1
0
mirror of https://github.com/krislamo/graylog_demo synced 2024-12-16 06:50:35 +00:00
This commit is contained in:
Kris Lamoureux 2020-03-03 13:53:20 -05:00
parent 2514ce237a
commit 8543cb16d2
Signed by: kris
GPG Key ID: A30022791E1719A4
2 changed files with 23 additions and 21 deletions

41
Vagrantfile vendored
View File

@ -62,11 +62,32 @@ Vagrant.configure("2") do |config|
# Start compose services and add default input # Start compose services and add default input
config.vm.provision "shell", inline: <<-SHELL config.vm.provision "shell", inline: <<-SHELL
# Remove old keys and create directories # Remove old keys and create directories
mkdir -p /vagrant/pki mkdir -p /vagrant/pki
rm -r /vagrant/pki/* rm -r /vagrant/pki/*
mkdir -p /vagrant/pki/{fluentd,graylog} mkdir -p /vagrant/pki/{fluentd,graylog}
# Generate and install TLS keys
cd /vagrant/pki
# Generate Graylog's CA
openssl genrsa -out rootCA.key 4096 2> /dev/null
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 \
-out rootCA.crt -subj "/C=US/ST=GA/O=MyOrg/CN=localhost" 2> /dev/null
# Generate Fluentd's keys
openssl genrsa -out fluentd.key 4096 2> /dev/null
openssl req -new -sha256 -key fluentd.key \
-subj "/C=US/ST=GA/O=MyOrg/CN=localhost" -out fluentd.csr 2> /dev/null
# Sign Fluentd's certificate
openssl x509 -req -in fluentd.csr -CA rootCA.crt -CAkey rootCA.key \
-CAcreateserial -out fluentd-signed.crt -days 500 -sha256 2> /dev/null
mv fluentd*.* fluentd/
mv root*.* graylog/
# Bring up containers # Bring up containers
cd /vagrant cd /vagrant
/usr/local/bin/docker-compose up -d 2> /dev/null /usr/local/bin/docker-compose up -d 2> /dev/null
@ -129,26 +150,6 @@ Vagrant.configure("2") do |config|
-d @GELFTCPInput.json -d @GELFTCPInput.json
fi fi
# Generate and install TLS keys
cd /vagrant/pki
# Generate Graylog's CA
openssl genrsa -out rootCA.key 4096 2> /dev/null
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 \
-out rootCA.crt -subj "/C=US/ST=GA/O=MyOrg/CN=localhost" 2> /dev/null
# Generate Fluentd's keys
openssl genrsa -out fluentd.key 4096 2> /dev/null
openssl req -new -sha256 -key fluentd.key \
-subj "/C=US/ST=GA/O=MyOrg/CN=localhost" -out fluentd.csr 2> /dev/null
# Sign Fluentd's certificate
openssl x509 -req -in fluentd.csr -CA rootCA.crt -CAkey rootCA.key \
-CAcreateserial -out fluentd-signed.crt -days 500 -sha256 2> /dev/null
mv fluentd*.* fluentd/
mv root*.* graylog/
SHELL SHELL
end end

View File

@ -3,7 +3,8 @@ USER root
RUN apt-get update \ RUN apt-get update \
&& apt-get -y install --no-install-recommends wget \ && apt-get -y install --no-install-recommends wget \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN gem uninstall gelf -v 3.1.0
RUN gem install gelf -v 3.0.0
RUN gem install fluent-plugin-rewrite-tag-filter RUN gem install fluent-plugin-rewrite-tag-filter
RUN gem install fluent-plugin-gelf-hs RUN gem install fluent-plugin-gelf-hs
RUN gem install gelf -v 3.0.0
COPY fluent.conf /fluentd/etc/ COPY fluent.conf /fluentd/etc/