From ff21b68dac12dc42d192fb59868c57b63e78624b Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:57:59 +0200 Subject: [PATCH 01/32] refactor(compose): Remove trailing whitespace --- docker-compose_v3_alpine_pgsql_latest.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index de4ed58cd..97d59c4ac 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -6,7 +6,7 @@ services: - "10051:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro + - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/dbscripts:/var/lib/zabbix/dbscripts:ro @@ -71,7 +71,7 @@ services: - "10061:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro + - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro @@ -120,7 +120,7 @@ services: - "10071:10051" volumes: - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro + - /etc/timezone:/etc/timezone:ro - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro -- 2.39.1 From aecfc17b400a6e9e924adc7590c1f1b6b62b0700 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Mon, 24 Apr 2023 18:08:56 +0200 Subject: [PATCH 02/32] refactor(compose): 4 leading spaces --- docker-compose_v3_alpine_pgsql_latest.yaml | 994 ++++++++++----------- 1 file changed, 497 insertions(+), 497 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 97d59c4ac..7bb6e60be 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -1,518 +1,518 @@ version: '3.5' services: - zabbix-server: - image: zabbix/zabbix-server-pgsql:alpine-6.4-latest - ports: - - "10051:10051" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ./zbx_env/var/lib/zabbix/dbscripts:/var/lib/zabbix/dbscripts:ro - - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro -# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro - ulimits: - nproc: 65535 - nofile: - soft: 20000 - hard: 40000 - deploy: - resources: - limits: - cpus: '0.70' - memory: 1G - reservations: - cpus: '0.5' - memory: 512M - env_file: - - ./env_vars/.env_db_pgsql - - ./env_vars/.env_srv - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD - depends_on: - - postgres-server - networks: - zbx_net_backend: - aliases: - - zabbix-server - - zabbix-server-pgsql - - zabbix-server-alpine-pgsql - - zabbix-server-pgsql-alpine - zbx_net_frontend: -# devices: -# - "/dev/ttyUSB0:/dev/ttyUSB0" - stop_grace_period: 30s - sysctls: - - net.ipv4.ip_local_port_range=1024 65000 - - net.ipv4.conf.all.accept_redirects=0 - - net.ipv4.conf.all.secure_redirects=0 - - net.ipv4.conf.all.send_redirects=0 - labels: - com.zabbix.description: "Zabbix server with PostgreSQL database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-server" - com.zabbix.dbtype: "pgsql" - com.zabbix.os: "alpine" + zabbix-server: + image: zabbix/zabbix-server-pgsql:alpine-6.4-latest + ports: + - "10051:10051" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro + - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro + - ./zbx_env/var/lib/zabbix/dbscripts:/var/lib/zabbix/dbscripts:ro + - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw + - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + ulimits: + nproc: 65535 + nofile: + soft: 20000 + hard: 40000 + deploy: + resources: + limits: + cpus: '0.70' + memory: 1G + reservations: + cpus: '0.5' + memory: 512M + env_file: + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_srv + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + depends_on: + - postgres-server + networks: + zbx_net_backend: + aliases: + - zabbix-server + - zabbix-server-pgsql + - zabbix-server-alpine-pgsql + - zabbix-server-pgsql-alpine + zbx_net_frontend: +# devices: +# - "/dev/ttyUSB0:/dev/ttyUSB0" + stop_grace_period: 30s + sysctls: + - net.ipv4.ip_local_port_range=1024 65000 + - net.ipv4.conf.all.accept_redirects=0 + - net.ipv4.conf.all.secure_redirects=0 + - net.ipv4.conf.all.send_redirects=0 + labels: + com.zabbix.description: "Zabbix server with PostgreSQL database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-server" + com.zabbix.dbtype: "pgsql" + com.zabbix.os: "alpine" - zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:alpine-6.4-latest - profiles: - - all - ports: - - "10061:10051" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - - snmptraps:/var/lib/zabbix/snmptraps:rw - ulimits: - nproc: 65535 - nofile: - soft: 20000 - hard: 40000 - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.3' - memory: 256M - env_file: - - ./env_vars/.env_prx - - ./env_vars/.env_prx_sqlite3 - depends_on: - - zabbix-java-gateway - - zabbix-snmptraps - networks: - zbx_net_backend: - aliases: - - zabbix-proxy-sqlite3 - - zabbix-proxy-alpine-sqlite3 - - zabbix-proxy-sqlite3-alpine - zbx_net_frontend: - stop_grace_period: 30s - labels: - com.zabbix.description: "Zabbix proxy with SQLite3 database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-proxy" - com.zabbix.dbtype: "sqlite3" - com.zabbix.os: "alpine" + zabbix-proxy-sqlite3: + image: zabbix/zabbix-proxy-sqlite3:alpine-6.4-latest + profiles: + - all + ports: + - "10061:10051" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro + - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - snmptraps:/var/lib/zabbix/snmptraps:rw + ulimits: + nproc: 65535 + nofile: + soft: 20000 + hard: 40000 + deploy: + resources: + limits: + cpus: '0.70' + memory: 512M + reservations: + cpus: '0.3' + memory: 256M + env_file: + - ./env_vars/.env_prx + - ./env_vars/.env_prx_sqlite3 + depends_on: + - zabbix-java-gateway + - zabbix-snmptraps + networks: + zbx_net_backend: + aliases: + - zabbix-proxy-sqlite3 + - zabbix-proxy-alpine-sqlite3 + - zabbix-proxy-sqlite3-alpine + zbx_net_frontend: + stop_grace_period: 30s + labels: + com.zabbix.description: "Zabbix proxy with SQLite3 database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-proxy" + com.zabbix.dbtype: "sqlite3" + com.zabbix.os: "alpine" - zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:alpine-6.4-latest - profiles: - - all - ports: - - "10071:10051" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - - snmptraps:/var/lib/zabbix/snmptraps:rw - ulimits: - nproc: 65535 - nofile: - soft: 20000 - hard: 40000 - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.3' - memory: 256M - env_file: - - ./env_vars/.env_db_mysql_proxy - - ./env_vars/.env_prx - - ./env_vars/.env_prx_mysql - secrets: - - MYSQL_USER - - MYSQL_PASSWORD - - MYSQL_ROOT_USER - - MYSQL_ROOT_PASSWORD - depends_on: - - mysql-server - - zabbix-java-gateway - - zabbix-snmptraps - networks: - zbx_net_backend: - aliases: - - zabbix-proxy-mysql - - zabbix-proxy-alpine-mysql - - zabbix-proxy-mysql-alpine - zbx_net_frontend: - stop_grace_period: 30s - labels: - com.zabbix.description: "Zabbix proxy with MySQL database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-proxy" - com.zabbix.dbtype: "mysql" - com.zabbix.os: "alpine" + zabbix-proxy-mysql: + image: zabbix/zabbix-proxy-mysql:alpine-6.4-latest + profiles: + - all + ports: + - "10071:10051" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro + - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - snmptraps:/var/lib/zabbix/snmptraps:rw + ulimits: + nproc: 65535 + nofile: + soft: 20000 + hard: 40000 + deploy: + resources: + limits: + cpus: '0.70' + memory: 512M + reservations: + cpus: '0.3' + memory: 256M + env_file: + - ./env_vars/.env_db_mysql_proxy + - ./env_vars/.env_prx + - ./env_vars/.env_prx_mysql + secrets: + - MYSQL_USER + - MYSQL_PASSWORD + - MYSQL_ROOT_USER + - MYSQL_ROOT_PASSWORD + depends_on: + - mysql-server + - zabbix-java-gateway + - zabbix-snmptraps + networks: + zbx_net_backend: + aliases: + - zabbix-proxy-mysql + - zabbix-proxy-alpine-mysql + - zabbix-proxy-mysql-alpine + zbx_net_frontend: + stop_grace_period: 30s + labels: + com.zabbix.description: "Zabbix proxy with MySQL database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-proxy" + com.zabbix.dbtype: "mysql" + com.zabbix.os: "alpine" - zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:alpine-6.4-latest - profiles: - - all - ports: - - "8081:8080" - - "8443:8443" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.5' - memory: 256M - env_file: - - ./env_vars/.env_db_pgsql - - ./env_vars/.env_web - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD - depends_on: - - postgres-server - - zabbix-server - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/"] - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s - networks: - zbx_net_backend: - aliases: - - zabbix-web-apache-pgsql - - zabbix-web-apache-alpine-pgsql - - zabbix-web-apache-pgsql-alpine - zbx_net_frontend: - stop_grace_period: 10s - sysctls: - - net.core.somaxconn=65535 - labels: - com.zabbix.description: "Zabbix frontend on Apache web-server with PostgreSQL database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-frontend" - com.zabbix.webserver: "apache2" - com.zabbix.dbtype: "pgsql" - com.zabbix.os: "alpine" + zabbix-web-apache-pgsql: + image: zabbix/zabbix-web-apache-pgsql:alpine-6.4-latest + profiles: + - all + ports: + - "8081:8080" + - "8443:8443" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro + - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + deploy: + resources: + limits: + cpus: '0.70' + memory: 512M + reservations: + cpus: '0.5' + memory: 256M + env_file: + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + depends_on: + - postgres-server + - zabbix-server + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/"] + interval: 10s + timeout: 5s + retries: 3 + start_period: 30s + networks: + zbx_net_backend: + aliases: + - zabbix-web-apache-pgsql + - zabbix-web-apache-alpine-pgsql + - zabbix-web-apache-pgsql-alpine + zbx_net_frontend: + stop_grace_period: 10s + sysctls: + - net.core.somaxconn=65535 + labels: + com.zabbix.description: "Zabbix frontend on Apache web-server with PostgreSQL database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-frontend" + com.zabbix.webserver: "apache2" + com.zabbix.dbtype: "pgsql" + com.zabbix.os: "alpine" - zabbix-web-nginx-pgsql: - image: zabbix/zabbix-web-nginx-pgsql:alpine-6.4-latest - ports: - - "80:8080" - - "443:8443" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.5' - memory: 256M - env_file: - - ./env_vars/.env_db_pgsql - - ./env_vars/.env_web - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD - depends_on: - - postgres-server - - zabbix-server - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/ping"] - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s - networks: - zbx_net_backend: - aliases: - - zabbix-web-nginx-pgsql - - zabbix-web-nginx-alpine-pgsql - - zabbix-web-nginx-pgsql-alpine - zbx_net_frontend: - stop_grace_period: 10s - sysctls: - - net.core.somaxconn=65535 - labels: - com.zabbix.description: "Zabbix frontend on Nginx web-server with PostgreSQL database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-frontend" - com.zabbix.webserver: "nginx" - com.zabbix.dbtype: "pgsql" - com.zabbix.os: "alpine" + zabbix-web-nginx-pgsql: + image: zabbix/zabbix-web-nginx-pgsql:alpine-6.4-latest + ports: + - "80:8080" + - "443:8443" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro + - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro +# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro +# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro +# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + deploy: + resources: + limits: + cpus: '0.70' + memory: 512M + reservations: + cpus: '0.5' + memory: 256M + env_file: + - ./env_vars/.env_db_pgsql + - ./env_vars/.env_web + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + depends_on: + - postgres-server + - zabbix-server + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/ping"] + interval: 10s + timeout: 5s + retries: 3 + start_period: 30s + networks: + zbx_net_backend: + aliases: + - zabbix-web-nginx-pgsql + - zabbix-web-nginx-alpine-pgsql + - zabbix-web-nginx-pgsql-alpine + zbx_net_frontend: + stop_grace_period: 10s + sysctls: + - net.core.somaxconn=65535 + labels: + com.zabbix.description: "Zabbix frontend on Nginx web-server with PostgreSQL database support" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-frontend" + com.zabbix.webserver: "nginx" + com.zabbix.dbtype: "pgsql" + com.zabbix.os: "alpine" - zabbix-agent: - image: zabbix/zabbix-agent:alpine-6.4-latest - profiles: - - full - - all - ports: - - "10050:10050" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - deploy: - resources: - limits: - cpus: '0.2' - memory: 128M - reservations: - cpus: '0.1' - memory: 64M - mode: global - env_file: - - ./env_vars/.env_agent - privileged: true - pid: "host" - networks: - zbx_net_backend: - aliases: - - zabbix-agent - - zabbix-agent-passive - - zabbix-agent-alpine - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix agent" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-agentd" - com.zabbix.os: "alpine" + zabbix-agent: + image: zabbix/zabbix-agent:alpine-6.4-latest + profiles: + - full + - all + ports: + - "10050:10050" + volumes: + - /etc/localtime:/etc/localtime:ro + - /etc/timezone:/etc/timezone:ro + - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro + - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + deploy: + resources: + limits: + cpus: '0.2' + memory: 128M + reservations: + cpus: '0.1' + memory: 64M + mode: global + env_file: + - ./env_vars/.env_agent + privileged: true + pid: "host" + networks: + zbx_net_backend: + aliases: + - zabbix-agent + - zabbix-agent-passive + - zabbix-agent-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix agent" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "zabbix-agentd" + com.zabbix.os: "alpine" - zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:alpine-6.4-latest - profiles: - - full - - all - ports: - - "10052:10052" - deploy: - resources: - limits: - cpus: '0.5' - memory: 512M - reservations: - cpus: '0.25' - memory: 256M - env_file: - - ./env_vars/.env_java - networks: - zbx_net_backend: - aliases: - - zabbix-java-gateway - - zabbix-java-gateway-alpine - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix Java Gateway" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "java-gateway" - com.zabbix.os: "alpine" + zabbix-java-gateway: + image: zabbix/zabbix-java-gateway:alpine-6.4-latest + profiles: + - full + - all + ports: + - "10052:10052" + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - ./env_vars/.env_java + networks: + zbx_net_backend: + aliases: + - zabbix-java-gateway + - zabbix-java-gateway-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix Java Gateway" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "java-gateway" + com.zabbix.os: "alpine" - zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:alpine-6.4-latest - profiles: - - full - - all - ports: - - "162:1162/udp" - volumes: - - snmptraps:/var/lib/zabbix/snmptraps:rw - deploy: - resources: - limits: - cpus: '0.5' - memory: 256M - reservations: - cpus: '0.25' - memory: 128M - networks: - zbx_net_frontend: - aliases: - - zabbix-snmptraps - zbx_net_backend: - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix snmptraps" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "snmptraps" - com.zabbix.os: "alpine" + zabbix-snmptraps: + image: zabbix/zabbix-snmptraps:alpine-6.4-latest + profiles: + - full + - all + ports: + - "162:1162/udp" + volumes: + - snmptraps:/var/lib/zabbix/snmptraps:rw + deploy: + resources: + limits: + cpus: '0.5' + memory: 256M + reservations: + cpus: '0.25' + memory: 128M + networks: + zbx_net_frontend: + aliases: + - zabbix-snmptraps + zbx_net_backend: + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix snmptraps" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "snmptraps" + com.zabbix.os: "alpine" - zabbix-web-service: - image: zabbix/zabbix-web-service:alpine-6.4-latest - profiles: - - full - - all - ports: - - "10053:10053" - volumes: - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - security_opt: - - seccomp:./env_vars/chrome_dp.json - deploy: - resources: - limits: - cpus: '0.5' - memory: 512M - reservations: - cpus: '0.25' - memory: 256M - env_file: - - ./env_vars/.env_web_service - networks: - zbx_net_backend: - aliases: - - zabbix-web-service - - zabbix-web-service-alpine - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix web service" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "web-service" - com.zabbix.os: "alpine" + zabbix-web-service: + image: zabbix/zabbix-web-service:alpine-6.4-latest + profiles: + - full + - all + ports: + - "10053:10053" + volumes: + - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + security_opt: + - seccomp:./env_vars/chrome_dp.json + deploy: + resources: + limits: + cpus: '0.5' + memory: 512M + reservations: + cpus: '0.25' + memory: 256M + env_file: + - ./env_vars/.env_web_service + networks: + zbx_net_backend: + aliases: + - zabbix-web-service + - zabbix-web-service-alpine + stop_grace_period: 5s + labels: + com.zabbix.description: "Zabbix web service" + com.zabbix.company: "Zabbix LLC" + com.zabbix.component: "web-service" + com.zabbix.os: "alpine" - mysql-server: - image: mysql:8.0-oracle - profiles: - - all - command: - - mysqld - - --character-set-server=utf8mb4 - - --collation-server=utf8mb4_bin - - --skip-character-set-client-handshake - - --default-authentication-plugin=mysql_native_password - volumes: - - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw - env_file: - - ./env_vars/.env_db_mysql - secrets: - - MYSQL_USER - - MYSQL_PASSWORD - - MYSQL_ROOT_PASSWORD - stop_grace_period: 1m - networks: - zbx_net_backend: - aliases: - - mysql-server - - zabbix-database - - mysql-database + mysql-server: + image: mysql:8.0-oracle + profiles: + - all + command: + - mysqld + - --character-set-server=utf8mb4 + - --collation-server=utf8mb4_bin + - --skip-character-set-client-handshake + - --default-authentication-plugin=mysql_native_password + volumes: + - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw + env_file: + - ./env_vars/.env_db_mysql + secrets: + - MYSQL_USER + - MYSQL_PASSWORD + - MYSQL_ROOT_PASSWORD + stop_grace_period: 1m + networks: + zbx_net_backend: + aliases: + - mysql-server + - zabbix-database + - mysql-database - postgres-server: - image: postgres:14-alpine -# command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem - volumes: - - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw - - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro - - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/server-cert.pem:ro - - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/server-key.pem:ro - env_file: - - ./env_vars/.env_db_pgsql - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD - stop_grace_period: 1m - networks: - zbx_net_backend: - aliases: - - postgres-server - - pgsql-server - - pgsql-database + postgres-server: + image: postgres:14-alpine +# command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem + volumes: + - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw + - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro + - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/server-cert.pem:ro + - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/server-key.pem:ro + env_file: + - ./env_vars/.env_db_pgsql + secrets: + - POSTGRES_USER + - POSTGRES_PASSWORD + stop_grace_period: 1m + networks: + zbx_net_backend: + aliases: + - postgres-server + - pgsql-server + - pgsql-database - db_data_mysql: - image: busybox - profiles: - - all - volumes: - - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw + db_data_mysql: + image: busybox + profiles: + - all + volumes: + - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw - db_data_pgsql: - image: busybox - volumes: - - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw + db_data_pgsql: + image: busybox + volumes: + - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw -# elasticsearch: -# image: elasticsearch -# profiles: -# - full -# - all -# environment: -# - transport.host=0.0.0.0 -# - discovery.zen.minimum_master_nodes=1 -# networks: -# zbx_net_backend: -# aliases: -# - elasticsearch +# elasticsearch: +# image: elasticsearch +# profiles: +# - full +# - all +# environment: +# - transport.host=0.0.0.0 +# - discovery.zen.minimum_master_nodes=1 +# networks: +# zbx_net_backend: +# aliases: +# - elasticsearch networks: - zbx_net_frontend: - driver: bridge - driver_opts: - com.docker.network.enable_ipv6: "false" - ipam: - driver: default - config: - - subnet: 172.16.238.0/24 - zbx_net_backend: - driver: bridge - driver_opts: - com.docker.network.enable_ipv6: "false" - internal: true - ipam: - driver: default - config: - - subnet: 172.16.239.0/24 + zbx_net_frontend: + driver: bridge + driver_opts: + com.docker.network.enable_ipv6: "false" + ipam: + driver: default + config: + - subnet: 172.16.238.0/24 + zbx_net_backend: + driver: bridge + driver_opts: + com.docker.network.enable_ipv6: "false" + internal: true + ipam: + driver: default + config: + - subnet: 172.16.239.0/24 volumes: - snmptraps: + snmptraps: secrets: - MYSQL_USER: - file: ./env_vars/.MYSQL_USER - MYSQL_PASSWORD: - file: ./env_vars/.MYSQL_PASSWORD - MYSQL_ROOT_USER: - file: ./env_vars/.MYSQL_ROOT_USER - MYSQL_ROOT_PASSWORD: - file: ./env_vars/.MYSQL_ROOT_PASSWORD - POSTGRES_USER: - file: ./env_vars/.POSTGRES_USER - POSTGRES_PASSWORD: - file: ./env_vars/.POSTGRES_PASSWORD + MYSQL_USER: + file: ./env_vars/.MYSQL_USER + MYSQL_PASSWORD: + file: ./env_vars/.MYSQL_PASSWORD + MYSQL_ROOT_USER: + file: ./env_vars/.MYSQL_ROOT_USER + MYSQL_ROOT_PASSWORD: + file: ./env_vars/.MYSQL_ROOT_PASSWORD + POSTGRES_USER: + file: ./env_vars/.POSTGRES_USER + POSTGRES_PASSWORD: + file: ./env_vars/.POSTGRES_PASSWORD -- 2.39.1 From 2a1521eba7b99494868462e06af17022ff3dfaf0 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Mon, 24 Apr 2023 18:21:25 +0200 Subject: [PATCH 03/32] refactor(compose): Indent comments --- docker-compose_v3_alpine_pgsql_latest.yaml | 24 +++++++++++----------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 7bb6e60be..d08a1d307 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -16,9 +16,9 @@ services: - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro -# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro + # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro + # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro ulimits: nproc: 65535 nofile: @@ -48,8 +48,8 @@ services: - zabbix-server-alpine-pgsql - zabbix-server-pgsql-alpine zbx_net_frontend: -# devices: -# - "/dev/ttyUSB0:/dev/ttyUSB0" + # devices: + # - "/dev/ttyUSB0:/dev/ttyUSB0" stop_grace_period: 30s sysctls: - net.ipv4.ip_local_port_range=1024 65000 @@ -180,9 +180,9 @@ services: - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro + # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro + # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro deploy: resources: limits: @@ -234,9 +234,9 @@ services: - /etc/timezone:/etc/timezone:ro - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro -# - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -# - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro -# - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro + # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro + # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro deploy: resources: limits: @@ -437,7 +437,7 @@ services: postgres-server: image: postgres:14-alpine -# command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem + # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -- 2.39.1 From a5859e93d6ac47e82dc7c3edba0403a948292353 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Mon, 24 Apr 2023 18:27:56 +0200 Subject: [PATCH 04/32] refactor(zabbix-server): Set correct libs paths --- docker-compose_v3_alpine_pgsql_latest.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index d08a1d307..aab6baabd 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -7,15 +7,15 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - - ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro - - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ./zbx_env/var/lib/zabbix/dbscripts:/var/lib/zabbix/dbscripts:ro - - ./zbx_env/var/lib/zabbix/export:/var/lib/zabbix/export:rw - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - - ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/dbscripts:/var/lib/zabbix/dbscripts:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/export:/var/lib/zabbix/export:rw + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro -- 2.39.1 From 5eb39ec2c5351899c96c4e263e59c89990920aad Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Mon, 24 Apr 2023 18:35:45 +0200 Subject: [PATCH 05/32] refactor(zabbix-server): Set TLS cert file names --- docker-compose_v3_alpine_pgsql_latest.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index aab6baabd..c996317d0 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -16,9 +16,9 @@ services: - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/data/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:ro - # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro - # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro - # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/config/cert/${ZBX_SERVER_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/config/cert/${ZBX_SERVER_TLS_CERT_FILE}:/run/secrets/client-cert.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixserver/config/cert/${ZBX_SERVER_TLS_KEY_FILE}:/run/secrets/client-key.pem:ro ulimits: nproc: 65535 nofile: -- 2.39.1 From bd58fe5292e5912d4e3e117a44604d745138c263 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 00:41:48 +0200 Subject: [PATCH 06/32] feat(zabbix-server): Replace env files with variables --- docker-compose_v3_alpine_pgsql_latest.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index c996317d0..671776adb 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -32,9 +32,13 @@ services: reservations: cpus: '0.5' memory: 512M - env_file: - - ./env_vars/.env_db_pgsql - - ./env_vars/.env_srv + environment: + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + ZBX_VAULTURL: ${ZBX_VAULTURL} + VAULT_TOKEN: ${VAULT_TOKEN} + ZBX_VAULTDBPATH: ${ZBX_VAULTDBPATH} + ZBX_DEBUGLEVEL: ${ZBX_DEBUGLEVEL:-3} secrets: - POSTGRES_USER - POSTGRES_PASSWORD -- 2.39.1 From b180b2361739b3e15e311b00da0224daed13867a Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 00:42:15 +0200 Subject: [PATCH 07/32] refactor(zabbix-server): Remove PostgreSQL secrets use --- docker-compose_v3_alpine_pgsql_latest.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 671776adb..411ce6149 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -39,9 +39,6 @@ services: VAULT_TOKEN: ${VAULT_TOKEN} ZBX_VAULTDBPATH: ${ZBX_VAULTDBPATH} ZBX_DEBUGLEVEL: ${ZBX_DEBUGLEVEL:-3} - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD depends_on: - postgres-server networks: -- 2.39.1 From 8845932dac0207334ed9c4eaa375cb8ee143c4ab Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 00:47:17 +0200 Subject: [PATCH 08/32] refactor(zabbix-web-nginx): Replace exposed ports with a local one from our registry --- docker-compose_v3_alpine_pgsql_latest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 411ce6149..4d80dacf7 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -228,8 +228,8 @@ services: zabbix-web-nginx-pgsql: image: zabbix/zabbix-web-nginx-pgsql:alpine-6.4-latest ports: - - "80:8080" - - "443:8443" + - "${ZBX_WEBNGINX_EXPOSED_HTTP_PORT}:8080" + - "${ZBX_WEBNGINX_EXPOSED_HTTPS_PORT}:8443" volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro -- 2.39.1 From b156be97efd084bd6c9aa695f57da7785f9a3616 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 00:55:25 +0200 Subject: [PATCH 09/32] refactor(zabbix-web-nginx): Set named volumes --- docker-compose_v3_alpine_pgsql_latest.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 4d80dacf7..a90d04c87 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -233,11 +233,10 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - - ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro - - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro - # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro - # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro - # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro + - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/modules:/usr/share/zabbix/modules/:ro + - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE}:/etc/ssl/nginx/ssl.crt:ro + - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_KEY_FILE}:/etc/ssl/nginx/ssl.key:ro + - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/cert/dhparam.pem:/etc/ssl/nginx/dhparam.pem:ro deploy: resources: limits: -- 2.39.1 From ca6340c9a4ec422827c4f9de3c6ed9ddc45e0ba8 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 00:56:02 +0200 Subject: [PATCH 10/32] refactor(zabbix-web-nginx): Replace env files with vars --- docker-compose_v3_alpine_pgsql_latest.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index a90d04c87..b347b0ae6 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -245,9 +245,12 @@ services: reservations: cpus: '0.5' memory: 256M - env_file: - - ./env_vars/.env_db_pgsql - - ./env_vars/.env_web + environment: + PHP_TZ: ${PHP_TZ} + ZBX_SERVER_NAME: ${ZBX_SERVER_NAME} + ZBX_SERVER_HOST: ${ZBX_SERVER_HOST} + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} secrets: - POSTGRES_USER - POSTGRES_PASSWORD -- 2.39.1 From 1bf9e5393c865b7deaa932254b42bfb29871a761 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 00:56:19 +0200 Subject: [PATCH 11/32] refactor(zabbix-web-nginx): Remove secrets --- docker-compose_v3_alpine_pgsql_latest.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index b347b0ae6..07dce0440 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -251,9 +251,6 @@ services: ZBX_SERVER_HOST: ${ZBX_SERVER_HOST} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD depends_on: - postgres-server - zabbix-server -- 2.39.1 From a8467ddad604567d7e9b31e3d9f50af06c8cd8d3 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:01:03 +0200 Subject: [PATCH 12/32] refactor(postgresql): Use static username ID --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 07dce0440..6ed1387ed 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -438,6 +438,7 @@ services: postgres-server: image: postgres:14-alpine # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem + user: 70:70 volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -- 2.39.1 From 6bb790bf90b8af394fa272cb0f4994e79e2bf587 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:01:52 +0200 Subject: [PATCH 13/32] refactor(postgresql): Set custom container name --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 6ed1387ed..0f3cd4551 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -437,6 +437,7 @@ services: postgres-server: image: postgres:14-alpine + container_name: zabbixserver-postgres-${CTX} # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem user: 70:70 volumes: -- 2.39.1 From a0a2fd6f60a8a8dbf7321cb246816765b0dbef93 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:02:28 +0200 Subject: [PATCH 14/32] refactor(zabbix-web-nginx): Set custom container name --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 0f3cd4551..08f68e5fb 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -171,6 +171,7 @@ services: zabbix-web-apache-pgsql: image: zabbix/zabbix-web-apache-pgsql:alpine-6.4-latest + container_name: zabbixserver-zabbixwebnginx-${CTX} profiles: - all ports: -- 2.39.1 From 5d9a63a8c05aee7c2df5ccb553f01c3fcb9bb9c9 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:02:57 +0200 Subject: [PATCH 15/32] refactor(zabbix-server): Set custom container name --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 08f68e5fb..12f0a89a5 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -2,6 +2,7 @@ version: '3.5' services: zabbix-server: image: zabbix/zabbix-server-pgsql:alpine-6.4-latest + container_name: zabbixserver-zabbixserver-${CTX} ports: - "10051:10051" volumes: -- 2.39.1 From ff73814d46448d621aef82b35073e7ed904bf7e0 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:03:46 +0200 Subject: [PATCH 16/32] refactor(postgresql): Publicly expose so that other tools can access the database --- docker-compose_v3_alpine_pgsql_latest.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 12f0a89a5..e6d3e029c 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -442,6 +442,8 @@ services: container_name: zabbixserver-postgres-${CTX} # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem user: 70:70 + ports: + - "5432:5432" volumes: - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro -- 2.39.1 From 454e2fd72b3a9b6b1c0bbd3c9a6b7b843abfe573 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:07:54 +0200 Subject: [PATCH 17/32] refactor(postgresql): Replace static file names with vars --- docker-compose_v3_alpine_pgsql_latest.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index e6d3e029c..d9468bcb2 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -445,10 +445,10 @@ services: ports: - "5432:5432" volumes: - - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw - - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro - - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/server-cert.pem:ro - - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/server-key.pem:ro + - /opt/docker-data/zabbixserver/postgres/data:/var/lib/postgresql/data:rw + - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro + - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro + - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro env_file: - ./env_vars/.env_db_pgsql secrets: -- 2.39.1 From b5dfe5ebe751623e8045ac3acb662c166a489a4f Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:09:36 +0200 Subject: [PATCH 18/32] refactor(compose): Extend existing default configs --- docker-compose_v3_alpine_pgsql_latest.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index d9468bcb2..a846f89cb 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -3,6 +3,9 @@ services: zabbix-server: image: zabbix/zabbix-server-pgsql:alpine-6.4-latest container_name: zabbixserver-zabbixserver-${CTX} + extends: + file: common-settings.yml + service: common-settings ports: - "10051:10051" volumes: @@ -229,6 +232,9 @@ services: zabbix-web-nginx-pgsql: image: zabbix/zabbix-web-nginx-pgsql:alpine-6.4-latest + extends: + file: common-settings.yml + service: common-settings ports: - "${ZBX_WEBNGINX_EXPOSED_HTTP_PORT}:8080" - "${ZBX_WEBNGINX_EXPOSED_HTTPS_PORT}:8443" @@ -444,6 +450,9 @@ services: user: 70:70 ports: - "5432:5432" + extends: + file: common-settings.yml + service: common-settings volumes: - /opt/docker-data/zabbixserver/postgres/data:/var/lib/postgresql/data:rw - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro -- 2.39.1 From fb8a67ddda7bf643e60be2c52acf1e1121e5b940 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:10:33 +0200 Subject: [PATCH 19/32] refactor(postgresql): Start with SSL cert --- docker-compose_v3_alpine_pgsql_latest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index a846f89cb..32e5ddc3c 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -446,7 +446,7 @@ services: postgres-server: image: postgres:14-alpine container_name: zabbixserver-postgres-${CTX} - # command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem + command: -c ssl=on -c ssl_cert_file=/run/secrets/server-cert.pem -c ssl_key_file=/run/secrets/server-key.pem -c ssl_ca_file=/run/secrets/root-ca.pem user: 70:70 ports: - "5432:5432" -- 2.39.1 From 7632d7ba546f695f9edcf488c93d98067a353b60 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:11:13 +0200 Subject: [PATCH 20/32] refactor(compose): Add context string to path --- docker-compose_v3_alpine_pgsql_latest.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 32e5ddc3c..2ea5dfb5c 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -241,10 +241,10 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/modules:/usr/share/zabbix/modules/:ro - - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE}:/etc/ssl/nginx/ssl.crt:ro - - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_KEY_FILE}:/etc/ssl/nginx/ssl.key:ro - - /opt/docker-data/zabbixserver/zabbixwebnginx/conf/cert/dhparam.pem:/etc/ssl/nginx/dhparam.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/modules:/usr/share/zabbix/modules/:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE}:/etc/ssl/nginx/ssl.crt:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_KEY_FILE}:/etc/ssl/nginx/ssl.key:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/cert/dhparam.pem:/etc/ssl/nginx/dhparam.pem:ro deploy: resources: limits: @@ -454,10 +454,10 @@ services: file: common-settings.yml service: common-settings volumes: - - /opt/docker-data/zabbixserver/postgres/data:/var/lib/postgresql/data:rw - - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro - - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro - - /opt/docker-data/zabbixserver/postgres/conf/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/data:/var/lib/postgresql/data:rw + - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro env_file: - ./env_vars/.env_db_pgsql secrets: -- 2.39.1 From a9c2bf02c1666418ebc6ab96a6a3d328c16a01b3 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:12:22 +0200 Subject: [PATCH 21/32] refactor(postgresql): Rename config dir --- docker-compose_v3_alpine_pgsql_latest.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 2ea5dfb5c..e8a395748 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -241,10 +241,10 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/modules:/usr/share/zabbix/modules/:ro - - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE}:/etc/ssl/nginx/ssl.crt:ro - - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/cert/${ZBX_WEBNGINX_TLS_KEY_FILE}:/etc/ssl/nginx/ssl.key:ro - - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/conf/cert/dhparam.pem:/etc/ssl/nginx/dhparam.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/config/modules:/usr/share/zabbix/modules/:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/config/cert/${ZBX_WEBNGINX_TLS_CERT_FULLCHAIN_FILE}:/etc/ssl/nginx/ssl.crt:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/config/cert/${ZBX_WEBNGINX_TLS_KEY_FILE}:/etc/ssl/nginx/ssl.key:ro + - /opt/docker-data/zabbixserver-${CTX}/zabbixwebnginx/config/cert/dhparam.pem:/etc/ssl/nginx/dhparam.pem:ro deploy: resources: limits: -- 2.39.1 From 97c9c98eada41f53fdb15d472683227df76cf454 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:16:16 +0200 Subject: [PATCH 22/32] refactor(postgresql): Replace env files with vars --- docker-compose_v3_alpine_pgsql_latest.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index e8a395748..88f4b378b 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -458,8 +458,12 @@ services: - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro - env_file: - - ./env_vars/.env_db_pgsql + environment: + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + POSTGRES_DB: ${POSTGRES_DB} + ZBX_DB_USERNAME_RO: ${ZBX_DB_USERNAME_RO} + ZBX_DB_USERNAME_PW: ${ZBX_DB_USERNAME_PW} secrets: - POSTGRES_USER - POSTGRES_PASSWORD -- 2.39.1 From 1e5285c2e73fa8080252ec8c2703ea784b6b952d Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:16:31 +0200 Subject: [PATCH 23/32] refactor(postgresql): Remove secrets --- docker-compose_v3_alpine_pgsql_latest.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 88f4b378b..c553103fe 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -464,9 +464,6 @@ services: POSTGRES_DB: ${POSTGRES_DB} ZBX_DB_USERNAME_RO: ${ZBX_DB_USERNAME_RO} ZBX_DB_USERNAME_PW: ${ZBX_DB_USERNAME_PW} - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD stop_grace_period: 1m networks: zbx_net_backend: -- 2.39.1 From af22272e449f8d77bf73fb3739869bbc61a2d775 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:18:32 +0200 Subject: [PATCH 24/32] refactor(postgresql): Add named volume --- docker-compose_v3_alpine_pgsql_latest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index c553103fe..e63e35d40 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -482,7 +482,7 @@ services: db_data_pgsql: image: busybox volumes: - - ./zbx_env/var/lib/postgresql/data:/var/lib/postgresql/data:rw + - /opt/docker-data/zabbixserver-${CTX}/postgres/data:/var/lib/postgresql/data:rw # elasticsearch: # image: elasticsearch -- 2.39.1 From 1313efaed31fa7fa6ed4beb01d54fd5ec1a072d5 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:20:57 +0200 Subject: [PATCH 25/32] refactor(zbx_net_backend): Make external --- docker-compose_v3_alpine_pgsql_latest.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index e63e35d40..ab319b042 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -510,7 +510,12 @@ networks: driver: bridge driver_opts: com.docker.network.enable_ipv6: "false" - internal: true + # Should not be Zabbix' official default 'internal: true' because in our + # case we want external entities such as a Grafana instance to be able + # to directly access this PostgreSQL. Here 'internal: true' would render + # our 'ports: ["5432:5432"]' irrelevant, ports would just never get + # exposed. + # internal: true ipam: driver: default config: -- 2.39.1 From c18b3e090a3b2745bb0395c0f8cbaaee9f7bb70f Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:21:32 +0200 Subject: [PATCH 26/32] refactor(compose): Remove secrets and unneeded volume --- docker-compose_v3_alpine_pgsql_latest.yaml | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index ab319b042..fbe708c08 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -520,20 +520,3 @@ networks: driver: default config: - subnet: 172.16.239.0/24 - -volumes: - snmptraps: - -secrets: - MYSQL_USER: - file: ./env_vars/.MYSQL_USER - MYSQL_PASSWORD: - file: ./env_vars/.MYSQL_PASSWORD - MYSQL_ROOT_USER: - file: ./env_vars/.MYSQL_ROOT_USER - MYSQL_ROOT_PASSWORD: - file: ./env_vars/.MYSQL_ROOT_PASSWORD - POSTGRES_USER: - file: ./env_vars/.POSTGRES_USER - POSTGRES_PASSWORD: - file: ./env_vars/.POSTGRES_PASSWORD -- 2.39.1 From 0bbe90782e01a4f2be3265c989401c8ed2cd6ade Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 01:22:19 +0200 Subject: [PATCH 27/32] refactor(compose): Add common settings --- common-settings.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 common-settings.yml diff --git a/common-settings.yml b/common-settings.yml new file mode 100644 index 000000000..c377067a8 --- /dev/null +++ b/common-settings.yml @@ -0,0 +1,11 @@ +services: + common-settings: + logging: + driver: "json-file" + options: + max-size: "10m" + max-file: "10" + compress: "true" + environment: + TZ: Europe/Berlin + restart: unless-stopped -- 2.39.1 From befc64dd477f3e7ca8684db54a9693e6cbe72cf7 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 02:34:15 +0200 Subject: [PATCH 28/32] refactor(zabbix-web-nginx): Set custom container name --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index fbe708c08..482928547 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -232,6 +232,7 @@ services: zabbix-web-nginx-pgsql: image: zabbix/zabbix-web-nginx-pgsql:alpine-6.4-latest + container_name: zabbixserver-zabbixwebnginx-${CTX} extends: file: common-settings.yml service: common-settings -- 2.39.1 From 4b6b166f8c721b8aaf9e673e96ce90406d85cc19 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 02:34:35 +0200 Subject: [PATCH 29/32] refactor(compose): remove unneeded components --- docker-compose_v3_alpine_pgsql_latest.yaml | 326 --------------------- 1 file changed, 326 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 482928547..0f2989983 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -68,168 +68,6 @@ services: com.zabbix.dbtype: "pgsql" com.zabbix.os: "alpine" - zabbix-proxy-sqlite3: - image: zabbix/zabbix-proxy-sqlite3:alpine-6.4-latest - profiles: - - all - ports: - - "10061:10051" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - - snmptraps:/var/lib/zabbix/snmptraps:rw - ulimits: - nproc: 65535 - nofile: - soft: 20000 - hard: 40000 - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.3' - memory: 256M - env_file: - - ./env_vars/.env_prx - - ./env_vars/.env_prx_sqlite3 - depends_on: - - zabbix-java-gateway - - zabbix-snmptraps - networks: - zbx_net_backend: - aliases: - - zabbix-proxy-sqlite3 - - zabbix-proxy-alpine-sqlite3 - - zabbix-proxy-sqlite3-alpine - zbx_net_frontend: - stop_grace_period: 30s - labels: - com.zabbix.description: "Zabbix proxy with SQLite3 database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-proxy" - com.zabbix.dbtype: "sqlite3" - com.zabbix.os: "alpine" - - zabbix-proxy-mysql: - image: zabbix/zabbix-proxy-mysql:alpine-6.4-latest - profiles: - - all - ports: - - "10071:10051" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro - - snmptraps:/var/lib/zabbix/snmptraps:rw - ulimits: - nproc: 65535 - nofile: - soft: 20000 - hard: 40000 - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.3' - memory: 256M - env_file: - - ./env_vars/.env_db_mysql_proxy - - ./env_vars/.env_prx - - ./env_vars/.env_prx_mysql - secrets: - - MYSQL_USER - - MYSQL_PASSWORD - - MYSQL_ROOT_USER - - MYSQL_ROOT_PASSWORD - depends_on: - - mysql-server - - zabbix-java-gateway - - zabbix-snmptraps - networks: - zbx_net_backend: - aliases: - - zabbix-proxy-mysql - - zabbix-proxy-alpine-mysql - - zabbix-proxy-mysql-alpine - zbx_net_frontend: - stop_grace_period: 30s - labels: - com.zabbix.description: "Zabbix proxy with MySQL database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-proxy" - com.zabbix.dbtype: "mysql" - com.zabbix.os: "alpine" - - zabbix-web-apache-pgsql: - image: zabbix/zabbix-web-apache-pgsql:alpine-6.4-latest - container_name: zabbixserver-zabbixwebnginx-${CTX} - profiles: - - all - ports: - - "8081:8080" - - "8443:8443" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/etc/ssl/apache2:/etc/ssl/apache2:ro - - ./zbx_env/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro - # - ./env_vars/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro - # - ./env_vars/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro - # - ./env_vars/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro - deploy: - resources: - limits: - cpus: '0.70' - memory: 512M - reservations: - cpus: '0.5' - memory: 256M - env_file: - - ./env_vars/.env_db_pgsql - - ./env_vars/.env_web - secrets: - - POSTGRES_USER - - POSTGRES_PASSWORD - depends_on: - - postgres-server - - zabbix-server - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/"] - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s - networks: - zbx_net_backend: - aliases: - - zabbix-web-apache-pgsql - - zabbix-web-apache-alpine-pgsql - - zabbix-web-apache-pgsql-alpine - zbx_net_frontend: - stop_grace_period: 10s - sysctls: - - net.core.somaxconn=65535 - labels: - com.zabbix.description: "Zabbix frontend on Apache web-server with PostgreSQL database support" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-frontend" - com.zabbix.webserver: "apache2" - com.zabbix.dbtype: "pgsql" - com.zabbix.os: "alpine" - zabbix-web-nginx-pgsql: image: zabbix/zabbix-web-nginx-pgsql:alpine-6.4-latest container_name: zabbixserver-zabbixwebnginx-${CTX} @@ -287,163 +125,6 @@ services: com.zabbix.dbtype: "pgsql" com.zabbix.os: "alpine" - zabbix-agent: - image: zabbix/zabbix-agent:alpine-6.4-latest - profiles: - - full - - all - ports: - - "10050:10050" - volumes: - - /etc/localtime:/etc/localtime:ro - - /etc/timezone:/etc/timezone:ro - - ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro - - ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - - ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro - deploy: - resources: - limits: - cpus: '0.2' - memory: 128M - reservations: - cpus: '0.1' - memory: 64M - mode: global - env_file: - - ./env_vars/.env_agent - privileged: true - pid: "host" - networks: - zbx_net_backend: - aliases: - - zabbix-agent - - zabbix-agent-passive - - zabbix-agent-alpine - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix agent" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "zabbix-agentd" - com.zabbix.os: "alpine" - - zabbix-java-gateway: - image: zabbix/zabbix-java-gateway:alpine-6.4-latest - profiles: - - full - - all - ports: - - "10052:10052" - deploy: - resources: - limits: - cpus: '0.5' - memory: 512M - reservations: - cpus: '0.25' - memory: 256M - env_file: - - ./env_vars/.env_java - networks: - zbx_net_backend: - aliases: - - zabbix-java-gateway - - zabbix-java-gateway-alpine - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix Java Gateway" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "java-gateway" - com.zabbix.os: "alpine" - - zabbix-snmptraps: - image: zabbix/zabbix-snmptraps:alpine-6.4-latest - profiles: - - full - - all - ports: - - "162:1162/udp" - volumes: - - snmptraps:/var/lib/zabbix/snmptraps:rw - deploy: - resources: - limits: - cpus: '0.5' - memory: 256M - reservations: - cpus: '0.25' - memory: 128M - networks: - zbx_net_frontend: - aliases: - - zabbix-snmptraps - zbx_net_backend: - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix snmptraps" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "snmptraps" - com.zabbix.os: "alpine" - - zabbix-web-service: - image: zabbix/zabbix-web-service:alpine-6.4-latest - profiles: - - full - - all - ports: - - "10053:10053" - volumes: - - ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro - security_opt: - - seccomp:./env_vars/chrome_dp.json - deploy: - resources: - limits: - cpus: '0.5' - memory: 512M - reservations: - cpus: '0.25' - memory: 256M - env_file: - - ./env_vars/.env_web_service - networks: - zbx_net_backend: - aliases: - - zabbix-web-service - - zabbix-web-service-alpine - stop_grace_period: 5s - labels: - com.zabbix.description: "Zabbix web service" - com.zabbix.company: "Zabbix LLC" - com.zabbix.component: "web-service" - com.zabbix.os: "alpine" - - mysql-server: - image: mysql:8.0-oracle - profiles: - - all - command: - - mysqld - - --character-set-server=utf8mb4 - - --collation-server=utf8mb4_bin - - --skip-character-set-client-handshake - - --default-authentication-plugin=mysql_native_password - volumes: - - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw - env_file: - - ./env_vars/.env_db_mysql - secrets: - - MYSQL_USER - - MYSQL_PASSWORD - - MYSQL_ROOT_PASSWORD - stop_grace_period: 1m - networks: - zbx_net_backend: - aliases: - - mysql-server - - zabbix-database - - mysql-database - postgres-server: image: postgres:14-alpine container_name: zabbixserver-postgres-${CTX} @@ -473,13 +154,6 @@ services: - pgsql-server - pgsql-database - db_data_mysql: - image: busybox - profiles: - - all - volumes: - - ./zbx_env/var/lib/mysql:/var/lib/mysql:rw - db_data_pgsql: image: busybox volumes: -- 2.39.1 From 92c25993284d4d5b28d8b806f57f42da32402f4f Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 02:46:24 +0200 Subject: [PATCH 30/32] fix(postgresql): Fix cert path --- docker-compose_v3_alpine_pgsql_latest.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index 0f2989983..d1374c942 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -137,9 +137,9 @@ services: service: common-settings volumes: - /opt/docker-data/zabbixserver-${CTX}/postgres/data:/var/lib/postgresql/data:rw - - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro - - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro - - /opt/docker-data/zabbixserver-${CTX}/postgres/conf/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/config/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/config/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/config/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro environment: POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} -- 2.39.1 From 782ca8f2c676e881909e1424b9d95dddbf1c8ccc Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Wed, 26 Apr 2023 03:26:59 +0200 Subject: [PATCH 31/32] refactor(zabbix-postgres-busybox): Set custom container name --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index d1374c942..a526ea0ff 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -156,6 +156,7 @@ services: db_data_pgsql: image: busybox + container_name: zabbixserver-pgsqlbusybox-${CTX} volumes: - /opt/docker-data/zabbixserver-${CTX}/postgres/data:/var/lib/postgresql/data:rw -- 2.39.1 From b365fb10048acd76dafdb2d76053a37f36abf779 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Sat, 29 Apr 2023 02:39:11 +0200 Subject: [PATCH 32/32] feat(postgresql): Add initialization scripts dir --- docker-compose_v3_alpine_pgsql_latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose_v3_alpine_pgsql_latest.yaml b/docker-compose_v3_alpine_pgsql_latest.yaml index a526ea0ff..5c9e65a6c 100644 --- a/docker-compose_v3_alpine_pgsql_latest.yaml +++ b/docker-compose_v3_alpine_pgsql_latest.yaml @@ -140,6 +140,7 @@ services: - /opt/docker-data/zabbixserver-${CTX}/postgres/config/cert/${ZBX_PGSQL_TLS_CA_CERT_FILE}:/run/secrets/root-ca.pem:ro - /opt/docker-data/zabbixserver-${CTX}/postgres/config/cert/${ZBX_PGSQL_TLS_CERT_FILE}:/run/secrets/server-cert.pem:ro - /opt/docker-data/zabbixserver-${CTX}/postgres/config/cert/${ZBX_PGSQL_TLS_KEY_FILE}:/run/secrets/server-key.pem:ro + - /opt/docker-data/zabbixserver-${CTX}/postgres/config/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d:ro environment: POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} -- 2.39.1