improve elk integration: auth and reverse proxy

logs/certs/nginx.crt

@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIUYSf2jk1lEOSlNsPhzSzppGfNM0wwDQYJKoZIhvcNAQEL
+BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw
+MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y
+aXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MB4XDTIxMTIyNTE2MTgwMFoXDTM2MTIyMTE2MTgwMFowYjEZMBcGA1UEChMQQ2xv
+dWRGbGFyZSwgSW5jLjEdMBsGA1UECxMUQ2xvdWRGbGFyZSBPcmlnaW4gQ0ExJjAk
+BgNVBAMTHUNsb3VkRmxhcmUgT3JpZ2luIENlcnRpZmljYXRlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug0Jji4Bsv+UP28yutNUcso51CjYGjY/kcxM
+iDFQ71ik8RIj7L20+qwj5nGh4Dvd3KncmSOYOLlYLHDLBO8lgjsDOFKSYEciJOsf
+nfn202I5VUzV9kzIxStqjovpt9j74uUWE56txEgkyItE2wF31w1EDHxZ2kZUx41Z
+OMmq34gWBZGc7ufn2HLBUZ/xASDDXvmTYJvKvVy9bJPs2gJCjG+P7rDZi5P1ARBc
+O7YwxMby4BAxtNqif/RK2hM2BSw0B8c2NVopK2VVk9xV5zzQ2VBiWhfxxmNMxaAm
+rt4hoUvHfulmAt81YrFdVqp2m7m7/OSV1kueNAzDg2UHTvEx7wIDAQABo4IBNjCC
+ATIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT+V4E7liylxAjwda80pcnZiElpqzAf
+BgNVHSMEGDAWgBQk6FNXXXw0QIep65TbuuEWePwppDBABggrBgEFBQcBAQQ0MDIw
+MAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLmNsb3VkZmxhcmUuY29tL29yaWdpbl9j
+YTA3BgNVHREEMDAughYqLmdsb2JhbG1pbmltYWxpc20uY29tghRnbG9iYWxtaW5p
+bWFsaXNtLmNvbTA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLmNsb3VkZmxh
+cmUuY29tL29yaWdpbl9jYS5jcmwwDQYJKoZIhvcNAQELBQADggEBAEXNHWn0jdw7
+0LRrFcFyf9tGcKDiaK1mVurVwcOP4WJLxqGqEhHWJoKy076PqGP48OIXmDNchTxm
+ONu2RS2aSLK0VcDubtXD3Grkn0hQbowrgxAuM/+Px0Rx6LioDRsEA4O8HyJ6V8Fg
+aXkMO8v5QVTF36EYXLQed6KmfkUZQxpzgJ5lkX+JWAFXCPg5k92n6FFC9CEGPF9x
+cUJk2OhJjwJE4XEEMRKDbzkS6AEFCNM8odJ/B8lXetWl88j0bPMT+HkuyWXDYbK2
+kO9cSeIbP1HmsoHqoBHAZbQzbg4zYb/r7CpxEVtoyovcF6B9M9cJvx9mUbqaCUPC
+zc0IJP6iZt8=
+-----END CERTIFICATE-----

logs/certs/nginx.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6DQmOLgGy/5Q/
+bzK601RyyjnUKNgaNj+RzEyIMVDvWKTxEiPsvbT6rCPmcaHgO93cqdyZI5g4uVgs
+cMsE7yWCOwM4UpJgRyIk6x+d+fbTYjlVTNX2TMjFK2qOi+m32Pvi5RYTnq3ESCTI
+i0TbAXfXDUQMfFnaRlTHjVk4yarfiBYFkZzu5+fYcsFRn/EBIMNe+ZNgm8q9XL1s
+k+zaAkKMb4/usNmLk/UBEFw7tjDExvLgEDG02qJ/9EraEzYFLDQHxzY1WikrZVWT
+3FXnPNDZUGJaF/HGY0zFoCau3iGhS8d+6WYC3zVisV1Wqnabubv85JXWS540DMOD
+ZQdO8THvAgMBAAECggEAHJ67zRDbtw7k3bs72QyATaY5Lh9YWvPkZIfCcCLx+dev
+i9wIBbeLGxKW9TCev7FF6FeC9VXJ6VPtsexp9qjZIsb0MFpXZRMcOASpWPJmW08d
+VbdbpKdcLSSIIER6oArzeIxYEI2U2oBklCsEXRJFPqIuSSNp6Q9vpEDkrD0tmXQA
+/lqluNHhu6pwq6HDISjHcYHo0kSX5oClaneWY3dK4uGti2LrwvUVWDLWx7A6APAO
+ZxUYx99/yiLz6/rnQwWKmAB5F5DrWvtS+8Gc/lyo0KIl/NmHmB9vR7PWlshexDJK
+az8Y+QnE6gB/PWQ4rX67EWWC3DdBaRA/71IE2FB+pQKBgQDmC+G0O/AD52uC0eOa
+fS6hX/hdRkEeQpALbFWIy32LgX/O+8n/PJLYcCikxj8f1Fib+urxbJzY+dKxl0Jx
+Ul+YZhxgHO5VMcg5t0kGtWV/hP5714tfpd3LD3c8tiqW8VvnWs/ymI7ip/2zzpvO
+FDlqPGdcGkK48uJx7BiiWUIFvQKBgQDPCn5nPwVirVA3GFZAUuoHoX+ijVlJGgAH
+iNh0QZEIzc0YFVxrN5VMOLxfCiDnFldgHzgsIjIJ7hJPgjNzyQ+uRNdi0ppMnrO4
+4+LcAzCvHHTGUwaMOCLlL3JbHq17+GUGAEg4Ibv6awiLiEyql+UQjVH2QmlsimUQ
+yUKqJbTjGwKBgQDNHRb3nuGYeYTwtbgcjTVAidNnRzbUhkDtDoENYXLlKmgM44/t
+1dKQzSBQGrs55BnFqepFrLQE+msUEWwaonm95n2ybNlMeQCwBW5FXwPKuYg2X69T
+bw7c+UM1jK9YuodZNy1mfwQXr/WTlspw6rNut8Do7DlFsrqZHQux5afqeQKBgF0e
+dyOwsJdlJALjq0dbA29TL7jIojPCweihn9kJ9FVlWq1OTjba1QdnLTIBuDK3Va0h
+3X3cE21r6khgYwvcjnTu+YC1ADkd1+98b3hM5wSbY9ofVX6TcP5rjJ92+MgdPDKq
+xdCZO5axtTIsp27Cyn/bT9XWoNv0kugt3RHxy52pAoGBAINivO7zWigepVtwuU4K
+1U3FN9M95cSl7aHmi0Zl0JAf+O14mSYuVYyARLn+bwXFU/2INyTNFkIvxRlnL+RR
+e6vqUu/jrCCwm5YMNg9jM9tcybQO+DN4du7U2gTUEyYd5xAliMa4nAHZvGWOemF8
+iWQ6UaNjzCF3E6cr3UDp9t6a
+-----END PRIVATE KEY-----

logs/default.conf

@@ -0,0 +1,36 @@
+upstream kibana {
+    server 54.153.39.163:5601;
+}
+
+server {
+    listen 80;
+    server_name localhost;
+    
+    location / {
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        proxy_redirect off;
+        proxy_pass http://kibana;
+    }
+}
+
+server {
+    listen 443 ssl;
+    server_name localhost;
+
+    ssl_certificate /etc/nginx/certs/nginx.crt;
+    ssl_certificate_key /etc/nginx/certs/nginx.key;
+
+    location / {
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        proxy_redirect off;
+        proxy_pass http://kibana;
+    }
+}

logs/docker-compose.yaml

@@ -12,6 +12,8 @@ services:
             - 9300:9300
         environment:
             discovery.type: single-node
+            ELASTIC_PASSWORD: 23weqdsacfsregh
+            xpack.security.enabled: 'true'
 
     # kibana
     kibana:
@@ -21,6 +23,9 @@ services:
             - ./elastic/kibana.yaml:/usr/share/kibana/config/kibana.yml
         ports:
             - 5601:5601
+        environment:
+            - ELASTICSEARCH_USERNAME=elastic
+            - ELASTICSEARCH_PASSWORD=23weqdsacfsregh
 
     # logstash
     logstash:
@@ -36,6 +41,20 @@ services:
         depends_on:
             - elasticsearch
 
+    # nginx for proxy
+    nginx:
+        restart: always
+        image: nginx:latest
+        container_name: kibana_nginx
+        volumes:
+            - ./default.conf:/etc/nginx/conf.d/default.conf
+            - ./certs:/etc/nginx/certs
+        ports:
+            - 80:80
+            - 443:443
+        depends_on:
+            - kibana
+
 volumes:
     elasticsearch_data:
         driver: local

logs/elastic/logging.conf

@@ -27,6 +27,8 @@ filter {
 output {
     elasticsearch {
         hosts => ["elasticsearch:9200"]
+        user => "elastic"
+        password => "23weqdsacfsregh"
     }
     stdout {
         codec => rubydebug