diff --git a/logserver/README.md b/logserver/README.md index 5985e85..81e25e6 100644 --- a/logserver/README.md +++ b/logserver/README.md @@ -12,7 +12,8 @@ sudo sysctl -w vm.max_map_count=262144 2. **Configure** Edit `config/service.env`: - Set `SERVER_PUBLICBASEURL` to your actual server URL -- Change `ELASTIC_PASSWORD` from default +- Set `KIBANA_USERNAME` to your preferred username +- Change `KIBANA_USER_PASSWORD` from default 3. **Install** ```bash @@ -28,8 +29,8 @@ dropshell install logserver 5. **Access Kibana** - URL: `http://:5601` -- User: `elastic` -- Password: Set in `service.env` (ELASTIC_PASSWORD) +- Username: Set in `service.env` (KIBANA_USERNAME, default: `admin`) +- Password: Set in `service.env` (KIBANA_USER_PASSWORD) ## Ports - `5601` - Kibana Web UI diff --git a/logserver/config/service.env b/logserver/config/service.env index e3a6ee4..0049585 100644 --- a/logserver/config/service.env +++ b/logserver/config/service.env @@ -17,8 +17,10 @@ LS_PIPELINE_WORKERS=2 # Kibana settings KIBANA_VERSION=7.17.23 -# Authentication (IMPORTANT: Change this!) -ELASTIC_PASSWORD=changeme # Password for 'elastic' user in Kibana/Elasticsearch +# Authentication (IMPORTANT: Change these!) +ELASTIC_PASSWORD=changeme # Password for 'elastic' superuser (internal use) +KIBANA_USERNAME=admin # Your login username for Kibana +KIBANA_USER_PASSWORD=changeme # Your login password for Kibana # Ports KIBANA_PORT=5601 diff --git a/logserver/docker-compose.yml b/logserver/docker-compose.yml index a4b8e5f..1be7eff 100644 --- a/logserver/docker-compose.yml +++ b/logserver/docker-compose.yml @@ -1,5 +1,3 @@ -version: '3.8' - services: elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:${ES_VERSION:-7.17.23} diff --git a/logserver/install.sh b/logserver/install.sh index 5d955b3..6a85c46 100755 --- a/logserver/install.sh +++ b/logserver/install.sh @@ -63,12 +63,35 @@ sleep 10 # Check status bash ./status.sh || _die "Services failed to start properly" +# Create custom user +echo "Setting up custom user..." +docker exec ${CONTAINER_NAME}_elasticsearch bash -c " + until curl -s -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -q '\"status\":\"yellow\"\|\"status\":\"green\"'; do + sleep 2 + done + + curl -X POST -u elastic:${ELASTIC_PASSWORD} \ + -H 'Content-Type: application/json' \ + http://localhost:9200/_security/user/${KIBANA_USERNAME:-admin} \ + -d '{ + \"password\" : \"${KIBANA_USER_PASSWORD:-changeme}\", + \"roles\" : [ \"superuser\" ], + \"full_name\" : \"Admin User\" + }' 2>/dev/null || true +" + echo "Installation of ${CONTAINER_NAME} complete" echo "" echo "=========================================" echo "Kibana UI: ${SERVER_PUBLICBASEURL:-http://$(hostname -I | awk '{print $1}'):${KIBANA_PORT}}" -echo "Username: elastic" -echo "Password: ${ELASTIC_PASSWORD:-changeme}" +echo "" +echo "Login with your custom user:" +echo " Username: ${KIBANA_USERNAME:-admin}" +echo " Password: ${KIBANA_USER_PASSWORD:-changeme}" +echo "" +echo "Or the superuser:" +echo " Username: elastic" +echo " Password: ${ELASTIC_PASSWORD:-changeme}" echo "=========================================" echo "" echo "IMPORTANT: Update service.env with:" diff --git a/logserver/scripts/setup-user.sh b/logserver/scripts/setup-user.sh new file mode 100755 index 0000000..eb709b7 --- /dev/null +++ b/logserver/scripts/setup-user.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Script to create a custom user for Kibana login +# This runs after Elasticsearch is up and creates the user defined in service.env + +# Wait for Elasticsearch to be ready +echo "Waiting for Elasticsearch to be ready..." +until curl -s -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -q '"status":"yellow"\|"status":"green"'; do + sleep 5 +done + +echo "Creating user '${KIBANA_USERNAME}'..." + +# Create the custom user with superuser role +curl -X POST -u elastic:${ELASTIC_PASSWORD} \ + -H "Content-Type: application/json" \ + http://localhost:9200/_security/user/${KIBANA_USERNAME} \ + -d '{ + "password" : "'${KIBANA_USER_PASSWORD}'", + "roles" : [ "superuser" ], + "full_name" : "Admin User", + "email" : "admin@example.com" + }' + +if [ $? -eq 0 ]; then + echo "" + echo "User '${KIBANA_USERNAME}' created successfully!" + echo "You can now log in to Kibana with:" + echo " Username: ${KIBANA_USERNAME}" + echo " Password: ${KIBANA_USER_PASSWORD}" +else + echo "Note: User might already exist or there was an error" +fi \ No newline at end of file