File size: 2,631 Bytes
1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 71a733e 1d1faf9 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
#!/bin/bash
# unset http proxy which maybe set by docker daemon
export http_proxy=""; export https_proxy=""; export no_proxy=""; export HTTP_PROXY=""; export HTTPS_PROXY=""; export NO_PROXY=""
echo "Elasticsearch built-in user: elastic:${ELASTIC_PASSWORD}"
# Wait Elasticsearch be healthy
while true; do
response=$(curl -s -v -w "\n%{http_code}" -u "elastic:${ELASTIC_PASSWORD}" "http://es01:9200")
exit_code=$?
status=$(echo "$response" | tail -n1)
if [ $exit_code -eq 0 ] && [ "$status" = "200" ]; then
echo "Elasticsearch is healthy"
break
else
echo "Elasticsearch is unhealthy: $exit_code $status"
echo "$response"
sleep 5
fi
done
# Create new role with all privileges to all indices
# https://www.elastic.co/guide/en/elasticsearch/reference/current/security-privileges.html#privileges-list-indices
echo "Going to create Elasticsearch role own_indices with all privileges to all indices"
while true; do
response=$(curl -s -v -w "\n%{http_code}" -u "elastic:${ELASTIC_PASSWORD}" -X POST http://es01:9200/_security/role/own_indices -H 'Content-Type: application/json' -d '{"indices": [{"names": ["*"], "privileges": ["all"]}]}')
exit_code=$?
status=$(echo "$response" | tail -n1)
if [ $exit_code -eq 0 ] && [ "$status" = "200" ]; then
echo "Elasticsearch role own_indices created"
break
else
echo "Elasticsearch role own_indices failure: $exit_code $status"
echo "$response"
sleep 5
fi
done
echo "Elasticsearch role own_indices:"
curl -u "elastic:${ELASTIC_PASSWORD}" -X GET "http://es01:9200/_security/role/own_indices"
echo ""
PAYLOAD="{\"password\": \"${KIBANA_PASSWORD}\", \"roles\": [\"kibana_admin\", \"kibana_system\", \"own_indices\"], \"full_name\": \"${KIBANA_USER}\", \"email\": \"${KIBANA_USER}@example.com\"}"
echo "Going to create Elasticsearch user ${KIBANA_USER}: ${PAYLOAD}"
# Create new user
while true; do
response=$(curl -s -v -w "\n%{http_code}" -u "elastic:${ELASTIC_PASSWORD}" -X POST http://es01:9200/_security/user/${KIBANA_USER} -H "Content-Type: application/json" -d "${PAYLOAD}")
exit_code=$?
status=$(echo "$response" | tail -n1)
if [ $exit_code -eq 0 ] && [ "$status" = "200" ]; then
echo "Elasticsearch user ${KIBANA_USER} created"
break
else
echo "Elasticsearch user ${KIBANA_USER} failure: $exit_code $status"
echo "$response"
sleep 5
fi
done
echo "Elasticsearch user ${KIBANA_USER}:"
curl -u "elastic:${ELASTIC_PASSWORD}" -X GET "http://es01:9200/_security/user/${KIBANA_USER}"
echo ""
exit 0
|