diff --git a/.env b/.env index 8df4a2e..554dc0b 100644 --- a/.env +++ b/.env @@ -1,4 +1,4 @@ #ถ้า set ตัวนี้จะทำการ ovver default name ทันที #COMPOSE_PROJECT_NAME=es CERTS_DIR=/usr/share/elasticsearch/config/certificates -ELASTIC_PASSWORD=PleaseChangeMe \ No newline at end of file +ELASTIC_PASSWORD= \ No newline at end of file diff --git a/.gitignore b/.gitignore index b67db0b..e82e9d5 100644 --- a/.gitignore +++ b/.gitignore @@ -83,7 +83,7 @@ nbdist/ # gitignore template for Nuxt.js projects # # Recommended template: Node.gitignore - +.env # Nuxt build .nuxt diff --git a/Ansible-ELK-Stack/foo.yml b/Ansible-ELK-Stack/foo.yml new file mode 100644 index 0000000..f45071f --- /dev/null +++ b/Ansible-ELK-Stack/foo.yml @@ -0,0 +1,6 @@ +$ANSIBLE_VAULT;1.2;AES256;test +30356435383966623237363336376132373461396466633436363965653464616232356664323131 +3936316364626139626162646362643339373830393265640a656264383463326566656165313933 +61303933393934363433303564343530636135626633373535653931363865393531396634376533 +3535316337316466330a373030376261646539393839373134653733323432336361653266663732 +6134 diff --git a/Ansible-ELK-Stack/hello.txt b/Ansible-ELK-Stack/hello.txt deleted file mode 100644 index cc35cd9..0000000 --- a/Ansible-ELK-Stack/hello.txt +++ /dev/null @@ -1 +0,0 @@ -transfered file test! \ No newline at end of file diff --git a/Ansible-ELK-Stack/roles/elk/tasks/main.yml b/Ansible-ELK-Stack/roles/elk/tasks/main.yml index 7f9b310..16cc3ff 100644 --- a/Ansible-ELK-Stack/roles/elk/tasks/main.yml +++ b/Ansible-ELK-Stack/roles/elk/tasks/main.yml @@ -29,4 +29,10 @@ state: present remove_orphans: true +- name: "Change password for Kibana" + script: ../setupKibanaPassword.sh + + + + \ No newline at end of file diff --git a/changePassword.sh b/changePassword.sh index b1fd4ea..fb33987 100644 --- a/changePassword.sh +++ b/changePassword.sh @@ -1,5 +1,5 @@ #!/bin/bash -curl -X POST -v -k --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt "https://elasticsearch1:9200/_security/user/kibana/_password?pretty" -u elastic:PleaseChangeMe -H 'Content-Type: application/json' -d' { "password" : "PleaseChangeMe" } ' +curl -X POST -v -k --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt "https://elasticsearch1:9200/_security/user/kibana/_password?pretty" -u elastic: -H 'Content-Type: application/json' -d' { "password" : "" } ' if [[ $? == 51 ]] then diff --git a/docker-compose-elastic-single-ssl.yml b/docker-compose-elastic-single-ssl.yml index c3f4297..cc12747 100644 --- a/docker-compose-elastic-single-ssl.yml +++ b/docker-compose-elastic-single-ssl.yml @@ -1,5 +1,6 @@ version: '3.3' services: + env_file: Ansible-ELK-Stack/elk.config elasticsearch1: image: docker.elastic.co/elasticsearch/elasticsearch:7.7.0 container_name: elasticsearch1 @@ -47,6 +48,7 @@ services: ports: - 9200:9200 + kibana: image: docker.elastic.co/kibana/kibana:7.7.0 container_name: kibana diff --git a/setupKibanaPassword.sh b/setupKibanaPassword.sh new file mode 100644 index 0000000..6070a2e --- /dev/null +++ b/setupKibanaPassword.sh @@ -0,0 +1,14 @@ +#!/bin/bash +while true +do + curl --fail -u "elastic:" \ + "http://localhost:9200/_cluster/health?wait_for_status=yellow" \ + && break + sleep 5 +done + +curl -X POST -v -k "http://localhost:9200/_security/user/kibana/_password?pretty" \ + -u elastic: -H 'Content-Type: application/json' \ + -d ' { "password" : "" } ' \ + && echo "success change password success" + \ No newline at end of file