diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 18e5346af..1d1c8529d 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -90,7 +90,7 @@ EXPOSE 10050/TCP WORKDIR /var/lib/zabbix -VOLUME ["/var/lib/zabbix/enc"] +VOLUME ["/etc/zabbix/zabbix_agentd.d", "/var/lib/zabbix/enc", "/var/lib/zabbix/modules"] COPY ["docker-entrypoint.sh", "/usr/bin/"] diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index 5358e473a..5cf6e4ef4 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -1,19 +1,64 @@ -FROM ubuntu:bionic as builder +FROM ubuntu:bionic -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" +LABEL org.opencontainers.image.title="Zabbix agent" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ + org.opencontainers.image.licenses="GPL v2.0" + +STOPSIGNAL SIGTERM + +ENV TINI_VERSION=v0.19.0 + +RUN set -eux && \ + echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ + addgroup --system --gid 1995 --quiet zabbix && \ + adduser --quiet \ + --system --disabled-login \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ + --home /var/lib/zabbix/ \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ + libssl1.1 \ + libcurl4 \ + libldap-2.4 && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=agent ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install locales && \ - locale-gen $LC_ALL && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ libcurl4-openssl-dev \ @@ -24,7 +69,6 @@ RUN set -eux && \ make \ pkg-config \ git \ - ca-certificates \ gcc && \ cd /tmp/ && \ git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ @@ -44,73 +88,30 @@ RUN set -eux && \ --with-openssl \ --enable-ipv6 \ --silent && \ - make -j"$(nproc)" -s - -FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" - -ARG MAJOR_VERSION=5.0 -ARG ZBX_VERSION=${MAJOR_VERSION} -ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=agent ZBX_DB_TYPE=none ZBX_OPT_TYPE=none \ - ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" \ - org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE} --link zabbix-server:zabbix-server -p 10050:10050 -d zabbix-${ZBX_TYPE}:ubuntu-${ZBX_VERSION}" - -STOPSIGNAL SIGTERM - -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender -COPY --from=builder /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - -RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix \ - --home /var/lib/zabbix/ \ - zabbix && \ - mkdir -p /etc/zabbix && \ - mkdir -p /etc/zabbix/zabbix_agentd.d && \ - mkdir -p /var/lib/zabbix && \ - mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /var/lib/zabbix/modules && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ - libpcre3 \ - libssl1.1 \ - libcurl4 \ - libldap-2.4 && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_agent/zabbix_agentd /usr/sbin/zabbix_agentd && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + apt-get -y purge \ + autoconf \ + automake \ + libcurl4-openssl-dev \ + libc6-dev \ + libldap2-dev \ + libssl-dev \ + make \ + pkg-config \ + git \ + gcc && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + rm -rf /var/lib/apt/lists/* EXPOSE 10050/TCP @@ -121,3 +122,7 @@ VOLUME ["/etc/zabbix/zabbix_agentd.d", "/var/lib/zabbix/enc", "/var/lib/zabbix/m COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agentd", "--foreground", "-c", "/etc/zabbix/zabbix_agentd.conf"] diff --git a/agent/ubuntu/docker-entrypoint.sh b/agent/ubuntu/docker-entrypoint.sh index 35a3e1983..57d56dd53 100755 --- a/agent/ubuntu/docker-entrypoint.sh +++ b/agent/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,154 +9,17 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} escape_spec_char() { local var_value=$1 @@ -240,740 +103,12 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - prepare_zbx_agent_config() { echo "** Preparing Zabbix agent configuration file" - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS @@ -992,7 +127,7 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} + : ${ZBX_PASSIVE_ALLOW:="true"} if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" @@ -1004,7 +139,7 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} + : ${ZBX_ACTIVE_ALLOW:="true"} if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" @@ -1040,20 +175,11 @@ prepare_zbx_agent_config() { update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_AGENT_CONFIG "User" "$(whoami)" + else + update_config_var $ZBX_AGENT_CONFIG "AllowRoot" "1" fi } @@ -1062,130 +188,16 @@ prepare_agent() { prepare_zbx_agent_config } -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} - ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agentd "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_agentd' ]; then + prepare_agent fi +exec "$@" + ################################################# diff --git a/docker-compose_v3_ubuntu_mysql_latest.yaml b/docker-compose_v3_ubuntu_mysql_latest.yaml index a0867966f..9ea8fd236 100644 --- a/docker-compose_v3_ubuntu_mysql_latest.yaml +++ b/docker-compose_v3_ubuntu_mysql_latest.yaml @@ -401,9 +401,9 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - - mysql-server-key.pem - - mysql-server-cert.pem - - mysql-ca.pem +# - server-key.pem +# - server-cert.pem +# - root-ca.pem stop_grace_period: 1m networks: zbx_net_backend: diff --git a/docker-compose_v3_ubuntu_mysql_local.yaml b/docker-compose_v3_ubuntu_mysql_local.yaml index 87bd212af..f1d83f472 100644 --- a/docker-compose_v3_ubuntu_mysql_local.yaml +++ b/docker-compose_v3_ubuntu_mysql_local.yaml @@ -433,9 +433,9 @@ services: - MYSQL_USER - MYSQL_PASSWORD - MYSQL_ROOT_PASSWORD - - mysql-server-key.pem - - mysql-server-cert.pem - - mysql-ca.pem +# - server-key.pem +# - server-cert.pem +# - root-ca.pem stop_grace_period: 1m networks: zbx_net_backend: diff --git a/docker-compose_v3_ubuntu_pgsql_local.yaml b/docker-compose_v3_ubuntu_pgsql_local.yaml index 1a1aa9708..ffb6fa70a 100644 --- a/docker-compose_v3_ubuntu_pgsql_local.yaml +++ b/docker-compose_v3_ubuntu_pgsql_local.yaml @@ -199,7 +199,7 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro +# - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro @@ -260,7 +260,7 @@ services: - zabbix-server:zabbix-server volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro +# - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro # - ./.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index b6c1d8b65..4041796b7 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -1,60 +1,46 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=java-gateway ZBX_DB_TYPE=none ZBX_OPT_TYPE=none - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix Java Gateway performs native support for monitoring JMX applications" \ + org.opencontainers.image.licenses="GPL v2.0" + STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix/ && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ openjdk-8-jre-headless && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE} --link zabbix-server:zabbix-server -p 10052:10052 -d zabbix-${ZBX_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ libc6-dev \ @@ -84,7 +70,7 @@ RUN set -eux && \ rm -rf /usr/sbin/zabbix_java/lib/*.xml && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ libc6-dev \ @@ -93,18 +79,24 @@ RUN set -eux && \ pkg-config \ git \ gcc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \ + chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \ rm -rf /var/lib/apt/lists/* EXPOSE 10052/TCP - + WORKDIR /var/lib/zabbix VOLUME ["/usr/sbin/zabbix_java/ext_lib"] -COPY ["conf/etc/zabbix/zabbix_java_gateway_logback.xml", "/etc/zabbix/"] COPY ["conf/usr/sbin/zabbix_java_gateway", "/usr/sbin/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] - + ENTRYPOINT ["docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_java_gateway"] diff --git a/java-gateway/ubuntu/docker-entrypoint.sh b/java-gateway/ubuntu/docker-entrypoint.sh index 20e78e0da..ec5223733 100755 --- a/java-gateway/ubuntu/docker-entrypoint.sh +++ b/java-gateway/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,1034 +9,9 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - -escape_spec_char() { - local var_value=$1 - - var_value="${var_value//\\/\\\\}" - var_value="${var_value//[$'\n']/}" - var_value="${var_value//\//\\/}" - var_value="${var_value//./\\.}" - var_value="${var_value//\*/\\*}" - var_value="${var_value//^/\\^}" - var_value="${var_value//\$/\\\$}" - var_value="${var_value//\&/\\\&}" - var_value="${var_value//\[/\\[}" - var_value="${var_value//\]/\\]}" - - echo "$var_value" -} - -update_config_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - local is_multiple=$4 - - if [ ! -f "$config_path" ]; then - echo "**** Configuration file '$config_path' does not exist" - return - fi - - echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'... " - - # Remove configuration parameter definition in case of unset parameter value - if [ -z "$var_value" ]; then - sed -i -e "/^$var_name=/d" "$config_path" - echo "removed" - return - fi - - # Remove value from configuration parameter in case of double quoted parameter value - if [ "$var_value" == '""' ]; then - sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" - echo "undefined" - return - fi - - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value - var_value=$(escape_spec_char "$var_value") - - if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then - sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" - echo "updated" - elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then - sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" - echo "added first occurrence" - else - sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" - echo "added" - fi - -} - -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} prepare_java_gateway_config() { echo "** Preparing Zabbix Java Gateway log configuration file" @@ -1053,53 +28,6 @@ prepare_java_gateway_config() { fi } -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - prepare_java_gateway() { echo "** Preparing Zabbix Java Gateway" @@ -1108,80 +36,11 @@ prepare_java_gateway() { ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_java_gateway' ]; then + prepare_java_gateway fi -prepare_system "$zbx_type" "$zbx_opt_type" +exec "$@" -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi ################################################# diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index aad038610..479ae8874 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -1,44 +1,28 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ARG DB_TYPE=mysql -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=proxy ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -47,10 +31,15 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ fping \ libcurl4 \ libevent-2.1 \ @@ -63,27 +52,32 @@ RUN set -eux && \ libxml2 \ mysql-client \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -114,8 +108,8 @@ RUN set -eux && \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-proxy \ + --with-mysql \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -128,17 +122,19 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-proxy-mysql/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -156,7 +152,7 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* && \ chmod +x /sbin/tini @@ -166,7 +162,11 @@ WORKDIR /var/lib/zabbix VOLUME ["/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/modules", "/var/lib/zabbix/snmptraps"] VOLUME ["/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-mysql/ubuntu/docker-entrypoint.sh b/proxy-mysql/ubuntu/docker-entrypoint.sh index ebdae23cb..bcae364a4 100755 --- a/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,37 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -72,92 +51,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -242,18 +135,14 @@ update_config_multiple_var() { # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -279,37 +168,7 @@ check_variables_mysql() { DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} } check_db_connect_mysql() { @@ -324,92 +183,32 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" WAIT_TIMEOUT=5 + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do + --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) echo $result } @@ -430,20 +229,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -457,22 +242,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -483,250 +253,35 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + + zcat /usr/share/doc/zabbix-proxy-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix proxy configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-mysql"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" update_config_var $ZBX_CONFIG "LogFile" @@ -735,40 +290,32 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" fi - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" + update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -781,13 +328,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -804,7 +345,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -814,26 +355,13 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" @@ -843,346 +371,61 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} + update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" } prepare_proxy() { - local db_type=$1 - echo "Preparing Zabbix proxy" - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" fi - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi +exec "$@" ################################################# diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index b140b79cf..59f3292bb 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -1,43 +1,28 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=proxy ZBX_DB_TYPE=sqlite3 ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with SQLite3 database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -46,9 +31,15 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-proxy-mysql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ fping \ libcurl4 \ libevent-2.1 \ @@ -60,27 +51,32 @@ RUN set -eux && \ libssl1.1 \ libxml2 \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link zabbix-server:zabbix-server -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -111,8 +107,8 @@ RUN set -eux && \ --sysconfdir=/etc/zabbix \ --prefix=/usr \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-proxy \ + --with-sqlite3 \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -125,14 +121,16 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_proxy/zabbix_proxy /usr/sbin/zabbix_proxy && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ + cp conf/zabbix_proxy.conf /etc/zabbix/zabbix_proxy.conf && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -150,17 +148,21 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* && \ chmod +x /sbin/tini EXPOSE 10051/TCP - + WORKDIR /var/lib/zabbix - + VOLUME ["/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/modules", "/var/lib/zabbix/snmptraps"] VOLUME ["/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] - + ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"] diff --git a/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/proxy-sqlite3/ubuntu/docker-entrypoint.sh index 0b669244a..1f9ad7586 100755 --- a/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,154 +9,16 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} +: ${ZBX_SERVER_PORT:="10051"} # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" - -# usage: file_env VAR [DEFAULT] -# as example: file_env 'MYSQL_PASSWORD' 'zabbix' -# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file) -# unsets the VAR_FILE afterwards and just leaving VAR -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local defaultValue="${2:-}" - - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - echo "**** Both variables $var and $fileVar are set (but are exclusive)" - exit 1 - fi - - local val="$defaultValue" - - if [ "${!var:-}" ]; then - val="${!var}" - echo "** Using ${var} variable from ENV" - elif [ "${!fileVar:-}" ]; then - if [ ! -f "${!fileVar}" ]; then - echo "**** Secret file \"${!fileVar}\" is not found" - exit 1 - fi - val="$(< "${!fileVar}")" - echo "** Using ${var} variable from secret file" - fi - export "$var"="$val" - unset "$fileVar" -} - -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} escape_spec_char() { local var_value=$1 @@ -240,493 +102,24 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix proxy configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_proxy.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" + update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" + update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" + update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" + if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then + update_config_var $ZBX_CONFIG "Hostname" "" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-sqlite3"}" + update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" update_config_var $ZBX_CONFIG "LogFile" @@ -735,40 +128,20 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi + update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" + update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" + update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" + update_config_var $ZBX_CONFIG "DBUser" + update_config_var $ZBX_CONFIG "DBPort" + update_config_var $ZBX_CONFIG "DBPassword" - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" + update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" + update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" + update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" @@ -781,13 +154,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -804,7 +171,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -814,26 +181,13 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" @@ -843,346 +197,51 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi + update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi + update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" } prepare_proxy() { - local db_type=$1 - echo "Preparing Zabbix proxy" - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_proxy "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_proxy' ]; then + prepare_proxy fi +exec "$@" + ################################################# diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index d98e0ec8d..1656a334f 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -1,46 +1,29 @@ FROM ubuntu:bionic -LABEL maintainer "Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ usermod -G zabbix,dialout zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/export && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -49,10 +32,16 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-server-mysql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ iputils-ping \ traceroute \ fping \ @@ -67,27 +56,32 @@ RUN set -eux && \ libxml2 \ mysql-client \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql -p 10051:10051 -d zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -118,8 +112,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-mysql \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -132,19 +126,21 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/mysql/schema.sql > database/mysql/create.sql && \ + cat database/mysql/images.sql >> database/mysql/create.sql && \ + cat database/mysql/data.sql >> database/mysql/create.sql && \ + gzip database/mysql/create.sql && \ + cp database/mysql/create.sql.gz /usr/share/doc/zabbix-server-mysql/ && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -162,9 +158,8 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - rm -rf /var/lib/apt/lists/* && \ - chmod +x /sbin/tini + apt-get -y autoremove && \ + rm -rf /var/lib/apt/lists/* EXPOSE 10051/TCP @@ -173,7 +168,11 @@ WORKDIR /var/lib/zabbix VOLUME ["/usr/lib/zabbix/alertscripts", "/usr/lib/zabbix/externalscripts", "/var/lib/zabbix/enc", "/var/lib/zabbix/mibs", "/var/lib/zabbix/modules"] VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/ssh_keys", "/var/lib/zabbix/ssl/certs", "/var/lib/zabbix/ssl/keys", "/var/lib/zabbix/ssl/ssl_ca"] VOLUME ["/var/lib/zabbix/export"] - + COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-mysql/ubuntu/docker-entrypoint.sh b/server-mysql/ubuntu/docker-entrypoint.sh index 7a56bbc59..428d497ba 100755 --- a/server-mysql/ubuntu/docker-entrypoint.sh +++ b/server-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,37 +9,11 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - -#Enable PostgreSQL timescaleDB feature: -ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} - # Default directories # User 'zabbix' home directory ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -72,92 +46,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -242,18 +130,14 @@ update_config_multiple_var() { # Check prerequisites for MySQL database check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi + file_env MYSQL_ROOT_PASSWORD if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" @@ -274,42 +158,12 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && [ "${USE_DB_ROOT_USER}" == "true" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } check_db_connect_mysql() { @@ -324,92 +178,32 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" WAIT_TIMEOUT=5 + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do + --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10 $ssl_opts)" ]; do echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - mysql_query() { query=$1 local result="" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query" $ssl_opts) echo $result } @@ -430,20 +224,6 @@ create_db_user_mysql() { mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null } -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - create_db_database_mysql() { DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") @@ -457,22 +237,7 @@ create_db_database_mysql() { fi } -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - create_db_schema_mysql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then @@ -483,249 +248,23 @@ create_db_schema_mysql() { if [ -z "${ZBX_DB_VERSION}" ]; then echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + ssl_opts="--ssl --ssl-ca=${ZBX_DBTLSCAFILE} --ssl-key=${ZBX_DBTLSKEYFILE} --ssl-cert=${ZBX_DBTLSCERTFILE}" + fi + + zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql --silent --skip-column-names \ -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ + -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" $ssl_opts \ ${DB_SERVER_DBNAME} 1>/dev/null fi } -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { - local type=$1 - local db_type=$2 + echo "** Preparing Zabbix server configuration file" - echo "** Preparing Zabbix $type configuration file" + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -735,42 +274,28 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" fi - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" - fi + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" + update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" @@ -781,15 +306,16 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" - fi + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" + + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -806,7 +332,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -816,25 +342,19 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -850,26 +370,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" fi - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -877,319 +386,41 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config } prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_mysql + check_db_connect_mysql + create_db_user_mysql + create_db_database_mysql + create_db_schema_mysql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" fi - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 -fi +exec "$@" ################################################# diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index bedc898a9..796832584 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -6,9 +6,9 @@ LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ org.opencontainers.image.licenses="GPL v2.0" - + STOPSIGNAL SIGTERM - + ENV TINI_VERSION=v0.19.0 RUN set -eux && \ diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 540e54815..c1e26cd58 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -1,46 +1,29 @@ FROM ubuntu:bionic -LABEL maintainer "Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ - ZBX_TYPE=server ZBX_DB_TYPE=postgresql ZBX_OPT_TYPE=none -ENV TINI_VERSION v0.18.0 - -LABEL org.label-schema.name="zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix ${ZBX_TYPE} with PostgreSQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM +ENV TINI_VERSION=v0.19.0 + RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ usermod -G zabbix,dialout zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ - mkdir -p /usr/lib/zabbix/alertscripts && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /var/lib/zabbix/export && \ - mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ @@ -49,10 +32,16 @@ RUN set -eux && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ - mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE} && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + mkdir -p /usr/lib/zabbix/alertscripts && \ + mkdir -p /usr/lib/zabbix/externalscripts && \ + mkdir -p /usr/share/doc/zabbix-server-postgresql && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + curl \ + ca-certificates \ + gpg \ + dirmngr \ + gpg-agent \ iputils-ping \ traceroute \ fping \ @@ -67,27 +56,32 @@ RUN set -eux && \ libxml2 \ postgresql-client \ snmp-mibs-downloader \ - ca-certificates \ unixodbc && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tini.asc && \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && \ + gpg --batch --verify /tini.asc /sbin/tini && \ + rm -rf /root/.gnupg && \ + chmod +x /sbin/tini && \ + apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-${ZBX_TYPE}-pgsql --link postgres-server:postgres -p 10051:10051 -d zabbix-${ZBX_TYPE}-pgsql:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm MIBDIRS=/var/lib/snmp/mibs/ietf:/var/lib/snmp/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ autoconf \ automake \ gcc \ @@ -118,8 +112,8 @@ RUN set -eux && \ --prefix=/usr \ --sysconfdir=/etc/zabbix \ --enable-agent \ - --enable-${ZBX_TYPE} \ - --with-${ZBX_DB_TYPE} \ + --enable-server \ + --with-postgresql \ --with-ldap \ --with-libcurl \ --with-libxml2 \ @@ -132,20 +126,22 @@ RUN set -eux && \ --silent && \ make -j"$(nproc)" -s dbschema && \ make -j"$(nproc)" -s && \ - cp src/zabbix_${ZBX_TYPE}/zabbix_${ZBX_TYPE} /usr/sbin/zabbix_${ZBX_TYPE} && \ + cp src/zabbix_server/zabbix_server /usr/sbin/zabbix_server && \ cp src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ cp src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ - cp conf/zabbix_${ZBX_TYPE}.conf /etc/zabbix/zabbix_${ZBX_TYPE}.conf && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - cat database/${ZBX_DB_TYPE}/schema.sql > database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/images.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - cat database/${ZBX_DB_TYPE}/data.sql >> database/${ZBX_DB_TYPE}/create.sql && \ - gzip database/${ZBX_DB_TYPE}/create.sql && \ - cp database/${ZBX_DB_TYPE}/create.sql.gz /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ - cp database/${ZBX_DB_TYPE}/timescaledb.sql /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ + cp conf/zabbix_server.conf /etc/zabbix/zabbix_server.conf && \ + cat database/postgresql/schema.sql > database/postgresql/create.sql && \ + cat database/postgresql/images.sql >> database/postgresql/create.sql && \ + cat database/postgresql/data.sql >> database/postgresql/create.sql && \ + gzip database/postgresql/create.sql && \ + cp database/postgresql/create.sql.gz /usr/share/doc/zabbix-server-postgresql/ && \ + cp database/postgresql/timescaledb.sql /usr/share/doc/zabbix-server-postgresql/timescaledb.sql && \ cd /tmp/ && \ rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ autoconf \ automake \ gcc \ @@ -163,7 +159,7 @@ RUN set -eux && \ pkg-config \ git \ unixodbc-dev && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* && \ chmod +x /sbin/tini @@ -178,3 +174,7 @@ VOLUME ["/var/lib/zabbix/export"] COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_server", "--foreground", "-c", "/etc/zabbix/zabbix_server.conf"] diff --git a/server-pgsql/ubuntu/docker-entrypoint.sh b/server-pgsql/ubuntu/docker-entrypoint.sh index 833612331..29e1fd23e 100755 --- a/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/server-pgsql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,27 +9,6 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - -# Default Zabbix installation name -# Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} -# Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} -# Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} - -# Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} - #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} @@ -38,8 +17,6 @@ ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" -# Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -72,92 +49,6 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - -prepare_system() { - local type=$1 - local web_server=$2 - - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} -} - escape_spec_char() { local var_value=$1 @@ -240,62 +131,14 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - # Check prerequisites for PostgreSQL database check_variables_postgresql() { - local type=$1 - file_env POSTGRES_USER file_env POSTGRES_PASSWORD - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} + : ${DB_SERVER_HOST:="postgres-server"} + : ${DB_SERVER_PORT:="5432"} + : ${CREATE_ZBX_DB_USER:="false"} DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} @@ -303,38 +146,9 @@ check_variables_postgresql() { DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} + : ${DB_SERVER_SCHEMA:="public"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done + DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} } check_db_connect_postgresql() { @@ -358,19 +172,23 @@ check_db_connect_postgresql() { DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} fi - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then export PGPASSWORD="${DB_SERVER_ZBX_PASS}" fi WAIT_TIMEOUT=5 - + if [ -n "${DB_SERVER_SCHEMA}" ]; then PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" export PGOPTIONS fi - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} + ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + fi + + while [ ! "$(psql "$ssl_opts" -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." sleep $WAIT_TIMEOUT done @@ -379,17 +197,6 @@ check_db_connect_postgresql() { unset PGOPTIONS } - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - psql_query() { query=$1 db=$2 @@ -399,13 +206,18 @@ psql_query() { if [ -n "${DB_SERVER_ZBX_PASS}" ]; then export PGPASSWORD="${DB_SERVER_ZBX_PASS}" fi - + if [ -n "${DB_SERVER_SCHEMA}" ]; then PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" export PGOPTIONS fi - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} + ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + fi + + result=$(psql "$ssl_opts" -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); unset PGPASSWORD @@ -414,22 +226,6 @@ psql_query() { echo $result } -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - create_db_user_postgresql() { [ "${CREATE_ZBX_DB_USER}" == "true" ] || return @@ -444,19 +240,6 @@ create_db_user_postgresql() { fi } -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - create_db_database_postgresql() { DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") @@ -470,29 +253,7 @@ create_db_database_postgresql() { psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" } -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - create_db_schema_postgresql() { - local type=$1 - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") @@ -517,12 +278,17 @@ create_db_schema_postgresql() { export PGOPTIONS fi - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + dbtlsconnect=${ZBX_DBTLSCONNECT//_/-} + ssl_opts="sslmode=$dbtlsconnect sslrootcert=${ZBX_DBTLSCAFILE} sslcert=${ZBX_DBTLSCERTFILE} sslkey=${ZBX_DBTLSKEYFILE}" + fi + + zcat /usr/share/doc/zabbix-server-postgresql/create.sql.gz | psql "$ssl_opts" -q \ -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ + cat /usr/share/doc/zabbix-server-postgresql/timescaledb.sql | psql "$ssl_opts" -q \ -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null fi @@ -532,200 +298,15 @@ create_db_schema_postgresql() { fi } -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi -} - -clear_deploy() { - local type=$1 - echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases -} - update_zbx_config() { local type=$1 local db_type=$2 - echo "** Preparing Zabbix $type configuration file" + echo "** Preparing Zabbix server configuration file" - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf + ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_server.conf - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi + update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" update_config_var $ZBX_CONFIG "LogType" "console" @@ -735,42 +316,28 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + if [ -n "${ZBX_DBTLSCONNECT}" ]; then + update_config_var $ZBX_CONFIG "DBTLSConnect" "${ZBX_DBTLSCONNECT}" + update_config_var $ZBX_CONFIG "DBTLSCAFile" "${ZBX_DBTLSCAFILE}" + update_config_var $ZBX_CONFIG "DBTLSCertFile" "${ZBX_DBTLSCERTFILE}" + update_config_var $ZBX_CONFIG "DBTLSKeyFile" "${ZBX_DBTLSKEYFILE}" + update_config_var $ZBX_CONFIG "DBTLSCipher" "${ZBX_DBTLSCIPHER}" + update_config_var $ZBX_CONFIG "DBTLSCipher13" "${ZBX_DBTLSCIPHER13}" fi - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi + update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" + update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" + update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" + update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" + update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" + update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" - fi + update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" + update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" + update_config_var $ZBX_CONFIG "HistoryStorageDateIndex" "${ZBX_HISTORYSTORAGEDATEINDEX}" update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" @@ -781,15 +348,17 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" - fi + update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} + update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" + update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" + + update_config_var $ZBX_CONFIG "StartLLDProcessors" "${ZBX_STARTLLDPROCESSORS}" + + : ${ZBX_JAVAGATEWAY_ENABLE:="false"} if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" @@ -806,7 +375,7 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} + : ${ZBX_ENABLE_SNMP_TRAPS:="false"} if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" @@ -816,25 +385,20 @@ update_zbx_config() { fi update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi + + update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" + update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi + update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" + update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" @@ -850,26 +414,15 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "ExportFileSize" "${ZBX_EXPORTFILESIZE}" fi - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi + update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" + update_config_var $ZBX_CONFIG "Fping6Location" update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi + update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" + update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" + update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" @@ -877,319 +430,41 @@ update_zbx_config() { update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - -prepare_zbx_web_config() { - local db_type=$1 - local server_name="" - - echo "** Preparing Zabbix frontend configuration file" - - ZBX_WWW_ROOT="/usr/share/zabbix" - ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" + if [ "$(id -u)" != '0' ]; then + update_config_var $ZBX_CONFIG "User" "$(whoami)" else - echo "**** Zabbix related PHP configuration file not found" + update_config_var $ZBX_CONFIG "AllowRoot" "1" fi - - ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} - - # Escaping characters in parameter value - server_name=$(escape_spec_char "${ZBX_SERVER_NAME}") - server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") - server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") - history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}") - history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}") - - sed -i \ - -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ - -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ - -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \ - -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \ - -e "s/{DB_SERVER_USER}/$server_user/g" \ - -e "s/{DB_SERVER_PASS}/$server_pass/g" \ - -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ - -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ - -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ - -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ - -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ - "$ZBX_WEB_CONFIG" - - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" -} - -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config } prepare_server() { - local db_type=$1 - echo "** Preparing Zabbix server" - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" + check_variables_postgresql + check_db_connect_postgresql + create_db_user_postgresql + create_db_database_postgresql + create_db_schema_postgresql - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - -prepare_web() { - local web_server=$1 - local db_type=$2 - - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type -} - -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config + update_zbx_config } ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi - - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_server "$@" fi -prepare_system "$zbx_type" "$zbx_opt_type" - -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" - -echo "########################################################" - -if [ "$1" != "" ]; then - echo "** Executing '$@'" - exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf -else - echo "Unknown instructions. Exiting..." - exit 1 +if [ "$1" == '/usr/sbin/zabbix_server' ]; then + prepare_server fi +exec "$@" + ################################################# diff --git a/snmptraps/ubuntu/.dockerignore b/snmptraps/ubuntu/.dockerignore index 284c98d46..88a84e55a 100644 --- a/snmptraps/ubuntu/.dockerignore +++ b/snmptraps/ubuntu/.dockerignore @@ -1,2 +1 @@ build.sh -snmptrapfmt_1.14+nmu1ubuntu2.tar.gz \ No newline at end of file diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index a6f3b3040..ab5821d8a 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -1,60 +1,62 @@ FROM ubuntu:bionic -LABEL maintainer "Alexey Pustovalov " - -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - MIBDIRS=/var/lib/mibs/iana:/var/lib/mibs/ietf:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL - -LABEL org.label-schema.name="zabbix-snmptraps-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix SNMP traps receiver" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="1.14" \ - org.label-schema.vcs-url="https://anonscm.debian.org/gitweb/?p=collab-maint/snmptrapfmt.git" \ - org.label-schema.docker.cmd="docker run --name zabbix-snmptraps --link zabbix-server:zabbix-server -p 162:162/UDP -d zabbix-snmptraps:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + +LABEL org.opencontainers.image.title="zabbix-snmptraps-ubuntu" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix SNMP traps receiver" \ + org.opencontainers.image.licenses="GPL v2.0" \ + org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="https://anonscm.debian.org/gitweb/?p=collab-maint/snmptrapfmt.git" STOPSIGNAL SIGTERM -COPY ["snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb", "/tmp/"] +COPY ["snmptrapfmt_1.14+nmu1ubuntu2.tar.gz", "/tmp/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ snmp-mibs-downloader \ snmptrapd \ supervisor && \ download-mibs && \ - dpkg -i /tmp/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + autoconf \ + automake \ + gcc \ + patch \ + make \ + libc6-dev \ + libsnmp-dev && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/snmptraps && \ mkdir -p /var/lib/zabbix/mibs && \ - chown --quiet -R zabbix:root /var/lib/zabbix && \ + cd /tmp/ && \ + tar -zxvf snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ + ls -lah && \ + cd /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ + patch -p1 < ./patches/makefile.patch && \ + patch -p1 < ./patches/pid_location.patch && \ + make -j"$(nproc)" -s && \ + cp snmptrapfmthdlr /usr/sbin/snmptrapfmthdlr && \ + cp snmptrapfmt /usr/sbin/snmptrapfmt && \ + cp snmptrapfmt.conf /etc/snmp/snmptrapfmt.conf && \ echo "disableAuthorization yes" >> "/etc/snmp/snmptrapd.conf" && \ echo "traphandle default /usr/sbin/snmptrapfmthdlr" >> "/etc/snmp/snmptrapd.conf" && \ sed -i \ @@ -62,8 +64,20 @@ RUN set -eux && \ -e '/^LOGFMT=/s/=.*/=\"$x ZBXTRAP $R $G $S $e $*\"/' \ -e "/^LOGFILE=/s/=.*/=\"\/var\/lib\/zabbix\/snmptraps\/snmptraps.log\"/" \ "/etc/snmp/snmptrapfmt.conf" && \ - rm -rf /tmp/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb && \ - apt-get ${APT_FLAGS_COMMON} autoremove 1>/dev/null && \ + rm -rf /tmp/snmptrapfmt_1.14+nmu1ubuntu2.tar.gz && \ + rm -rf /tmp/snmptrapfmt-1.14+nmu1ubuntu1/ && \ + chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ + autoconf \ + automake \ + gcc \ + patch \ + make \ + libc6-dev \ + libsnmp-dev && \ + apt-get -y autoremove && \ rm -rf /var/lib/apt/lists/* EXPOSE 162/UDP @@ -75,4 +89,6 @@ VOLUME ["/var/lib/zabbix/snmptraps", "/var/lib/zabbix/mibs"] COPY ["conf/etc/supervisor/", "/etc/supervisor/"] COPY ["conf/etc/logrotate.d/zabbix_snmptraps", "/etc/logrotate.d/"] +USER 1997 + CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/snmptraps/ubuntu/conf/etc/supervisor/conf.d/supervisord_snmptraps.conf b/snmptraps/ubuntu/conf/etc/supervisor/conf.d/supervisord_snmptraps.conf index 86b471372..c40417824 100644 --- a/snmptraps/ubuntu/conf/etc/supervisor/conf.d/supervisord_snmptraps.conf +++ b/snmptraps/ubuntu/conf/etc/supervisor/conf.d/supervisord_snmptraps.conf @@ -17,7 +17,7 @@ stdout_logfile = /dev/stdout stdout_logfile_maxbytes = 0 [program:snmptrapd] -command = /usr/sbin/%(program_name)s -m '+ALL' -M /usr/share/snmp/mibs:/var/lib/snmp/mibs/iana:/var/lib/snmp/mibs/ietf:/var/lib/zabbix/mibs -f -n -Lo -p /var/run/snmptrapd.pid -C -c /etc/snmp/%(program_name)s.conf +command = /usr/sbin/%(program_name)s -m '+ALL' -M /usr/share/snmp/mibs:/var/lib/snmp/mibs/iana:/var/lib/snmp/mibs/ietf:/var/lib/zabbix/mibs -f -n -Lo -p /var/run/snmptrapd.pid -C -c /etc/snmp/%(program_name)s.conf udp:0.0.0.0:1162 auto_start = true autorestart = true priority = 100 diff --git a/snmptraps/ubuntu/conf/etc/supervisor/supervisord.conf b/snmptraps/ubuntu/conf/etc/supervisor/supervisord.conf index 925bb1838..f8d80e461 100644 --- a/snmptraps/ubuntu/conf/etc/supervisor/supervisord.conf +++ b/snmptraps/ubuntu/conf/etc/supervisor/supervisord.conf @@ -1,17 +1,17 @@ ; supervisor config file [unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) +file = /tmp/supervisor.sock ; (the path to the socket file) chmod = 0700 ; sockef file mode (default 0700) username = zbx password = password [supervisord] logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +pidfile = /tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) critical = critical -user = root +;user = zabbix logfile_maxbytes = 0 logfile_backupcount = 0 loglevel = info @@ -23,7 +23,7 @@ loglevel = info supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket +serverurl = unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or diff --git a/snmptraps/ubuntu/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb b/snmptraps/ubuntu/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb deleted file mode 100644 index c360deec2..000000000 Binary files a/snmptraps/ubuntu/snmptrapfmt_1.14+nmu1ubuntu2_amd64.deb and /dev/null differ diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index 08016c5a2..8f24d7fd6 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -1,47 +1,33 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=frontend ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=apache - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ apache2 \ curl \ libapache2-mod-php \ + ca-certificates \ mysql-client \ + locales \ php7.2-bcmath \ php7.2-gd \ php7.2-json \ @@ -49,25 +35,41 @@ RUN set -eux && \ php7.2-mbstring \ php7.2-mysql \ php7.2-xml && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + rm -f /etc/apache2/sites-available/* && \ + rm -f /etc/apache2/sites-enabled/* && \ + /usr/sbin/a2enmod ssl && \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "/etc/apache2/apache2.conf" && \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "/etc/apache2/conf-available/other-vhosts-access-log.conf" && \ + sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf && \ + sed -i 's/Listen 443/Listen 8443/g' /etc/apache2/ports.conf && \ + sed -i 's|/var/run/apache2$SUFFIX|/tmp|g' /etc/apache2/envvars && \ + rm -f /var/run/apache2/apache2.pid && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ gettext \ - ca-certificates \ git && \ cd /usr/share/ && \ git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ @@ -78,6 +80,8 @@ RUN set -eux && \ rm -f conf/zabbix.conf.php && \ rm -rf tests && \ ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ./locale/make_mo.sh && \ mkdir -p /var/lib/locales/supported.d/ && \ rm -f /var/lib/locales/supported.d/local && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ @@ -86,24 +90,29 @@ RUN set -eux && \ dpkg-reconfigure locales && \ find /usr/share/zabbix/locale -name '*.po' | xargs rm -f && \ find /usr/share/zabbix/locale -name '*.sh' | xargs rm -f && \ - chown --quiet -R www-data:www-data /usr/share/zabbix && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.2/ && \ + chgrp -R 0 /etc/apache2/ /etc/php/7.2/ && \ + chmod -R g=u /etc/apache2/ /etc/php/7.2/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ git && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -EXPOSE 80/TCP 443/TCP - +EXPOSE 8080/TCP 8443/TCP + WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/apache2", "/usr/share/zabbix/modules"] -COPY ["conf/etc/zabbix/apache.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/apache_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini", "/etc/php/7.2/apache2/conf.d/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] + +CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"] diff --git a/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini b/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini index b5356c3da..be93bd73a 100644 --- a/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini +++ b/web-apache-mysql/ubuntu/conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini @@ -6,4 +6,4 @@ max_input_time=300 always_populate_raw_post_date=-1 max_input_vars=10000 ; date.timezone=Europe/Riga -session.save_path=/var/lib/php/sessions +;session.save_path=/var/lib/php/session diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf index 2a5aedc30..36def0c29 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf @@ -1,4 +1,4 @@ - + DocumentRoot /usr/share/zabbix/ ServerName zabbix DirectoryIndex index.php diff --git a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf index 798c982dc..d18d08fde 100644 --- a/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf @@ -3,7 +3,7 @@ LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so - + SSLEngine on DocumentRoot /usr/share/zabbix/ diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index af1b41c20..6ac7c3a9b 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,37 +9,25 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} +: ${ZBX_SERVER_NAME:="Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} +: ${ZBX_SERVER_PORT:="10051"} # Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${PHP_TZ:="Europe/Riga"} #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" # Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" +ZABBIX_WWW_ROOT="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -72,90 +60,8 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - prepare_system() { - local type=$1 - local web_server=$2 - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} } escape_spec_char() { @@ -219,37 +125,15 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - # Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} +check_variables() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" exit 1 @@ -269,45 +153,15 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}} [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -319,7 +173,6 @@ check_db_connect_mysql() { fi echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" fi echo "********************" @@ -332,563 +185,33 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi +prepare_web_server() { + APACHE_SITES_DIR="/etc/apache2/sites-enabled" echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTP virtual host" fi - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - echo "** Adding Zabbix virtual host (HTTPS)" if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTPS virtual host" fi else echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi } clear_deploy() { - local type=$1 echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases } -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" @@ -896,43 +219,14 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi + PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} @@ -953,228 +247,47 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ + -e "s/{ZBX_DB_ENCRYPTION}/${ZBX_DB_ENCRYPTION:-"false"}/g" \ + -e "s/{ZBX_DB_KEY_FILE}/${ZBX_DB_KEY_FILE}/g" \ + -e "s/{ZBX_DB_CERT_FILE}/${ZBX_DB_CERT_FILE}/g" \ + -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ + -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ + -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" } -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Apache) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +elif [ -f "/usr/sbin/httpd" ]; then + echo "** Executing HTTPD" + exec /usr/sbin/httpd -D FOREGROUND else echo "Unknown instructions. Exiting..." exit 1 diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index 244537348..94596cc17 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -1,46 +1,32 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=frontend ZBX_DB_TYPE=postgresql ZBX_OPT_TYPE=apache - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Apache2 web server with PostgreSQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales && \ - locale-gen $LC_ALL && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ apache2 \ curl \ libapache2-mod-php \ + ca-certificates \ + locales \ php7.2-bcmath \ php7.2-gd \ php7.2-json \ @@ -48,28 +34,42 @@ RUN set -eux && \ php7.2-mbstring \ php7.2-xml \ php7.2-pgsql \ - postgresql-client \ - ttf-dejavu-core && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + postgresql-client && \ + rm -f /etc/apache2/sites-available/* && \ + rm -f /etc/apache2/sites-enabled/* && \ + /usr/sbin/a2enmod ssl && \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "/etc/apache2/apache2.conf" && \ + sed -ri \ + -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ + -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ + "/etc/apache2/conf-available/other-vhosts-access-log.conf" && \ + sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf && \ + sed -i 's/Listen 443/Listen 8443/g' /etc/apache2/ports.conf && \ + sed -i 's|/var/run/apache2$SUFFIX|/tmp|g' /etc/apache2/envvars && \ + rm -f /var/run/apache2/apache2.pid && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-pgsql --link postgres-server:postgres --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-pgsql:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ gettext \ - patch \ - ca-certificates \ git && \ cd /usr/share/ && \ git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ @@ -80,6 +80,8 @@ RUN set -eux && \ rm -f conf/zabbix.conf.php && \ rm -rf tests && \ ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ./locale/make_mo.sh && \ mkdir -p /var/lib/locales/supported.d/ && \ rm -f /var/lib/locales/supported.d/local && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ @@ -88,25 +90,29 @@ RUN set -eux && \ dpkg-reconfigure locales && \ find /usr/share/zabbix/locale -name '*.po' | xargs rm -f && \ find /usr/share/zabbix/locale -name '*.sh' | xargs rm -f && \ - chown --quiet -R www-data:www-data /usr/share/zabbix && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/apache2/ /etc/php/7.2/ && \ + chgrp -R 0 /etc/apache2/ /etc/php/7.2/ && \ + chmod -R g=u /etc/apache2/ /etc/php/7.2/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ - patch \ git && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -EXPOSE 80/TCP 443/TCP +EXPOSE 8080/TCP 8443/TCP WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/apache2"] -COPY ["conf/etc/zabbix/apache.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/apache_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/php/7.2/apache2/conf.d/99-zabbix.ini", "/etc/php/7.2/apache2/conf.d/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] + +CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"] diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf index 2a5aedc30..36def0c29 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf @@ -1,4 +1,4 @@ - + DocumentRoot /usr/share/zabbix/ ServerName zabbix DirectoryIndex index.php diff --git a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf index 798c982dc..d18d08fde 100644 --- a/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf +++ b/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf @@ -3,7 +3,7 @@ LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so - + SSLEngine on DocumentRoot /usr/share/zabbix/ diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index af1b41c20..04b2ea5ef 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,37 +9,25 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface -ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} +: ${ZBX_SERVER_NAME:="Zabbix docker"} # Default Zabbix server host -ZBX_SERVER_HOST=${ZBX_SERVER_HOST:-"zabbix-server"} +: ${ZBX_SERVER_HOST:="zabbix-server"} # Default Zabbix server port number -ZBX_SERVER_PORT=${ZBX_SERVER_PORT:-"10051"} +: ${ZBX_SERVER_PORT:="10051"} # Default timezone for web interface -PHP_TZ=${PHP_TZ:-"Europe/Riga"} +: ${PHP_TZ:="Europe/Riga"} #Enable PostgreSQL timescaleDB feature: ENABLE_TIMESCALEDB=${ENABLE_TIMESCALEDB:-"false"} # Default directories -# User 'zabbix' home directory -ZABBIX_USER_HOME_DIR="/var/lib/zabbix" # Configuration files directory ZABBIX_ETC_DIR="/etc/zabbix" # Web interface www-root directory -ZBX_FRONTEND_PATH="/usr/share/zabbix" +ZABBIX_WWW_ROOT="/usr/share/zabbix" # usage: file_env VAR [DEFAULT] # as example: file_env 'MYSQL_PASSWORD' 'zabbix' @@ -72,90 +60,8 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - prepare_system() { - local type=$1 - local web_server=$2 - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} } escape_spec_char() { @@ -202,6 +108,7 @@ update_config_var() { return fi + # Escaping characters in parameter value and name var_value=$(escape_spec_char "$var_value") var_name=$(escape_spec_char "$var_name") @@ -219,78 +126,14 @@ update_config_var() { } -update_config_multiple_var() { - local config_path=$1 - local var_name=$2 - local var_value=$3 - - var_value="${var_value%\"}" - var_value="${var_value#\"}" - - local IFS=, - local OPT_LIST=($var_value) - - for value in "${OPT_LIST[@]}"; do - update_config_var $config_path $var_name $value true - done -} - -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - # Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - +check_variables() { file_env POSTGRES_USER file_env POSTGRES_PASSWORD - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} + : ${DB_SERVER_HOST:="postgres-server"} + : ${DB_SERVER_PORT:="5432"} + : ${CREATE_ZBX_DB_USER:="false"} DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} @@ -298,41 +141,12 @@ check_variables_postgresql() { DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} + : ${DB_SERVER_SCHEMA:="public"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} } -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - fi - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -353,7 +167,6 @@ check_db_connect_postgresql() { DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} fi - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then export PGPASSWORD="${DB_SERVER_ZBX_PASS}" fi @@ -374,521 +187,33 @@ check_db_connect_postgresql() { unset PGOPTIONS } - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi +prepare_web_server() { + APACHE_SITES_DIR="/etc/apache2/sites-enabled" echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTP virtual host" fi - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - echo "** Adding Zabbix virtual host (HTTPS)" if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi else echo "**** Impossible to enable HTTPS virtual host" fi else echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { - NGINX_CONFD_DIR="/etc/nginx/conf.d" - NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" - - echo "** Disable default vhosts" - rm -f $NGINX_CONFD_DIR/*.conf - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "$NGINX_SSL_CONFIG/ssl.crt" ] && [ -f "$NGINX_SSL_CONFIG/ssl.key" ] && [ -f "$NGINX_SSL_CONFIG/dhparam.pem" ]; then - echo "** Enable SSL support for Nginx" - if [ -f "$ZABBIX_ETC_DIR/nginx_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/nginx_ssl.conf" "$NGINX_CONFD_DIR" - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." - fi - - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi } clear_deploy() { - local type=$1 echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases } -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" @@ -896,43 +221,14 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi + PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} @@ -953,228 +249,47 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ + -e "s/{ZBX_DB_ENCRYPTION}/${ZBX_DB_ENCRYPTION:-"false"}/g" \ + -e "s/{ZBX_DB_KEY_FILE}/${ZBX_DB_KEY_FILE}/g" \ + -e "s/{ZBX_DB_CERT_FILE}/${ZBX_DB_CERT_FILE}/g" \ + -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ + -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ + -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" } -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Apache) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi -elif [ -f "/usr/bin/supervisord" ]; then - echo "** Executing supervisord" - exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf +elif [ -f "/usr/sbin/httpd" ]; then + echo "** Executing HTTPD" + exec /usr/sbin/httpd -D FOREGROUND else echo "Unknown instructions. Exiting..." exit 1 diff --git a/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf index 1d636bad7..844ff0f07 100644 --- a/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf @@ -1,5 +1,5 @@ server { - listen 443 ssl http2; + listen 8443 ssl http2; server_name zabbix; server_name_in_redirect off; diff --git a/web-nginx-mysql/centos/docker-entrypoint.sh b/web-nginx-mysql/centos/docker-entrypoint.sh index 4bdf1b7af..28f7b123f 100755 --- a/web-nginx-mysql/centos/docker-entrypoint.sh +++ b/web-nginx-mysql/centos/docker-entrypoint.sh @@ -229,8 +229,6 @@ prepare_web_server() { else echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." fi - - ln -sf /dev/fd/2 /var/log/nginx/error.log } clear_deploy() { diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index ea2741d56..32a18091a 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -1,42 +1,31 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF +LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=frontend ZBX_DB_TYPE=mysql ZBX_OPT_TYPE=nginx - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Nginx web server with MySQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" - STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales gnupg2 ca-certificates && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ + mkdir -p /var/lib/php/session && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + gpg \ + dirmngr \ + gpg-agent \ + ca-certificates && \ NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ found=''; \ for server in \ @@ -51,11 +40,12 @@ RUN set -eux && \ test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ curl \ mysql-client \ nginx \ + locales \ php7.2-bcmath \ php7.2-fpm \ php7.2-gd \ @@ -66,28 +56,28 @@ RUN set -eux && \ php7.2-xml \ supervisor && \ rm -f /etc/nginx/conf.d/*.conf && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ - wget && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ - mkdir -p /var/lib/php7 && \ - chown --quiet -R www-data:www-data /var/lib/php7 && \ - rm -rf /var/cache/nginx/* && \ + rm -rf /var/cache/nginx/ && \ + rm -f /etc/php/7.2/fpm/pool.d/www.conf && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE} --link mysql-server:mysql --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ gettext \ git && \ cd /usr/share/ && \ @@ -99,6 +89,8 @@ RUN set -eux && \ rm -f conf/zabbix.conf.php && \ rm -rf tests && \ ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ./locale/make_mo.sh && \ mkdir -p /var/lib/locales/supported.d/ && \ rm -f /var/lib/locales/supported.d/local && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ @@ -107,26 +99,30 @@ RUN set -eux && \ dpkg-reconfigure locales && \ find /usr/share/zabbix/locale -name '*.po' | xargs rm -f && \ find /usr/share/zabbix/locale -name '*.sh' | xargs rm -f && \ - chown --quiet -R www-data:www-data /usr/share/zabbix && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chgrp -R 0 /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chmod -R g=u /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chown --quiet -R zabbix:root /var/lib/php/session/ && \ + chgrp -R 0 /var/lib/php/session/ && \ + chmod -R g=u /var/lib/php/session/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ git && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -EXPOSE 80/TCP 443/TCP +EXPOSE 8080/TCP 8443/TCP WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/nginx"] -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini", "/etc/php/7.2/fpm/conf.d/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf b/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf index fe6ad67e0..3bed3cf89 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/nginx/nginx.conf @@ -1,10 +1,10 @@ -user www-data; +#user nginx; worker_processes 5; -#worker_rlimit_nofile 256000; +worker_rlimit_nofile 256000; -error_log /dev/fd/2 warn; +error_log /dev/fd/2 error; -pid /var/run/nginx.pid; +pid /tmp/nginx.pid; events { worker_connections 5120; @@ -21,6 +21,13 @@ http { '"$http_user_agent" "$http_x_forwarded_for"'; access_log /dev/fd/1 main; + error_log /dev/fd/2 error; + + client_body_temp_path /tmp/client_body 1 2; + proxy_temp_path /tmp/proxy 1 2; + fastcgi_temp_path /tmp/fastcgi 1 2; + uwsgi_temp_path /tmp/uwsgi 1 2; + scgi_temp_path /tmp/scgi 1 2; client_body_timeout 5m; send_timeout 5m; diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini deleted file mode 100644 index 91c0953a3..000000000 --- a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -always_populate_raw_post_date=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -session.save_path=/var/lib/php7 diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf new file mode 100644 index 000000000..b1acf9ebd --- /dev/null +++ b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf @@ -0,0 +1,9 @@ +include=/etc/php/7.2/fpm/pool.d/*.conf + +[global] + +pid = /tmp/php-fpm.pid + +error_log = /dev/fd/2 + +daemonize = no diff --git a/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf new file mode 100644 index 000000000..a4926f4ae --- /dev/null +++ b/web-nginx-mysql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf @@ -0,0 +1,25 @@ +[zabbix] + +listen = /tmp/php-fpm.sock + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 + +slowlog = /dev/fd/1 + +php_admin_value[error_log] = /dev/fd/2 +php_admin_flag[log_errors] = on + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/session + +php_value[max_execution_time]= 300 +php_value[memory_limit]= 128M +php_value[post_max_size]= 16M +php_value[upload_max_filesize]= 2M +php_value[max_input_time]= 300 +php_value[max_input_vars]= 10000 +; php_value[date.timezone]= Europe/Riga diff --git a/web-nginx-mysql/ubuntu/conf/etc/supervisor/supervisord.conf b/web-nginx-mysql/ubuntu/conf/etc/supervisor/supervisord.conf index 925bb1838..f8d80e461 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/supervisor/supervisord.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/supervisor/supervisord.conf @@ -1,17 +1,17 @@ ; supervisor config file [unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) +file = /tmp/supervisor.sock ; (the path to the socket file) chmod = 0700 ; sockef file mode (default 0700) username = zbx password = password [supervisord] logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +pidfile = /tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) critical = critical -user = root +;user = zabbix logfile_maxbytes = 0 logfile_backupcount = 0 loglevel = info @@ -23,7 +23,7 @@ loglevel = info supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket +serverurl = unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf index e1331f0bf..62c9be112 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf @@ -1,5 +1,5 @@ server { - listen 80; + listen 8080; server_name zabbix; index index.php; @@ -51,7 +51,7 @@ server { } location ~ .php$ { - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; + fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; diff --git a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf index 2d68009ab..844ff0f07 100644 --- a/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf @@ -1,5 +1,5 @@ server { - listen 443 ssl http2; + listen 8443 ssl http2; server_name zabbix; server_name_in_redirect off; @@ -75,7 +75,7 @@ server { } location ~ .php$ { - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; + fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index 268921f46..1f45196f9 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,16 +9,6 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} @@ -72,90 +62,8 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - prepare_system() { - local type=$1 - local web_server=$2 - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} } escape_spec_char() { @@ -202,13 +110,9 @@ update_config_var() { return fi - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value + # Escaping characters in parameter value and name var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" @@ -240,20 +144,14 @@ update_config_multiple_var() { } # Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} +check_variables() { + : ${DB_SERVER_HOST:="mysql-server"} + : ${DB_SERVER_PORT:="3306"} USE_DB_ROOT_USER=false CREATE_ZBX_DB_USER=false file_env MYSQL_USER file_env MYSQL_PASSWORD - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" exit 1 @@ -273,45 +171,15 @@ check_variables_mysql() { [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} + : ${DB_SERVER_ROOT_USER:=${MYSQL_USER}}.... [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi + DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} } -# Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - - file_env POSTGRES_USER - file_env POSTGRES_PASSWORD - - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} - - DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} - DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} - - DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi -} - -check_db_connect_mysql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" @@ -336,307 +204,9 @@ check_db_connect_mysql() { done } -check_db_connect_postgresql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${DEBUG_MODE}" == "true" ]; then - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - fi - echo "********************" - - if [ "${USE_DB_ROOT_USER}" != "true" ]; then - DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} - DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} - fi - - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - WAIT_TIMEOUT=5 - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - while [ ! "$(psql -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} -U ${DB_SERVER_ROOT_USER} -d ${DB_SERVER_DBNAME} -l -q 2>/dev/null)" ]; do - echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done - - unset PGPASSWORD - unset PGOPTIONS -} - - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { +prepare_web_server() { NGINX_CONFD_DIR="/etc/nginx/conf.d" NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then @@ -656,240 +226,14 @@ prepare_web_server_nginx() { echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." fi - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi + ln -sf /dev/fd/2 /var/log/nginx/error.log } clear_deploy() { - local type=$1 echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases } -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" @@ -897,43 +241,14 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi + PHP_CONFIG_FILE="/etc/php/7.2/fpm/pool.d/zabbix.conf" - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[memory_limit]" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[post_max_size]" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[upload_max_filesize]" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[max_input_time]" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[date.timezone]" "${PHP_TZ}" ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} @@ -954,225 +269,44 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ + -e "s/{ZBX_DB_ENCRYPTION}/${ZBX_DB_ENCRYPTION:-"false"}/g" \ + -e "s/{ZBX_DB_KEY_FILE}/${ZBX_DB_KEY_FILE}/g" \ + -e "s/{ZBX_DB_CERT_FILE}/${ZBX_DB_CERT_FILE}/g" \ + -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ + -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ + -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" } -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Nginx) with MySQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi elif [ -f "/usr/bin/supervisord" ]; then echo "** Executing supervisord" exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf diff --git a/web-nginx-pgsql/centos/docker-entrypoint.sh b/web-nginx-pgsql/centos/docker-entrypoint.sh index 138dea5a9..332ba0e78 100755 --- a/web-nginx-pgsql/centos/docker-entrypoint.sh +++ b/web-nginx-pgsql/centos/docker-entrypoint.sh @@ -241,12 +241,6 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi - - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf" update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}" diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 7da3443eb..c8c9db5ea 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -1,42 +1,31 @@ FROM ubuntu:bionic -LABEL maintainer="Alexey Pustovalov " -ARG BUILD_DATE -ARG VCS_REF - -ARG APT_FLAGS_COMMON="-y" -ARG APT_FLAGS_PERSISTENT="${APT_FLAGS_COMMON} --no-install-recommends" -ARG APT_FLAGS_DEV="${APT_FLAGS_COMMON} --no-install-recommends" -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 TERM=xterm \ - ZBX_TYPE=frontend ZBX_DB_TYPE=postgresql ZBX_OPT_TYPE=nginx - -LABEL org.label-schema.name="zabbix-web-${ZBX_OPT_TYPE}-${ZBX_DB_TYPE}-ubuntu" \ - org.label-schema.vendor="Zabbix LLC" \ - org.label-schema.url="https://zabbix.com/" \ - org.label-schema.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ - org.label-schema.vcs-ref="${VCS_REF}" \ - org.label-schema.build-date="${BUILD_DATE}" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.license="GPL v2.0" +LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" \ + org.opencontainers.image.authors="Alexey Pustovalov " \ + org.opencontainers.image.vendor="Zabbix LLC" \ + org.opencontainers.image.url="https://zabbix.com/" \ + org.opencontainers.image.description="Zabbix web-interface based on Nginx web server with PostgreSQL database support" \ + org.opencontainers.image.licenses="GPL v2.0" STOPSIGNAL SIGTERM RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install locales gnupg2 ca-certificates && \ - locale-gen $LC_ALL && \ - echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --quiet zabbix && \ + addgroup --system --gid 1995 --quiet zabbix && \ adduser --quiet \ --system --disabled-login \ - --ingroup zabbix \ + --ingroup zabbix --ingroup root \ + --uid 1997 \ --home /var/lib/zabbix/ \ - --no-create-home \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ - chown --quiet -R zabbix:root /etc/zabbix && \ - apt-get ${APT_FLAGS_COMMON} update && \ + mkdir -p /var/lib/php/session && \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ + gpg \ + dirmngr \ + gpg-agent \ + ca-certificates && \ NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ found=''; \ for server in \ @@ -51,10 +40,11 @@ RUN set -eux && \ test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ curl \ nginx \ + locales \ php7.2-bcmath \ php7.2-fpm \ php7.2-gd \ @@ -66,28 +56,28 @@ RUN set -eux && \ postgresql-client \ supervisor && \ rm -f /etc/nginx/conf.d/*.conf && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ - wget && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ - mkdir -p /var/lib/php7 && \ - chown --quiet -R www-data:www-data /var/lib/php7 && \ - rm -rf /var/cache/nginx/* && \ + rm -rf /var/cache/nginx/ && \ + rm -f /etc/php/7.2/fpm/pool.d/www.conf && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge curl gpg dirmngr gpg-agent && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* ARG MAJOR_VERSION=5.0 ARG ZBX_VERSION=${MAJOR_VERSION} ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git -ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} -LABEL org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ - org.label-schema.version="${ZBX_VERSION}" \ - org.label-schema.vcs-url="${ZBX_SOURCES}" \ - org.label-schema.docker.cmd="docker run --name zabbix-web-${ZBX_OPT_TYPE}-pgsql --link postgres-server:postgres --link zabbix-server:zabbix-server -p 80:80 -d zabbix-web-${ZBX_OPT_TYPE}-pgsql:ubuntu-${ZBX_VERSION}" +ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} + +LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.opencontainers.image.version="${ZBX_VERSION}" \ + org.opencontainers.image.source="${ZBX_SOURCES}" + +COPY ["conf/etc/", "/etc/"] RUN set -eux && \ - apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_DEV} install \ + apt-get -y update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ gettext \ git && \ cd /usr/share/ && \ @@ -99,6 +89,8 @@ RUN set -eux && \ rm -f conf/zabbix.conf.php && \ rm -rf tests && \ ./locale/make_mo.sh && \ + ln -s "/etc/zabbix/web/zabbix.conf.php" "/usr/share/zabbix/conf/zabbix.conf.php" && \ + ./locale/make_mo.sh && \ mkdir -p /var/lib/locales/supported.d/ && \ rm -f /var/lib/locales/supported.d/local && \ cat /usr/share/zabbix/include/locales.inc.php | grep display | grep true | awk '{$1=$1};1' | \ @@ -107,26 +99,30 @@ RUN set -eux && \ dpkg-reconfigure locales && \ find /usr/share/zabbix/locale -name '*.po' | xargs rm -f && \ find /usr/share/zabbix/locale -name '*.sh' | xargs rm -f && \ - chown --quiet -R www-data:www-data /usr/share/zabbix && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} purge \ + chown --quiet -R zabbix:root /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chgrp -R 0 /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chmod -R g=u /etc/zabbix/ /usr/share/zabbix/conf/ && \ + chown --quiet -R zabbix:root /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chgrp -R 0 /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chmod -R g=u /etc/nginx/ /etc/php/7.2/fpm/php-fpm.conf /etc/php/7.2/fpm/pool.d/ && \ + chown --quiet -R zabbix:root /var/lib/php/session/ && \ + chgrp -R 0 /var/lib/php/session/ && \ + chmod -R g=u /var/lib/php/session/ && \ + DEBIAN_FRONTEND=noninteractive apt-get -y purge \ gettext \ git && \ - apt-get ${APT_FLAGS_COMMON} autoremove && \ - apt-get ${APT_FLAGS_COMMON} clean && \ + apt-get -y autoremove && \ + apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -EXPOSE 80/TCP 443/TCP +EXPOSE 8080/TCP 8443/TCP WORKDIR /usr/share/zabbix VOLUME ["/etc/ssl/nginx"] -COPY ["conf/etc/supervisor/", "/etc/supervisor/"] -COPY ["conf/etc/zabbix/nginx.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/nginx_ssl.conf", "/etc/zabbix/"] -COPY ["conf/etc/zabbix/web/zabbix.conf.php", "/etc/zabbix/web/"] -COPY ["conf/etc/nginx/nginx.conf", "/etc/nginx/"] -COPY ["conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini", "/etc/php/7.2/fpm/conf.d/"] COPY ["docker-entrypoint.sh", "/usr/bin/"] +USER 1997 + ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf b/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf index fe6ad67e0..3bed3cf89 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/nginx/nginx.conf @@ -1,10 +1,10 @@ -user www-data; +#user nginx; worker_processes 5; -#worker_rlimit_nofile 256000; +worker_rlimit_nofile 256000; -error_log /dev/fd/2 warn; +error_log /dev/fd/2 error; -pid /var/run/nginx.pid; +pid /tmp/nginx.pid; events { worker_connections 5120; @@ -21,6 +21,13 @@ http { '"$http_user_agent" "$http_x_forwarded_for"'; access_log /dev/fd/1 main; + error_log /dev/fd/2 error; + + client_body_temp_path /tmp/client_body 1 2; + proxy_temp_path /tmp/proxy 1 2; + fastcgi_temp_path /tmp/fastcgi 1 2; + uwsgi_temp_path /tmp/uwsgi 1 2; + scgi_temp_path /tmp/scgi 1 2; client_body_timeout 5m; send_timeout 5m; diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini deleted file mode 100644 index 91c0953a3..000000000 --- a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/conf.d/99-zabbix.ini +++ /dev/null @@ -1,9 +0,0 @@ -max_execution_time=300 -memory_limit=128M -post_max_size=16M -upload_max_filesize=2M -max_input_time=300 -always_populate_raw_post_date=-1 -max_input_vars=10000 -; date.timezone=Europe/Riga -session.save_path=/var/lib/php7 diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf new file mode 100644 index 000000000..b1acf9ebd --- /dev/null +++ b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/php-fpm.conf @@ -0,0 +1,9 @@ +include=/etc/php/7.2/fpm/pool.d/*.conf + +[global] + +pid = /tmp/php-fpm.pid + +error_log = /dev/fd/2 + +daemonize = no diff --git a/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf new file mode 100644 index 000000000..a4926f4ae --- /dev/null +++ b/web-nginx-pgsql/ubuntu/conf/etc/php/7.2/fpm/pool.d/zabbix.conf @@ -0,0 +1,25 @@ +[zabbix] + +listen = /tmp/php-fpm.sock + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 5 +pm.max_spare_servers = 35 + +slowlog = /dev/fd/1 + +php_admin_value[error_log] = /dev/fd/2 +php_admin_flag[log_errors] = on + +php_value[session.save_handler] = files +php_value[session.save_path] = /var/lib/php/session + +php_value[max_execution_time]= 300 +php_value[memory_limit]= 128M +php_value[post_max_size]= 16M +php_value[upload_max_filesize]= 2M +php_value[max_input_time]= 300 +php_value[max_input_vars]= 10000 +; php_value[date.timezone]= Europe/Riga diff --git a/web-nginx-pgsql/ubuntu/conf/etc/supervisor/supervisord.conf b/web-nginx-pgsql/ubuntu/conf/etc/supervisor/supervisord.conf index 925bb1838..f8d80e461 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/supervisor/supervisord.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/supervisor/supervisord.conf @@ -1,17 +1,17 @@ ; supervisor config file [unix_http_server] -file = /var/run/supervisor.sock ; (the path to the socket file) +file = /tmp/supervisor.sock ; (the path to the socket file) chmod = 0700 ; sockef file mode (default 0700) username = zbx password = password [supervisord] logfile = /dev/stdout ; (main log file;default $CWD/supervisord.log) -pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +pidfile = /tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) childlogdir = /tmp ; ('AUTO' child log dir, default $TEMP) critical = critical -user = root +;user = zabbix logfile_maxbytes = 0 logfile_backupcount = 0 loglevel = info @@ -23,7 +23,7 @@ loglevel = info supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] -serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket +serverurl = unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf index e1331f0bf..62c9be112 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf @@ -1,5 +1,5 @@ server { - listen 80; + listen 8080; server_name zabbix; index index.php; @@ -51,7 +51,7 @@ server { } location ~ .php$ { - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; + fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; diff --git a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf index 2d68009ab..844ff0f07 100644 --- a/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ b/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf @@ -1,5 +1,5 @@ server { - listen 443 ssl http2; + listen 8443 ssl http2; server_name zabbix; server_name_in_redirect off; @@ -75,7 +75,7 @@ server { } location ~ .php$ { - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; + fastcgi_pass unix:/tmp/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name; diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index a88256a9d..7d28224bc 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -eo pipefail +set -o pipefail set +e @@ -9,16 +9,6 @@ if [ "${DEBUG_MODE}" == "true" ]; then set -o xtrace fi -# Type of Zabbix component -# Possible values: [server, proxy, agent, frontend, java-gateway, appliance] -zbx_type=${ZBX_TYPE} -# Type of Zabbix database -# Possible values: [mysql, postgresql] -zbx_db_type=${ZBX_DB_TYPE} -# Type of web-server. Valid only with zbx_type = frontend -# Possible values: [apache, nginx] -zbx_opt_type=${ZBX_OPT_TYPE} - # Default Zabbix installation name # Used only by Zabbix web-interface ZBX_SERVER_NAME=${ZBX_SERVER_NAME:-"Zabbix docker"} @@ -72,90 +62,8 @@ file_env() { unset "$fileVar" } -configure_db_mysql() { - [ "${DB_SERVER_HOST}" != "localhost" ] && return - - echo "** Configuring local MySQL server" - - MYSQL_ALLOW_EMPTY_PASSWORD=true - MYSQL_DATA_DIR="/var/lib/mysql" - - if [ -f "/etc/mysql/my.cnf" ]; then - MYSQL_CONF_FILE="/etc/mysql/my.cnf" - elif [ -f "/etc/my.cnf.d/server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/server.cnf" - DB_SERVER_SOCKET="/var/lib/mysql/mysql.sock" - elif [ -f "/etc/my.cnf.d/mariadb-server.cnf" ]; then - MYSQL_CONF_FILE="/etc/my.cnf.d/mariadb-server.cnf" - DB_SERVER_SOCKET="/var/run/mysqld/mysqld.sock" - else - echo "**** Could not found MySQL configuration file" - exit 1 - fi - - if [ -f "/usr/bin/mysqld" ]; then - MYSQLD=/usr/bin/mysqld - elif [ -f "/usr/sbin/mysqld" ]; then - MYSQLD=/usr/sbin/mysqld - elif [ -f "/usr/libexec/mysqld" ]; then - MYSQLD=/usr/libexec/mysqld - else - echo "**** Could not found mysqld binary file" - exit 1 - fi - - sed -Ei 's/^(bind-address|log)/#&/' "$MYSQL_CONF_FILE" - - if [ ! -d "$MYSQL_DATA_DIR/mysql" ]; then - [ -d "$MYSQL_DATA_DIR" ] || mkdir -p "$MYSQL_DATA_DIR" - - chown -R mysql:mysql "$MYSQL_DATA_DIR" - - echo "** Installing initial MySQL database schemas" - mysql_install_db --user=mysql --datadir="$MYSQL_DATA_DIR" 2>&1 - else - echo "**** MySQL data directory is not empty. Using already existing installation." - chown -R mysql:mysql "$MYSQL_DATA_DIR" - fi - - mkdir -p /var/run/mysqld - ln -s /var/run/mysqld /run/mysqld - chown -R mysql:mysql /var/run/mysqld - chown -R mysql:mysql /run/mysqld - - echo "** Starting MySQL server in background mode" - - nohup $MYSQLD --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin \ - --user=mysql --log-output=none --pid-file=/var/lib/mysql/mysqld.pid \ - --port=3306 --character-set-server=utf8 --collation-server=utf8_bin & -} - prepare_system() { - local type=$1 - local web_server=$2 - echo "** Preparing the system" - - if [ "$type" != "appliance" ]; then - return - fi - - ZBX_ADD_AGENT=${ZBX_ADD_AGENT:-"false"} - ZBX_ADD_JAVA_GATEWAY=${ZBX_ADD_JAVA_GATEWAY:-"false"} - ZBX_ADD_SERVER=${ZBX_ADD_SERVER:-"true"} - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_HOST="localhost" - [ "${ZBX_ADD_SERVER}" == "true" ] && ZBX_SERVER_PORT="10051" - ZBX_MAIN_DB=${ZBX_MAIN_DB:-"mysql"} - ZBX_ADD_PROXY=${ZBX_ADD_PROXY:-"false"} - ZBX_PROXY_DB=${ZBX_PROXY_DB:-"sqlite3"} - ZBX_ADD_WEB=${ZBX_ADD_WEB:-"true"} - ZBX_WEB_SERVER=${ZBX_WEB_SERVER:-"nginx"} - DB_SERVER_HOST=${DB_SERVER_HOST:-"localhost"} - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY_ENABLE="true" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAY="localhost" - [ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && ZBX_JAVAGATEWAYPORT="10052" - - [ "${ZBX_ADD_SERVER}" == "true" ] && configure_db_${ZBX_MAIN_DB} } escape_spec_char() { @@ -202,13 +110,9 @@ update_config_var() { return fi - # Use full path to a file for TLS related configuration parameters - if [[ $var_name =~ ^TLS.*File$ ]]; then - var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value - fi - - # Escaping characters in parameter value + # Escaping characters in parameter value and name var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" @@ -239,62 +143,14 @@ update_config_multiple_var() { done } -# Check prerequisites for MySQL database -check_variables_mysql() { - local type=$1 - - DB_SERVER_HOST=${DB_SERVER_HOST:-"mysql-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"3306"} - USE_DB_ROOT_USER=false - CREATE_ZBX_DB_USER=false - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - if [ "$type" != "" ]; then - file_env MYSQL_ROOT_PASSWORD - fi - - if [ ! -n "${MYSQL_USER}" ] && [ "${MYSQL_RANDOM_ROOT_PASSWORD}" == "true" ]; then - echo "**** Impossible to use MySQL server because of unknown Zabbix user and random 'root' password" - exit 1 - fi - - if [ ! -n "${MYSQL_USER}" ] && [ ! -n "${MYSQL_ROOT_PASSWORD}" ] && [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" != "true" ]; then - echo "*** Impossible to use MySQL server because 'root' password is not defined and it is not empty" - exit 1 - fi - - if [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || [ -n "${MYSQL_ROOT_PASSWORD}" ]; then - USE_DB_ROOT_USER=true - DB_SERVER_ROOT_USER="root" - DB_SERVER_ROOT_PASS=${MYSQL_ROOT_PASSWORD:-""} - fi - - [ -n "${MYSQL_USER}" ] && CREATE_ZBX_DB_USER=true - - # If root password is not specified use provided credentials - DB_SERVER_ROOT_USER=${DB_SERVER_ROOT_USER:-${MYSQL_USER}} - [ "${MYSQL_ALLOW_EMPTY_PASSWORD}" == "true" ] || DB_SERVER_ROOT_PASS=${DB_SERVER_ROOT_PASS:-${MYSQL_PASSWORD}} - DB_SERVER_ZBX_USER=${MYSQL_USER:-"zabbix"} - DB_SERVER_ZBX_PASS=${MYSQL_PASSWORD:-"zabbix"} - - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${MYSQL_DATABASE:-"zabbix"} - fi -} - # Check prerequisites for PostgreSQL database -check_variables_postgresql() { - local type=$1 - +check_variables() { file_env POSTGRES_USER file_env POSTGRES_PASSWORD - DB_SERVER_HOST=${DB_SERVER_HOST:-"postgres-server"} - DB_SERVER_PORT=${DB_SERVER_PORT:-"5432"} - CREATE_ZBX_DB_USER=${CREATE_ZBX_DB_USER:-"false"} + : ${DB_SERVER_HOST:="postgres-server"} + : ${DB_SERVER_PORT:="5432"} + : ${CREATE_ZBX_DB_USER:="false"} DB_SERVER_ROOT_USER=${POSTGRES_USER:-"postgres"} DB_SERVER_ROOT_PASS=${POSTGRES_PASSWORD:-""} @@ -302,53 +158,31 @@ check_variables_postgresql() { DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"} DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"} - DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA:-"public"} + : ${DB_SERVER_SCHEMA:="public"} - if [ "$type" == "proxy" ]; then - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix_proxy"} - else - DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} - fi + DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"} } -check_db_connect_mysql() { - echo "********************" - echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" - echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" - echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" - - WAIT_TIMEOUT=5 - - while [ ! "$(mysqladmin ping -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} -u ${DB_SERVER_ROOT_USER} \ - --password="${DB_SERVER_ROOT_PASS}" --silent --connect_timeout=10)" ]; do - echo "**** MySQL server is not available. Waiting $WAIT_TIMEOUT seconds..." - sleep $WAIT_TIMEOUT - done -} - -check_db_connect_postgresql() { +check_db_connect() { echo "********************" echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}" echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}" echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}" echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}" - if [ "${USE_DB_ROOT_USER}" == "true" ]; then - echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" - echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" - else + if [ "${DEBUG_MODE}" == "true" ]; then + if [ "${USE_DB_ROOT_USER}" == "true" ]; then + echo "* DB_SERVER_ROOT_USER: ${DB_SERVER_ROOT_USER}" + echo "* DB_SERVER_ROOT_PASS: ${DB_SERVER_ROOT_PASS}" + fi + echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" + echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" + fi + echo "********************" + + if [ "${USE_DB_ROOT_USER}" != "true" ]; then DB_SERVER_ROOT_USER=${DB_SERVER_ZBX_USER} DB_SERVER_ROOT_PASS=${DB_SERVER_ZBX_PASS} fi - echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}" - echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}" - echo "********************" if [ -n "${DB_SERVER_ZBX_PASS}" ]; then export PGPASSWORD="${DB_SERVER_ZBX_PASS}" @@ -370,265 +204,9 @@ check_db_connect_postgresql() { unset PGOPTIONS } - -mysql_query() { - query=$1 - local result="" - - result=$(mysql --silent --skip-column-names -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" -e "$query") - - echo $result -} - -psql_query() { - query=$1 - db=$2 - - local result="" - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - result=$(psql -A -q -t -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ROOT_USER} -c "$query" $db 2>/dev/null); - - unset PGPASSWORD - unset PGOPTIONS - - echo $result -} - -create_db_user_mysql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in MySQL database" - - USER_EXISTS=$(mysql_query "SELECT 1 FROM mysql.user WHERE user = '${DB_SERVER_ZBX_USER}' AND host = '%'") - - if [ -z "$USER_EXISTS" ]; then - mysql_query "CREATE USER '${DB_SERVER_ZBX_USER}'@'%' IDENTIFIED BY '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - mysql_query "ALTER USER ${DB_SERVER_ZBX_USER} IDENTIFIED BY '${DB_SERVER_ZBX_PASS}';" 1>/dev/null - fi - - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null -} - -create_db_user_postgresql() { - [ "${CREATE_ZBX_DB_USER}" == "true" ] || return - - echo "** Creating '${DB_SERVER_ZBX_USER}' user in PostgreSQL database" - - USER_EXISTS=$(psql_query "SELECT 1 FROM pg_roles WHERE rolname='${DB_SERVER_ZBX_USER}'") - - if [ -z "$USER_EXISTS" ]; then - psql_query "CREATE USER ${DB_SERVER_ZBX_USER} WITH PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - else - psql_query "ALTER USER ${DB_SERVER_ZBX_USER} WITH ENCRYPTED PASSWORD '${DB_SERVER_ZBX_PASS}'" 1>/dev/null - fi -} - -create_db_database_mysql() { - DB_EXISTS=$(mysql_query "SELECT SCHEMA_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - mysql_query "CREATE DATABASE ${DB_SERVER_DBNAME} CHARACTER SET utf8 COLLATE utf8_bin" 1>/dev/null - # better solution? - mysql_query "GRANT ALL PRIVILEGES ON $DB_SERVER_DBNAME. * TO '${DB_SERVER_ZBX_USER}'@'%'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database COLLATE!" - fi -} - -create_db_database_postgresql() { - DB_EXISTS=$(psql_query "SELECT 1 AS result FROM pg_database WHERE datname='${DB_SERVER_DBNAME}'") - - if [ -z ${DB_EXISTS} ]; then - echo "** Database '${DB_SERVER_DBNAME}' does not exist. Creating..." - psql_query "CREATE DATABASE ${DB_SERVER_DBNAME} WITH OWNER ${DB_SERVER_ZBX_USER} ENCODING='UTF8' LC_CTYPE='en_US.utf8' LC_COLLATE='en_US.utf8'" 1>/dev/null - else - echo "** Database '${DB_SERVER_DBNAME}' already exists. Please be careful with database owner!" - fi - - psql_query "CREATE SCHEMA IF NOT EXISTS ${DB_SERVER_SCHEMA}" -} - -create_db_schema_mysql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(mysql_query "SELECT 1 FROM information_schema.tables WHERE table_schema='${DB_SERVER_DBNAME}' and table_name = 'dbversion'") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(mysql_query "SELECT mandatory FROM ${DB_SERVER_DBNAME}.dbversion") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in MySQL" - - zcat /usr/share/doc/zabbix-$type-mysql/create.sql.gz | mysql --silent --skip-column-names \ - -h ${DB_SERVER_HOST} -P ${DB_SERVER_PORT} \ - -u ${DB_SERVER_ROOT_USER} --password="${DB_SERVER_ROOT_PASS}" \ - ${DB_SERVER_DBNAME} 1>/dev/null - fi -} - -create_db_schema_postgresql() { - local type=$1 - - DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = - c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}") - - if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then - echo "** Table '${DB_SERVER_DBNAME}.dbversion' already exists." - ZBX_DB_VERSION=$(psql_query "SELECT mandatory FROM ${DB_SERVER_SCHEMA}.dbversion" "${DB_SERVER_DBNAME}") - fi - - if [ -z "${ZBX_DB_VERSION}" ]; then - echo "** Creating '${DB_SERVER_DBNAME}' schema in PostgreSQL" - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - psql_query "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" - fi - - if [ -n "${DB_SERVER_ZBX_PASS}" ]; then - export PGPASSWORD="${DB_SERVER_ZBX_PASS}" - fi - - if [ -n "${DB_SERVER_SCHEMA}" ]; then - PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}" - export PGOPTIONS - fi - - zcat /usr/share/doc/zabbix-$type-postgresql/create.sql.gz | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - - if [ "${ENABLE_TIMESCALEDB}" == "true" ]; then - cat /usr/share/doc/zabbix-$type-postgresql/timescaledb.sql | psql -q \ - -h ${DB_SERVER_HOST} -p ${DB_SERVER_PORT} \ - -U ${DB_SERVER_ZBX_USER} ${DB_SERVER_DBNAME} 1>/dev/null - fi - - unset PGPASSWORD - unset PGOPTIONS - fi -} - -prepare_web_server_apache() { - if [ -d "/etc/apache2/sites-available" ]; then - APACHE_SITES_DIR=/etc/apache2/sites-available - elif [ -d "/etc/apache2/conf.d" ]; then - APACHE_SITES_DIR=/etc/apache2/conf.d - elif [ -d "/etc/httpd/conf.d" ]; then - APACHE_SITES_DIR=/etc/httpd/conf.d - else - echo "**** Apache is not available" - exit 1 - fi - - if [ -f "/usr/sbin/a2dissite" ]; then - echo "** Disable default site" - /usr/sbin/a2dissite 000-default 1>/dev/null - rm -rf "$APACHE_SITES_DIR/*" - elif [ -f "/etc/apache2/conf.d/default.conf" ]; then - echo "** Disable default site" - rm -f "/etc/apache2/conf.d/default.conf" - elif [ -f "/etc/httpd/conf.d/welcome.conf" ]; then - echo "** Disable default site" - rm -f "/etc/httpd/conf.d/welcome.conf" - rm -f "/etc/httpd/conf.d/ssl.conf" - fi - - echo "** Adding Zabbix virtual host (HTTP)" - if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTP virtual host" - fi - - if [ -f "/etc/apache2/conf.d/ssl.conf" ]; then - rm -f "/etc/apache2/conf.d/ssl.conf" - fi - - if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then - echo "** Enable SSL support for Apache2" - if [ -f "/usr/sbin/a2enmod" ]; then - /usr/sbin/a2enmod ssl 1>/dev/null - fi - - echo "** Adding Zabbix virtual host (HTTPS)" - if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then - ln -s "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf" - if [ -f "/usr/sbin/a2dissite" ]; then - /usr/sbin/a2ensite zabbix_ssl.conf 1>/dev/null - fi - else - echo "**** Impossible to enable HTTPS virtual host" - fi - else - echo "**** Impossible to enable SSL support for Apache2. Certificates are missed." - fi - - # Change Apache2 logging to stdout and stderr - if [ -f "/etc/apache2/apache2.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/apache2.conf" - fi - - if [ -f "/etc/httpd/conf/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/httpd/conf/httpd.conf" - fi - - if [ -f "/etc/apache2/httpd.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/httpd.conf" - fi - - if [ -f "/etc/apache2/conf-available/other-vhosts-access-log.conf" ]; then - sed -ri \ - -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \ - -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \ - "/etc/apache2/conf-available/other-vhosts-access-log.conf" - fi - - if [ -f "/etc/apache2/conf.d/mpm.conf" ]; then - sed -ri \ - -e 's!^(\s*PidFile)\s+\S+!\1 "/var/run/httpd.pid"!g' \ - "/etc/apache2/conf.d/mpm.conf" - fi - - if [ -f "/var/run/apache2/apache2.pid" ]; then - rm -f "/var/run/apache2/apache2.pid" - fi - - if [ -f "/var/run/httpd/httpd.pid" ]; then - rm -f "/var/run/httpd/httpd.pid" - fi -} - -prepare_web_server_nginx() { +prepare_web_server() { NGINX_CONFD_DIR="/etc/nginx/conf.d" NGINX_SSL_CONFIG="/etc/ssl/nginx" - PHP_SESSIONS_DIR="/var/lib/php5" echo "** Adding Zabbix virtual host (HTTP)" if [ -f "$ZABBIX_ETC_DIR/nginx.conf" ]; then @@ -648,240 +226,14 @@ prepare_web_server_nginx() { echo "**** Impossible to enable SSL support for Nginx. Certificates are missed." fi - if [ -d "/var/log/nginx/" ]; then - ln -sf /dev/fd/2 /var/log/nginx/error.log - fi - - ln -sf /dev/fd/2 /var/log/php5-fpm.log - ln -sf /dev/fd/2 /var/log/php7.2-fpm.log -} - -stop_databases() { - if ([ "${ZBX_MAIN_DB}" == "mysql" ] || [ "${ZBX_PROXY_DB}" == "mysql" ]) && [ "${DB_SERVER_HOST}" == "localhost" ]; then - mysql_query "DELETE FROM mysql.user WHERE host = 'localhost' AND user != 'root'" 1>/dev/null - - if [ -f "/var/lib/mysql/mysqld.pid" ]; then - kill -TERM $(cat /var/lib/mysql/mysqld.pid) - elif [ -f "/var/run/mysqld/mysqld.pid" ]; then - kill -TERM $(cat /var/run/mysqld/mysqld.pid) - fi - fi - - if [ "${ZBX_MAIN_DB}" == "postgresql" ] && [ "${DB_SERVER_HOST}" == "localhost" ]; then - if [ "${OS_CODENAME}" == "alpine" ]; then - PGDATA=/var/lib/postgresql - BINDIR=/usr/bin - else - PGDATA=/var/lib/postgresql/9.3/main - BINDIR=/usr/lib/postgresql/9.3/bin - fi - su -c "$BINDIR/pg_ctl -D \"$PGDATA\" -m fast -w stop --silent" postgres 1>/dev/null 2>/dev/null - fi + ln -sf /dev/fd/2 /var/log/nginx/error.log } clear_deploy() { - local type=$1 echo "** Cleaning the system" - - [ "$type" != "appliance" ] && return - - stop_databases } -update_zbx_config() { - local type=$1 - local db_type=$2 - - echo "** Preparing Zabbix $type configuration file" - - ZBX_CONFIG=$ZABBIX_ETC_DIR/zabbix_$type.conf - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyMode" "${ZBX_PROXYMODE}" - update_config_var $ZBX_CONFIG "Server" "${ZBX_SERVER_HOST}" - update_config_var $ZBX_CONFIG "ServerPort" "${ZBX_SERVER_PORT}" - if [ -z "${ZBX_HOSTNAME}" ] && [ -n "${ZBX_HOSTNAMEITEM}" ]; then - update_config_var $ZBX_CONFIG "Hostname" "" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - else - update_config_var $ZBX_CONFIG "Hostname" "${ZBX_HOSTNAME:-"zabbix-proxy-"$db_type}" - update_config_var $ZBX_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - fi - fi - - if [ $type == "proxy" ] && [ "${ZBX_ADD_SERVER}" = "true" ]; then - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_PROXY_LISTENPORT:-"10061"}" - else - update_config_var $ZBX_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - fi - - update_config_var $ZBX_CONFIG "SourceIP" "${ZBX_SOURCEIP}" - update_config_var $ZBX_CONFIG "LogType" "console" - update_config_var $ZBX_CONFIG "LogFile" - update_config_var $ZBX_CONFIG "LogFileSize" - update_config_var $ZBX_CONFIG "PidFile" - - update_config_var $ZBX_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - - if [ $type == "proxy" ]; then - update_config_var $ZBX_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - fi - - if [ "$db_type" == "sqlite3" ]; then - update_config_var $ZBX_CONFIG "DBHost" - update_config_var $ZBX_CONFIG "DBName" "/var/lib/zabbix/zabbix_proxy_db" - update_config_var $ZBX_CONFIG "DBUser" - update_config_var $ZBX_CONFIG "DBPort" - update_config_var $ZBX_CONFIG "DBPassword" - else - update_config_var $ZBX_CONFIG "DBHost" "${DB_SERVER_HOST}" - update_config_var $ZBX_CONFIG "DBName" "${DB_SERVER_DBNAME}" - update_config_var $ZBX_CONFIG "DBSchema" "${DB_SERVER_SCHEMA}" - update_config_var $ZBX_CONFIG "DBUser" "${DB_SERVER_ZBX_USER}" - update_config_var $ZBX_CONFIG "DBPort" "${DB_SERVER_PORT}" - update_config_var $ZBX_CONFIG "DBPassword" "${DB_SERVER_ZBX_PASS}" - fi - - if [ $type == "server" ]; then - update_config_var $ZBX_CONFIG "HistoryStorageURL" "${ZBX_HISTORYSTORAGEURL}" - update_config_var $ZBX_CONFIG "HistoryStorageTypes" "${ZBX_HISTORYSTORAGETYPES}" - fi - - update_config_var $ZBX_CONFIG "DBSocket" "${DB_SERVER_SOCKET}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "ProxyLocalBuffer" "${ZBX_PROXYLOCALBUFFER}" - update_config_var $ZBX_CONFIG "ProxyOfflineBuffer" "${ZBX_PROXYOFFLINEBUFFER}" - update_config_var $ZBX_CONFIG "HeartbeatFrequency" "${ZBX_PROXYHEARTBEATFREQUENCY}" - update_config_var $ZBX_CONFIG "ConfigFrequency" "${ZBX_CONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "DataSenderFrequency" "${ZBX_DATASENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StatsAllowedIP" "${ZBX_STATSALLOWEDIP}" - - update_config_var $ZBX_CONFIG "StartPollers" "${ZBX_STARTPOLLERS}" - update_config_var $ZBX_CONFIG "StartIPMIPollers" "${ZBX_IPMIPOLLERS}" - update_config_var $ZBX_CONFIG "StartPollersUnreachable" "${ZBX_STARTPOLLERSUNREACHABLE}" - update_config_var $ZBX_CONFIG "StartTrappers" "${ZBX_STARTTRAPPERS}" - update_config_var $ZBX_CONFIG "StartPingers" "${ZBX_STARTPINGERS}" - update_config_var $ZBX_CONFIG "StartDiscoverers" "${ZBX_STARTDISCOVERERS}" - update_config_var $ZBX_CONFIG "StartHTTPPollers" "${ZBX_STARTHTTPPOLLERS}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartPreprocessors" "${ZBX_STARTPREPROCESSORS}" - update_config_var $ZBX_CONFIG "StartTimers" "${ZBX_STARTTIMERS}" - update_config_var $ZBX_CONFIG "StartEscalators" "${ZBX_STARTESCALATORS}" - update_config_var $ZBX_CONFIG "StartAlerters" "${ZBX_STARTALERTERS}" - fi - - ZBX_JAVAGATEWAY_ENABLE=${ZBX_JAVAGATEWAY_ENABLE:-"false"} - if [ "${ZBX_JAVAGATEWAY_ENABLE}" == "true" ]; then - update_config_var $ZBX_CONFIG "JavaGateway" "${ZBX_JAVAGATEWAY:-"zabbix-java-gateway"}" - update_config_var $ZBX_CONFIG "JavaGatewayPort" "${ZBX_JAVAGATEWAYPORT}" - update_config_var $ZBX_CONFIG "StartJavaPollers" "${ZBX_STARTJAVAPOLLERS:-"5"}" - else - update_config_var $ZBX_CONFIG "JavaGateway" - update_config_var $ZBX_CONFIG "JavaGatewayPort" - update_config_var $ZBX_CONFIG "StartJavaPollers" - fi - - update_config_var $ZBX_CONFIG "StartVMwareCollectors" "${ZBX_STARTVMWARECOLLECTORS}" - update_config_var $ZBX_CONFIG "VMwareFrequency" "${ZBX_VMWAREFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwarePerfFrequency" "${ZBX_VMWAREPERFFREQUENCY}" - update_config_var $ZBX_CONFIG "VMwareCacheSize" "${ZBX_VMWARECACHESIZE}" - update_config_var $ZBX_CONFIG "VMwareTimeout" "${ZBX_VMWARETIMEOUT}" - - ZBX_ENABLE_SNMP_TRAPS=${ZBX_ENABLE_SNMP_TRAPS:-"false"} - if [ "${ZBX_ENABLE_SNMP_TRAPS}" == "true" ]; then - update_config_var $ZBX_CONFIG "SNMPTrapperFile" "${ZABBIX_USER_HOME_DIR}/snmptraps/snmptraps.log" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" "1" - else - update_config_var $ZBX_CONFIG "SNMPTrapperFile" - update_config_var $ZBX_CONFIG "StartSNMPTrapper" - fi - - update_config_var $ZBX_CONFIG "HousekeepingFrequency" "${ZBX_HOUSEKEEPINGFREQUENCY}" - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "MaxHousekeeperDelete" "${ZBX_MAXHOUSEKEEPERDELETE}" - update_config_var $ZBX_CONFIG "SenderFrequency" "${ZBX_SENDERFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "CacheSize" "${ZBX_CACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "CacheUpdateFrequency" "${ZBX_CACHEUPDATEFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "StartDBSyncers" "${ZBX_STARTDBSYNCERS}" - update_config_var $ZBX_CONFIG "HistoryCacheSize" "${ZBX_HISTORYCACHESIZE}" - update_config_var $ZBX_CONFIG "HistoryIndexCacheSize" "${ZBX_HISTORYINDEXCACHESIZE}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "TrendCacheSize" "${ZBX_TRENDCACHESIZE}" - update_config_var $ZBX_CONFIG "ValueCacheSize" "${ZBX_VALUECACHESIZE}" - fi - - update_config_var $ZBX_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_CONFIG "TrapperTimeout" "${ZBX_TRAPPERIMEOUT}" - update_config_var $ZBX_CONFIG "UnreachablePeriod" "${ZBX_UNREACHABLEPERIOD}" - update_config_var $ZBX_CONFIG "UnavailableDelay" "${ZBX_UNAVAILABLEDELAY}" - update_config_var $ZBX_CONFIG "UnreachableDelay" "${ZBX_UNREACHABLEDELAY}" - - update_config_var $ZBX_CONFIG "AlertScriptsPath" "/usr/lib/zabbix/alertscripts" - update_config_var $ZBX_CONFIG "ExternalScripts" "/usr/lib/zabbix/externalscripts" - - # Possible few fping locations - if [ -f "/usr/bin/fping" ]; then - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/bin/fping" - else - update_config_var $ZBX_CONFIG "FpingLocation" "/usr/sbin/fping" - fi - if [ -f "/usr/bin/fping6" ]; then - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/bin/fping6" - else - update_config_var $ZBX_CONFIG "Fping6Location" "/usr/sbin/fping6" - fi - - update_config_var $ZBX_CONFIG "SSHKeyLocation" "$ZABBIX_USER_HOME_DIR/ssh_keys" - update_config_var $ZBX_CONFIG "LogSlowQueries" "${ZBX_LOGSLOWQUERIES}" - - if [ "$type" == "server" ]; then - update_config_var $ZBX_CONFIG "StartProxyPollers" "${ZBX_STARTPROXYPOLLERS}" - update_config_var $ZBX_CONFIG "ProxyConfigFrequency" "${ZBX_PROXYCONFIGFREQUENCY}" - update_config_var $ZBX_CONFIG "ProxyDataFrequency" "${ZBX_PROXYDATAFREQUENCY}" - fi - - update_config_var $ZBX_CONFIG "SSLCertLocation" "$ZABBIX_USER_HOME_DIR/ssl/certs/" - update_config_var $ZBX_CONFIG "SSLKeyLocation" "$ZABBIX_USER_HOME_DIR/ssl/keys/" - update_config_var $ZBX_CONFIG "SSLCALocation" "$ZABBIX_USER_HOME_DIR/ssl/ssl_ca/" - update_config_var $ZBX_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - fi - update_config_var $ZBX_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - fi - - update_config_var $ZBX_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - - if [ "$type" == "proxy" ]; then - update_config_var $ZBX_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" - fi -} - - prepare_zbx_web_config() { - local db_type=$1 local server_name="" echo "** Preparing Zabbix frontend configuration file" @@ -889,43 +241,14 @@ prepare_zbx_web_config() { ZBX_WWW_ROOT="/usr/share/zabbix" ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php" - if [ -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" ]; then - rm -f "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - fi + PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - ln -s "$ZBX_WEB_CONFIG" "$ZBX_WWW_ROOT/conf/zabbix.conf.php" - - # Different places of PHP configuration file - if [ -f "/etc/php5/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php5/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php5/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/apache2/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.0/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.0/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php.d/99-zabbix.ini" - elif [ -f "/etc/php7/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php7/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/fpm/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/fpm/conf.d/99-zabbix.ini" - elif [ -f "/etc/php/7.2/apache2/conf.d/99-zabbix.ini" ]; then - PHP_CONFIG_FILE="/etc/php/7.2/apache2/conf.d/99-zabbix.ini" - fi - - if [ -n "$PHP_CONFIG_FILE" ]; then - update_config_var "$PHP_CONFIG_FILE" "max_execution_time" "${ZBX_MAXEXECUTIONTIME:-"600"}" - update_config_var "$PHP_CONFIG_FILE" "memory_limit" "${ZBX_MEMORYLIMIT:-"128M"}" - update_config_var "$PHP_CONFIG_FILE" "post_max_size" "${ZBX_POSTMAXSIZE:-"16M"}" - update_config_var "$PHP_CONFIG_FILE" "upload_max_filesize" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" - update_config_var "$PHP_CONFIG_FILE" "max_input_time" "${ZBX_MAXINPUTTIME:-"300"}" - update_config_var "$PHP_CONFIG_FILE" "date.timezone" "${PHP_TZ}" - else - echo "**** Zabbix related PHP configuration file not found" - fi + update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[memory_limit]" "${ZBX_MEMORYLIMIT:-"128M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[post_max_size]" "${ZBX_POSTMAXSIZE:-"16M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[upload_max_filesize]" "${ZBX_UPLOADMAXFILESIZE:-"2M"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[max_input_time]" "${ZBX_MAXINPUTTIME:-"300"}" + update_config_var "$PHP_CONFIG_FILE" "php_value[date.timezone]" "${PHP_TZ}" ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"} @@ -946,225 +269,44 @@ prepare_zbx_web_config() { -e "s/{ZBX_SERVER_HOST}/${ZBX_SERVER_HOST}/g" \ -e "s/{ZBX_SERVER_PORT}/${ZBX_SERVER_PORT}/g" \ -e "s/{ZBX_SERVER_NAME}/$server_name/g" \ + -e "s/{ZBX_DB_ENCRYPTION}/${ZBX_DB_ENCRYPTION:-"false"}/g" \ + -e "s/{ZBX_DB_KEY_FILE}/${ZBX_DB_KEY_FILE}/g" \ + -e "s/{ZBX_DB_CERT_FILE}/${ZBX_DB_CERT_FILE}/g" \ + -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \ + -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \ + -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \ -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \ -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \ "$ZBX_WEB_CONFIG" - [ "$db_type" = "postgresql" ] && sed -i "s/MYSQL/POSTGRESQL/g" "$ZBX_WEB_CONFIG" - [ -n "${ZBX_SESSION_NAME}" ] && sed -i "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "$ZBX_WWW_ROOT/include/defines.inc.php" } -prepare_zbx_agent_config() { - echo "** Preparing Zabbix agent configuration file" - - ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agentd.conf - - ZBX_PASSIVESERVERS=${ZBX_PASSIVESERVERS:-""} - ZBX_ACTIVESERVERS=${ZBX_ACTIVESERVERS:-""} - - [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS - - ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS - - [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS - - ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS - - update_config_var $ZBX_AGENT_CONFIG "PidFile" - update_config_var $ZBX_AGENT_CONFIG "LogType" "console" - update_config_var $ZBX_AGENT_CONFIG "LogFile" - update_config_var $ZBX_AGENT_CONFIG "LogFileSize" - update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" - update_config_var $ZBX_AGENT_CONFIG "SourceIP" - update_config_var $ZBX_AGENT_CONFIG "EnableRemoteCommands" "${ZBX_ENABLEREMOTECOMMANDS}" - update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" - - ZBX_PASSIVE_ALLOW=${ZBX_PASSIVE_ALLOW:-"true"} - if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" - update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "Server" - fi - - update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" - update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" - update_config_var $ZBX_AGENT_CONFIG "StartAgents" "${ZBX_STARTAGENTS}" - - ZBX_ACTIVE_ALLOW=${ZBX_ACTIVE_ALLOW:-"true"} - if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then - echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" - update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" - else - update_config_var $ZBX_AGENT_CONFIG "ServerActive" - fi - - update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" - update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" - update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" - update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" - update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" - update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" - update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" - # Please use include to enable Alias feature -# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} - update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" - update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" - update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" - update_config_var $ZBX_AGENT_CONFIG "LoadModulePath" "$ZABBIX_USER_HOME_DIR/modules/" - update_config_multiple_var $ZBX_AGENT_CONFIG "LoadModule" "${ZBX_LOADMODULE}" - update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" - update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" - update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" - update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" -} - -prepare_java_gateway_config() { - echo "** Preparing Zabbix Java Gateway log configuration file" - - ZBX_GATEWAY_CONFIG=$ZABBIX_ETC_DIR/zabbix_java_gateway_logback.xml - - if [ -n "${ZBX_DEBUGLEVEL}" ]; then - echo "Updating $ZBX_GATEWAY_CONFIG 'DebugLevel' parameter: '${ZBX_DEBUGLEVEL}'... updated" - if [ -f "$ZBX_GATEWAY_CONFIG" ]; then - sed -i -e "/^.*/" "$ZBX_GATEWAY_CONFIG" - else - echo "**** Zabbix Java Gateway log configuration file '$ZBX_GATEWAY_CONFIG' not found" - fi - fi -} - -prepare_agent() { - echo "** Preparing Zabbix agent" - prepare_zbx_agent_config -} - -prepare_server() { - local db_type=$1 - - echo "** Preparing Zabbix server" - - check_variables_$db_type "server" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "server" - - update_zbx_config "server" "$db_type" -} - -prepare_proxy() { - local db_type=$1 - - echo "Preparing Zabbix proxy" - - if [ "$db_type" != "sqlite3" ]; then - check_variables_$db_type "proxy" - check_db_connect_$db_type - create_db_user_$db_type - create_db_database_$db_type - create_db_schema_$db_type "proxy" - fi - - update_zbx_config "proxy" $db_type -} - prepare_web() { - local web_server=$1 - local db_type=$2 - echo "** Preparing Zabbix web-interface" - check_variables_$db_type - check_db_connect_$db_type - prepare_web_server_$web_server - prepare_zbx_web_config $db_type + check_variables + check_db_connect + prepare_web_server + prepare_zbx_web_config } -prepare_java_gateway() { - echo "** Preparing Zabbix Java Gateway" - - prepare_java_gateway_config -} ################################################# -if [ ! -n "$zbx_type" ]; then - echo "**** Type of Zabbix component is not specified" - exit 1 -elif [ "$zbx_type" == "dev" ]; then - echo "** Deploying Zabbix installation from SVN" -else - if [ ! -n "$zbx_db_type" ]; then - echo "**** Database type of Zabbix $zbx_type is not specified" - exit 1 - fi +echo "** Deploying Zabbix web-interface (Nginx) with PostgreSQL database" - if [ "$zbx_db_type" != "none" ]; then - if [ "$zbx_opt_type" != "none" ]; then - echo "** Deploying Zabbix $zbx_type ($zbx_opt_type) with $zbx_db_type database" - else - echo "** Deploying Zabbix $zbx_type with $zbx_db_type database" - fi - else - echo "** Deploying Zabbix $zbx_type" - fi -fi +prepare_system -prepare_system "$zbx_type" "$zbx_opt_type" +prepare_web -[ "$zbx_type" == "server" ] && prepare_server $zbx_db_type -[ "${ZBX_ADD_SERVER}" == "true" ] && prepare_server ${ZBX_MAIN_DB} - -[ "$zbx_type" == "proxy" ] && prepare_proxy $zbx_db_type -[ "${ZBX_ADD_PROXY}" == "true" ] && prepare_proxy ${ZBX_PROXY_DB} - -[ "$zbx_type" == "frontend" ] && prepare_web $zbx_opt_type $zbx_db_type -[ "${ZBX_ADD_WEB}" == "true" ] && prepare_web ${ZBX_WEB_SERVER} ${ZBX_MAIN_DB} - -[ "$zbx_type" == "agent" ] && prepare_agent -[ "${ZBX_ADD_AGENT}" == "true" ] && prepare_agent - -[ "$zbx_type" == "java-gateway" ] && prepare_java_gateway -[ "${ZBX_ADD_JAVA_GATEWAY}" == "true" ] && prepare_java_gateway - -clear_deploy "$zbx_type" +clear_deploy echo "########################################################" if [ "$1" != "" ]; then echo "** Executing '$@'" exec "$@" -elif [ "$zbx_type" == "agent" ]; then - echo "** Starting Zabbix agent" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_agentd --foreground -c /etc/zabbix/zabbix_agentd.conf" -elif [ "$zbx_type" == "proxy" ]; then - echo "** Starting Zabbix proxy" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_proxy --foreground -c /etc/zabbix/zabbix_proxy.conf" -elif [ "$zbx_type" == "server" ]; then - echo "** Starting Zabbix server" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_server --foreground -c /etc/zabbix/zabbix_server.conf" -elif [ "$zbx_type" == "java-gateway" ]; then - echo "** Starting Zabbix Java Gateway" - exec su zabbix -s "/bin/bash" -c "/usr/sbin/zabbix_java_gateway" -elif [ "$zbx_type" == "frontend" ] && [ "$zbx_opt_type" == "apache" ]; then - echo "** Starting Zabbix frontend" - if [ -f "/usr/sbin/httpd" ]; then - exec /usr/sbin/httpd -D FOREGROUND - elif [ -f "/usr/sbin/apache2ctl" ]; then - exec /bin/bash -c "source /etc/apache2/envvars && /usr/sbin/apache2ctl -D FOREGROUND" - else - echo "Unknown Web-server. Exiting..." - exit 1 - fi elif [ -f "/usr/bin/supervisord" ]; then echo "** Executing supervisord" exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf