mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-20 00:21:35 +00:00
New port: textproc/elasticsearch5-search-guard
Search Guard() is an Elasticsearch plugin that offers encryption,
authentication, and authorization. It builds on Search Guard SSL and provides
pluggable authentication and authorization modules in addition.
Search Guard is fully compatible with Kibana, Logstash and Beats.
As an alternative to other security solutions for Elasticsearch,
Search Guard offers the following main features:
TLS on transport- and REST-layer
Fine-grained role- and index-based access control
HTTP Basic Authentication
LDAP / Active Directory
Kerberos / SPNEGO
JSON web token
Document- and Field-level security
Audit logging
Kibana multi-tenancy
REST management API
Proxy support
User impersonation
WWW: https://github.com/floragunncom/search-guard
PR: 219739
Submitted by: Miroslav Lachman <000.fbsd@quip.cz>
This commit is contained in:
Torsten Zuehlsdorff
parent
22cdd387d4
commit
5ef1ee93f8
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=454614
@ -162,6 +162,7 @@
|
||||
SUBDIR += elasticsearch2-plugin-migration
|
||||
SUBDIR += elasticsearch2-plugin-sql
|
||||
SUBDIR += elasticsearch5
|
||||
SUBDIR += elasticsearch5-search-guard
|
||||
SUBDIR += elasticsearch5-x-pack
|
||||
SUBDIR += elixir-earmark
|
||||
SUBDIR += elixir-ex_doc
|
||||
|
||||
42
textproc/elasticsearch5-search-guard/Makefile
Normal file
42
textproc/elasticsearch5-search-guard/Makefile
Normal file
@ -0,0 +1,42 @@
|
||||
# Created by: Miroslav Lachman <000.fbsd@quip.cz>
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= search-guard
|
||||
DISTVERSION= 5.3.0-12
|
||||
CATEGORIES= textproc java
|
||||
MASTER_SITES= https://oss.sonatype.org/content/repositories/releases/com/floragunn/search-guard-5/${DISTVERSION}/
|
||||
PKGNAMEPREFIX= elasticsearch5-
|
||||
DISTNAME= search-guard-5-${DISTVERSION}
|
||||
|
||||
MAINTAINER= 000.fbsd@quip.cz
|
||||
COMMENT= Elasticsearch Search Guard plugin
|
||||
|
||||
LICENSE= APACHE20
|
||||
|
||||
RUN_DEPENDS:= elasticsearch5>=5.3.0:textproc/elasticsearch5
|
||||
|
||||
NO_BUILD= yes
|
||||
|
||||
USES+= zip shebangfix
|
||||
|
||||
SCRIPTS= hash.sh install_demo_configuration.sh sgadmin.sh
|
||||
SHEBANG_FILES= ./elasticsearch/tools/*.sh
|
||||
|
||||
do-extract:
|
||||
@${MKDIR} ${WRKSRC}
|
||||
( cd ${WRKDIR} && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} -d ${DISTNAME} \
|
||||
${_DISTDIR}${DISTFILES} )
|
||||
|
||||
pre-configure:
|
||||
${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${SCRIPTS:S|^|${WRKSRC}/elasticsearch/tools/|}
|
||||
|
||||
post-configure:
|
||||
@${RM} ${WRKSRC}/elasticsearch/tools/*.bat
|
||||
@${RM} ${WRKSRC}/elasticsearch/tools/install_demo_configuration.sh.orig
|
||||
|
||||
do-install:
|
||||
@cd ${WRKSRC}/elasticsearch && ${COPYTREE_SHARE} . ${STAGEDIR}${PREFIX}/lib/elasticsearch/plugins/search-guard-5 "! -name *\.bak -o ! -name *\.bat"
|
||||
@${CHMOD} 544 ${STAGEDIR}${PREFIX}/lib/elasticsearch/plugins/search-guard-5/tools/*.sh
|
||||
@${CHMOD} 644 ${STAGEDIR}${PREFIX}/lib/elasticsearch/plugins/search-guard-5/sgconfig/*
|
||||
|
||||
.include <bsd.port.mk>
|
||||
3
textproc/elasticsearch5-search-guard/distinfo
Normal file
3
textproc/elasticsearch5-search-guard/distinfo
Normal file
@ -0,0 +1,3 @@
|
||||
TIMESTAMP = 1496327095
|
||||
SHA256 (search-guard-5-5.3.0-12.zip) = 6c346b6910f3f9fd5017984889f37fbb95fe86c0a64729dd8198b14ed6e699ad
|
||||
SIZE (search-guard-5-5.3.0-12.zip) = 4751764
|
||||
@ -0,0 +1,54 @@
|
||||
--- elasticsearch/tools/install_demo_configuration.sh.orig 2017-09-15 11:37:44 UTC
|
||||
+++ elasticsearch/tools/install_demo_configuration.sh
|
||||
@@ -17,25 +17,14 @@ fi
|
||||
|
||||
set -e
|
||||
BASE_DIR="$DIR/../../../"
|
||||
-ES_CONF_FILE="$BASE_DIR/config/elasticsearch.yml"
|
||||
+ES_CONF_FILE="%%PREFIX%%/etc/elasticsearch/elasticsearch.yml"
|
||||
ES_BIN_DIR="$BASE_DIR/bin"
|
||||
ES_PLUGINS_DIR="$BASE_DIR/plugins"
|
||||
ES_LIB_PATH="$BASE_DIR/lib"
|
||||
SUDO_CMD=""
|
||||
-BASE_64_DECODE_CMD="base64 -d"
|
||||
+BASE_64_DECODE_CMD="b64decode -m -p -r"
|
||||
ES_INSTALL_TYPE=".tar.gz"
|
||||
|
||||
-#Check if its a rpm/deb install
|
||||
-if [ -f /usr/share/elasticsearch/bin/elasticsearch ]; then
|
||||
- ES_CONF_FILE="/etc/elasticsearch/elasticsearch.yml"
|
||||
- ES_BIN_DIR="/usr/share/elasticsearch/bin"
|
||||
- ES_PLUGINS_DIR="/usr/share/elasticsearch/plugins"
|
||||
- ES_LIB_PATH="/usr/share/elasticsearch/lib"
|
||||
- SUDO_CMD="sudo"
|
||||
- ES_INSTALL_TYPE="rpm/deb"
|
||||
- echo "This script maybe require your root password for 'sudo' privileges"
|
||||
-fi
|
||||
-
|
||||
if $SUDO_CMD test -f "$ES_CONF_FILE"; then
|
||||
:
|
||||
else
|
||||
@@ -58,12 +47,8 @@ if [ ! -d $ES_LIB_PATH ]; then
|
||||
exit -1
|
||||
fi
|
||||
|
||||
-if [ "$ES_INSTALL_TYPE" != "rpm/deb" ];then
|
||||
- ES_CONF_DIR=$(dirname "${ES_CONF_FILE}")
|
||||
- ES_CONF_DIR=`cd "$ES_CONF_DIR" ; pwd`
|
||||
-else
|
||||
- ES_CONF_DIR="/etc/elasticsearch"
|
||||
-fi
|
||||
+ES_CONF_DIR=$(dirname "${ES_CONF_FILE}")
|
||||
+ES_CONF_DIR=`cd "$ES_CONF_DIR" ; pwd`
|
||||
|
||||
ES_CONF_FILE="$ES_CONF_DIR/elasticsearch.yml"
|
||||
|
||||
@@ -123,7 +108,7 @@ ES_PLUGINS_DIR=`cd "$ES_PLUGINS_DIR" ; p
|
||||
echo "### Success"
|
||||
echo "### Execute this script now on all your nodes and then start all nodes"
|
||||
echo "### After the whole cluster is up execute: "
|
||||
-echo "#!/bin/bash" | $SUDO_CMD tee sgadmin_demo.sh > /dev/null
|
||||
+echo "#!/usr/local/bin/bash" | $SUDO_CMD tee sgadmin_demo.sh > /dev/null
|
||||
echo $SUDO_CMD "$ES_PLUGINS_DIR/search-guard-5/tools/sgadmin.sh" -cd "$ES_PLUGINS_DIR/search-guard-5/sgconfig" -cn searchguard_demo -ks "$ES_CONF_DIR/kirk.jks" -ts "$ES_CONF_DIR/truststore.jks" -nhnv | $SUDO_CMD tee -a sgadmin_demo.sh > /dev/null
|
||||
$SUDO_CMD chmod +x sgadmin_demo.sh
|
||||
$SUDO_CMD cat sgadmin_demo.sh | tail -1
|
||||
22
textproc/elasticsearch5-search-guard/pkg-descr
Normal file
22
textproc/elasticsearch5-search-guard/pkg-descr
Normal file
@ -0,0 +1,22 @@
|
||||
Search Guard() is an Elasticsearch plugin that offers encryption,
|
||||
authentication, and authorization. It builds on Search Guard SSL and provides
|
||||
pluggable authentication and authorization modules in addition.
|
||||
Search Guard is fully compatible with Kibana, Logstash and Beats.
|
||||
|
||||
As an alternative to other security solutions for Elasticsearch,
|
||||
Search Guard offers the following main features:
|
||||
|
||||
TLS on transport- and REST-layer
|
||||
Fine-grained role- and index-based access control
|
||||
HTTP Basic Authentication
|
||||
LDAP / Active Directory
|
||||
Kerberos / SPNEGO
|
||||
JSON web token
|
||||
Document- and Field-level security
|
||||
Audit logging
|
||||
Kibana multi-tenancy
|
||||
REST management API
|
||||
Proxy support
|
||||
User impersonation
|
||||
|
||||
WWW: https://github.com/floragunncom/search-guard
|
||||
21
textproc/elasticsearch5-search-guard/pkg-message
Normal file
21
textproc/elasticsearch5-search-guard/pkg-message
Normal file
@ -0,0 +1,21 @@
|
||||
-------------------------------------------------------------------------------
|
||||
cd into %%PREFIX%%/lib/elasticsearch/plugins/search-guard-5/tools/
|
||||
|
||||
Execute ./install_demo_configuration.sh, chmod the script first if necessary.
|
||||
This will generate all required TLS certificates and add the Search Guard
|
||||
configuration to your elasticsearch.yml file.
|
||||
|
||||
Start Elasticsearch (service elasticsearch start)
|
||||
|
||||
Execute ./sgadmin_demo.sh, chmod the script if necessary first. This will
|
||||
execute sgadmin and populate the Search Guard configuration index
|
||||
with the files contained in the plugins/search-guard-<version>/sgconfig
|
||||
directory.
|
||||
|
||||
Test the installation by visiting https://localhost:9200. When prompted,
|
||||
use admin/admin as username and password. This user has full access
|
||||
to the cluster.
|
||||
|
||||
Display information about the currently logged in user by visiting
|
||||
https://localhost:9200/_searchguard/authinfo
|
||||
-------------------------------------------------------------------------------
|
||||
23
textproc/elasticsearch5-search-guard/pkg-plist
Normal file
23
textproc/elasticsearch5-search-guard/pkg-plist
Normal file
@ -0,0 +1,23 @@
|
||||
lib/elasticsearch/plugins/search-guard-5/commons-cli-1.3.1.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/guava-19.0.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-buffer-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-codec-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-codec-http-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-common-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-handler-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-resolver-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/netty-transport-4.1.7.Final.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/plugin-descriptor.properties
|
||||
lib/elasticsearch/plugins/search-guard-5/plugin-security.policy
|
||||
lib/elasticsearch/plugins/search-guard-5/search-guard-5-5.3.0-12.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/search-guard-ssl-5.3.0-21.jar
|
||||
lib/elasticsearch/plugins/search-guard-5/sgconfig/elasticsearch.yml.example
|
||||
lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_action_groups.yml
|
||||
lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_config.yml
|
||||
lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_internal_users.yml
|
||||
lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_roles.yml
|
||||
lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_roles_mapping.yml
|
||||
lib/elasticsearch/plugins/search-guard-5/tools/hash.sh
|
||||
lib/elasticsearch/plugins/search-guard-5/tools/install_demo_configuration.sh
|
||||
lib/elasticsearch/plugins/search-guard-5/tools/sgadmin.sh
|
||||
lib/elasticsearch/plugins/search-guard-5/transport-netty4-client-5.3.0.jar
|
||||
Loading…
Reference in New Issue
Block a user