles/web-nginx-mysql/ol/docker-entrypoint.sh | 13 +++++++++---- .../web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-mysql/rhel/docker-entrypoint.sh | 13 +++++++++---- .../ubuntu/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-mysql/ubuntu/docker-entrypoint.sh | 13 +++++++++---- .../alpine/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-pgsql/alpine/docker-entrypoint.sh | 13 +++++++++---- .../centos/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-pgsql/centos/docker-entrypoint.sh | 13 +++++++++---- .../web-nginx-pgsql/ol/conf/etc/nginx/nginx.conf | 2 +- Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh | 13 +++++++++---- .../ubuntu/conf/etc/nginx/nginx.conf | 2 +- .../web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 13 +++++++++---- 18 files changed, 90 insertions(+), 45 deletions(-) diff --git a/Dockerfiles/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf index f40a71604..00c238d74 100644 --- a/Dockerfiles/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/alpine/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-mysql/alpine/docker-entrypoint.sh b/Dockerfiles/web-nginx-mysql/alpine/docker-entrypoint.sh index 1c8a85598..9dffba0ff 100755 --- a/Dockerfiles/web-nginx-mysql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-mysql/alpine/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -173,10 +176,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf index 7c96929b0..b31be3142 100644 --- a/Dockerfiles/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/centos/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-mysql/centos/docker-entrypoint.sh b/Dockerfiles/web-nginx-mysql/centos/docker-entrypoint.sh index c81319fba..a7a4f5629 100755 --- a/Dockerfiles/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-mysql/centos/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -173,10 +176,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-mysql/ol/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-mysql/ol/conf/etc/nginx/nginx.conf index 7c96929b0..b31be3142 100644 --- a/Dockerfiles/web-nginx-mysql/ol/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/ol/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-mysql/ol/docker-entrypoint.sh b/Dockerfiles/web-nginx-mysql/ol/docker-entrypoint.sh index c81319fba..a7a4f5629 100755 --- a/Dockerfiles/web-nginx-mysql/ol/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-mysql/ol/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -173,10 +176,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf index 7c96929b0..b31be3142 100644 --- a/Dockerfiles/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/rhel/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-mysql/rhel/docker-entrypoint.sh b/Dockerfiles/web-nginx-mysql/rhel/docker-entrypoint.sh index ae4458a11..27abc6b33 100755 --- a/Dockerfiles/web-nginx-mysql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-mysql/rhel/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -173,10 +176,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf index 7c96929b0..d6acf81e8 100644 --- a/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user www-data; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/Dockerfiles/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 38a01e142..b0c5ce70d 100755 --- a/Dockerfiles/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="www-data"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -173,10 +176,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf index f40a71604..00c238d74 100644 --- a/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh index 3fae24add..ee51c64de 100755 --- a/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -160,10 +163,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-pgsql/centos/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-pgsql/centos/conf/etc/nginx/nginx.conf index 7c96929b0..b31be3142 100644 --- a/Dockerfiles/web-nginx-pgsql/centos/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/centos/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh index 9d210fa72..8639f1114 100755 --- a/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -160,10 +163,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-pgsql/ol/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-pgsql/ol/conf/etc/nginx/nginx.conf index 7c96929b0..b31be3142 100644 --- a/Dockerfiles/web-nginx-pgsql/ol/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/ol/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user nginx; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh index 9d210fa72..8639f1114 100755 --- a/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="nginx"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -160,10 +163,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"} diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf b/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf index 7c96929b0..d6acf81e8 100644 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf @@ -1,4 +1,4 @@ -#user nginx; +# user www-data; worker_processes 5; worker_rlimit_nofile 256000; diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 9a4bfa695..c5b968ee8 100755 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -18,6 +18,9 @@ fi # Default timezone for web interface : ${PHP_TZ:="Europe/Riga"} +# Default user +: ${DAEMON_USER:="www-data"} + # Default directories # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" @@ -160,10 +163,12 @@ prepare_zbx_web_config() { export PHP_FPM_PM_MAX_REQUESTS=${PHP_FPM_PM_MAX_REQUESTS:-"0"} if [ "$(id -u)" == '0' ]; then - echo "user = zabbix" >> "$PHP_CONFIG_FILE" - echo "group = zabbix" >> "$PHP_CONFIG_FILE" - echo "listen.owner = nginx" >> "$PHP_CONFIG_FILE" - echo "listen.group = nginx" >> "$PHP_CONFIG_FILE" + sed -i -e "/^[#;] user/s/.*/&\nuser ${DAEMON_USER};/" "$NGINX_CONF_FILE" + + echo "user = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.owner = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" + echo "listen.group = ${DAEMON_USER}" >> "$PHP_CONFIG_FILE" fi : ${ZBX_DENY_GUI_ACCESS:="false"}