Date: Tue, 21 Nov 2017 15:13:32 +0000 (UTC) From: Torsten Zuehlsdorff <tz@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r454614 - in head/textproc: . elasticsearch5-search-guard elasticsearch5-search-guard/files Message-ID: <201711211513.vALFDW56024142@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tz Date: Tue Nov 21 15:13:31 2017 New Revision: 454614 URL: https://svnweb.freebsd.org/changeset/ports/454614 Log: New port: textproc/elasticsearch5-search-guard Search Guard() is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable authentication and authorization modules in addition. Search Guard is fully compatible with Kibana, Logstash and Beats. As an alternative to other security solutions for Elasticsearch, Search Guard offers the following main features: TLS on transport- and REST-layer Fine-grained role- and index-based access control HTTP Basic Authentication LDAP / Active Directory Kerberos / SPNEGO JSON web token Document- and Field-level security Audit logging Kibana multi-tenancy REST management API Proxy support User impersonation WWW: https://github.com/floragunncom/search-guard PR: 219739 Submitted by: Miroslav Lachman <000.fbsd@quip.cz> Added: head/textproc/elasticsearch5-search-guard/ head/textproc/elasticsearch5-search-guard/Makefile (contents, props changed) head/textproc/elasticsearch5-search-guard/distinfo (contents, props changed) head/textproc/elasticsearch5-search-guard/files/ head/textproc/elasticsearch5-search-guard/files/patch-elasticsearch-tools-install_demo_configuration.sh (contents, props changed) head/textproc/elasticsearch5-search-guard/pkg-descr (contents, props changed) head/textproc/elasticsearch5-search-guard/pkg-message (contents, props changed) head/textproc/elasticsearch5-search-guard/pkg-plist (contents, props changed) Modified: head/textproc/Makefile Modified: head/textproc/Makefile ============================================================================== --- head/textproc/Makefile Tue Nov 21 14:45:45 2017 (r454613) +++ head/textproc/Makefile Tue Nov 21 15:13:31 2017 (r454614) @@ -162,6 +162,7 @@ SUBDIR += elasticsearch2-plugin-migration SUBDIR += elasticsearch2-plugin-sql SUBDIR += elasticsearch5 + SUBDIR += elasticsearch5-search-guard SUBDIR += elasticsearch5-x-pack SUBDIR += elixir-earmark SUBDIR += elixir-ex_doc Added: head/textproc/elasticsearch5-search-guard/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/elasticsearch5-search-guard/Makefile Tue Nov 21 15:13:31 2017 (r454614) @@ -0,0 +1,42 @@ +# Created by: Miroslav Lachman <000.fbsd@quip.cz> +# $FreeBSD$ + +PORTNAME= search-guard +DISTVERSION= 5.3.0-12 +CATEGORIES= textproc java +MASTER_SITES= https://oss.sonatype.org/content/repositories/releases/com/floragunn/search-guard-5/${DISTVERSION}/ +PKGNAMEPREFIX= elasticsearch5- +DISTNAME= search-guard-5-${DISTVERSION} + +MAINTAINER= 000.fbsd@quip.cz +COMMENT= Elasticsearch Search Guard plugin + +LICENSE= APACHE20 + +RUN_DEPENDS:= elasticsearch5>=5.3.0:textproc/elasticsearch5 + +NO_BUILD= yes + +USES+= zip shebangfix + +SCRIPTS= hash.sh install_demo_configuration.sh sgadmin.sh +SHEBANG_FILES= ./elasticsearch/tools/*.sh + +do-extract: + @${MKDIR} ${WRKSRC} + ( cd ${WRKDIR} && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} -d ${DISTNAME} \ + ${_DISTDIR}${DISTFILES} ) + +pre-configure: + ${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${SCRIPTS:S|^|${WRKSRC}/elasticsearch/tools/|} + +post-configure: + @${RM} ${WRKSRC}/elasticsearch/tools/*.bat + @${RM} ${WRKSRC}/elasticsearch/tools/install_demo_configuration.sh.orig + +do-install: + @cd ${WRKSRC}/elasticsearch && ${COPYTREE_SHARE} . ${STAGEDIR}${PREFIX}/lib/elasticsearch/plugins/search-guard-5 "! -name *\.bak -o ! -name *\.bat" + @${CHMOD} 544 ${STAGEDIR}${PREFIX}/lib/elasticsearch/plugins/search-guard-5/tools/*.sh + @${CHMOD} 644 ${STAGEDIR}${PREFIX}/lib/elasticsearch/plugins/search-guard-5/sgconfig/* + +.include <bsd.port.mk> Added: head/textproc/elasticsearch5-search-guard/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/elasticsearch5-search-guard/distinfo Tue Nov 21 15:13:31 2017 (r454614) @@ -0,0 +1,3 @@ +TIMESTAMP = 1496327095 +SHA256 (search-guard-5-5.3.0-12.zip) = 6c346b6910f3f9fd5017984889f37fbb95fe86c0a64729dd8198b14ed6e699ad +SIZE (search-guard-5-5.3.0-12.zip) = 4751764 Added: head/textproc/elasticsearch5-search-guard/files/patch-elasticsearch-tools-install_demo_configuration.sh ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/elasticsearch5-search-guard/files/patch-elasticsearch-tools-install_demo_configuration.sh Tue Nov 21 15:13:31 2017 (r454614) @@ -0,0 +1,54 @@ +--- elasticsearch/tools/install_demo_configuration.sh.orig 2017-09-15 11:37:44 UTC ++++ elasticsearch/tools/install_demo_configuration.sh +@@ -17,25 +17,14 @@ fi + + set -e + BASE_DIR="$DIR/../../../" +-ES_CONF_FILE="$BASE_DIR/config/elasticsearch.yml" ++ES_CONF_FILE="%%PREFIX%%/etc/elasticsearch/elasticsearch.yml" + ES_BIN_DIR="$BASE_DIR/bin" + ES_PLUGINS_DIR="$BASE_DIR/plugins" + ES_LIB_PATH="$BASE_DIR/lib" + SUDO_CMD="" +-BASE_64_DECODE_CMD="base64 -d" ++BASE_64_DECODE_CMD="b64decode -m -p -r" + ES_INSTALL_TYPE=".tar.gz" + +-#Check if its a rpm/deb install +-if [ -f /usr/share/elasticsearch/bin/elasticsearch ]; then +- ES_CONF_FILE="/etc/elasticsearch/elasticsearch.yml" +- ES_BIN_DIR="/usr/share/elasticsearch/bin" +- ES_PLUGINS_DIR="/usr/share/elasticsearch/plugins" +- ES_LIB_PATH="/usr/share/elasticsearch/lib" +- SUDO_CMD="sudo" +- ES_INSTALL_TYPE="rpm/deb" +- echo "This script maybe require your root password for 'sudo' privileges" +-fi +- + if $SUDO_CMD test -f "$ES_CONF_FILE"; then + : + else +@@ -58,12 +47,8 @@ if [ ! -d $ES_LIB_PATH ]; then + exit -1 + fi + +-if [ "$ES_INSTALL_TYPE" != "rpm/deb" ];then +- ES_CONF_DIR=$(dirname "${ES_CONF_FILE}") +- ES_CONF_DIR=`cd "$ES_CONF_DIR" ; pwd` +-else +- ES_CONF_DIR="/etc/elasticsearch" +-fi ++ES_CONF_DIR=$(dirname "${ES_CONF_FILE}") ++ES_CONF_DIR=`cd "$ES_CONF_DIR" ; pwd` + + ES_CONF_FILE="$ES_CONF_DIR/elasticsearch.yml" + +@@ -123,7 +108,7 @@ ES_PLUGINS_DIR=`cd "$ES_PLUGINS_DIR" ; p + echo "### Success" + echo "### Execute this script now on all your nodes and then start all nodes" + echo "### After the whole cluster is up execute: " +-echo "#!/bin/bash" | $SUDO_CMD tee sgadmin_demo.sh > /dev/null ++echo "#!/usr/local/bin/bash" | $SUDO_CMD tee sgadmin_demo.sh > /dev/null + echo $SUDO_CMD "$ES_PLUGINS_DIR/search-guard-5/tools/sgadmin.sh" -cd "$ES_PLUGINS_DIR/search-guard-5/sgconfig" -cn searchguard_demo -ks "$ES_CONF_DIR/kirk.jks" -ts "$ES_CONF_DIR/truststore.jks" -nhnv | $SUDO_CMD tee -a sgadmin_demo.sh > /dev/null + $SUDO_CMD chmod +x sgadmin_demo.sh + $SUDO_CMD cat sgadmin_demo.sh | tail -1 Added: head/textproc/elasticsearch5-search-guard/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/elasticsearch5-search-guard/pkg-descr Tue Nov 21 15:13:31 2017 (r454614) @@ -0,0 +1,22 @@ +Search Guard() is an Elasticsearch plugin that offers encryption, +authentication, and authorization. It builds on Search Guard SSL and provides +pluggable authentication and authorization modules in addition. +Search Guard is fully compatible with Kibana, Logstash and Beats. + +As an alternative to other security solutions for Elasticsearch, +Search Guard offers the following main features: + + TLS on transport- and REST-layer + Fine-grained role- and index-based access control + HTTP Basic Authentication + LDAP / Active Directory + Kerberos / SPNEGO + JSON web token + Document- and Field-level security + Audit logging + Kibana multi-tenancy + REST management API + Proxy support + User impersonation + +WWW: https://github.com/floragunncom/search-guard Added: head/textproc/elasticsearch5-search-guard/pkg-message ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/elasticsearch5-search-guard/pkg-message Tue Nov 21 15:13:31 2017 (r454614) @@ -0,0 +1,21 @@ +------------------------------------------------------------------------------- +cd into %%PREFIX%%/lib/elasticsearch/plugins/search-guard-5/tools/ + +Execute ./install_demo_configuration.sh, chmod the script first if necessary. +This will generate all required TLS certificates and add the Search Guard +configuration to your elasticsearch.yml file. + +Start Elasticsearch (service elasticsearch start) + +Execute ./sgadmin_demo.sh, chmod the script if necessary first. This will +execute sgadmin and populate the Search Guard configuration index +with the files contained in the plugins/search-guard-<version>/sgconfig +directory. + +Test the installation by visiting https://localhost:9200. When prompted, +use admin/admin as username and password. This user has full access +to the cluster. + +Display information about the currently logged in user by visiting + https://localhost:9200/_searchguard/authinfo +------------------------------------------------------------------------------- Added: head/textproc/elasticsearch5-search-guard/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/elasticsearch5-search-guard/pkg-plist Tue Nov 21 15:13:31 2017 (r454614) @@ -0,0 +1,23 @@ +lib/elasticsearch/plugins/search-guard-5/commons-cli-1.3.1.jar +lib/elasticsearch/plugins/search-guard-5/guava-19.0.jar +lib/elasticsearch/plugins/search-guard-5/netty-buffer-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/netty-codec-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/netty-codec-http-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/netty-common-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/netty-handler-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/netty-resolver-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/netty-transport-4.1.7.Final.jar +lib/elasticsearch/plugins/search-guard-5/plugin-descriptor.properties +lib/elasticsearch/plugins/search-guard-5/plugin-security.policy +lib/elasticsearch/plugins/search-guard-5/search-guard-5-5.3.0-12.jar +lib/elasticsearch/plugins/search-guard-5/search-guard-ssl-5.3.0-21.jar +lib/elasticsearch/plugins/search-guard-5/sgconfig/elasticsearch.yml.example +lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_action_groups.yml +lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_config.yml +lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_internal_users.yml +lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_roles.yml +lib/elasticsearch/plugins/search-guard-5/sgconfig/sg_roles_mapping.yml +lib/elasticsearch/plugins/search-guard-5/tools/hash.sh +lib/elasticsearch/plugins/search-guard-5/tools/install_demo_configuration.sh +lib/elasticsearch/plugins/search-guard-5/tools/sgadmin.sh +lib/elasticsearch/plugins/search-guard-5/transport-netty4-client-5.3.0.jar
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201711211513.vALFDW56024142>