skyfall
/
skyfall-compose
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added the rest of the files; updated for password security

Browse Source
master
Aaron Johnon 4 years ago
parent 172c0bd6ca
commit 0ac6a62507
6 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -1 +1,2 @@
/zabbix/psql_password /zabbix/psql_password
/zabbix/psql.env

21
zabbix/docker-compose.yml
Unescape View File

@ -1,7 +1,9 @@
version: '3.3' version: '3.3'
secrets: #secrets:
psql_password: # psql_password:
file: ./psql_password # file: ./psql_password
env_file:
- psql.env
services: services:
zabbix-web: zabbix-web:
@ -23,9 +25,6 @@ services:
ZBX_SERVER_NAME: Skyfall Zabbix ZBX_SERVER_NAME: Skyfall Zabbix
ZBX_SERVER_HOST: zabbix-server ZBX_SERVER_HOST: zabbix-server
DB_SERVER_HOST: zabbix-database DB_SERVER_HOST: zabbix-database
POSTGRES_DB: zabbix
POSTGRES_USER: zabbix
POSTGRES_PASSWORD_FILE: /run/secrets/psql_password
PHP_TZ: America/Chicago PHP_TZ: America/Chicago
zabbix-server: zabbix-server:
@ -52,9 +51,6 @@ services:
- ./zabbix/zabbix-server/data/mibs:/var/lib/zabbix/mibs - ./zabbix/zabbix-server/data/mibs:/var/lib/zabbix/mibs
environment: environment:
DB_SERVER_HOST: zabbix-database DB_SERVER_HOST: zabbix-database
POSTGRES_DB: zabbix
POSTGRES_USER: zabbix
POSTGRES_PASSWORD_FILE: /run/secrets/psql_password
TZ: America/Chicago TZ: America/Chicago
zabbix-database: zabbix-database:
@ -67,9 +63,10 @@ services:
zabbix_network: zabbix_network:
ipv4_address: 192.168.176.2 ipv4_address: 192.168.176.2
environment: environment:
POSTGRES_DB: zabbix #POSTGRES_DB: zabbix
POSTGRES_USER: zabbix #POSTGRES_USER: zabbix
POSTGRES_PASSWORD_FILE: /run/secrets/psql_password #POSTGRES_PASSWORD: REDACTED
#POSTGRES_PASSWORD_FILE: /run/secrets/psql_password
zabbix-java-gateway: zabbix-java-gateway:
image: zabbix/zabbix-java-gateway:latest image: zabbix/zabbix-java-gateway:latest

4
zabbix/example/psql.env
Unescape View File

@ -0,0 +1,4 @@
POSTGRES_DB: zabbix
POSTGRES_USER: zabbix
POSTGRES_PASSWORD: REDACTED

3
zabbix/zabbix/zabbix-server/build/Dockerfile
Unescape View File

@ -0,0 +1,3 @@
FROM zabbix/zabbix-server-pgsql:alpine-5.2-latest
USER root
RUN apk update && apk add curl nmap

14
zabbix/zabbix/zabbix-web/build/Dockerfile
Unescape View File

@ -0,0 +1,14 @@
FROM zabbix/zabbix-web-nginx-pgsql:alpine-5.2-latest
#Tell nginx to include letsencrypt.conf, which allows access to .well-known directory
#This enables us to do Lets Encrypt webroot verifications
#Copy of the letsencrypt.conf config file
USER root
RUN sed -i "/robots.txt/i\ \ \ \ include \/etc\/nginx\/letsencrypt.conf;\n" /etc/zabbix/nginx_ssl.conf
RUN sed -i "/robots.txt/i\ \ \ \ include \/etc\/nginx\/letsencrypt.conf;\n" /etc/zabbix/nginx.conf
COPY letsencrypt.conf /etc/nginx/
#Create a link called .well-known in the webroot that points to /leverify/.well-known
#/leverify will me mounted on the host OS and cerbot will be told that it is the
#web root. Certbot will create a .well-known directory there (which will make the symlink valid) and then put the verification file inside of it.
RUN mkdir /leverify && ln -s /leverify/.well-known /usr/share/zabbix/.well-known

5
zabbix/zabbix/zabbix-web/build/letsencrypt.conf
Unescape View File

@ -0,0 +1,5 @@
location ~ /\.well-known/acme-challenge {
default_type "text/plain";
root /usr/share/zabbix;
allow all;
}
Write Preview
Loading…
Cancel
Save