Prepare for env variables in Windows containers

This commit is contained in:
Alexey Pustovalov 2024-12-30 20:17:45 +09:00
parent ab18a9f39f
commit e62d67cacf
3 changed files with 26 additions and 41 deletions

View File

@ -14,6 +14,12 @@ ARG MAJOR_VERSION
ARG ZBX_VERSION ARG ZBX_VERSION
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV ZABBIX_USER_HOME_DIR="C:\zabbix" \
ZABBIX_CONF_DIR="C:\zabbix\conf"
ENV ZBX_LOADMODULEPATH="${ZABBIX_USER_HOME_DIR}/modules" \
ZBX_USERPARAMETERDIR=${ZABBIX_USER_HOME_DIR}/user_scripts
LABEL org.opencontainers.image.title="Zabbix agent" ` LABEL org.opencontainers.image.title="Zabbix agent" `
org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" ` org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" `
org.opencontainers.image.vendor="Zabbix SIA" ` org.opencontainers.image.vendor="Zabbix SIA" `
@ -36,25 +42,26 @@ USER ContainerAdministrator
RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; ` RUN $env:PATH = [string]::Format('{0}\zabbix\sbin;{0}\zabbix\bin;', $env:SystemDrive) + $env:PATH; `
[Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); ` [Environment]::SetEnvironmentVariable('PATH', $env:PATH, [EnvironmentVariableTarget]::Machine); `
` `
$env:ZBX_HOME = [string]::Format('{0}\zabbix', $env:SystemDrive); ` [Environment]::SetEnvironmentVariable('ZABBIX_USER_HOME_DIR', $env:ZABBIX_USER_HOME_DIR, [EnvironmentVariableTarget]::Machine); `
[Environment]::SetEnvironmentVariable('ZBX_HOME', $env:ZBX_HOME, [EnvironmentVariableTarget]::Machine); `
` `
Write-Host ('Verifying Zabbix agent {0} ...' -f $env:ZBX_VERSION); ` Write-Host ('Verifying Zabbix agent {0} ...' -f $env:ZBX_VERSION); `
zabbix_agentd.exe -V; zabbix_agentd.exe -V;
RUN Set-Location -Path $env:SystemDrive\.; ` RUN Set-Location -Path $env:SystemDrive\.; `
` `
New-Item -Force -ItemType directory -Path $env:ZBX_HOME\conf\zabbix_agentd.d | Out-Null; ` New-Item -Force -ItemType directory -Path $env:ZABBIX_CONF_DIR | Out-Null; `
New-Item -Force -ItemType directory -Path $env:ZBX_HOME\enc | Out-Null; ` New-Item -Force -ItemType directory -Path $env:ZABBIX_CONF_DIR\zabbix_agentd.d | Out-Null; `
New-Item -Force -ItemType directory -Path $env:ZBX_HOME\modules | Out-Null; ` New-Item -Force -ItemType directory -Path $env:ZABBIX_USER_HOME_DIR\enc | Out-Null; `
New-Item -Force -ItemType directory -Path $env:ZBX_HOME\buffer | Out-Null; ` New-Item -Force -ItemType directory -Path $env:ZABBIX_USER_HOME_DIR\buffer | Out-Null; `
New-Item -Force -ItemType directory -Path $env:ZBX_LOADMODULEPATH | Out-Null; `
New-Item -Force -ItemType directory -Path $env:ZBX_USERPARAMETERDIR | Out-Null; `
` `
net accounts /MaxPWAge:unlimited; ` net accounts /MaxPWAge:unlimited; `
net user /add zabbix /expire:never /passwordreq:no; ` net user /add zabbix /expire:never /passwordreq:no; `
$acl = Get-Acl -Path $env:ZBX_HOME; ` $acl = Get-Acl -Path $env:ZABBIX_USER_HOME_DIR; `
$ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); ` $ace = New-Object Security.AccessControl.FileSystemAccessRule ('zabbix', 'Modify', 'ContainerInherit, ObjectInherit', 'InheritOnly', 'Allow'); `
$acl.AddAccessRule($ace); ` $acl.AddAccessRule($ace); `
Set-Acl -AclObject $acl -Path $env:ZBX_HOME; Set-Acl -AclObject $acl -Path $env:ZABBIX_USER_HOME_DIR;
USER zabbix USER zabbix

View File

@ -16,10 +16,8 @@ if ([string]::IsNullOrWhitespace($env:ZBX_SERVER_PORT)) {
# Default directories # Default directories
# User 'zabbix' home directory # Internal directory for TLS related files, used when TLS*File specified as plain text values
$ZabbixUserHomeDir="C:\zabbix" $ZabbixInternalEncDir="$env:ZABBIX_USER_HOME_DIR/enc_internal"
# Configuration files directory
$ZabbixConfigDir="C:\zabbix\conf"
function Update-Config-Var { function Update-Config-Var {
Param ( Param (
@ -122,7 +120,7 @@ function Update-Config-Multiple-Var {
function Prepare-Zbx-Agent-Config { function Prepare-Zbx-Agent-Config {
Write-Host "** Preparing Zabbix agent configuration file" Write-Host "** Preparing Zabbix agent configuration file"
$ZbxAgentConfig="$ZabbixConfigDir\zabbix_agentd.conf" $ZbxAgentConfig="$env:ZABBIX_CONF_DIR\zabbix_agentd.conf"
if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) { if ([string]::IsNullOrWhitespace($env:ZBX_PASSIVESERVERS)) {
$env:ZBX_PASSIVESERVERS="" $env:ZBX_PASSIVESERVERS=""
@ -161,10 +159,6 @@ function Prepare-Zbx-Agent-Config {
Update-Config-Var $ZbxAgentConfig "Server" Update-Config-Var $ZbxAgentConfig "Server"
} }
Update-Config-Var $ZbxAgentConfig "ListenPort" "$env:ZBX_LISTENPORT"
Update-Config-Var $ZbxAgentConfig "ListenIP" "$env:ZBX_LISTENIP"
Update-Config-Var $ZbxAgentConfig "StartAgents" "$env:ZBX_STARTAGENTS"
if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVE_ALLOW)) { if ([string]::IsNullOrWhitespace($env:ZBX_ACTIVE_ALLOW)) {
$env:ZBX_ACTIVE_ALLOW="true" $env:ZBX_ACTIVE_ALLOW="true"
} }
@ -176,52 +170,37 @@ function Prepare-Zbx-Agent-Config {
else { else {
Update-Config-Var $ZbxAgentConfig "ServerActive" Update-Config-Var $ZbxAgentConfig "ServerActive"
} }
Update-Config-Var $ZbxAgentConfig "HeartbeatFrequency" "$env:ZBX_HEARTBEAT_FREQUENCY"
Update-Config-Var $ZbxAgentConfig "HostInterface" "$env:ZBX_HOSTINTERFACE"
Update-Config-Var $ZbxAgentConfig "HostInterfaceItem" "$env:ZBX_HOSTINTERFACEITEM"
Update-Config-Var $ZbxAgentConfig "Hostname" "$env:ZBX_HOSTNAME"
Update-Config-Var $ZbxAgentConfig "HostnameItem" "$env:ZBX_HOSTNAMEITEM"
Update-Config-Var $ZbxAgentConfig "HostMetadata" "$env:ZBX_METADATA"
Update-Config-Var $ZbxAgentConfig "HostMetadataItem" "$env:ZBX_METADATAITEM"
Update-Config-Var $ZbxAgentConfig "RefreshActiveChecks" "$env:ZBX_REFRESHACTIVECHECKS"
Update-Config-Var $ZbxAgentConfig "BufferSend" "$env:ZBX_BUFFERSEND"
Update-Config-Var $ZbxAgentConfig "BufferSize" "$env:ZBX_BUFFERSIZE"
Update-Config-Var $ZbxAgentConfig "MaxLinesPerSecond" "$env:ZBX_MAXLINESPERSECOND"
# Please use include to enable Alias feature # Please use include to enable Alias feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" $env:ZBX_ALIAS # update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" $env:ZBX_ALIAS
# Please use include to enable Perfcounter feature # Please use include to enable Perfcounter feature
# update_config_multiple_var $ZBX_AGENT_CONFIG "PerfCounter" $env:ZBX_PERFCOUNTER # update_config_multiple_var $ZBX_AGENT_CONFIG "PerfCounter" $env:ZBX_PERFCOUNTER
Update-Config-Var $ZbxAgentConfig "Timeout" "$env:ZBX_TIMEOUT"
Update-Config-Var $ZbxAgentConfig "Include" "$ZabbixConfigDir\zabbix_agentd.d\*.conf"
Update-Config-Var $ZbxAgentConfig "UnsafeUserParameters" "$env:ZBX_UNSAFEUSERPARAMETERS"
Update-Config-Var $ZbxAgentConfig "UserParameterDir" "$ZabbixUserHomeDir\user_scripts\"
Update-Config-Var $ZbxAgentConfig "TLSConnect" "$env:ZBX_TLSCONNECT"
Update-Config-Var $ZbxAgentConfig "TLSAccept" "$env:ZBX_TLSACCEPT"
Update-Config-Var $ZbxAgentConfig "TLSCAFile" "$env:ZBX_TLSCAFILE" Update-Config-Var $ZbxAgentConfig "TLSCAFile" "$env:ZBX_TLSCAFILE"
Update-Config-Var $ZbxAgentConfig "TLSCRLFile" "$env:ZBX_TLSCRLFILE" Update-Config-Var $ZbxAgentConfig "TLSCRLFile" "$env:ZBX_TLSCRLFILE"
Update-Config-Var $ZbxAgentConfig "TLSServerCertIssuer" "$env:ZBX_TLSSERVERCERTISSUER"
Update-Config-Var $ZbxAgentConfig "TLSServerCertSubject" "$env:ZBX_TLSSERVERCERTSUBJECT"
Update-Config-Var $ZbxAgentConfig "TLSCertFile" "$env:ZBX_TLSCERTFILE" Update-Config-Var $ZbxAgentConfig "TLSCertFile" "$env:ZBX_TLSCERTFILE"
Update-Config-Var $ZbxAgentConfig "TLSCipherAll" "$env:ZBX_TLSCIPHERALL"
Update-Config-Var $ZbxAgentConfig "TLSCipherAll13" "$env:ZBX_TLSCIPHERALL13"
Update-Config-Var $ZbxAgentConfig "TLSCipherCert" "$env:ZBX_TLSCIPHERCERT" Update-Config-Var $ZbxAgentConfig "TLSCipherCert" "$env:ZBX_TLSCIPHERCERT"
Update-Config-Var $ZbxAgentConfig "TLSCipherCert13" "$env:ZBX_TLSCIPHERCERT13" Update-Config-Var $ZbxAgentConfig "TLSCipherCert13" "$env:ZBX_TLSCIPHERCERT13"
Update-Config-Var $ZbxAgentConfig "TLSCipherPSK" "$env:ZBX_TLSCIPHERPSK" Update-Config-Var $ZbxAgentConfig "TLSCipherPSK" "$env:ZBX_TLSCIPHERPSK"
Update-Config-Var $ZbxAgentConfig "TLSCipherPSK13" "$env:ZBX_TLSCIPHERPSK13" Update-Config-Var $ZbxAgentConfig "TLSCipherPSK13" "$env:ZBX_TLSCIPHERPSK13"
Update-Config-Var $ZbxAgentConfig "TLSKeyFile" "$env:ZBX_TLSKEYFILE" Update-Config-Var $ZbxAgentConfig "TLSKeyFile" "$env:ZBX_TLSKEYFILE"
Update-Config-Var $ZbxAgentConfig "TLSPSKIdentity" "$env:ZBX_TLSPSKIDENTITY"
Update-Config-Var $ZbxAgentConfig "TLSPSKFile" "$env:ZBX_TLSPSKFILE" Update-Config-Var $ZbxAgentConfig "TLSPSKFile" "$env:ZBX_TLSPSKFILE"
Update-Config-Multiple-Var $ZbxAgentConfig "DenyKey" "$env:ZBX_DENYKEY" Update-Config-Multiple-Var $ZbxAgentConfig "DenyKey" "$env:ZBX_DENYKEY"
Update-Config-Multiple-Var $ZbxAgentConfig "AllowKey" "$env:ZBX_ALLOWKEY" Update-Config-Multiple-Var $ZbxAgentConfig "AllowKey" "$env:ZBX_ALLOWKEY"
}
function ClearZbxEnv() {
if ([string]::IsNullOrWhitespace($env:ZBX_CLEAR_ENV)) {
return
}
} }
function PrepareAgent { function PrepareAgent {
Write-Host "** Preparing Zabbix agent" Write-Host "** Preparing Zabbix agent"
Prepare-Zbx-Agent-Config Prepare-Zbx-Agent-Config
ClearZbxEnv
} }
$commandArgs=$args $commandArgs=$args

View File

@ -33,7 +33,6 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
ADD config_templates C:\config_templates ADD config_templates C:\config_templates
RUN Set-Location -Path $env:SystemDrive\.; ` RUN Set-Location -Path $env:SystemDrive\.; `
dir C:\config_templates; `
` `
New-Item -ItemType directory -Path $env:SystemDrive\zabbix_src | Out-Null; ` New-Item -ItemType directory -Path $env:SystemDrive\zabbix_src | Out-Null; `
New-Item -ItemType directory -Path $env:ZBX_OUTPUT_DIR | Out-Null; ` New-Item -ItemType directory -Path $env:ZBX_OUTPUT_DIR | Out-Null; `