Quico/containers
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Compare commits

base: Quico:b036c8669a78eca15fff9d41ddb640524eaa822a
Branches Tags
Quico:master
...
compare: Quico:master
Branches Tags
Quico:master

8 Commits
b036c8669a ... master

Author SHA1 Message Date
hygienic-books
83278f6e9e refactor(zabbixserver): Has moved into its own repo 
See https://quico.space/quico-containers/zabbixserver
 2023-07-25 04:09:08 +02:00
hygienic-books
0a4f669d85 refactor(zabbixserver): Simplify Git mail patch apply 2023-05-22 20:33:04 +02:00
hygienic-books
ae13fa5c9c refactor(zabbixserver): Harmonize Git tag search 2023-05-22 20:32:39 +02:00
hygienic-books
f42f7168d2 refactor(zabbixserver): Update invocation to include upstream repo 2023-05-22 20:31:39 +02:00
hygienic-books
3fa4c2240c fix(paperless-ngx): Fix long-form depends_on 2023-05-18 02:07:37 +02:00
hygienic-books
327fabbfc0 refactor(paperless-ngx): Remove unnecessary Docker Compose file 2023-05-18 02:07:03 +02:00
hygienic-books
1abecfa8dd feat(paperless-ngx): Add missing var and a health check to upstream repo patch 2023-05-18 02:06:33 +02:00
hygienic-books
060434f3c2 Fix(paperless-ngx): Add missing var and a health check to upstream repo patch 2023-05-18 01:53:57 +02:00
20 changed files with 145 additions and 2708 deletions
Expand all files Collapse all files

18
paperless_ngx/README.md
View File

@@ -10,18 +10,28 @@ Examples assume we're using the `docker-compose.postgres-tika.yml` file which sp
* Set env vars * Set env vars
``` ```
export COMPOSE_DIR='/opt/git/github.com/paperless-ngx/paperless-ngx/branches/dev/docker/compose' export UPSTREAM_REPO_DIR='/opt/git/github.com/paperless-ngx/paperless-ngx/branches/dev'
export UPSTREAM_COMPOSE_DIR="${UPSTREAM_REPO_DIR%/}"'/docker/compose'
export UPSTREAM_COMPOSE_FILE="${UPSTREAM_COMPOSE_DIR%/}"'/docker-compose.postgres-tika.yml'
export COMPOSE_CTX='hr_juba' export COMPOSE_CTX='hr_juba'
export COMPOSE_PROJECT_NAME='paperless_ngx-'"${COMPOSE_CTX}" export COMPOSE_PROJECT_NAME='paperless_ngx-'"${COMPOSE_CTX}"
export COMPOSE_FILE="${COMPOSE_DIR%/}"'/docker-compose.postgres-tika.yml' export COMPOSE_PROJECT_DIR='/opt/containers/paperless_ngx'
export COMPOSE_OVERRIDE_FILE="${COMPOSE_PROJECT_DIR%/}"'/docker-compose.override.yml'
export COMPOSE_ENV_FILE=<set accordingly> export COMPOSE_ENV_FILE=<set accordingly>
``` ```
Also check out the example env file at [env/fully.qualified.domain.name_ctx.env.example](env/fully.qualified.domain.name_ctx.env.example). Also check out the example env file at [env/fully.qualified.domain.name_ctx.env.example](env/fully.qualified.domain.name_ctx.env.example).
* Build
```
docker compose --project-directory "${COMPOSE_PROJECT_DIR}" --file "${UPSTREAM_COMPOSE_FILE}" --file "${COMPOSE_OVERRIDE_FILE}" --env-file "${COMPOSE_ENV_FILE}" --profile 'build' build
```
We're building a custom PostgreSQL image with `ping` installed. We're using that to do a health check on our virtual IP (VIP) address. We've added a dependency to the main `paperless-ngx` web server container so that it only starts after the PostgreSQL container with its health check confirms that the VIP is reachable.
* Start containers * Start containers
``` ```
docker compose --project-name "${COMPOSE_PROJECT_NAME}" --file "${COMPOSE_FILE}" --env-file "${COMPOSE_ENV_FILE}" up --detach docker compose --project-name "${COMPOSE_PROJECT_NAME}" --file "${UPSTREAM_COMPOSE_FILE}" --env-file "${COMPOSE_ENV_FILE}" up --detach
``` ```
# Prep work # Prep work

18
paperless_ngx/build-context/Dockerfile
View File

@@ -1,14 +1,6 @@
# For the remainder of this Dockerfile EXAMPLE_ARG_FOR_DOCKERFILE will be ARG PGSQL_VERSION
# available with a value of 'must_be_available_in_dockerfile', check out the env
# file at 'env/fully.qualified.domain.name.example' for reference.
# ARG EXAMPLE_ARG_FOR_DOCKERFILE
# Another env var, this one's needed in the example build step below: FROM "docker.io/library/postgres:${PGSQL_VERSION}"
# ARG PAPERLESS_NGX_VERSION RUN apt-get update && \
apt-get -y install iputils-ping && \
# Example rm -rf /var/lib/apt/lists/*
# FROM "paperless_ngx:${PAPERLESS_NGX_VERSION}"
# RUN apt-get update && \
# apt-get -y install \
# somepackage-6.q16-6-extra && \
# rm -rf /var/lib/apt/lists/*

7
paperless_ngx/docker-compose.override.yml
View File

@@ -1,10 +1,9 @@
services: services:
paperless_ngx-build: paperless_ngx-build:
image: "paperless_ngx:${PAPERLESS_NGX_VERSION}" image: "docker.io/library/postgres:${PGSQL_VERSION}"
profiles: ["build"] profiles: ["build"]
build: build:
context: "build-context/paperless_ngx" context: "build-context"
dockerfile: Dockerfile dockerfile: Dockerfile
args: args:
EXAMPLE_ARG_FOR_DOCKERFILE: "${EXAMPLE_ARG_FROM_ENV_FILE}" PGSQL_VERSION: "${PGSQL_VERSION}"
PAPERLESS_NGX_VERSION: "${PAPERLESS_NGX_VERSION}"

28
paperless_ngx/docker-compose.yml
View File

@@ -1,28 +0,0 @@
services:
paperless_ngx:
image: "paperless_ngx:${PAPERLESS_NGX_VERSION}"
container_name: "paperless_ngx-${CONTEXT}"
networks:
paperless_ngx-default:
extends:
file: common-settings.yml
service: common-settings
ports:
# - "8080:80"
volumes:
# - /opt/docker-data/paperless_ngx-${CONTEXT}/data/db:/usr/lib/paperless_ngx
# - /opt/docker-data/paperless_ngx-${CONTEXT}/data/logs:/var/log/paperless_ngx
# - /opt/docker-data/paperless_ngx-${CONTEXT}/config:/etc/paperless_ngx
environment:
# PAPERLESS_NGX_USER: ${PAPERLESS_NGX_USER}
# PAPERLESS_NGX_PASSWORD: ${PAPERLESS_NGX_PASSWORD}
networks:
paperless_ngx-default:
name: paperless_ngx-${CONTEXT}
driver: bridge
driver_opts:
com.docker.network.enable_ipv6: "false"
ipam:
driver: default
config:
# - subnet: 172.21.184.0/24

1
paperless_ngx/env/fully.qualified.domain.name_ctx.env.example vendored
View File

@@ -8,6 +8,7 @@ PAPERLESS_OCR_LANGUAGES=bos
PAPERLESS_SECRET_KEY=face-roll-your-keyboard-here PAPERLESS_SECRET_KEY=face-roll-your-keyboard-here
PAPERLESS_TIME_ZONE=Africa/Juba PAPERLESS_TIME_ZONE=Africa/Juba
PAPERLESS_URL=https://fully.qualified.domain.name PAPERLESS_URL=https://fully.qualified.domain.name
PGSQL_VERSION=13
SUBNET=172.22.17.0/24 SUBNET=172.22.17.0/24
TIMEZONE=Africa/Juba TIMEZONE=Africa/Juba
WEBSERVER_PORT=8080 WEBSERVER_PORT=8080

140
paperless_ngx/paperless_ngx.patch
View File

@@ -1,7 +1,7 @@
From 31b7e26f6c4d7111f4f4957996efb9f7a5d06cb9 Mon Sep 17 00:00:00 2001 From 42c196c2c0dcbed0101d653e0ed67a3dfc3f1808 Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:17:21 +0200 Date: Tue, 16 May 2023 22:17:21 +0200
Subject: [PATCH 1/9] refactor(compose): 4 spaces indentation Subject: [PATCH 01/12] refactor(compose): 4 spaces indentation
--- ---
.../compose/docker-compose.postgres-tika.yml | 114 +++++++++--------- .../compose/docker-compose.postgres-tika.yml | 114 +++++++++---------
@@ -140,10 +140,11 @@ index a451b00d..7423be72 100644
2.39.1 2.39.1
From 0ebc4e023573bbd7108c3addf2ddb110af93cf55 Mon Sep 17 00:00:00 2001 From 6bf9b93ebe48036d67d94a49162c1f6c17eb80de Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:22:06 +0200 Date: Tue, 16 May 2023 22:22:06 +0200
Subject: [PATCH 2/9] refactor(compose): Harmonize restart and logging settigs Subject: [PATCH 02/12] refactor(compose): Harmonize restart and logging
settigs
--- ---
docker/compose/common-settings.yml | 11 ++++++++++ docker/compose/common-settings.yml | 11 ++++++++++
@@ -229,10 +230,10 @@ index 7423be72..d19c22d7 100644
2.39.1 2.39.1
From 2b9c005a3c1d54900d6646c9c36c7f7e98d3b2a7 Mon Sep 17 00:00:00 2001 From 9b7dd19f5c6f410594f35dd233d1d32c9d118dbf Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:28:02 +0200 Date: Tue, 16 May 2023 22:28:02 +0200
Subject: [PATCH 3/9] refactor(compose): Replace static exposed port with Subject: [PATCH 03/12] refactor(compose): Replace static exposed port with
environment variable environment variable
--- ---
@@ -256,10 +257,10 @@ index d19c22d7..554d9735 100644
2.39.1 2.39.1
From 01a55586aa24f7ab9945f5f1d563970ab0c72290 Mon Sep 17 00:00:00 2001 From aee7de3b1adfb30e7f0f2737d567cfc8190d8302 Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:30:47 +0200 Date: Tue, 16 May 2023 22:30:47 +0200
Subject: [PATCH 4/9] refactor(compose): Harmonize container names Subject: [PATCH 04/12] refactor(compose): Harmonize container names
--- ---
docker/compose/docker-compose.postgres-tika.yml | 5 +++++ docker/compose/docker-compose.postgres-tika.yml | 5 +++++
@@ -313,10 +314,11 @@ index 554d9735..10316fc2 100644
2.39.1 2.39.1
From cddc6e0ddd423ab050362289bb0753867e4f4e10 Mon Sep 17 00:00:00 2001 From e600e84d5c6e6c8938498f8cfa8bef32c1aea180 Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:36:29 +0200 Date: Tue, 16 May 2023 22:36:29 +0200
Subject: [PATCH 5/9] refactor(compose): Replace named volumes with bind mounts Subject: [PATCH 05/12] refactor(compose): Replace named volumes with bind
mounts
--- ---
.../compose/docker-compose.postgres-tika.yml | 18 ++++++------------ .../compose/docker-compose.postgres-tika.yml | 18 ++++++------------
@@ -373,10 +375,10 @@ index 10316fc2..eacb76c8 100644
2.39.1 2.39.1
From 68deaf24dd08c39ed2a90759044a9b315c04d22f Mon Sep 17 00:00:00 2001 From a1ff3cdfd84a45e0a383168470a5028246577a7d Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:37:44 +0200 Date: Tue, 16 May 2023 22:37:44 +0200
Subject: [PATCH 6/9] refactor(compose): Introduce dedicated network Subject: [PATCH 06/12] refactor(compose): Introduce dedicated network
--- ---
.../compose/docker-compose.postgres-tika.yml | 21 +++++++++++++++++++ .../compose/docker-compose.postgres-tika.yml | 21 +++++++++++++++++++
@@ -446,10 +448,10 @@ index eacb76c8..05885149 100644
2.39.1 2.39.1
From edfc732eb7c23c51dfa9a370e1a850e7cbef45b2 Mon Sep 17 00:00:00 2001 From fd35306130b35d9c4d77a3ca6849e96222a244cb Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:39:23 +0200 Date: Tue, 16 May 2023 22:39:23 +0200
Subject: [PATCH 7/9] refactor(compose): No double quotes for port variable Subject: [PATCH 07/12] refactor(compose): No double quotes for port variable
needed needed
--- ---
@@ -473,10 +475,10 @@ index 05885149..f1dd4913 100644
2.39.1 2.39.1
From 20da814bbfcc2f5745a82b3fb2fcc9edd4015482 Mon Sep 17 00:00:00 2001 From 0defc3f29d607e8c81c655b15fb9e92cf3921fdb Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 22:53:20 +0200 Date: Tue, 16 May 2023 22:53:20 +0200
Subject: [PATCH 8/9] refactor(compose): Replace hard-linked env file with Subject: [PATCH 08/12] refactor(compose): Replace hard-linked env file with
variables variables
--- ---
@@ -510,10 +512,10 @@ index f1dd4913..1a5abbb8 100644
2.39.1 2.39.1
From 64beae08ffe8f9a65208e2567919fd75564b95c6 Mon Sep 17 00:00:00 2001 From c044e323b9d09a95c782b0a216c02874be52611c Mon Sep 17 00:00:00 2001
From: hygienic-books <> From: hygienic-books <>
Date: Tue, 16 May 2023 23:15:26 +0200 Date: Tue, 16 May 2023 23:15:26 +0200
Subject: [PATCH 9/9] feat(compose): Bind to a virtual IP address Subject: [PATCH 09/12] feat(compose): Bind to a virtual IP address
--- ---
docker/compose/docker-compose.postgres-tika.yml | 2 +- docker/compose/docker-compose.postgres-tika.yml | 2 +-
@@ -535,3 +537,105 @@ index 1a5abbb8..3cb20287 100644
-- --
2.39.1 2.39.1
From 51744302beb94ff44d348f3abf834e5222aca675 Mon Sep 17 00:00:00 2001
From: hygienic-books <>
Date: Wed, 17 May 2023 23:33:44 +0200
Subject: [PATCH 10/12] fix(compose): Apply unpaper, use cleaned images to
build output file
---
docker/compose/docker-compose.postgres-tika.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/docker/compose/docker-compose.postgres-tika.yml b/docker/compose/docker-compose.postgres-tika.yml
index 3cb20287..ed60ce40 100644
--- a/docker/compose/docker-compose.postgres-tika.yml
+++ b/docker/compose/docker-compose.postgres-tika.yml
@@ -89,6 +89,7 @@ services:
PAPERLESS_TIKA_ENABLED: 1
PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000
PAPERLESS_TIKA_ENDPOINT: http://tika:9998
+ PAPERLESS_OCR_CLEAN: ${PAPERLESS_OCR_CLEAN}
PAPERLESS_OCR_LANGUAGE: ${PAPERLESS_OCR_LANGUAGE}
PAPERLESS_OCR_LANGUAGES: ${PAPERLESS_OCR_LANGUAGES}
PAPERLESS_SECRET_KEY: ${PAPERLESS_SECRET_KEY}
--
2.39.1
From 516c326ba44243c768b94b604d627616c580386c Mon Sep 17 00:00:00 2001
From: hygienic-books <>
Date: Wed, 17 May 2023 23:37:44 +0200
Subject: [PATCH 11/12] fix(compose): Let ping tell us when our virtual IP
address is bound
---
docker/compose/docker-compose.postgres-tika.yml | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/docker/compose/docker-compose.postgres-tika.yml b/docker/compose/docker-compose.postgres-tika.yml
index ed60ce40..e4e2b895 100644
--- a/docker/compose/docker-compose.postgres-tika.yml
+++ b/docker/compose/docker-compose.postgres-tika.yml
@@ -51,6 +51,12 @@ services:
extends:
file: common-settings.yml
service: common-settings
+ healthcheck:
+ test: ["CMD", "ping", "-qnc", "1", "-W", "0.2", "${WEBSERVER_VIP}"]
+ interval: 2s
+ timeout: 2s
+ retries: 3
+ start_period: 10s
volumes:
- /opt/docker-data/paperless_ngx-${CONTEXT}/db/data:/var/lib/postgresql/data
environment:
@@ -67,10 +73,11 @@ services:
file: common-settings.yml
service: common-settings
depends_on:
- - db
- - broker
- - gotenberg
- - tika
+ db:
+ condition: service_healthy
+ broker:
+ gotenberg:
+ tika:
ports:
- ${WEBSERVER_VIP}:${WEBSERVER_PORT}:8000
healthcheck:
--
2.39.1
From 249e2190fba5abd4a13c1311fe089936c3affe87 Mon Sep 17 00:00:00 2001
From: hygienic-books <>
Date: Wed, 17 May 2023 23:51:15 +0200
Subject: [PATCH 12/12] fix(compose): Unify depends_on
---
docker/compose/docker-compose.postgres-tika.yml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/docker/compose/docker-compose.postgres-tika.yml b/docker/compose/docker-compose.postgres-tika.yml
index e4e2b895..d3ec434d 100644
--- a/docker/compose/docker-compose.postgres-tika.yml
+++ b/docker/compose/docker-compose.postgres-tika.yml
@@ -76,8 +76,11 @@ services:
db:
condition: service_healthy
broker:
+ condition: service_started
gotenberg:
+ condition: service_started
tika:
+ condition: service_started
ports:
- ${WEBSERVER_VIP}:${WEBSERVER_PORT}:8000
healthcheck:
--
2.39.1

195
zabbixserver/README.md
View File

@@ -1,195 +0,0 @@
# Upstream repo
We use the [official Zabbix Docker GitHub repo](https://github.com/zabbix/zabbix-docker) for Docker Compose deployment, we add a few local changes.
Create dir
```
mkdir -p '/opt/git/github.com/zabbix/zabbix-docker/branches/latest'
```
Pull repo
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' clone 'https://github.com/zabbix/zabbix-docker' .
```
# Docker Compose
## Base setup
When everything's ready start Zabbix with Docker Compose, otherwise head down to [Initial setup](#initial-setup) or [Upgrade an existing repo](#upgrade-an-existing-repo) first.
Define variables assuming the official Zabbix Docker repo lives at `/opt/git/github.com/zabbix/zabbix-docker/branches/latest`:
```
export COMPOSE_DIR='/opt/git/github.com/zabbix/zabbix-docker/branches/latest'
export COMPOSE_FILE="${COMPOSE_DIR}"'/docker-compose_v3_alpine_pgsql_latest.yaml'
export COMPOSE_ENV_FILE=<add accordingly>
```
Run Zabbix like so
```
docker compose --file "${COMPOSE_FILE}" --env-file "${COMPOSE_ENV_FILE}" up --detach
```
## Additional files
- [common-settings.yml](common-settings.yml)
This file will be auto-created as part of the patch. Use it as an example in case patching fails
- [env/fqdn_context.env.example](env/fqdn_context.env.example)
An example env file with all currently used variables after `docker-compose_v3_alpine_pgsql_latest.yaml` is patched
- Directory tree underneath [build-context](build-context)
```
build-context/
└── docker-data
├── postgres
│   └── config
│   ├── cert
│   │   ├── ZBX_PGSQL_TLS_CA_CERT_FILE
│   │   ├── ZBX_PGSQL_TLS_CERT_FILE
│   │   └── ZBX_PGSQL_TLS_KEY_FILE
│   └── docker-entrypoint-initdb.d
│   └── init-user-db.sh
├── zabbixserver
│   └── config
│   └── cert
│   ├── ZBX_SERVER_TLS_CA_CERT_FILE
│   ├── ZBX_SERVER_TLS_CERT_FILE
│   └── ZBX_SERVER_TLS_KEY_FILE
└── zabbixwebnginx
└── config
└── cert
├── dhparam.pem
├── ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE
└── ZBX_WEBNGINX_TLS_KEY_FILE
```
Example data you're going to want to physically place on your deployment machine. SSL certs and keys are blank files each of which has the exact same name used in env file `fqdn_context.env.example`.
In [postgres/config/docker-entrypoint-initdb.d](build-context/docker-data/postgres/config/docker-entrypoint-initdb.d) a PostgreSQL initialization script - when this container is run on a completely empty data directory - will create an additional read-only user `ZBX_DB_USERNAME_RO` with password `ZBX_DB_USERNAME_PW`. The example's intended to grant a Grafana daemon direct PostgreSQL database read access.
# Upgrade an existing repo
Check [Initial setup](#initial-setup) below for first time steps. On consecutive upgrades proceed as follows.
## Revert unpushed local changes
Return repo state to exactly the upstream repo's original branch state throwing away the commits you added.
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' reset --hard origin
```
Switch to `trunk` branch, get newest commits from upstream
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' checkout trunk
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' pull
```
Pick and checkout new tag
```
while IFS= read -r tag; do printf -- '%s %s\n' "$(git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' rev-list -n 1 'refs/tags/'"${tag}")" "${tag}"; done < <(git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' --no-pager tag --list --sort=v:refname)
# Output goes like:
...
89511f06ad4de6b373f10b06604dc5d8e1da02df 6.2.7
2025ec8ad74f59981ad6598e9f6cd2a5c9c99f6b 6.2.8
59a91bfbb6e46885f201e50f9197a7a44d3ba3ac 6.2.9
9f2e726e554b23595489eb66c8e11e5d114b573f 6.4.0
9f16f6d773a2a46f1595c86077899d1e040db283 6.4.1
0fa87156974e799e04bf99e5300bad6830d754ab 6.4.2
...
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' checkout 'tags/x.y.z'
```
Lastly [apply patch](#apply-patch). If patch does not apply cleanly read on in the next section [Create new patch](#create-new-patch) to find out how to fix your patch.
# Create new patch
## Add your changes as commits
Get `zabbix-docker` repo into a state with which you're happy then
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' format-patch 7665739620ba6d99090838d502ab76d2f5a47e96^..a17380598ca66153ddc2a42eb618d906d4f582e6 --stdout > '/opt/containers/zabbixserver/zabbix-docker.patch'
```
Where the first commit hash is our first commit and the other commit hash is our last commit. Note the caret (`^`) right after the first commit hash.
## Investigation
You may have to try and find out how a known good base commit differs from a newer one in case the newer one does no longer cleanly accept the patch.
Get commit hashes from both affected tags, e.g.
```
while IFS= read -r tag; do printf -- '%s %s\n' "$(git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' rev-list -n 1 'refs/tags/'"${tag}")" "${tag}"; done < <(git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' --no-pager tag --list --sort=v:refname)
# Output goes like:
...
89511f06ad4de6b373f10b06604dc5d8e1da02df 6.2.7
2025ec8ad74f59981ad6598e9f6cd2a5c9c99f6b 6.2.8
59a91bfbb6e46885f201e50f9197a7a44d3ba3ac 6.2.9
9f2e726e554b23595489eb66c8e11e5d114b573f 6.4.0
9f16f6d773a2a46f1595c86077899d1e040db283 6.4.1
0fa87156974e799e04bf
# Run
99e5300bad6830d754ab 6.4.2
...
```
Diff them
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' diff 9f16f6d773a2a46f1595c86077899d1e040db283 0fa87156974e799e04bf99e5300bad6830d754ab 'docker-compose_v3_alpine_pgsql_latest.yaml'
```
Output will be empty in case no difference exists in `docker-compose_v3_alpine_pgsql_latest.yaml` between both commit hashes.
Commit your updated patch file into _this_ repo. With a new working patch in hand head back up to [Upgrade an existing repo](#upgrade-an-existing-repo).
# Initial setup
## Prep
Get desired tag e.g. from version-sorted tags list
```
while IFS= read -r tag; do printf -- '%s %s\n' "$(git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' rev-list -n 1 'refs/tags/'"${tag}")" "${tag}"; done < <(git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' --no-pager tag --list --sort=v:refname)
# Output goes like:
...
89511f06ad4de6b373f10b06604dc5d8e1da02df 6.2.7
2025ec8ad74f59981ad6598e9f6cd2a5c9c99f6b 6.2.8
59a91bfbb6e46885f201e50f9197a7a44d3ba3ac 6.2.9
9f2e726e554b23595489eb66c8e11e5d114b573f 6.4.0
9f16f6d773a2a46f1595c86077899d1e040db283 6.4.1
0fa87156974e799e04bf99e5300bad6830d754ab 6.4.2
...
```
Switch to desired tag
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' checkout 'tags/6.4.2'
```
## Apply patch
Identify yourself to the local `zabbix-docker` repo
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' config user.name "hygienic-books"
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' config user.email "hygienic-books@tentic.net"
```
Apply `zabbix-docker.patch` to Docker Compose file. We use Zabbix' `docker-compose_v3_alpine_pgsql_latest.yaml` Compose file. Assuming this repo lives at `/opt/containers/zabbixserver`:
```
git -C '/opt/git/github.com/zabbix/zabbix-docker/branches/latest' am '/opt/containers/zabbixserver/zabbix-docker.patch'
# Output will be:
Applying: refactor(compose): Remove trailing whitespace
Applying: refactor(compose): 4 leading spaces
Applying: refactor(compose): Indent comments
Applying: refactor(zabbix-server): Set correct libs paths
Applying: refactor(zabbix-server): Set TLS cert file names
Applying: feat(zabbix-server): Replace env files with variables
...
```
And now back up to [Docker Compose](#docker-compose).

0
zabbixserver/build-context/docker-data/postgres/config/cert/ZBX_PGSQL_TLS_CA_CERT_FILE
View File

0
zabbixserver/build-context/docker-data/postgres/config/cert/ZBX_PGSQL_TLS_CERT_FILE
View File

0
zabbixserver/build-context/docker-data/postgres/config/cert/ZBX_PGSQL_TLS_KEY_FILE
View File

21
zabbixserver/build-context/docker-data/postgres/config/docker-entrypoint-initdb.d/init-user-db.sh
View File

@@ -1,21 +0,0 @@
#!/bin/bash
set -e
sleep 20
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
DO
\$block\$
BEGIN
IF EXISTS (
SELECT FROM pg_catalog.pg_roles WHERE rolname = '${ZBX_DB_USERNAME_RO}'
)
THEN
RAISE NOTICE 'Role ''${ZBX_DB_USERNAME_RO}'' already exists. Skipping ...';
ELSE
CREATE ROLE "${ZBX_DB_USERNAME_RO}" WITH PASSWORD '${ZBX_DB_USERNAME_PW}';
GRANT CONNECT ON DATABASE "${POSTGRES_DB}" TO "${ZBX_DB_USERNAME_RO}";
GRANT SELECT ON ALL TABLES IN SCHEMA public TO "${ZBX_DB_USERNAME_RO}";
END IF;
END
\$block\$;
EOSQL

0
zabbixserver/build-context/docker-data/zabbixserver/config/cert/ZBX_SERVER_TLS_CA_CERT_FILE
View File

0
zabbixserver/build-context/docker-data/zabbixserver/config/cert/ZBX_SERVER_TLS_CERT_FILE
View File

0
zabbixserver/build-context/docker-data/zabbixserver/config/cert/ZBX_SERVER_TLS_KEY_FILE
View File

0
zabbixserver/build-context/docker-data/zabbixwebnginx/config/cert/ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE
View File

0
zabbixserver/build-context/docker-data/zabbixwebnginx/config/cert/ZBX_WEBNGINX_TLS_KEY_FILE
View File

13
zabbixserver/build-context/docker-data/zabbixwebnginx/config/cert/dhparam.pem
View File

@@ -1,13 +0,0 @@
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA1shg4Gf/2rG+kllZ1qE2or0BHGqhDdjw0DlwNlPL9qVaiqmU/TRq
LCxr0ZloKa8dwImvEtwxy8bJROMW7gcVfYebsOwTnNbQGePkQ3OSKyyBBG+A04rx
QAT6mxgG84ydQOicu42mK0lRwWeFUzZFauZa8CWEcaLcKBUxYQWN6QXOAk7pUQ32
3vAjUKL8+dYUINCna5QXOPmNgnSmXJfjPEnLwveDUTj6IaXFLvWmJm4yRgi7AvXF
r85aAKl9FgT7e5+BntpJAP4Mj7TYxVyHHq7BLZAke7slwe6bkFLxQ6H3INlTYWgp
QEmALgW+KjiARTTh12NJgJvT0ti4ck7VA6P9eN5kw4FCEg1hZbMLFQg7asUWq9tV
7usrDC971W46YsrBstQg851Vbs64ZMf5+knHYJIWaUF5ZTQ1cHihKhEfGJOdRvxU
Py2q192knNzXwroqi/q22iUe9zu4kPRI3qLjR1brVcf8mkUGnMtkIZsO6cdHdvf9
+2De05V57/yCp8R1QUY/UErdDSO+ey+gNFVfpIBdUIoy8+bG1Dcz70X8DDHXD+4+
DJXeajEWS4xkHEB8kaoYGHS6dDJpQk/nsk2H4Mdb1M/uYDedLdMh3FVjH40lzQzR
oRYpzgieag0RPJcaxi6z8PN0HEuVpPA8EbOvxwDMR2zp4zJxHuA0inMCAQI=
-----END DH PARAMETERS-----

11
zabbixserver/common-settings.yml
View File

@@ -1,11 +0,0 @@
services:
common-settings:
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
compress: "true"
environment:
TZ: Europe/Berlin
restart: unless-stopped

27
zabbixserver/env/fqdn_context.env.example vendored
View File

@@ -1,27 +0,0 @@
# This file is maintained by remco and populated with data from HashiCorp
# Vault. Changes not done in Vault will be reverted when file gets rendered.
CTX=
PHP_TZ=
POSTGRES_DB=
POSTGRES_PASSWORD=
POSTGRES_USER=
VAULT_TOKEN=
ZBX_DB_USERNAME_PW=
ZBX_DB_USERNAME_RO=
ZBX_PGSQL_TLS_CA_CERT_FILE=
ZBX_PGSQL_TLS_CERT_FILE=
ZBX_PGSQL_TLS_KEY_FILE=
ZBX_SERVER_HOST=
ZBX_SERVER_NAME=
ZBX_SERVER_TLS_CA_CERT_FILE=
ZBX_SERVER_TLS_CERT_FILE=
ZBX_SERVER_TLS_KEY_FILE=
ZBX_VAULTDBPATH=
ZBX_VAULTURL=
ZBX_WEBNGINX_EXPOSED_HTTPS_PORT=
ZBX_WEBNGINX_EXPOSED_HTTP_PORT=
ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE=
ZBX_WEBNGINX_TLS_KEY_FILE=
# When needed for temporary debugging
# ZBX_DEBUGLEVEL=4

2374
zabbixserver/zabbix-docker.patch
View File

File diff suppressed because it is too large Load Diff