Skip to content

Commit c90a0ca

Browse files
authored
Remove unused GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2 from datanode entrypoint (#278)
* Remove unused GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2 from datanode entrypoint * Remove GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2 from datanode readme
1 parent bbd7c33 commit c90a0ca

File tree

2 files changed

+2
-12
lines changed

2 files changed

+2
-12
lines changed

docker/datanode/README.md

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -35,16 +35,9 @@ Please refer to the [Graylog Docker documentation](https://docs.graylog.org/docs
3535

3636
If you want to quickly spin up an instance for testing, you can use our [Docker Compose template](https://github.com/Graylog2/docker-compose).
3737

38-
Notably, this image **requires** that two important configuration options be set (although in practice you will likely need to set more):
39-
1. `password_secret` (environment variable `GRAYLOG_DATANODE_PASSWORD_SECRET`)
38+
Notably, this image **requires** one important configuration option to be set (although in practice you will likely need to set more):
39+
* `password_secret` (environment variable `GRAYLOG_DATANODE_PASSWORD_SECRET`)
4040
* A shared common secret with Graylog. Please refer to the Graylog docs on how to create it (and then, copy it over)
41-
2. `root_password_sha2` (environment variable `GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2`)
42-
* A SHA2 hash of a password you will use for your initial login as Graylog's root user.
43-
* The default username is `admin`. This value is customizable via configuration option `root_username` (environment variable `GRAYLOG_ROOT_USERNAME`).
44-
* In general, these credentials will only be needed to initially set up the system or reconfigure the system in the event of an authentication backend failure.
45-
* This password cannot be changed using the API or via the Web interface.
46-
* May be generated with something like: `echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1`
47-
4841

4942
Every [Graylog DataNode configuration option](https://docs.graylog.org/docs/server-conf) can be set via environment variable. To get the environment variable name for a given configuration option, simply prefix the option name with `GRAYLOG_DATANODE_` and put it all in upper case. Another option is to store the configuration file outside of the container and edit it directly.
5043

@@ -60,7 +53,6 @@ services:
6053
- "mongodb"
6154
environment:
6255
GRAYLOG_DATANODE_PASSWORD_SECRET: "<password-secret>"
63-
GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2: "<root-pw-sha2>"
6456
GRAYLOG_DATANODE_ROOT_USERNAME: "<admin user name>"
6557
GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog"
6658
ulimits:
@@ -97,7 +89,6 @@ Enable `hostname: "datanode"` in `docker-compose.yml` and `datanode` as an alias
9789
| Variable | Default | Required | Description |
9890
| :--- | :--- | :--- |:----------------------------------------------------------|
9991
| `GRAYLOG_DATANODE_PASSWORD_SECRET` | none | yes | Password secret to seed secret storage. Must be the same value as the `password_secret` in the Graylog server configuration. |
100-
| `GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2` | none | yes | Password hash for the root user. |
10192
| `GRAYLOG_DATANODE_ROOT_USERNAME` | `admin` | yes | Name of the root user. |
10293
| `GRAYLOG_DATANODE_MONGODB_URI` | none | yes | URI to the MongoDB instance and database. |
10394
| `GRAYLOG_DATANODE_DATA_DIR` | `/var/lib/graylog-datanode` | no | The data root directory. (e.g., OpenSearch data) |

docker/datanode/entrypoint.sh

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,6 @@ check_env "GDN_JVM_OPTIONS_FILE"
4343
check_env "GDN_USER"
4444
check_env "GDN_GROUP"
4545
check_env "GRAYLOG_DATANODE_PASSWORD_SECRET"
46-
check_env "GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2"
4746
check_env "GRAYLOG_DATANODE_MONGODB_URI"
4847

4948
# Default Graylog settings

0 commit comments

Comments
 (0)