mirror of
https://github.com/zabbix/zabbix-docker.git
synced 2025-01-10 15:48:38 +01:00
86 lines
2.7 KiB
Plaintext
86 lines
2.7 KiB
Plaintext
####### TLS-RELATED PARAMETERS #######
|
|
|
|
### Option: Vault
|
|
# Specifies vault:
|
|
# HashiCorp - HashiCorp KV Secrets Engine - Version 2
|
|
# CyberArk - CyberArk Central Credential Provider
|
|
#
|
|
# Mandatory: no
|
|
# Default:
|
|
# Vault=HashiCorp
|
|
|
|
Vault=${ZBX_VAULT}
|
|
|
|
### Option: VaultToken
|
|
# Vault authentication token that should have been generated exclusively for Zabbix server with read only permission
|
|
# to paths specified in Vault macros and read only permission to path specified in optional VaultDBPath
|
|
# configuration parameter.
|
|
# It is an error if VaultToken and VAULT_TOKEN environment variable are defined at the same time.
|
|
#
|
|
# Mandatory: no
|
|
# (yes, if Vault is explicitly set to HashiCorp)
|
|
# Default:
|
|
# VaultToken=
|
|
|
|
### Option: VaultURL
|
|
# Vault server HTTP[S] URL. System-wide CA certificates directory will be used if SSLCALocation is not specified.
|
|
#
|
|
# Mandatory: no
|
|
# Default:
|
|
# VaultURL=https://127.0.0.1:8200
|
|
|
|
VaultURL=${ZBX_VAULTURL}
|
|
|
|
### Option: VaultPrefix
|
|
# Custom prefix for Vault path or query depending on the Vault.
|
|
# Most suitable defaults will be used if not specified.
|
|
# Note that 'data' is automatically appended after mountpoint for HashiCorp if VaultPrefix is not specified.
|
|
# Example prefix for HashiCorp:
|
|
# /v1/secret/data/zabbix/
|
|
# Example prefix for CyberArk:
|
|
# /AIMWebService/api/Accounts?
|
|
# Mandatory: no
|
|
# Default:
|
|
# VaultPrefix=
|
|
|
|
VaultPrefix=${ZBX_VAULTPREFIX}
|
|
|
|
### Option: VaultDBPath
|
|
# Vault path or query depending on the Vault from where credentials for database will be retrieved by keys.
|
|
# Keys used for HashiCorp are 'password' and 'username'.
|
|
# Example path with VaultPrefix=/v1/secret/data/zabbix/:
|
|
# database
|
|
# Example path without VaultPrefix:
|
|
# secret/zabbix/database
|
|
# Keys used for CyberArk are 'Content' and 'UserName'.
|
|
# Example query:
|
|
# AppID=zabbix_server&Query=Safe=passwordSafe;Object=zabbix_server_database
|
|
# This option can only be used if DBUser and DBPassword are not specified.
|
|
#
|
|
# Mandatory: no
|
|
# Default:
|
|
# VaultDBPath=
|
|
|
|
VaultDBPath=${ZBX_VAULTDBPATH}
|
|
|
|
### Option: VaultTLSCertFile
|
|
# Name of the SSL certificate file used for client authentication. The certificate file must be in PEM1 format.
|
|
# If the certificate file contains also the private key, leave the SSL key file field empty. The directory
|
|
# containing this file is specified by configuration parameter SSLCertLocation.
|
|
#
|
|
# Mandatory: no
|
|
# Default:
|
|
# VaultTLSCertFile=
|
|
|
|
VaultTLSCertFile=${ZBX_VAULTTLSCERTFILE}
|
|
|
|
### Option: VaultTLSKeyFile
|
|
# Name of the SSL private key file used for client authentication. The private key file must be in PEM1 format.
|
|
# The directory containing this file is specified by configuration parameter SSLKeyLocation.
|
|
#
|
|
# Mandatory: no
|
|
# Default:
|
|
# VaultTLSKeyFile=
|
|
|
|
VaultTLSKeyFile=${ZBX_VAULTTLSKEYFILE}
|