侧边栏壁纸
博主头像
WinJay博主等级

博观而约取 厚积而薄发

  • 累计撰写 319 篇文章
  • 累计创建 169 个标签
  • 累计收到 1 条评论
隐藏侧边栏

Docker安装Zabbix

WinJay
2021-11-03 / 0 评论 / 0 点赞 / 112 阅读 / 19,630 字 / 正在检测是否收录...
温馨提示:
本文最后更新于 2022-01-20,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。

Docker安装Zabbix

image.png

image.png

安装docker并启动docker(centos7.8安装起来就是这么简单,但是centos8就很麻烦,如果运行这个命令,将会给你安装podman等,反正蛮折腾的)

yum -y install docker
systemctl start docker
#设置开机启动docker
systemctl enable docker

参考官网使用内置 MySQL 数据库、Zabbix server、基于 Nginx Web 服务器的 Zabbix Web 界面和 Zabbix Java gateway 来运行 Zabbix 应用。

创建专用于Zabbix组件容器的网络:

docker network create --subnet 172.20.0.0/16 --ip-range 172.20.240.0/20 zabbix-net

启动空的MySQL服务器实例

docker rm -f Zabbix-MySQL
docker container run -d -p 3306:3306 \
    --user root \
    --name Zabbix-MySQL \
    --network=zabbix-net \
    --restart unless-stopped \
    -e MYSQL_DATABASE="zabbix" \
    -e MYSQL_USER="zabbix" \
    -e MYSQL_PASSWORD="zabbix" \
    -e MYSQL_ROOT_PASSWORD="$(YourPassword)" \
    -v `pwd`/MySQL-Conf:/etc/mysql \
    -v `pwd`/MySQL-Data:/var/lib/mysql \
    -v /etc/localtime:/etc/localtime:ro \
    mysql:8.0 \
    --character-set-server=utf8 \
    --collation-server=utf8_bin \
    --default-authentication-plugin=mysql_native_password
    
    
#       --character-set-server=utf8mb4  --collation-server=utf8mb4_unicode_ci

启动Zabbix Java gateway实例

docker container run -d \
    --user root \
    --name Zabbix-Java-Gateway \
    --network=zabbix-net \
    --restart unless-stopped \
    -v /etc/localtime:/etc/localtime \
    zabbix/zabbix-java-gateway:centos-5.4.6

启动Zabbix server实例并将该实例与创建的MySQL服务器实例链接

docker rm -f Zabbix-Server
docker container run -d -p 10051:10051 \
    --user root \
    --name Zabbix-Server \
    --network=zabbix-net \
    --restart=always \
    -e DB_SERVER_HOST="Zabbix-MySQL" \
    -e MYSQL_DATABASE="zabbix" \
    -e MYSQL_USER="zabbix" \
    -e MYSQL_PASSWORD="zabbix" \
    -e MYSQL_ROOT_PASSWORD="$(YourPassword)" \
    -e ZBX_JAVAGATEWAY="Zabbix-Java-Gateway" \
    -e ZBX_JAVAGATEWAY_ENABLE="true" \
    -e  ZBX_JAVAGATEWAYPORT=10052 \
    -v /etc/localtime:/etc/localtime \
    -v `pwd`/Zabbix-Server-Data:/etc/zabbix \
    zabbix/zabbix-server-mysql:centos-5.4.6


#	-v /usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts 

启动Zabbix Web界面,并将实例与创建的MySQL服务器和Zabbix server实例链接

docker rm -f Zabbix-Nginx
docker container run -d -p 8003:8080 \
    --user root \
    --restart=always \
    --network=zabbix-net \
    --name Zabbix-Nginx \
    -e PHP_TZ="Asia/Shanghai" \
    -e MYSQL_USER="zabbix" \
    -e MYSQL_DATABASE="zabbix" \
    -e MYSQL_PASSWORD="zabbix" \
    -e DB_SERVER_HOST="Zabbix-MySQL" \
    -e MYSQL_ROOT_PASSWORD="$(YourPassword)" \
    -e ZBX_SERVER_HOST="Zabbix-Server" \
    -v /etc/localtime:/etc/localtime \
    -v `pwd`/Zabbix-Web-Nginx-Data:/usr/share/zabbix \
    -v `pwd`/DejaVuSans.ttf:/usr/share/zabbix/assets/fonts/DejaVuSans.ttf \
    zabbix/zabbix-web-nginx-mysql:centos-5.4.6

运行zabbix-agent镜像

docker container run -d -p 10050:10050 \
    --user root \
    --privileged \
    --restart=always \
    --network=zabbix-net \
    --name Zabbix-Agent \
    -e ZBX_HOSTNAME="Zabbix Server" \
    -e ZBX_SERVER_HOST="Zabbix-Server" \
    -e ZBX_SERVER_PORT=10051 \
    -v /etc/localtime:/etc/localtime \
    -v /var/run/docker.sock:/var/run/docker.sock \
    zabbix/zabbix-agent2:centos-5.4.6

在这里有一个问题需要说明一下,Docker运行的Agent 一直不上线,肯定就是网络连通性的问题,在Web上查看Zabbix Server配置的地址是127.0.0.1,回到部署服务器后查看Docker网络组内的容器信息,找到对应的Agent的IP地址,替换一下成172.20.240.5即可上线了。

docker network inspect zabbix-net

Zabbix server172.20.240.5:10050ZBX

image.png

[root@Node01 ~]# docker network inspect zabbix-net 
[
    {
        "Name": "zabbix-net",
        "Id": "4ddbf077942ab08024bb05794f09269e518dd956e7c8b385fb71b2bfe841b549",
        "Created": "2021-10-27T10:43:11.325253473+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.20.0.0/16",
                    "IPRange": "172.20.240.0/20"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "0c72dcfb40eaf8b8cc5bd26b104c67859c8f084fa980f5baab901b56512b84ea": {
                "Name": "Zabbix-Web-Nginx-MySQL",
                "EndpointID": "c1fba6df1537813870a3c351a16322423d33c6ddb67d2e5fc4d94f1b4a2b5cf3",
                "MacAddress": "02:42:ac:14:f0:04",
                "IPv4Address": "172.20.240.4/16",
                "IPv6Address": ""
            },
            "22cce892ca29115004fa9063715f10b15177b8c6015568fcada7d5a2cff4b3f6": {
                "Name": "Zabbix-Server-MySQL",
                "EndpointID": "3dfa2a567038316746e295dc026c0f46372671151ff9a197171e3a04c7f0f452",
                "MacAddress": "02:42:ac:14:f0:03",
                "IPv4Address": "172.20.240.3/16",
                "IPv6Address": ""
            },
            "7f99c6bda5581f53d8f17071b95ec725f9acd2d1879844b71c30246a20ffb19c": {
                "Name": "Zabbix-Agent",
                "EndpointID": "51f05cefe9caa6c0db7dc5979d725ef14c592cd996eacee38e2b9378b11c1b2d",
                "MacAddress": "02:42:ac:14:f0:05",
                "IPv4Address": "172.20.240.5/16",
                "IPv6Address": ""
            },
            "848fd0ae84c68ea418e8cf414c98939a404076b814e201166e5a7f15c22ba999": {
                "Name": "Zabbix-Java-Gateway",
                "EndpointID": "3872907037d2e9d33cf8dacb16c164dff4e365e3ac0549788472d56f24255da9",
                "MacAddress": "02:42:ac:14:f0:02",
                "IPv4Address": "172.20.240.2/16",
                "IPv6Address": ""
            },
            "99b8b773f32097bafa5b2729a9e01d68e6da308f79ee5e66d6e9d94a2ba0d7ae": {
                "Name": "MySQL-Server",
                "EndpointID": "db158c99ff87773c04106266931ca97cae2d8ac7833970eb99a71ccedd6065c9",
                "MacAddress": "02:42:ac:14:f0:01",
                "IPv4Address": "172.20.240.1/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]


LinuxInstallZabbixAgent

#!/bin/bash -e
# author:WinJayX
# date:2021-11-28
# Maintainer WinJayX <WinJayX@Gmail.com>
# func:Quick Install Zabbix Agent With Parameter
rpm -Uvh https://repo.zabbix.com/zabbix/5.4/rhel/7/x86_64/zabbix-release-5.4-1.el7.noarch.rpm && \
	yum clean all && yum makecache fast && yum install zabbix-agent -y && cd /etc/zabbix/

## 上面换行符可能不生效,若不生效去掉换行符即可,如下:
## rpm -Uvh https://repo.zabbix.com/zabbix/5.4/rhel/7/x86_64/zabbix-release-5.4-1.el7.noarch.rpm && yum clean all && yum makecache fast && yum install zabbix-agent -y && cd /etc/zabbix/

sed -i 's#=127.0.0.1#=202.205.161.80#g' /etc/zabbix/zabbix_agentd.conf
sed -i 's#name=Zabbix server#name=093_Redis&RabbitMQ#g' /etc/zabbix/zabbix_agentd.conf
systemctl restart zabbix-agent.service && systemctl enable zabbix-agent.service && systemctl status zabbix-agent.service

Grafana部署

加上密码参数亦不生效,默认用户名与密码均为admin,输入登录后系统会强制修改密码

docker container run -d -p 3000:3000 \
    --user root \
    --restart=always \
    --name Grafana \
    -e "GF_SECURITY_ADMIN_PASSWORD=$(YourPassword)" \
    -v `pwd`/Data:/var/lib/grafana \
    -v /etc/localtime:/etc/localtime \
    -v `pwd`/grafana.ini:/etc/grafana/grafana.ini \
    grafana/grafana

zabbix监控web网站

Windows Zabbix Configuration File

# This is a configuration file for Zabbix agent service (Windows)
# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: LogType
#	Specifies where log messages are written to:
#		system  - Windows event log
#		file    - file specified with LogFile parameter
#		console - standard output
#
# Mandatory: no
# Default:
# LogType=file


### Option: LogFile
#	Log file name for LogType 'file' parameter.
#
# Mandatory: no
# Default:
# LogFile=

LogFile=C:\Program Files\Zabbix Agent\zabbix_agentd.log

### Option: LogFileSize
#	Maximum size of log file in MB.
#	0 - disable automatic log rotation.
#
# Mandatory: no
# Range: 0-1024
# Default:
# LogFileSize=1

### Option: DebugLevel
#	Specifies debug level:
#	0 - basic information about starting and stopping of Zabbix processes
#	1 - critical information
#	2 - error information
#	3 - warnings
#	4 - for debugging (produces lots of information)
#	5 - extended debugging (produces even more information)
#
# Mandatory: no
# Range: 0-5
# Default:
# DebugLevel=3

### Option: SourceIP
#	Source IP address for outgoing connections.
#
# Mandatory: no
# Default:
# SourceIP=

### Option: AllowKey
#	Allow execution of item keys matching pattern.
#	Multiple keys matching rules may be defined in combination with DenyKey.
#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
#	Parameters are processed one by one according their appearance order.
#	If no AllowKey or DenyKey rules defined, all keys are allowed.
#
# Mandatory: no

### Option: DenyKey
#	Deny execution of items keys matching pattern.
#	Multiple keys matching rules may be defined in combination with AllowKey.
#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.
#	Parameters are processed one by one according their appearance order.
#	If no AllowKey or DenyKey rules defined, all keys are allowed.
#       Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default.
#
# Mandatory: no
# Default:
# DenyKey=system.run[*]

### Option: EnableRemoteCommands - Deprecated, use AllowKey=system.run[*] or DenyKey=system.run[*] instead
#	Internal alias for AllowKey/DenyKey parameters depending on value:
#	0 - DenyKey=system.run[*]
#	1 - AllowKey=system.run[*]
#
# Mandatory: no

### Option: LogRemoteCommands
#	Enable logging of executed shell commands as warnings.
#	0 - disabled
#	1 - enabled
#
# Mandatory: no
# Default:
# LogRemoteCommands=0

##### Passive checks related

### Option: Server
#	List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.
#	Incoming connections will be accepted only from the hosts listed here.
#	If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally and '::/0' will allow any IPv4 or IPv6 address.
#	'0.0.0.0/0' can be used to allow any IPv4 address.
#	Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.domain
#
# Mandatory: yes, if StartAgents is not explicitly set to 0
# Default:
# Server=

Server=202.205.161.80

### Option: ListenPort
#	Agent will listen on this port for connections from the server.
#
# Mandatory: no
# Range: 1024-32767
# Default:
# ListenPort=10050


### Option: ListenIP
#		List of comma delimited IP addresses that the agent should listen on.
#		First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
#
# Mandatory: no
# Default:
# ListenIP=0.0.0.0


### Option: StartAgents
#	Number of pre-forked instances of zabbix_agentd that process passive checks.
#	If set to 0, disables passive checks and the agent will not listen on any TCP port.
#
# Mandatory: no
# Range: 0-100
# Default:
# StartAgents=3

##### Active checks related

### Option: ServerActive
#	List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.
#	If port is not specified, default port is used.
#	IPv6 addresses must be enclosed in square brackets if port for that host is specified.
#	If port is not specified, square brackets for IPv6 addresses are optional.
#	If this parameter is not specified, active checks are disabled.
#	Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
#
# Mandatory: no
# Default:
# ServerActive=

ServerActive=202.205.161.80

### Option: Hostname
#	List of comma delimited unique, case sensitive hostnames.
#	Required for active checks and must match hostnames as configured on the server.
#	Value is acquired from HostnameItem if undefined.
#
# Mandatory: no
# Default:
# Hostname=

Hostname=Demo_Web_104

### Option: HostnameItem
#	Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
#	Does not support UserParameters or aliases.
#
# Mandatory: no
# Default:
# HostnameItem=system.hostname

### Option: HostMetadata
#	Optional parameter that defines host metadata.
#	Host metadata is used at host auto-registration process.
#	An agent will issue an error and not start if the value is over limit of 255 characters.
#	If not defined, value will be acquired from HostMetadataItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostMetadata=


### Option: HostMetadataItem
#	Optional parameter that defines an item used for getting host metadata.
#	Host metadata is used at host auto-registration process.
#	During an auto-registration request an agent will log a warning message if
#	the value returned by specified item is over limit of 255 characters.
#	This option is only used when HostMetadata is not defined.
#
# Mandatory: no
# Default:
# HostMetadataItem=

### Option: HostInterface
#	Optional parameter that defines host interface.
#	Host interface is used at host auto-registration process.
#	An agent will issue an error and not start if the value is over limit of 255 characters.
#	If not defined, value will be acquired from HostInterfaceItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostInterface=


### Option: HostInterfaceItem
#	Optional parameter that defines an item used for getting host interface.
#	Host interface is used at host auto-registration process.
#	During an auto-registration request an agent will log a warning message if
#	the value returned by specified item is over limit of 255 characters.
#	This option is only used when HostInterface is not defined.
#
# Mandatory: no
# Default:
# HostInterfaceItem=

### Option: RefreshActiveChecks
#	How often list of active checks is refreshed, in seconds.
#
# Mandatory: no
# Range: 60-3600
# Default:
# RefreshActiveChecks=120

### Option: BufferSend
#	Do not keep data longer than N seconds in buffer.
#
# Mandatory: no
# Range: 1-3600
# Default:
# BufferSend=5

### Option: BufferSize
#	Maximum number of values in a memory buffer. The agent will send
#	all collected data to Zabbix server or Proxy if the buffer is full.
#
# Mandatory: no
# Range: 2-65535
# Default:
# BufferSize=100

### Option: MaxLinesPerSecond
#	Maximum number of new lines the agent will send per second to Zabbix Server
#	or Proxy processing 'log', 'logrt' and 'eventlog' active checks.
#	The provided value will be overridden by the parameter 'maxlines',
#	provided in 'log', 'logrt' or 'eventlog' item keys.
#
# Mandatory: no
# Range: 1-1000
# Default:
# MaxLinesPerSecond=20

############ ADVANCED PARAMETERS #################

### Option: Alias
#	Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
#	Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
#	Different Alias keys may reference the same item key.
#	For example, to retrieve paging file usage in percents from the server:
#	Alias=pg_usage:perf_counter[\Paging File(_Total)\% Usage]
#	Now shorthand key pg_usage may be used to retrieve data.
#	Aliases can be used in HostMetadataItem but not in HostnameItem or PerfCounter parameters.
#
# Mandatory: no
# Range:
# Default:

### Option: Timeout
#	Spend no more than Timeout seconds on processing.
#
# Mandatory: no
# Range: 1-30
# Default:
# Timeout=3


### Option: PerfCounter
#	Syntax: <parameter_name>,"<perf_counter_path>",<period>
#	Defines new parameter <parameter_name> which is an average value for system performance counter <perf_counter_path> for the specified time period <period> (in seconds).
#	For example, if you wish to receive average number of processor interrupts per second for last minute, you can define new parameter "interrupts" as following:
#	PerfCounter = interrupts,"\Processor(0)\Interrupts/sec",60
#	Please note double quotes around performance counter path.
#	Samples for calculating average value will be taken every second.
#	You may run "typeperf -qx" to get list of all performance counters available in Windows.
#
# Mandatory: no
# Range:
# Default:

### Option: Include
#	You may include individual files in the configuration file.
#
# Mandatory: no
# Default:
# Include=

# Include=c:\zabbix\zabbix_agentd.userparams.conf
# Include=c:\zabbix\zabbix_agentd.conf.d\
# Include=c:\zabbix\zabbix_agentd.conf.d\*.conf

Include=C:\Program Files\Zabbix Agent\zabbix_agentd.d\

####### USER-DEFINED MONITORED PARAMETERS #######

### Option: UnsafeUserParameters
#	Allow all characters to be passed in arguments to user-defined parameters.
#	The following characters are not allowed:
#	\ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
#	Additionally, newline characters are not allowed.
#	0 - do not allow
#	1 - allow
#
# Mandatory: no
# Range: 0-1
# Default:
# UnsafeUserParameters=0

### Option: UserParameter
#	User-defined parameter to monitor. There can be several user-defined parameters.
#	Format: UserParameter=<key>,<shell command>
#
# Mandatory: no
# Default:
# UserParameter=

### Option: UserParameterDir
#	Directory to execute UserParameter commands from. Only one entry is allowed.
#	When executing UserParameter commands the agent will change the working directory to the one
#	specified in the UserParameterDir option.
#	This way UserParameter commands can be specified using the relative ./ prefix.
#
# Mandatory: no
# Default:
# UserParameterDir=

####### TLS-RELATED PARAMETERS #######

### Option: TLSConnect
#	How the agent should connect to server or proxy. Used for active checks.
#	Only one value can be specified:
#		unencrypted - connect without encryption
#		psk         - connect using TLS and a pre-shared key
#		cert        - connect using TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSConnect=unencrypted


### Option: TLSAccept
#	What incoming connections to accept.
#	Multiple values can be specified, separated by comma:
#		unencrypted - accept connections without encryption
#		psk         - accept connections secured with TLS and a pre-shared key
#		cert        - accept connections secured with TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSAccept=unencrypted


### Option: TLSCAFile
#	Full pathname of a file containing the top-level CA(s) certificates for
#	peer certificate verification.
#
# Mandatory: no
# Default:
# TLSCAFile=


### Option: TLSCRLFile
#	Full pathname of a file containing revoked certificates.
#
# Mandatory: no
# Default:
# TLSCRLFile=


### Option: TLSServerCertIssuer
#		Allowed server certificate issuer.
#
# Mandatory: no
# Default:
# TLSServerCertIssuer=


### Option: TLSServerCertSubject
#		Allowed server certificate subject.
#
# Mandatory: no
# Default:
# TLSServerCertSubject=


### Option: TLSCertFile
#	Full pathname of a file containing the agent certificate or certificate chain.
#
# Mandatory: no
# Default:
# TLSCertFile=


### Option: TLSKeyFile
#	Full pathname of a file containing the agent private key.
#
# Mandatory: no
# Default:
# TLSKeyFile=


### Option: TLSPSKIdentity
#	Unique, case sensitive string used to identify the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKIdentity=


### Option: TLSPSKFile
#	Full pathname of a file containing the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKFile=


####### For advanced users - TLS ciphersuite selection criteria #######

### Option: TLSCipherCert13
#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#	Override the default ciphersuite selection criteria for certificate-based encryption.
#
# Mandatory: no
# Default:
# TLSCipherCert13=

### Option: TLSCipherCert
#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#	Override the default ciphersuite selection criteria for certificate-based encryption.
#	Example for GnuTLS:
#		NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
#	Example for OpenSSL:
#		EECDH+aRSA+AES128:RSA+aRSA+AES128
#
# Mandatory: no
# Default:
# TLSCipherCert=

### Option: TLSCipherPSK13
#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#	Override the default ciphersuite selection criteria for PSK-based encryption.
#	Example:
#		TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
#
# Mandatory: no
# Default:
# TLSCipherPSK13=

### Option: TLSCipherPSK
#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#	Override the default ciphersuite selection criteria for PSK-based encryption.
#	Example for GnuTLS:
#		NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL
#	Example for OpenSSL:
#		kECDHEPSK+AES128:kPSK+AES128
#
# Mandatory: no
# Default:
# TLSCipherPSK=

### Option: TLSCipherAll13
#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.
#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
#	Example:
#		TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
#
# Mandatory: no
# Default:
# TLSCipherAll13=

### Option: TLSCipherAll
#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.
#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.
#	Example for GnuTLS:
#		NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509
#	Example for OpenSSL:
#		EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128
#
# Mandatory: no
# Default:
# TLSCipherAll=

####### For advanced users - TCP-related fine-tuning parameters #######

## Option: ListenBacklog
#       The maximum number of pending connections in the queue. This parameter is passed to
#       listen() function as argument 'backlog' (see "man listen").
#
# Mandatory: no
# Range: 0 - INT_MAX (depends on system, too large values may be silently truncated to implementation-specified maximum)
# Default: SOMAXCONN (hard-coded constant, depends on system)
# ListenBacklog=
0

评论区