extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-08-09 16:45:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added correct resolving for source IP addresses in case of HTTP proxies

Browse Source
This commit is contained in:
Alexey Pustovalov
2025-07-04 17:54:57 +03:00
parent 9860d2a88d
commit e0f77c4380
67 changed files with 475 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfiles/web-apache-mysql/README.md
View File

@ -258,6 +258,10 @@ PHP_FPM_PM_START_SERVERS=5
PHP_FPM_PM_MIN_SPARE_SERVERS=5
PHP_FPM_PM_MAX_SPARE_SERVERS=35
PHP_FPM_PM_MAX_REQUESTS=0
Allowed Apache configuration options:
WEB_REAL_IP_FROM=
WEB_REAL_IP_HEADER=
```
## Allowed volumes for the Zabbix web interface container

1
Dockerfiles/web-apache-mysql/alpine/conf/etc/apache2/modules.conf
View File

@ -15,3 +15,4 @@ LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule remoteip_module modules/mod_remoteip.so

3
Dockerfiles/web-apache-mysql/alpine/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-mysql/alpine/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-mysql/alpine/docker-entrypoint.sh
View File

@ -202,6 +202,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

1
Dockerfiles/web-apache-mysql/centos/conf/etc/httpd/modules.conf
View File

@ -15,3 +15,4 @@ LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule remoteip_module modules/mod_remoteip.so

3
Dockerfiles/web-apache-mysql/centos/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-mysql/centos/docker-entrypoint.sh
View File

@ -202,6 +202,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

1
Dockerfiles/web-apache-mysql/ol/conf/etc/httpd/modules.conf
View File

@ -15,3 +15,4 @@ LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule remoteip_module modules/mod_remoteip.so

3
Dockerfiles/web-apache-mysql/ol/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-mysql/ol/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-mysql/ol/docker-entrypoint.sh
View File

@ -202,6 +202,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

1
Dockerfiles/web-apache-mysql/ubuntu/conf/etc/apache2/modules.conf
View File

@ -12,3 +12,4 @@ LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_fcgi_module /usr/lib/apache2/modules/mod_proxy_fcgi.so
LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so

3
Dockerfiles/web-apache-mysql/ubuntu/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-mysql/ubuntu/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-mysql/ubuntu/docker-entrypoint.sh
View File

@ -202,6 +202,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

4
Dockerfiles/web-apache-pgsql/README.md
View File

@ -258,6 +258,10 @@ PHP_FPM_PM_START_SERVERS=5
PHP_FPM_PM_MIN_SPARE_SERVERS=5
PHP_FPM_PM_MAX_SPARE_SERVERS=35
PHP_FPM_PM_MAX_REQUESTS=0
Allowed Apache configuration options:
WEB_REAL_IP_FROM=
WEB_REAL_IP_HEADER=
```
## Allowed volumes for the Zabbix web interface container

1
Dockerfiles/web-apache-pgsql/alpine/conf/etc/apache2/modules.conf
View File

@ -15,3 +15,4 @@ LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule remoteip_module modules/mod_remoteip.so

3
Dockerfiles/web-apache-pgsql/alpine/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-pgsql/alpine/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-pgsql/alpine/docker-entrypoint.sh
View File

@ -201,6 +201,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

1
Dockerfiles/web-apache-pgsql/centos/conf/etc/httpd/modules.conf
View File

@ -15,3 +15,4 @@ LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule remoteip_module modules/mod_remoteip.so

3
Dockerfiles/web-apache-pgsql/centos/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-pgsql/centos/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-pgsql/centos/docker-entrypoint.sh
View File

@ -201,6 +201,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

1
Dockerfiles/web-apache-pgsql/ol/conf/etc/httpd/modules.conf
View File

@ -15,3 +15,4 @@ LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule remoteip_module modules/mod_remoteip.so

3
Dockerfiles/web-apache-pgsql/ol/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-pgsql/ol/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-pgsql/ol/docker-entrypoint.sh
View File

@ -201,6 +201,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

1
Dockerfiles/web-apache-pgsql/ubuntu/conf/etc/apache2/modules.conf
View File

@ -12,3 +12,4 @@ LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_fcgi_module /usr/lib/apache2/modules/mod_proxy_fcgi.so
LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so

3
Dockerfiles/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache.conf
View File

@ -1,6 +1,9 @@
Listen 8080
<VirtualHost *:8080>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
<LocationMatch "/(ping|status)">
Require all granted

3
Dockerfiles/web-apache-pgsql/ubuntu/conf/etc/zabbix/apache_ssl.conf
View File

@ -14,6 +14,9 @@ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
<VirtualHost *:8443>
RemoteIPInternalProxy ${WEB_REAL_IP_FROM}
RemoteIPHeader ${WEB_REAL_IP_HEADER}
# Enable/Disable SSL for this virtual host.
SSLEngine on

5
Dockerfiles/web-apache-pgsql/ubuntu/docker-entrypoint.sh
View File

@ -201,6 +201,11 @@ prepare_web_server() {
export APACHE_SERVER_SIGNATURE="Off"
fi
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_FROM}" ] && sed -i '/WEB_REAL_IP_FROM/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache.conf"
[ -z "${WEB_REAL_IP_HEADER}" ] && sed -i '/WEB_REAL_IP_HEADER/d' "$ZABBIX_CONF_DIR/apache_ssl.conf"
mkdir -p "${APACHE_RUN_DIR}"
}

4
Dockerfiles/web-nginx-mysql/README.md
View File

@ -259,6 +259,10 @@ PHP_FPM_PM_START_SERVERS=5
PHP_FPM_PM_MIN_SPARE_SERVERS=5
PHP_FPM_PM_MAX_SPARE_SERVERS=35
PHP_FPM_PM_MAX_REQUESTS=0
Allowed Nginx configuration options:
WEB_REAL_IP_FROM=
WEB_REAL_IP_HEADER=
```
## Allowed volumes for the Zabbix web interface container

3
Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf
View File

@ -4,6 +4,9 @@ server {
http2 on;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-mysql/alpine/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php84/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -229,6 +238,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-mysql/centos/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -229,6 +238,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-mysql/ol/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -229,6 +238,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-mysql/rhel/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -229,6 +238,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-mysql/ubuntu/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php/8.3/fpm/pool.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -229,6 +238,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

4
Dockerfiles/web-nginx-pgsql/README.md
View File

@ -258,6 +258,10 @@ PHP_FPM_PM_START_SERVERS=5
PHP_FPM_PM_MIN_SPARE_SERVERS=5
PHP_FPM_PM_MAX_SPARE_SERVERS=35
PHP_FPM_PM_MAX_REQUESTS=0
Allowed Nginx configuration options:
WEB_REAL_IP_FROM=
WEB_REAL_IP_HEADER=
```
## Allowed volumes for the Zabbix web interface container

3
Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf
View File

@ -4,6 +4,9 @@ server {
http2 on;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-pgsql/alpine/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php84/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -228,6 +237,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-pgsql/centos/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -228,6 +237,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-pgsql/ol/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -228,6 +237,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-pgsql/rhel/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-pgsql/rhel/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-pgsql/rhel/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -228,6 +237,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf
View File

@ -2,6 +2,9 @@ server {
listen 8080;
listen [::]:8080;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
index {HTTP_INDEX_FILE};

3
Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf
View File

@ -2,6 +2,9 @@ server {
listen 8443 ssl http2;
listen [::]:8443 ssl http2;
{WEB_REAL_IP_FROM}
{WEB_REAL_IP_HEADER}
server_name zabbix;
server_name_in_redirect off;

30
Dockerfiles/web-nginx-pgsql/ubuntu/docker-entrypoint.sh
View File

@ -35,6 +35,15 @@ NGINX_SSL_CONFIG_DIR="/etc/ssl/nginx"
# PHP-FPM configuration file
PHP_CONFIG_FILE="/etc/php/8.3/fpm/pool.d/zabbix.conf"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//./\\.}"
echo "$var_value"
}
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
@ -228,6 +237,27 @@ prepare_web_server() {
sed -i \
-e "s/{EXPOSE_WEB_SERVER_INFO}/${EXPOSE_WEB_SERVER_INFO}/g" \
"$NGINX_CONF_FILE"
[ ! -z "${WEB_REAL_IP_FROM}" ] && WEB_REAL_IP_FROM="set_real_ip_from ${WEB_REAL_IP_FROM};"
WEB_REAL_IP_FROM=$(escape_spec_char "$WEB_REAL_IP_FROM")
[ ! -z "${WEB_REAL_IP_HEADER}" ] && WEB_REAL_IP_HEADER="real_ip_header ${WEB_REAL_IP_HEADER};"
WEB_REAL_IP_HEADER=$(escape_spec_char "$WEB_REAL_IP_HEADER")
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_FROM}/${WEB_REAL_IP_FROM}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx.conf"
sed -i \
-e "s/{WEB_REAL_IP_HEADER}/${WEB_REAL_IP_HEADER}/g" \
"$ZABBIX_CONF_DIR/nginx_ssl.conf"
}
prepare_zbx_php_config() {

3
env_vars/.env_web
View File

@ -48,3 +48,6 @@ ZBX_SERVER_NAME=Composed installation
# PHP_FPM_PM_MIN_SPARE_SERVERS=5
# PHP_FPM_PM_MAX_SPARE_SERVERS=35
# PHP_FPM_PM_MAX_REQUESTS=0
#WEB_REAL_IP_FROM=
#WEB_REAL_IP_HEADER=