-
-
Notifications
You must be signed in to change notification settings - Fork 3
/
entrypoint.sh
173 lines (142 loc) · 3.41 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
#!/bin/bash
#
# This is script to start Splunk
#
#
# Errors are fatal
#
set -e
SPLUNK_PASSWORD="${SPLUNK_PASSWORD:-password}"
TARGETS="${TARGETS:-google.com 8.8.8.8 1.1.1.1}"
#
# Require the user to accept the license to continue
#
if test "$SPLUNK_START_ARGS" != "--accept-license"
then
echo "! "
echo "! You need to accept the Splunk License in order to continue."
echo "! Please restart this container with SPLUNK_START_ARGS set to \"--accept-license\" "
echo "! as follows: "
echo "! "
echo "! SPLUNK_START_ARGS=--accept-license"
echo "! "
exit 1
fi
#
# Check for bad passwords.
#
if test "$SPLUNK_PASSWORD" == "password"
then
echo "! "
echo "! "
echo "! Cowardly refusing to set the password to 'password'. Please set a different password."
echo "! "
echo "! If you need help picking a secure password, there's an app for that:"
echo "! "
echo "! https://diceware.dmuth.org/"
echo "! "
echo "! "
exit 1
elif test "$SPLUNK_PASSWORD" == "12345"
then
echo "! "
echo "! "
echo "! This is not Planet Spaceball. Please don't use 12345 as a password."
echo "! "
echo "! "
exit 1
fi
PASSWORD_LEN=${#SPLUNK_PASSWORD}
if test $PASSWORD_LEN -lt 8
then
echo "! "
echo "! "
echo "! Admin password needs to be at least 8 characters!"
echo "! "
echo "! Password specified: ${SPLUNK_PASSWORD}"
echo "! "
echo "! "
exit 1
fi
#
# Set our default password
#
pushd /opt/splunk/etc/system/local/ >/dev/null
cat user-seed.conf.in | sed -e "s/%password%/${SPLUNK_PASSWORD}/" > user-seed.conf
#
# If we have an SSL cert and key, let's add those into the web.conf file
#
SSL_CERT=""
SSL_KEY=""
if test -r "/ssl.cert"
then
SSL_KEY="privKeyPath = /ssl.key"
SSL_CERT="serverCert = /ssl.cert"
fi
cat web.conf.in \
| sed -e "s|%ssl_key%|${SSL_KEY}|" \
| sed -e "s|%ssl_cert%|${SSL_CERT}|" \
> web.conf
popd > /dev/null
#
# Create inputs.conf with our targets
#
pushd /opt/splunk/etc/apps/Network-Monitor/default >/dev/null
# Remove a previously existing version of this file
rm -f inputs.conf
for TARGET in $(echo ${TARGETS} | tr "," " ")
do
echo "# Adding target '${TARGET}' to inputs.conf..."
cat inputs.conf.in | sed -e "s/%target%/${TARGET}/" >> inputs.conf
done
popd > /dev/null
#
# Do we have an /etc/hosts addition?
#
if test -f /etc/hosts.extra
then
echo "We found /etc/hosts.extra, concatenating it into /etc/hosts..."
cat /etc/hosts.extra >> /etc/hosts
fi
#
# If we're running in devel mode, link local to default so that any
# changes we make to the app in Splunk go straight into default and
# I don't have to move them by hand.
#
if test "$SPLUNK_DEVEL"
then
pushd /opt/splunk/etc/apps/Network-Monitor >/dev/null
if test ! -e local
then
echo "# "
echo "# Creating symlink to local/ in devel mode..."
echo "# "
ln -sfv default local
fi
popd > /dev/null
fi
#
# Start Splunk
#
/opt/splunk/bin/splunk start --accept-license
echo "# "
echo "# If your data is not persisted, be sure you ran this container with: "
echo "# "
echo "# -v \$(pwd)/splunk-data:/opt/splunk/var/lib/splunk/defaultdb"
echo "# "
echo "# "
if test ! "$@"
then
echo "# "
echo "# If you were looking to run this container interactively, please restart"
echo "# this container with the 'bash' argument."
echo "# "
echo "# Press ^C when you want to exit this container..."
echo "# "
tail -f /opt/splunk/var/log/splunk/splunkd_stderr.log
else
echo "# "
echo "# Running command '$@' in the container..."
echo "# "
exec $@
fi