From fe419a8c455965a20e14a02c3de8a2d525a553d4 Mon Sep 17 00:00:00 2001 From: Dennis Weewer Date: Wed, 16 Oct 2024 15:37:54 +0200 Subject: [PATCH 1/2] Set header for authorization On Zabbix version 6.4 and newer there has been a change in the way authentication. Using a bearer token would lead to issues with autheticating using the API as the header did not seem the get passed to the application. This seems to have been known since the release of 6.4 and a bug report is still open. But the bug report also already contained a workaround/fix (https://support.zabbix.com/browse/ZBX-22952). --- manifests/web.pp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/manifests/web.pp b/manifests/web.pp index 24031259..988b69a6 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -343,6 +343,14 @@ default => $zabbix_api_access.map |$host| { "host ${host}" }, } + if versioncmp($zabbix_version, '6.4') >= 0 { + $setenvif_auth = [ + 'Authorization "(.*)" HTTP_AUTHORIZATION=$1' + ] + } else { + $setenvif_auth = undef + } + apache::vhost { $zabbix_url: docroot => '/usr/share/zabbix', ip => $apache_listen_ip, @@ -387,6 +395,7 @@ { rewrite_rule => ['^$ /index.php [L]'] } ], + setenvif => $setenvif_auth, ssl => $apache_use_ssl, ssl_cert => $apache_ssl_cert, ssl_key => $apache_ssl_key, From 5d76cd56e1cb05a9b003d5bd12e7ec98ec52be0b Mon Sep 17 00:00:00 2001 From: Dennis Weewer Date: Wed, 16 Oct 2024 15:43:24 +0200 Subject: [PATCH 2/2] Correct lint --- manifests/web.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/web.pp b/manifests/web.pp index 988b69a6..725f38fc 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -345,7 +345,7 @@ if versioncmp($zabbix_version, '6.4') >= 0 { $setenvif_auth = [ - 'Authorization "(.*)" HTTP_AUTHORIZATION=$1' + 'Authorization "(.*)" HTTP_AUTHORIZATION=$1', ] } else { $setenvif_auth = undef