From 9bd1119970d6b54fbde5094e7f578778b9a8280b Mon Sep 17 00:00:00 2001 From: kevinhu Date: Fri, 15 Dec 2023 19:36:38 +0800 Subject: [PATCH] add docker compose --- docker/docker-compose.yml.bk | 164 ----------------------------------- 1 file changed, 164 deletions(-) delete mode 100644 docker/docker-compose.yml.bk diff --git a/docker/docker-compose.yml.bk b/docker/docker-compose.yml.bk deleted file mode 100644 index 778484de7..000000000 --- a/docker/docker-compose.yml.bk +++ /dev/null @@ -1,164 +0,0 @@ -version: '2.2' -services: - setup: - image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION} - volumes: - - certs:/usr/share/elasticsearch/config/certs - user: "0" - command: > - bash -c ' - if [ x${ELASTIC_PASSWORD} == x ]; then - echo "Set the ELASTIC_PASSWORD environment variable in the .env file"; - exit 1; - elif [ x${KIBANA_PASSWORD} == x ]; then - echo "Set the KIBANA_PASSWORD environment variable in the .env file"; - exit 1; - elif [ x${POSTGRES_USER} == x ]; then - echo "Set the POSTGRES_USER environment variable in the .env file"; - exit 1; - elif [ x${POSTGRES_PASSWORD} == x ]; then - echo "Set the POSTGRES_PASSWORD environment variable in the .env file"; - exit 1; - elif [ x${POSTGRES_DB} == x ]; then - echo "Set the POSTGRES_DB environment variable in the .env file"; - exit 1; - fi; - if [ ! -f config/certs/ca.zip ]; then - echo "Creating CA"; - bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip; - unzip config/certs/ca.zip -d config/certs; - fi; - if [ ! -f config/certs/certs.zip ]; then - echo "Creating certs"; - echo -ne \ - "instances:\n"\ - " - name: es01\n"\ - " dns:\n"\ - " - es01\n"\ - " - localhost\n"\ - " ip:\n"\ - " - 127.0.0.1\n"\ - > config/certs/instances.yml; - bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key; - unzip config/certs/certs.zip -d config/certs; - fi; - echo "Setting file permissions" - chown -R root:root config/certs; - find . -type d -exec chmod 750 \{\} \;; - find . -type f -exec chmod 640 \{\} \;; - echo "Waiting for Elasticsearch availability"; - until curl -s --cacert config/certs/ca/ca.crt https://es01:9200 | grep -q "missing authentication credentials"; do sleep 30; done; - echo "Setting kibana_system password"; - until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es01:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done; - echo "All done!"; - ' - healthcheck: - test: ["CMD-SHELL", "[ -f config/certs/es01/es01.crt ]"] - interval: 1s - timeout: 5s - retries: 120 - - es01: - depends_on: - setup: - condition: service_healthy - container_name: docass-es-01 - image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION} - volumes: - - certs:/usr/share/elasticsearch/config/certs - - esdata01:/usr/share/elasticsearch/data - ports: - - ${ES_PORT}:9200 - environment: - - node.name=es01 - - cluster.name=${CLUSTER_NAME} - - cluster.initial_master_nodes=es01 - - discovery.seed_hosts=es01 - - ELASTIC_PASSWORD=${ELASTIC_PASSWORD} - - bootstrap.memory_lock=true - #- xpack.security.enabled=false - #- xpack.security.http.ssl.enabled=false - #- xpack.security.http.ssl.key=certs/es01/es01.key - #- xpack.security.http.ssl.certificate=certs/es01/es01.crt - #- xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt - #- xpack.security.transport.ssl.enabled=false - #- xpack.security.transport.ssl.key=certs/es01/es01.key - #- xpack.security.transport.ssl.certificate=certs/es01/es01.crt - #- xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt - #- xpack.security.transport.ssl.verification_mode=certificate - #- xpack.license.self_generated.type=${LICENSE} - mem_limit: ${MEM_LIMIT} - ulimits: - memlock: - soft: -1 - hard: -1 - healthcheck: - test: - [ - "CMD-SHELL", - "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'", - ] - interval: 10s - timeout: 10s - retries: 120 - networks: - - docass - #restart: always - - kibana: - depends_on: - - es01 - image: docker.elastic.co/kibana/kibana:${STACK_VERSION} - container_name: docass-kibana - volumes: - - certs:/usr/share/kibana/config/certs - - kibanadata:/usr/share/kibana/data - ports: - - ${KIBANA_PORT}:5601 - environment: - - SERVERNAME=kibana - - ELASTICSEARCH_HOSTS=https://es01:9200 - - ELASTICSEARCH_USERNAME=kibana_system - - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD} - - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt - mem_limit: ${MEM_LIMIT} - healthcheck: - test: - [ - "CMD-SHELL", - "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'", - ] - interval: 10s - timeout: 10s - retries: 120 - networks: - - docass - - postgres: - image: postgres - container_name: docass-postgres - environment: - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=${POSTGRES_DB} - ports: - - 5455:5455 - volumes: - - pg_data:/usr/share/elasticsearch/data - networks: - - docass - restart: always - -volumes: - certs: - driver: local - esdata01: - driver: local - kibanadata: - driver: local - pg_data: - driver: local - -networks: - docass: - driver: bridge