-
Notifications
You must be signed in to change notification settings - Fork 3
/
create-certs.yml
27 lines (25 loc) · 1.3 KB
/
create-certs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
version: '3.2'
services:
create_certs:
container_name: create_certs
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.15
command: >
bash -c '
if [[ ! -f /certs/ca.zip ]]; then
# Generating CA certificate
bin/elasticsearch-certutil ca --silent --pem -out /certs/ca.zip;
unzip /certs/ca.zip -d /certs;
fi;
if [[ ! -f /certs/pem.zip ]]; then
# Generating PEM certificates (ElasticSearch nodes and Kibana)
bin/elasticsearch-certutil cert --silent --pem --ca-cert "/certs/ca/ca.crt" --ca-key "/certs/ca/ca.key" --in config/certificates/pem.yml -out /certs/pem.zip;
unzip /certs/pem.zip -d /certs;
fi;
if [[ ! -f /certs/pkcs_12.zip ]]; then
# Generating PKCS#12 certificates (Enterprise Search)
bin/elasticsearch-certutil cert --silent --pass "changeme" --ca-cert "/certs/ca/ca.crt" --ca-key "/certs/ca/ca.key" --in config/certificates/pkcs_12.yml -out /certs/pkcs_12.zip;
unzip /certs/pkcs_12.zip -d /certs;
fi;
'
working_dir: /usr/share/elasticsearch
volumes: ['./certs:/certs', './instances:/usr/share/elasticsearch/config/certificates']