|
|
|
|
##
|
|
|
|
|
## elasticsearch-xpack.spec -- OpenPKG RPM Package Specification
|
|
|
|
|
## Copyright (c) 2000-2021 OpenPKG Project <http://openpkg.org/>
|
|
|
|
|
##
|
|
|
|
|
## Permission to use, copy, modify, and distribute this software for
|
|
|
|
|
## any purpose with or without fee is hereby granted, provided that
|
|
|
|
|
## the above copyright notice and this permission notice appear in all
|
|
|
|
|
## copies.
|
|
|
|
|
##
|
|
|
|
|
## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
|
|
|
|
|
## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
|
|
|
## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
|
## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
|
|
|
|
|
## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
|
## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
|
|
|
## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
|
|
|
|
## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
|
|
## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
|
|
|
## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
|
|
|
## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
## SUCH DAMAGE.
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
# package version
|
|
|
|
|
%define V_elasticsearch_xpack 6.2.4
|
|
|
|
|
%define V_elasticsearch 6.2
|
|
|
|
|
|
|
|
|
|
# package information
|
|
|
|
|
Name: elasticsearch-xpack
|
|
|
|
|
Summary: X-Pack Extension for ElasticSearch
|
|
|
|
|
URL: https://www.elastic.co/products/x-pack
|
|
|
|
|
Vendor: ElasticSearch Community
|
|
|
|
|
Packager: OpenPKG Project
|
|
|
|
|
Distribution: OpenPKG Community
|
|
|
|
|
Class: PLUS
|
|
|
|
|
Group: Database
|
|
|
|
|
License: Apache
|
|
|
|
|
Version: %{V_elasticsearch_xpack}
|
|
|
|
|
Release: 20180514
|
|
|
|
|
|
|
|
|
|
# list of sources
|
|
|
|
|
Source0: https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-%{V_elasticsearch_xpack}.zip
|
|
|
|
|
Source1: elasticsearch-tls.sh
|
|
|
|
|
|
|
|
|
|
# build information
|
|
|
|
|
BuildPreReq: OpenPKG, openpkg >= 20160101, infozip
|
|
|
|
|
PreReq: OpenPKG, openpkg >= 20160101, cfssl
|
|
|
|
|
BuildPreReq: elasticsearch
|
|
|
|
|
PreReq: elasticsearch
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
This is the X-Pack extension for Elasticsearch, providing access
|
|
|
|
|
control and additional functionality.
|
|
|
|
|
|
|
|
|
|
%track
|
|
|
|
|
prog elasticsearch-xpack = {
|
|
|
|
|
version = %{V_elasticsearch_xpack}
|
|
|
|
|
url = https://www.elastic.co/guide/en/elasticsearch/reference/%{V_elasticsearch}/installing-xpack-es.html
|
|
|
|
|
regex = x-pack-(__VER__)\.zip
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%setup -q -T -c
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
# create installation hierarchy
|
|
|
|
|
%{l_shtool} mkdir -f -p -m 755 \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/bin \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/etc/elasticsearch/x-pack \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/libexec/elasticsearch/plugins
|
|
|
|
|
|
|
|
|
|
# setup copy of ElasticSearch environment
|
|
|
|
|
ln -s %{l_prefix}/lib/elasticsearch/* \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin
|
|
|
|
|
mkdir $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin
|
|
|
|
|
cp -p %{l_prefix}/lib/elasticsearch/bin/elasticsearch* \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/config
|
|
|
|
|
mkdir $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/config
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/plugins
|
|
|
|
|
ln -s $RPM_BUILD_ROOT%{l_prefix}/libexec/elasticsearch/plugins \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/
|
|
|
|
|
|
|
|
|
|
# provide run-time environment
|
|
|
|
|
eval `JAVA_PLATFORM="sun-jdk" %{l_prefix}/bin/java-toolkit -e`
|
|
|
|
|
export ES_HOME="$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch"
|
|
|
|
|
export ES_PATH_CONF="$RPM_BUILD_ROOT%{l_prefix}/etc/elasticsearch"
|
|
|
|
|
export ES_TMPDIR="$RPM_BUILD_ROOT%{l_prefix}/var/elasticsearch/tmp"
|
|
|
|
|
%{l_shtool} mkdir -f -p -m 755 $ES_TMPDIR
|
|
|
|
|
|
|
|
|
|
# install SQL plugin
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/elasticsearch-plugin \
|
|
|
|
|
install --verbose --batch \
|
|
|
|
|
file:%{SOURCE0}
|
|
|
|
|
|
|
|
|
|
# post-adjust installation
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/x-pack/*.bat
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/x-pack/*.exe
|
|
|
|
|
%{l_shtool} subst \
|
|
|
|
|
-e 's;/bin/bash;%{l_bash};g' \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/x-pack/*
|
|
|
|
|
|
|
|
|
|
# install wrapper command
|
|
|
|
|
( echo "#!/bin/sh"
|
|
|
|
|
echo "cmd=\"\$1\""
|
|
|
|
|
echo "shift"
|
|
|
|
|
echo "eval \`JAVA_PLATFORM=\"sun-jdk\" %{l_prefix}/bin/java-toolkit -e\`"
|
|
|
|
|
echo "export ES_HOME=\"%{l_prefix}/lib/elasticsearch\""
|
|
|
|
|
echo "export ES_PATH_CONF=\"%{l_prefix}/etc/elasticsearch\""
|
|
|
|
|
echo "export ES_TMPDIR=\"%{l_prefix}/var/elasticsearch/tmp\""
|
|
|
|
|
echo "exec %{l_prefix}/lib/elasticsearch/bin/x-pack/\$cmd \${1+\"\$@\"}"
|
|
|
|
|
) >elasticsearch-xpack
|
|
|
|
|
%{l_shtool} install -c -m 755 \
|
|
|
|
|
elasticsearch-xpack $RPM_BUILD_ROOT%{l_prefix}/bin/
|
|
|
|
|
%{l_shtool} install -c -m 755 %{l_value -s -a} \
|
|
|
|
|
-e 's;@l_bash@;%{l_bash};g' \
|
|
|
|
|
%{SOURCE elasticsearch-tls.sh} \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/x-pack/tls
|
|
|
|
|
|
|
|
|
|
# cleanup environment
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/* >/dev/null 2>&1 || true
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/elasticsearch* >/dev/null 2>&1 || true
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/x-pack/*.bat >/dev/null 2>&1 || true
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/bin/x-pack/.in.bat >/dev/null 2>&1 || true
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{l_prefix}/lib/elasticsearch/config >/dev/null 2>&1 || true
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{l_prefix}/libexec/elasticsearch/plugins/x-pack/platform >/dev/null 2>&1 || true
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{l_prefix}/var/elasticsearch/tmp >/dev/null 2>&1 || true
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{l_prefix}/etc/elasticsearch/*.keystore >/dev/null 2>&1 || true
|
|
|
|
|
rm -f $RPM_BUILD_ROOT%{l_prefix}/etc/elasticsearch/x-pack/* >/dev/null 2>&1 || true
|
|
|
|
|
|
|
|
|
|
# determine installation files
|
|
|
|
|
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
|
|
|
|
|
%{l_files_std} \
|
|
|
|
|
'%not %dir %{l_prefix}/etc/elasticsearch' \
|
|
|
|
|
'%dir %attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/etc/elasticsearch/x-pack'
|
|
|
|
|
|
|
|
|
|
%files -f files
|
|
|
|
|
|
|
|
|
|
%clean
|
|
|
|
|
|
|
|
|
|
%post
|
|
|
|
|
if [ ".$1" = .1 ]; then
|
|
|
|
|
# create SSL/TLS files
|
|
|
|
|
echo "Generating SSL/TLS Certificates/Keys" | %{l_rpmtool} msg -b -t notice
|
|
|
|
|
$RPM_INSTALL_PREFIX/bin/elasticsearch-xpack tls localhost 127.0.0.1
|
|
|
|
|
( echo "ElasticSearch was configured with a standard TLS certificate/key pair."
|
|
|
|
|
echo "for \"localhost\" and \"127.0.0.1\". For production use, you usually let"
|
|
|
|
|
echo "ElasticSearch listen on an external IP address. For this the TLS"
|
|
|
|
|
echo "certificate/key pair has to be regenerated with for instance:"
|
|
|
|
|
echo " \$ $RPM_INSTALL_PREFIX/bin/elasticsearch-xpack tls \\%{l_nil}"
|
|
|
|
|
echo " www.example.com 192.168.0.1"
|
|
|
|
|
) | %{l_rpmtool} msg -b -t notice
|
|
|
|
|
|
|
|
|
|
# add default config to ElasticSearch configuration
|
|
|
|
|
conf="$RPM_INSTALL_PREFIX/etc/elasticsearch/elasticsearch.yml"
|
|
|
|
|
if [ -f $conf ]; then
|
|
|
|
|
( echo "xpack.security.enabled: true"
|
|
|
|
|
echo ""
|
|
|
|
|
echo "xpack.security.http.ssl.enabled: true"
|
|
|
|
|
echo "xpack.security.http.ssl.verification_mode: none"
|
|
|
|
|
echo "xpack.security.http.ssl.certificate_authorities: [ $RPM_INSTALL_PREFIX/etc/elasticsearch/ca.crt ]"
|
|
|
|
|
echo "xpack.security.http.ssl.certificate: $RPM_INSTALL_PREFIX/etc/elasticsearch/server.crt"
|
|
|
|
|
echo "xpack.security.http.ssl.key: $RPM_INSTALL_PREFIX/etc/elasticsearch/server.key"
|
|
|
|
|
echo ""
|
|
|
|
|
echo "xpack.security.transport.ssl.enabled: true"
|
|
|
|
|
echo "xpack.security.transport.ssl.verification_mode: none"
|
|
|
|
|
echo "xpack.security.transport.ssl.certificate_authorities: [ $RPM_INSTALL_PREFIX/etc/elasticsearch/ca.crt ]"
|
|
|
|
|
echo "xpack.security.transport.ssl.certificate: $RPM_INSTALL_PREFIX/etc/elasticsearch/server.crt"
|
|
|
|
|
echo "xpack.security.transport.ssl.key: $RPM_INSTALL_PREFIX/etc/elasticsearch/server.key"
|
|
|
|
|
echo ""
|
|
|
|
|
echo "xpack.security.authc.realms:"
|
|
|
|
|
echo " file:"
|
|
|
|
|
echo " type: file"
|
|
|
|
|
echo " order: 0"
|
|
|
|
|
echo " native:"
|
|
|
|
|
echo " type: native"
|
|
|
|
|
echo " order: 1"
|
|
|
|
|
echo ""
|
|
|
|
|
echo "xpack.watcher.enabled: false"
|
|
|
|
|
echo "xpack.graph.enabled: false"
|
|
|
|
|
echo "xpack.ml.enabled: false"
|
|
|
|
|
echo ""
|
|
|
|
|
) | $RPM_INSTALL_PREFIX/lib/openpkg/rpmtool config \
|
|
|
|
|
-a -i "$RPM_INSTALL_PREFIX:elasticsearch-xpack" -p "#" $conf
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# display final hints on initial installation
|
|
|
|
|
( echo "You have to initially set ElasticSearch X-Pack authentication for the"
|
|
|
|
|
echo "three standard users \"elastic\", \"kibana\" and \"logstash_system\":"
|
|
|
|
|
echo " \$ $RPM_INSTALL_PREFIX/bin/elasticsearch-xpack setup-passwords interactive"
|
|
|
|
|
echo "You later can change the password of (those or other) native-real users with:"
|
|
|
|
|
echo " \$ curl -XPUT -u <username>:<password> \\%{l_nil}"
|
|
|
|
|
echo " http://localhost:9200/_xpack/security/user/<username>/_password \\%{l_nil}"
|
|
|
|
|
echo " -H 'Content-type: application/json' \\%{l_nil}"
|
|
|
|
|
echo " -d '{ \"password\": \"<new-password>\" }'"
|
|
|
|
|
echo "You can setup custom file-realm users with:"
|
|
|
|
|
echo " \$ $RPM_INSTALL_PREFIX/bin/elasticsearch-xpack users useradd [-p <password>] <username>"
|
|
|
|
|
echo "You can setup custom native-realm users with:"
|
|
|
|
|
echo " \$ curl -XPUT -u elastic:<password> \\%{l_nil}"
|
|
|
|
|
echo " http://localhost:9200/_xpack/security/user/<username> \\%{l_nil}"
|
|
|
|
|
echo " -H 'Content-type: application/json' \\%{l_nil}"
|
|
|
|
|
echo " -d '{ \"password\": \"<password>\", \"roles\": [] }'"
|
|
|
|
|
) | %{l_rpmtool} msg -b -t notice
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
%postun
|
|
|
|
|
if [ ".$1" = .0 ]; then
|
|
|
|
|
# before erase, remove runtime files
|
|
|
|
|
rm -f $RPM_INSTALL_PREFIX/etc/elasticsearch/x-pack/* >/dev/null 2>&1 || true
|
|
|
|
|
rm -f $RPM_INSTALL_PREFIX/etc/elasticsearch/ca.* >/dev/null 2>&1 || true
|
|
|
|
|
rm -f $RPM_INSTALL_PREFIX/etc/elasticsearch/server.* >/dev/null 2>&1 || true
|
|
|
|
|
|
|
|
|
|
# remove default config from ElasticSearch configuration
|
|
|
|
|
conf="$RPM_INSTALL_PREFIX/etc/elasticsearch/elasticsearch.yml"
|
|
|
|
|
if [ -f $conf ]; then
|
|
|
|
|
$RPM_INSTALL_PREFIX/lib/openpkg/rpmtool config \
|
|
|
|
|
-r -i "$RPM_INSTALL_PREFIX:elasticsearch-xpack" -p "#" $conf
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
exit 0
|
|
|
|
|
|
