# syntax=docker/dockerfile:1 ARG MAJOR_VERSION=6.0 ARG ZBX_VERSION=${MAJOR_VERSION}.32 ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:centos-${ZBX_VERSION} FROM ${BUILD_BASE_IMAGE} AS builder FROM quay.io/centos/centos:stream8 ARG MAJOR_VERSION ARG ZBX_VERSION ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ org.opencontainers.image.licenses="GPL v2.0" \ org.opencontainers.image.source="${ZBX_SOURCES}" \ org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ org.opencontainers.image.url="https://zabbix.com/" \ org.opencontainers.image.vendor="Zabbix SIA" \ org.opencontainers.image.version="${ZBX_VERSION}" STOPSIGNAL SIGTERM COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/sbin/zabbix_proxy", "/usr/sbin/zabbix_proxy"] COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/proxy/conf/", "/etc/zabbix/"] COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}-output/general/bin/", "/usr/bin/"] RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ set -eux && \ REPOLIST="baseos,appstream,epel" && \ INSTALL_PKGS="bash \ tini \ libevent \ traceroute \ nmap \ libssh \ fping \ file-libs \ libxml2 \ net-snmp-libs \ OpenIPMI-libs \ openldap \ openssl-libs \ pcre2 \ zlib \ unixODBC" && \ dnf -y install \ --disablerepo "*" \ --enablerepo "extras" \ --setopt=tsflags=nodocs \ --setopt=install_weak_deps=False \ --setopt=keepcache=False \ --best epel-release && \ dnf -y install \ --disablerepo "*" \ --enablerepo "${REPOLIST}" \ --setopt=tsflags=nodocs \ --setopt=install_weak_deps=False \ --setopt=keepcache=False \ --best ${INSTALL_PKGS} && \ dnf -y reinstall \ --disablerepo "*" \ --enablerepo "baseos" \ --setopt=tsflags=nodocs \ --setopt=install_weak_deps=False \ --setopt=keepcache=False \ --best tzdata && \ groupadd \ --system \ --gid 1995 \ zabbix && \ useradd \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ chgrp zabbix /usr/bin/nmap && \ setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/db_data && \ mkdir -p /var/lib/zabbix/enc && \ mkdir -p /usr/lib/zabbix/externalscripts && \ mkdir -p /var/lib/zabbix/mibs && \ mkdir -p /var/lib/zabbix/modules && \ mkdir -p /var/lib/zabbix/snmptraps && \ mkdir -p /var/lib/zabbix/ssh_keys && \ mkdir -p /var/lib/zabbix/ssl && \ mkdir -p /var/lib/zabbix/ssl/certs && \ mkdir -p /var/lib/zabbix/ssl/keys && \ mkdir -p /var/lib/zabbix/ssl/ssl_ca && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ dnf -y clean all EXPOSE 10051/TCP WORKDIR /var/lib/zabbix VOLUME ["/var/lib/zabbix/snmptraps"] COPY ["docker-entrypoint.sh", "/usr/bin/"] ENTRYPOINT ["/usr/bin/tini", "--", "/usr/bin/docker-entrypoint.sh"] USER 1997 CMD ["/usr/sbin/zabbix_proxy", "--foreground", "-c", "/etc/zabbix/zabbix_proxy.conf"]