docs: Add 16, update 2 and remove 2 files
All checks were successful
Test and Publish Templates / test-and-publish (push) Successful in 9s
All checks were successful
Test and Publish Templates / test-and-publish (push) Successful in 9s
This commit is contained in:
j
69
graylog/install.sh
Executable file
69
graylog/install.sh
Executable file
@@ -0,0 +1,69 @@
|
||||
#!/bin/bash
|
||||
source "${AGENT_PATH}/common.sh"
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
|
||||
_check_required_env_vars "CONTAINER_NAME" "GRAYLOG_PASSWORD_SECRET" "GRAYLOG_ROOT_PASSWORD"
|
||||
|
||||
# Convert plain text password to SHA256 for Graylog
|
||||
export GRAYLOG_ROOT_PASSWORD_SHA2=$(echo -n "${GRAYLOG_ROOT_PASSWORD}" | sha256sum | cut -d' ' -f1)
|
||||
|
||||
# Check Docker
|
||||
_check_docker_installed || _die "Docker test failed"
|
||||
docker compose version >/dev/null 2>&1 || _die "Docker Compose V2 is required"
|
||||
|
||||
# Check vm.max_map_count for OpenSearch
|
||||
CURRENT_MAP_COUNT=$(cat /proc/sys/vm/max_map_count 2>/dev/null || echo "0")
|
||||
if [ "$CURRENT_MAP_COUNT" -lt 262144 ]; then
|
||||
echo "WARNING: vm.max_map_count is $CURRENT_MAP_COUNT (should be at least 262144)"
|
||||
echo "OpenSearch may fail to start. To fix, run:"
|
||||
echo " sudo sysctl -w vm.max_map_count=262144"
|
||||
echo " echo 'vm.max_map_count=262144' | sudo tee -a /etc/sysctl.conf"
|
||||
fi
|
||||
|
||||
# Stop any existing containers
|
||||
bash ./stop.sh 2>/dev/null || true
|
||||
|
||||
# Start the stack
|
||||
echo "Starting Graylog..."
|
||||
docker compose -p "${CONTAINER_NAME}" up -d || _die "Failed to start Graylog stack"
|
||||
|
||||
# Wait for Graylog to be ready
|
||||
echo -n "Waiting for Graylog to start (this may take a few minutes)..."
|
||||
MAX_WAIT=180
|
||||
WAITED=0
|
||||
while [ $WAITED -lt $MAX_WAIT ]; do
|
||||
if curl -s "http://localhost:${WEB_PORT:-9000}/api/system/lbstatus" 2>/dev/null | grep -q "ALIVE"; then
|
||||
echo " Ready!"
|
||||
break
|
||||
fi
|
||||
echo -n "."
|
||||
sleep 5
|
||||
WAITED=$((WAITED + 5))
|
||||
done
|
||||
|
||||
if [ $WAITED -ge $MAX_WAIT ]; then
|
||||
echo ""
|
||||
echo "WARNING: Graylog may still be starting. Check logs with: dropshell logs graylog"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "========================================="
|
||||
echo "Graylog Installed!"
|
||||
echo "========================================="
|
||||
echo ""
|
||||
echo "Web UI: http://$(hostname -I | awk '{print $1}'):${WEB_PORT:-9000}"
|
||||
echo "Login: admin / ${GRAYLOG_ROOT_PASSWORD}"
|
||||
echo ""
|
||||
echo "INPUT PORTS:"
|
||||
echo " GELF UDP: ${GELF_UDP_PORT:-12201}"
|
||||
echo " GELF TCP: ${GELF_TCP_PORT:-12202}"
|
||||
echo " Syslog UDP: ${SYSLOG_UDP_PORT:-1514}"
|
||||
echo " Syslog TCP: ${SYSLOG_TCP_PORT:-1515}"
|
||||
echo " Beats: ${BEATS_PORT:-5044}"
|
||||
echo ""
|
||||
echo "IMPORTANT: Configure inputs in the Graylog web UI:"
|
||||
echo " System -> Inputs -> Select input type -> Launch"
|
||||
echo ""
|
||||
echo "SECURITY: Change GRAYLOG_PASSWORD_SECRET and"
|
||||
echo "GRAYLOG_ROOT_PASSWORD in service.env!"
|
||||
echo "========================================="
|
||||
Reference in New Issue
Block a user