通过Zabbix Docker配置HTTPS访问系统

链接 如何通过Zabbix Docker配置HTTPS访问系统？

===================================================================================================================

!/bin/bash

baseshell=$(cd $(dirname $0);pwd)

变量定义

IP=$1

生成证书配置文件

cat > ${baseshell}/ssl.cnf << EOF
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = CN
ST = GD
L = GZ
O = EDGE
OU = BASE
CN = $IP
[v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = $IP
DNS.2 = 8.8.8.8
IP.1 = $IP
EOF

生成crt和key证书

openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ${baseshell}/ssl.key -out ${baseshell}/ssl.crt -config ${baseshell}/ssl.cnf -sha256

下表列出了常见的RDN属性的类型：

String Attribute type

DC domainComponent

CN commonName

OU organizationalUnitName

O organizationName

STREET streetAddress

L localityName

ST stateOrProvinceName

C countryName

UID userid

===================================================================================================================

新建上面脚本/data/dockerdata/ssl.sh

新增挂载目录-v /data/dockerdata/ssl:/etc/ssl/nginx

docker run -itd -p 8080:8080 -p 8443:8443 -v /etc/localtime:/etc/localtime
-v /data/dockerdata/ssl:/etc/ssl/nginx
-v /data/dockerdata/zabbix/fonts/DejaVuSans.ttf:/usr/share/zabbix/assets/DejaVuSans.ttf
--name zabbix-web-nginx-mysql --restart=always --network zbx_net -e DB_SERVER_HOST="zabbix-mysql"
-e MYSQL_DATABASE="zabbix" -e MYSQL_USER="zabbix" -e MYSQL_PASSWORD="zabbix" -e MYSQL_ROOT_PASSWORD="123qwe"
-e ZBX_SERVER_HOST="zabbix-server-mysql" zabbix/zabbix-web-nginx-mysql:centos-6.2.7