zabbix-docker/Dockerfiles/web-apache-pgsql/ubuntu/docker-entrypoint.sh

266 lines
8.2 KiB
Bash
Executable File

#!/bin/bash
set -o pipefail
set +e
# Script trace mode
if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default Zabbix installation name
# Used only by Zabbix web-interface
: ${ZBX_SERVER_NAME:="Zabbix docker"}
# Default Zabbix server port number
: ${ZBX_SERVER_PORT:="10051"}
# Default timezone for web interface
: ${PHP_TZ:="Europe/Riga"}
# Default directories
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
# Web interface www-root directory
ZABBIX_WWW_ROOT="/usr/share/zabbix"
# Apache main configuration file
HTTPD_CONF_FILE="/etc/apache2/apache2.conf"
# usage: file_env VAR [DEFAULT]
# as example: file_env 'MYSQL_PASSWORD' 'zabbix'
# (will allow for "$MYSQL_PASSWORD_FILE" to fill in the value of "$MYSQL_PASSWORD" from a file)
# unsets the VAR_FILE afterwards and just leaving VAR
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local defaultValue="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo "**** Both variables $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$defaultValue"
if [ "${!var:-}" ]; then
val="${!var}"
echo "** Using ${var} variable from ENV"
elif [ "${!fileVar:-}" ]; then
if [ ! -f "${!fileVar}" ]; then
echo "**** Secret file \"${!fileVar}\" is not found"
exit 1
fi
val="$(< "${!fileVar}")"
echo "** Using ${var} variable from secret file"
fi
export "$var"="$val"
unset "$fileVar"
}
# Check prerequisites for PostgreSQL database
check_variables() {
file_env POSTGRES_USER
file_env POSTGRES_PASSWORD
: ${DB_SERVER_HOST:="postgres-server"}
: ${DB_SERVER_PORT:="5432"}
DB_SERVER_ZBX_USER=${POSTGRES_USER:-"zabbix"}
DB_SERVER_ZBX_PASS=${POSTGRES_PASSWORD:-"zabbix"}
: ${DB_SERVER_SCHEMA:="public"}
DB_SERVER_DBNAME=${POSTGRES_DB:-"zabbix"}
: ${POSTGRES_USE_IMPLICIT_SEARCH_PATH:="false"}
}
check_db_connect() {
echo "********************"
echo "* DB_SERVER_HOST: ${DB_SERVER_HOST}"
echo "* DB_SERVER_PORT: ${DB_SERVER_PORT}"
echo "* DB_SERVER_DBNAME: ${DB_SERVER_DBNAME}"
echo "* DB_SERVER_SCHEMA: ${DB_SERVER_SCHEMA}"
if [ "${DEBUG_MODE,,}" == "true" ]; then
echo "* DB_SERVER_ZBX_USER: ${DB_SERVER_ZBX_USER}"
echo "* DB_SERVER_ZBX_PASS: ${DB_SERVER_ZBX_PASS}"
fi
echo "********************"
if [ -n "${DB_SERVER_ZBX_PASS}" ]; then
export PGPASSWORD="${DB_SERVER_ZBX_PASS}"
fi
WAIT_TIMEOUT=5
if [ "${POSTGRES_USE_IMPLICIT_SEARCH_PATH,,}" == "false" ] && [ -n "${DB_SERVER_SCHEMA}" ]; then
PGOPTIONS="--search_path=${DB_SERVER_SCHEMA}"
export PGOPTIONS
fi
if [ -n "${ZBX_DBTLSCONNECT}" ]; then
PGSSLMODE=${ZBX_DBTLSCONNECT//_/-}
export PGSSLMODE=${PGSSLMODE//required/require}
export PGSSLROOTCERT=${ZBX_DBTLSCAFILE}
export PGSSLCERT=${ZBX_DBTLSCERTFILE}
export PGSSLKEY=${ZBX_DBTLSKEYFILE}
fi
while [ ! "$(psql --host ${DB_SERVER_HOST} --port ${DB_SERVER_PORT} --username ${DB_SERVER_ZBX_USER} --dbname ${DB_SERVER_DBNAME} --list --quiet 2>/dev/null)" ]; do
echo "**** PostgreSQL server is not available. Waiting $WAIT_TIMEOUT seconds..."
sleep $WAIT_TIMEOUT
done
unset PGPASSWORD
unset PGOPTIONS
unset PGSSLMODE
unset PGSSLROOTCERT
unset PGSSLCERT
unset PGSSLKEY
}
prepare_web_server() {
APACHE_SITES_DIR="/etc/apache2/sites-enabled"
echo "** Adding Zabbix virtual host (HTTP)"
if [ -f "$ZABBIX_ETC_DIR/apache.conf" ]; then
ln -sfT "$ZABBIX_ETC_DIR/apache.conf" "$APACHE_SITES_DIR/zabbix.conf"
else
echo "**** Impossible to enable HTTP virtual host"
fi
if [ -f "/etc/ssl/apache2/ssl.crt" ] && [ -f "/etc/ssl/apache2/ssl.key" ]; then
echo "** Adding Zabbix virtual host (HTTPS)"
if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then
ln -sfT "$ZABBIX_ETC_DIR/apache_ssl.conf" "$APACHE_SITES_DIR/zabbix_ssl.conf"
else
echo "**** Impossible to enable HTTPS virtual host"
fi
else
echo "**** Impossible to enable SSL support for Apache2. Certificates are missed."
fi
}
clear_deploy() {
echo "** Cleaning the system"
}
prepare_zbx_web_config() {
echo "** Preparing Zabbix frontend configuration file"
: ${ZBX_DENY_GUI_ACCESS:="false"}
export ZBX_DENY_GUI_ACCESS=${ZBX_DENY_GUI_ACCESS,,}
export ZBX_GUI_ACCESS_IP_RANGE=${ZBX_GUI_ACCESS_IP_RANGE:-"['127.0.0.1']"}
export ZBX_GUI_WARNING_MSG=${ZBX_GUI_WARNING_MSG:-"Zabbix is under maintenance."}
export ZBX_MAXEXECUTIONTIME=${ZBX_MAXEXECUTIONTIME:-"600"}
export ZBX_MEMORYLIMIT=${ZBX_MEMORYLIMIT:-"128M"}
export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"}
export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"}
export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"}
export PHP_TZ=${PHP_TZ}
export DB_SERVER_TYPE="POSTGRESQL"
export DB_SERVER_HOST=${DB_SERVER_HOST}
export DB_SERVER_PORT=${DB_SERVER_PORT}
export DB_SERVER_DBNAME=${DB_SERVER_DBNAME}
export DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA}
export DB_SERVER_USER=${DB_SERVER_ZBX_USER}
export DB_SERVER_PASS=${DB_SERVER_ZBX_PASS}
export ZBX_SERVER_HOST=${ZBX_SERVER_HOST}
export ZBX_SERVER_PORT=${ZBX_SERVER_PORT}
export ZBX_SERVER_NAME=${ZBX_SERVER_NAME}
: ${ZBX_DB_ENCRYPTION:="false"}
export ZBX_DB_ENCRYPTION=${ZBX_DB_ENCRYPTION,,}
export ZBX_DB_KEY_FILE=${ZBX_DB_KEY_FILE}
export ZBX_DB_CERT_FILE=${ZBX_DB_CERT_FILE}
export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE}
: ${ZBX_DB_VERIFY_HOST:="false"}
export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST,,}
export ZBX_VAULT=${ZBX_VAULT}
export ZBX_VAULTURL=${ZBX_VAULTURL}
export ZBX_VAULTDBPATH=${ZBX_VAULTDBPATH}
export VAULT_TOKEN=${VAULT_TOKEN}
export ZBX_VAULTCERTFILE=${ZBX_VAULTCERTFILE}
export ZBX_VAULTKEYFILE=${ZBX_VAULTKEYFILE}
: ${DB_DOUBLE_IEEE754:="true"}
export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754,,}
export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL}
export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"}
export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""}
export ZBX_SSO_SP_KEY=${ZBX_SSO_SP_KEY}
export ZBX_SSO_SP_CERT=${ZBX_SSO_SP_CERT}
export ZBX_SSO_IDP_CERT=${ZBX_SSO_IDP_CERT}
if [ -n "${ZBX_SESSION_NAME}" ]; then
cp "$ZABBIX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp"
sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZABBIX_WWW_ROOT/include/defines.inc.php"
rm -f "/tmp/defines.inc.php_tmp"
fi
: ${HTTP_INDEX_FILE:="index.php"}
sed -i \
-e "s/{HTTP_INDEX_FILE}/${HTTP_INDEX_FILE}/g" \
"$ZABBIX_ETC_DIR/apache.conf"
if [ -f "$ZABBIX_ETC_DIR/apache_ssl.conf" ]; then
sed -i \
-e "s/{HTTP_INDEX_FILE}/${HTTP_INDEX_FILE}/g" \
"$ZABBIX_ETC_DIR/apache_ssl.conf"
fi
: ${ENABLE_WEB_ACCESS_LOG:="true"}
if [ "${ENABLE_WEB_ACCESS_LOG,,}" == "false" ]; then
sed -ri \
-e 's!^(\s*CustomLog)\s+\S+!\1 /dev/null!g' \
"$HTTPD_CONF_FILE"
sed -ri \
-e 's!^(\s*CustomLog)\s+\S+!\1 /dev/null!g' \
"/etc/apache2/conf-available/other-vhosts-access-log.conf"
fi
: ${EXPOSE_WEB_SERVER_INFO:="on"}
if [ "${EXPOSE_WEB_SERVER_INFO}" = "off" ]; then
sed -i \
-e "s/^\(\s*ServerTokens\).*\$/\1 Prod/g" \
"$HTTPD_CONF_FILE"
else
EXPOSE_WEB_SERVER_INFO="on"
fi
export EXPOSE_WEB_SERVER_INFO=${EXPOSE_WEB_SERVER_INFO}
sed -i \
-e "s/^\(\s*ServerSignature\).*\$/\1 ${EXPOSE_WEB_SERVER_INFO^}/g" \
"$HTTPD_CONF_FILE"
}
#################################################
echo "** Deploying Zabbix web-interface (Apache) with PostgreSQL database"
check_variables
check_db_connect
prepare_web_server
prepare_zbx_web_config
echo "########################################################"
if [ "$1" != "" ]; then
echo "** Executing '$@'"
exec "$@"
elif [ -f "/usr/sbin/httpd" ]; then
echo "** Executing HTTPD"
exec /usr/sbin/httpd -D FOREGROUND
else
echo "Unknown instructions. Exiting..."
exit 1
fi
#################################################