From 4236b6d502a03ee9a4ab0a3699e740cc45f687a4 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 16 Jan 2025 13:53:02 +0900 Subject: [PATCH] Added OpenSSL package to server and sqlite3 images. Required to perform rehash of added CA certificates --- Dockerfiles/proxy-mysql/alpine/Dockerfile | 1 + Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/centos/Dockerfile | 1 + Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/ol/Dockerfile | 1 + Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/rhel/Dockerfile | 1 + Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-mysql/ubuntu/Dockerfile | 1 + Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/alpine/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/centos/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/ol/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/rhel/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile | 1 + Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/alpine/Dockerfile | 1 + Dockerfiles/server-mysql/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/centos/Dockerfile | 1 + Dockerfiles/server-mysql/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/ol/Dockerfile | 1 + Dockerfiles/server-mysql/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/rhel/Dockerfile | 1 + Dockerfiles/server-mysql/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/server-mysql/ubuntu/Dockerfile | 1 + Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/alpine/Dockerfile | 1 + Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/centos/Dockerfile | 1 + Dockerfiles/server-pgsql/centos/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/ol/Dockerfile | 1 + Dockerfiles/server-pgsql/ol/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/rhel/Dockerfile | 1 + Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh | 2 ++ Dockerfiles/server-pgsql/ubuntu/Dockerfile | 1 + Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh | 2 ++ compose_zabbix_components.yaml | 6 ++++++ 41 files changed, 66 insertions(+) diff --git a/Dockerfiles/proxy-mysql/alpine/Dockerfile b/Dockerfiles/proxy-mysql/alpine/Dockerfile index 876eb295a..890652e0a 100644 --- a/Dockerfiles/proxy-mysql/alpine/Dockerfile +++ b/Dockerfiles/proxy-mysql/alpine/Dockerfile @@ -51,6 +51,7 @@ RUN set -eux && \ traceroute \ nmap \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh index 8b8009f70..19cf9d07c 100755 --- a/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/alpine/docker-entrypoint.sh @@ -384,6 +384,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/centos/Dockerfile b/Dockerfiles/proxy-mysql/centos/Dockerfile index 36f3fa886..b073be9eb 100644 --- a/Dockerfiles/proxy-mysql/centos/Dockerfile +++ b/Dockerfiles/proxy-mysql/centos/Dockerfile @@ -62,6 +62,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ shadow-utils \ diff --git a/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh index cb1f2dea8..510cf5d2f 100755 --- a/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/centos/docker-entrypoint.sh @@ -381,6 +381,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/ol/Dockerfile b/Dockerfiles/proxy-mysql/ol/Dockerfile index f0d4f50a8..62393e26d 100644 --- a/Dockerfiles/proxy-mysql/ol/Dockerfile +++ b/Dockerfiles/proxy-mysql/ol/Dockerfile @@ -62,6 +62,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ zlib \ diff --git a/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh index cb1f2dea8..510cf5d2f 100755 --- a/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/ol/docker-entrypoint.sh @@ -381,6 +381,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/rhel/Dockerfile b/Dockerfiles/proxy-mysql/rhel/Dockerfile index f121d8729..e172916bd 100644 --- a/Dockerfiles/proxy-mysql/rhel/Dockerfile +++ b/Dockerfiles/proxy-mysql/rhel/Dockerfile @@ -77,6 +77,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ libcurl-minimal \ libevent \ openldap \ + openssl \ libssh \ libxml2 \ mysql \ diff --git a/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh index cb1f2dea8..510cf5d2f 100755 --- a/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/rhel/docker-entrypoint.sh @@ -381,6 +381,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile index 2fcc54a29..c2710a92c 100644 --- a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile @@ -55,6 +55,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ nmap \ ca-certificates \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh b/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh index cb1f2dea8..510cf5d2f 100755 --- a/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/proxy-mysql/ubuntu/docker-entrypoint.sh @@ -381,6 +381,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile index 9f97a71ef..2abae96a7 100644 --- a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile @@ -50,6 +50,7 @@ RUN set -eux && \ nmap \ fping \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh index aa130bd52..1ce7db6c4 100755 --- a/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/alpine/docker-entrypoint.sh @@ -161,6 +161,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/centos/Dockerfile b/Dockerfiles/proxy-sqlite3/centos/Dockerfile index e8a634f8e..d1bf5bc66 100644 --- a/Dockerfiles/proxy-sqlite3/centos/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/centos/Dockerfile @@ -57,6 +57,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ shadow-utils \ diff --git a/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh index aa130bd52..1ce7db6c4 100755 --- a/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/centos/docker-entrypoint.sh @@ -161,6 +161,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/ol/Dockerfile b/Dockerfiles/proxy-sqlite3/ol/Dockerfile index 6a8a5bd94..fd425b1a6 100644 --- a/Dockerfiles/proxy-sqlite3/ol/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ol/Dockerfile @@ -58,6 +58,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ zlib \ diff --git a/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh index aa130bd52..1ce7db6c4 100755 --- a/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/ol/docker-entrypoint.sh @@ -161,6 +161,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile index 61574eedb..579aa1de6 100644 --- a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile @@ -75,6 +75,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ libcurl-minimal \ libevent \ openldap \ + openssl \ libssh \ libxml2 \ net-snmp-agent-libs \ diff --git a/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh index aa130bd52..1ce7db6c4 100755 --- a/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/rhel/docker-entrypoint.sh @@ -161,6 +161,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile index bc24d1ca5..9000d8a38 100644 --- a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile @@ -53,6 +53,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ nmap \ ca-certificates \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh b/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh index aa130bd52..1ce7db6c4 100755 --- a/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/proxy-sqlite3/ubuntu/docker-entrypoint.sh @@ -161,6 +161,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/alpine/Dockerfile b/Dockerfiles/server-mysql/alpine/Dockerfile index 23a0deb5e..c81236ed1 100644 --- a/Dockerfiles/server-mysql/alpine/Dockerfile +++ b/Dockerfiles/server-mysql/alpine/Dockerfile @@ -52,6 +52,7 @@ RUN set -eux && \ nmap \ tzdata \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh b/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh index 4954c14de..c37b17b24 100755 --- a/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/alpine/docker-entrypoint.sh @@ -400,6 +400,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/centos/Dockerfile b/Dockerfiles/server-mysql/centos/Dockerfile index 8f5a6a407..55b74fb03 100644 --- a/Dockerfiles/server-mysql/centos/Dockerfile +++ b/Dockerfiles/server-mysql/centos/Dockerfile @@ -66,6 +66,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ shadow-utils \ diff --git a/Dockerfiles/server-mysql/centos/docker-entrypoint.sh b/Dockerfiles/server-mysql/centos/docker-entrypoint.sh index 14c35ead6..b6e65d2b1 100755 --- a/Dockerfiles/server-mysql/centos/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/centos/docker-entrypoint.sh @@ -397,6 +397,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/ol/Dockerfile b/Dockerfiles/server-mysql/ol/Dockerfile index 1a6356097..53b14c31a 100644 --- a/Dockerfiles/server-mysql/ol/Dockerfile +++ b/Dockerfiles/server-mysql/ol/Dockerfile @@ -65,6 +65,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ zlib \ diff --git a/Dockerfiles/server-mysql/ol/docker-entrypoint.sh b/Dockerfiles/server-mysql/ol/docker-entrypoint.sh index 14c35ead6..b6e65d2b1 100755 --- a/Dockerfiles/server-mysql/ol/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/ol/docker-entrypoint.sh @@ -397,6 +397,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/rhel/Dockerfile b/Dockerfiles/server-mysql/rhel/Dockerfile index 9b1c4dc30..cfb1cf7ec 100644 --- a/Dockerfiles/server-mysql/rhel/Dockerfile +++ b/Dockerfiles/server-mysql/rhel/Dockerfile @@ -75,6 +75,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ shadow-utils \ iputils \ hostname \ + openssl \ libssh \ libpsl \ libbrotli \ diff --git a/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh b/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh index 14c35ead6..b6e65d2b1 100755 --- a/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/rhel/docker-entrypoint.sh @@ -397,6 +397,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-mysql/ubuntu/Dockerfile b/Dockerfiles/server-mysql/ubuntu/Dockerfile index a0e50b356..42929ebe5 100644 --- a/Dockerfiles/server-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/server-mysql/ubuntu/Dockerfile @@ -57,6 +57,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ iputils-ping \ traceroute \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh b/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh index 14c35ead6..b6e65d2b1 100755 --- a/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/server-mysql/ubuntu/docker-entrypoint.sh @@ -397,6 +397,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/alpine/Dockerfile b/Dockerfiles/server-pgsql/alpine/Dockerfile index 1694c8450..6813e30c6 100644 --- a/Dockerfiles/server-pgsql/alpine/Dockerfile +++ b/Dockerfiles/server-pgsql/alpine/Dockerfile @@ -52,6 +52,7 @@ RUN set -eux && \ fping \ tzdata \ iputils \ + openssl \ libcap \ libcurl \ libevent \ diff --git a/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh b/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh index 564d440ad..4002263ea 100755 --- a/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh @@ -427,6 +427,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/centos/Dockerfile b/Dockerfiles/server-pgsql/centos/Dockerfile index f55d2b745..c8d2f864d 100644 --- a/Dockerfiles/server-pgsql/centos/Dockerfile +++ b/Dockerfiles/server-pgsql/centos/Dockerfile @@ -64,6 +64,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ postgresql \ diff --git a/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh b/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh index 564d440ad..4002263ea 100755 --- a/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/centos/docker-entrypoint.sh @@ -427,6 +427,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/ol/Dockerfile b/Dockerfiles/server-pgsql/ol/Dockerfile index b13365767..de5172326 100644 --- a/Dockerfiles/server-pgsql/ol/Dockerfile +++ b/Dockerfiles/server-pgsql/ol/Dockerfile @@ -63,6 +63,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ net-snmp-libs \ OpenIPMI-libs \ openldap \ + openssl \ openssl-libs \ pcre2 \ postgresql \ diff --git a/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh b/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh index 564d440ad..4002263ea 100755 --- a/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/ol/docker-entrypoint.sh @@ -427,6 +427,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/rhel/Dockerfile b/Dockerfiles/server-pgsql/rhel/Dockerfile index b0db8bd7d..5a5acf08f 100644 --- a/Dockerfiles/server-pgsql/rhel/Dockerfile +++ b/Dockerfiles/server-pgsql/rhel/Dockerfile @@ -75,6 +75,7 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \ shadow-utils \ iputils \ hostname \ + openssl \ libssh \ libpsl \ libbrotli \ diff --git a/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh b/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh index 564d440ad..4002263ea 100755 --- a/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/rhel/docker-entrypoint.sh @@ -427,6 +427,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/Dockerfiles/server-pgsql/ubuntu/Dockerfile b/Dockerfiles/server-pgsql/ubuntu/Dockerfile index 77b6b8c03..b119d0aab 100644 --- a/Dockerfiles/server-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/server-pgsql/ubuntu/Dockerfile @@ -57,6 +57,7 @@ RUN --mount=type=cache,target=/var/cache/apt/,sharing=locked \ iputils-ping \ traceroute \ fping \ + openssl \ libcurl4t64 \ libevent-2.1 \ libevent-pthreads-2.1 \ diff --git a/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh b/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh index 564d440ad..4002263ea 100755 --- a/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh +++ b/Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh @@ -427,6 +427,8 @@ update_zbx_config() { else export ZBX_ALLOWROOT=1 fi + + command -v openssl >/dev/null 2>&1 && openssl rehash -v "${ZBX_SSLCALOCATION}" 1>/dev/null } clear_zbx_env() { diff --git a/compose_zabbix_components.yaml b/compose_zabbix_components.yaml index 913c3a025..2d5f07426 100644 --- a/compose_zabbix_components.yaml +++ b/compose_zabbix_components.yaml @@ -18,6 +18,9 @@ services: - ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ${DATA_DIRECTORY}/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/certs:/var/lib/zabbix/ssl/certs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/keys:/var/lib/zabbix/ssl/keys:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/ssl_ca:/var/lib/zabbix/ssl/ssl_ca:rw - snmptraps:/var/lib/zabbix/snmptraps:roz tmpfs: /tmp ulimits: @@ -171,6 +174,9 @@ services: - ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ${DATA_DIRECTORY}/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/certs:/var/lib/zabbix/ssl/certs:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/keys:/var/lib/zabbix/ssl/keys:ro + - ${DATA_DIRECTORY}/var/lib/zabbix/ssl/ssl_ca:/var/lib/zabbix/ssl/ssl_ca:rw - snmptraps:/var/lib/zabbix/snmptraps:ro tmpfs: /tmp ulimits: