Define permisos de configs y secrets sin variable (85cf4085) · Commits · REDMIC Project / Elastic / Elasticsearch

deploy/.env

+0 −1

Original line number	Diff line number	Diff line
		@@ -27,7 +27,6 @@ ELASTIC_NET_DRIVER=overlay
		METRIC_NET_NAME=metric-net
		METRIC_NET_DRIVER=overlay

		SG_FILE_MODE=0600
		SG_FILE_UID=1000
		SG_FILE_GID=1000

deploy/docker-compose.es6-1.tmpl.yml

+12 −12

Original line number	Diff line number	Diff line
		@@ -48,63 +48,63 @@ services:
		secrets:
		- source: ca-pem
		target: ${ES_CERT_PATH}/root-ca.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: ca-key
		target: ${ES_CERT_PATH}/root-ca.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-pem
		target: ${ES_CERT_PATH}/node.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-key
		target: ${ES_CERT_PATH}/node.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-csr
		target: ${ES_CERT_PATH}/node.csr
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: admin-pem
		target: ${ES_CERT_PATH}/admin.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: admin-key
		target: ${ES_CERT_PATH}/admin.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: admin-csr
		target: ${ES_CERT_PATH}/admin.csr
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		configs:
		- source: sg-users
		target: ${SG_CONFIG_PATH}/sg_internal_users.yml
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: sg-config
		target: ${SG_CONFIG_PATH}/sg_config.yml
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: sg-roles
		target: ${SG_CONFIG_PATH}/sg_roles.yml
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: sg-roles-mapping
		target: ${SG_CONFIG_PATH}/sg_roles_mapping.yml
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		logging:

deploy/docker-compose.es6-2.tmpl.yml

+5 −5

Original line number	Diff line number	Diff line
		@@ -41,27 +41,27 @@ services:
		secrets:
		- source: ca-pem
		target: ${ES_CERT_PATH}/root-ca.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: ca-key
		target: ${ES_CERT_PATH}/root-ca.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-pem
		target: ${ES_CERT_PATH}/node.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-key
		target: ${ES_CERT_PATH}/node.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-csr
		target: ${ES_CERT_PATH}/node.csr
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		logging:

deploy/docker-compose.es6-3.tmpl.yml

+5 −5

Original line number	Diff line number	Diff line
		@@ -41,27 +41,27 @@ services:
		secrets:
		- source: ca-pem
		target: ${ES_CERT_PATH}/root-ca.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: ca-key
		target: ${ES_CERT_PATH}/root-ca.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-pem
		target: ${ES_CERT_PATH}/node.pem
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-key
		target: ${ES_CERT_PATH}/node.key
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		- source: node-csr
		target: ${ES_CERT_PATH}/node.csr
		mode: ${SG_FILE_MODE}
		mode: 0600
		uid: '${SG_FILE_UID}'
		gid: '${SG_FILE_GID}'
		logging: