-
Notifications
You must be signed in to change notification settings - Fork 119
/
setup.sh
150 lines (119 loc) · 8.08 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
#!/bin/bash
chown root:root logging/filebeat/filebeat.yml
export ELK_TAG="6.3.0"
ERROR_MSG="Please chose one of the two modes: \\n a) Unsecure: sh setup.sh unsecure \\n b) Secure: sh setup.sh secure \$DOMAIN \$VERY_STRONG_PASSWORD"
if [ $# -eq 0 ]; then
echo "$ERROR_MSG"
elif [ $# -eq 1 ]; then
if [ "$1" = "unsecure" ]; then
echo "------------------------------------------------------------"
echo "############################### Installing suite in UNSECURE mode."
echo "############################### This means |NO| SSL/HTTPS, |NO| (basic) authentication but |YES| port forwading from the containers to the host machine. Only use this, when you're running this locally, on a virtual machine or in similarly safe conditions."
echo "############################### This excludes all machines that are directly accesible from the internet."
echo "############################### Hit enter to continue or Ctrl-C to abort..."
read -r _
echo "############################### Commencing!"
echo "------------------------------------------------------------"
echo "......"
echo "------------------------------------------------------------"
echo "############################### Creating separate docker network..."
echo "------------------------------------------------------------"
docker network create --subnet=172.16.0.0/24 monitoring_logging
echo "------------------------------------------------------------"
echo "############################### Pulling images..."
echo "------------------------------------------------------------"
docker-compose -f monitoring/docker-compose.unsecure.yml pull
docker-compose -f logging/docker-compose.unsecure.yml pull
echo "------------------------------------------------------------"
echo "############################### Building images..."
echo "------------------------------------------------------------"
docker-compose -f monitoring/docker-compose.unsecure.yml build
docker-compose -f logging/docker-compose.unsecure.yml build
echo "------------------------------------------------------------"
echo "############################### Starting monitoring and logging container groups..."
echo "------------------------------------------------------------"
docker-compose -f monitoring/docker-compose.unsecure.yml up --force-recreate -d
docker-compose -f logging/docker-compose.unsecure.yml up --force-recreate -d
echo "------------------------------------------------------------"
echo "############################### Output from 'docker ps'..."
echo "------------------------------------------------------------"
docker ps
echo "------------------------------------------------------------"
echo "############################### Finished - you're all set up. Use cleanup.sh to uninstall the suite."
echo "------------------------------------------------------------"
else
echo "$ERROR_MSG"
fi
elif [ $# -eq 3 ]; then
if [ "$1" = "secure" ]; then
export DOMAIN=$2
export PASSWORD=$3
echo "------------------------------------------------------------"
echo "############################### Installing suite in SECURE mode."
echo "############################### This means |YES| SSL/HTTPS, |YES| (basic) authentication but |NO| port forwading from the containers to the host machine. This mode is for running the suite out in the open, but won't work on machines that are not reachable directly via the internet."
echo "############################### Also make sure you already set up DNS entries for grafana.${DOMAIN}, kibana.${DOMAIN}, prometheus.${DOMAIN} and alertmanager.${DOMAIN}."
echo "############################### If you haven't done that, do it first. Hit enter to continue or Ctrl-C to abort..."
read -r _
echo "############################### Commencing!"
echo "------------------------------------------------------------"
echo "......"
echo "------------------------------------------------------------"
echo "############################### Setting passwords for basic auth..."
echo "------------------------------------------------------------"
mkdir -p storage/nginx-proxy/htpasswd
htpasswd -bc storage/nginx-proxy/htpasswd/kibana."$DOMAIN" admin "$PASSWORD"
htpasswd -bc storage/nginx-proxy/htpasswd/prometheus."$DOMAIN" admin "$PASSWORD"
htpasswd -bc storage/nginx-proxy/htpasswd/alertmanager."$DOMAIN" admin "$PASSWORD"
echo "------------------------------------------------------------"
echo "############################### Creating separate docker network..."
echo "------------------------------------------------------------"
docker network create --subnet=172.16.0.0/24 monitoring_logging
echo "------------------------------------------------------------"
echo "############################### Pulling images..."
echo "------------------------------------------------------------"
docker-compose -f monitoring/docker-compose.secure.yml pull
docker-compose -f logging/docker-compose.secure.yml pull
docker-compose -f proxy/docker-compose.yml pull
echo "------------------------------------------------------------"
echo "############################### Building images..."
echo "------------------------------------------------------------"
docker-compose -f monitoring/docker-compose.secure.yml build
docker-compose -f logging/docker-compose.secure.yml build
docker-compose -f proxy/docker-compose.yml build
echo "------------------------------------------------------------"
echo "############################### Starting monitoring and logging container groups..."
echo "------------------------------------------------------------"
docker-compose -f monitoring/docker-compose.secure.yml up --force-recreate -d
docker-compose -f logging/docker-compose.secure.yml up --force-recreate -d
echo "------------------------------------------------------------"
echo "############################### Waiting 10 seconds for the monitoring and logging container groups to settle in before starting proxy containers..."
echo "------------------------------------------------------------"
sleep 10
echo "------------------------------------------------------------"
echo "############################### Starting proxy container group..."
echo "------------------------------------------------------------"
docker-compose -f proxy/docker-compose.yml up --force-recreate -d
echo "------------------------------------------------------------"
echo "############################### Tailing the logs of the nginx-letsencrypt container through the creation of the Diffie-Hellman group and the initial setup of your SSL certificates..."
echo "------------------------------------------------------------"
sleep 2
echo "xxxxxxxxxxxx Start of logs, please be patient. Presumably you can make some noise on a different shell to help create some entropy during the creation of the DH parameters..."
sh -c 'docker logs -f proxy_nginx-letsencrypt_1 | { sed "/Reloading nginx/ q" && kill $$ ;}'
echo "xxxxxxxxxxxx End of logs."
echo "------------------------------------------------------------"
echo "############################### Restarting proxy container group..."
echo "------------------------------------------------------------"
docker-compose -f proxy/docker-compose.yml up --force-recreate -d
echo "------------------------------------------------------------"
echo "############################### Output from 'docker ps'..."
echo "------------------------------------------------------------"
docker ps
echo "------------------------------------------------------------"
echo "############################### Finished - you're all set up. You can now go to grafana.${DOMAIN}, kibana.${DOMAIN}, prometheus.${DOMAIN} and alertmanager.${DOMAIN} to check out your metrics, logs and alerts. Use cleanup.sh to uninstall the suite."
echo "------------------------------------------------------------"
else
echo "$ERROR_MSG"
fi
else
echo "$ERROR_MSG"
fi