diff --git a/.kitchen.yml b/.kitchen.yml
index dc5a2e6..c35632d 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -3,7 +3,7 @@ driver_plugin: vagrant
driver_config:
require_chef_omnibus: true
network:
- - ["forwarded_port", {guest: 80, host: 8080}]
+ - ["forwarded_port", {guest: 8080, host: 8080}]
platforms:
- name: ubuntu-12.04
@@ -30,6 +30,8 @@ suites:
attributes:
kibana:
version: '3'
+ nginx:
+ listen_http: 8080
- name: kibana3_nginx
run_list:
- 'recipe[kibana]'
@@ -46,4 +48,40 @@ suites:
attributes:
kibana:
version: '3'
+ nginx:
+ listen_http: 8080
+ install_method: 'source'
+- name: kibana4
+ run_list:
+ - 'recipe[kibana]'
+ - 'recipe[apache2]'
+ - 'recipe[kibana::apache]'
+ - 'recipe[java]'
+ - 'recipe[elasticsearch]'
+ attributes:
+ apache:
+ listen_ports:
+ - 8080
+ kibana:
+ version: '4'
+ apache:
+ port: 8080
+- name: kibana4_nginx
+ run_list:
+ - 'recipe[kibana]'
+ - 'recipe[nginx]'
+ - 'recipe[kibana::nginx]'
+ - 'recipe[java]'
+ - 'recipe[elasticsearch]'
+ attributes:
+ kibana:
+ version: '4'
+ nginx:
+ listen_http: 8080
+- name: kibana4_source
+ run_list:
+ - 'recipe[kibana]'
+ attributes:
+ kibana:
+ version: '4'
install_method: 'source'
diff --git a/Berksfile b/Berksfile
index 93a7145..9d01ced 100644
--- a/Berksfile
+++ b/Berksfile
@@ -1,9 +1,11 @@
-site :opscode
+source 'https://api.berkshelf.com/'
metadata
group :vagrant do
- cookbook 'apt'
+ cookbook 'apt'
cookbook 'apache2'
cookbook 'nginx'
+ cookbook 'java'
+ cookbook 'elasticsearch'
end
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 19cacec..e51a85c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,7 @@
## v0.1.10:
* Support proxying elasticsearch through apache. Submitted by Dmitry (cyberflow).
* Replace depends with suggest for the apache cookbook as it is not needed when using nginx. Submitted by Bryan Casey.
+* Correct apache configuration to work with apache < 2.4. Submitted by Olivier Dolbeau (odolbeau).
## v0.1.8:
* nginx support. Submitted by Gregoire Seux and Jonathon W. Marshall.
diff --git a/Gemfile b/Gemfile
index 1e2e635..51b21de 100644
--- a/Gemfile
+++ b/Gemfile
@@ -7,7 +7,7 @@ group :test do
gem 'test-kitchen', '~> 1.0.0'
gem 'kitchen-vagrant', '~> 0.11'
gem 'foodcritic', '~> 3.0.3'
- gem 'rubocop', '~> 0.15.0'
+ gem 'rubocop', '~> 0.23.0'
gem 'chefspec', '~> 3.0'
end
diff --git a/README.md b/README.md
index 056d410..6ab12e9 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ Kibana requires ElasticSearch index to be configured to work as per logstash req
* build-essential
* ark
-* apache2 (>= 2.0)
+* apache2 (>= 2.0) (Suggested but not required)
* authbind (Suggested but not required)
* apt (Suggested but not required)
* nginx (Suggested but not required)
@@ -51,11 +51,15 @@ Kibana requires ElasticSearch index to be configured to work as per logstash req
* `node['kibana']['apache']['basic_auth_username']` - Apache http auth username. Defaults to `admin`.
* `node['kibana']['apache']['basic_auth_password']` - Apache http auth password. Defaults to `PLEASEchangeme`.
* `node['kibana']['apache']['port']` - The port on which to bind apache. Defaults to `80`.
+* `node['kibana']['apache']['proxy']` - Boolean switch to enable apache search query proxy. Defaults to `false`.
* `node['kibana']['nginx']['port']` - The port on which to bind nginx. Defaults to `80`.
* `node['kibana']['nginx']['listen_http']` - The port on which to bind nginx. Defaults to `80`.
* `node['kibana']['nginx']['listen_https']` - The HTTPS port on which to bind nginx. Defaults to `443`.
* `node['kibana']['nginx']['client_max_body']` - Defaults to `50M`.
* `node['kibana']['nginx']['ssl']` - Boolean switch to enable SSL configuration. Defaults to `false`.
+* `node['kibana']['nginx']['proxy']` - Boolean switch to enable nginx search query proxy. Defaults to `false`.
+* `node['kibana']['nginx']['auth']` - Boolean switch to enable auth basic. Defaults to `false`.
+* `node['kibana']['auth_file']` - The path to auth basic file. Defaults to `/etc/nginx/htpasswd.users`.
* `node['kibana']['nginx']['ssl_certificate']` - The path to the SSL certificate file. Defaults to `nil`.
* `node['kibana']['nginx']['ssl_certificate_key']` - The path to the SSL certificate key. Defaults to `nil`.
* `node['kibana']['nginx']['ssl_protocols']` - The SSL protocols. Defaults to `TLSv1 TLSv1.1 TLSv1.2`.
@@ -70,6 +74,7 @@ Kibana requires ElasticSearch index to be configured to work as per logstash req
* [kibana::default](#kibanadefault) - Install Kibana.
* kibana::kibana2
* kibana::kibana3
+* kibana::kibana4
* kibana::nginx
## kibana::apache
diff --git a/Rakefile b/Rakefile
index 8ba3a7e..637fb06 100644
--- a/Rakefile
+++ b/Rakefile
@@ -9,7 +9,7 @@ require 'rake/testtask'
require 'rainbow/ext/string'
require 'rubocop/rake_task'
desc 'Run RuboCop on the lib directory'
-Rubocop::RakeTask.new(:rubocop) do |task|
+RuboCop::RakeTask.new(:rubocop) do |task|
task.fail_on_error = true
end
@@ -18,4 +18,4 @@ task :foodcritic do
sh 'foodcritic -f any -t ~FC007 .'
end
-task default: [:rubocop, :foodcritic]
+task default: [:rubocop, :foodcritic]
diff --git a/attributes/default.rb b/attributes/default.rb
index 1369fa9..a96dbfd 100644
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -1,9 +1,11 @@
# Encoding: utf-8
-#<> Kibana version
+#<> Kibana major version
default['kibana']['version'] = '2'
#<> Kibana3 exact version
default['kibana']['kibana3_version'] = '3.0.0'
+#<> Kibana4 exact version
+default['kibana']['kibana4_version'] = '4.2.0'
#<> The base directory of kibana.
default['kibana']['base_dir'] = '/opt/kibana'
#<> The user under which Kibana is installed.
@@ -12,10 +14,15 @@
default['kibana']['group'] = 'kibana'
#<> Install method. Can be source or release
default['kibana']['install_method'] = 'release'
+
+url_version = node['kibana']["kibana#{node['kibana']['version']}_version"] || node['kibana']['version']
#<> Url of tarball
-default['kibana']['url'] = "https://download.elasticsearch.org/kibana/kibana/kibana-#{node['kibana']['kibana3_version']}.tar.gz"
+default['kibana']['url'] = Kibana::Url.new(node, url_version).get
#<> Checksum of the tarball
default['kibana']['checksum'] = 'df25bc0cc02385edcac446ef8cbd83b896cdc910a0fa1b0a7bd2a958164593a8'
+#<> Checksum of the tarball (for Kibana4)
+default['kibana']['kibana4_checksum'] = '67d586e43a35652adeb6780eaa785d3d785ce60cc74fbf3b6a9a53b753c8f985'
+
#<> The URL to Kibana repository.
default['kibana']['git']['url'] = if node['kibana']['version'] > '2'
'https://github.com/elasticsearch/kibana.git'
@@ -32,20 +39,28 @@
default['kibana']['rubyversion'] = '1.9.1'
#<> The interface on which to bind.
-default['kibana']['interface'] = node['ipaddress']
+default['kibana']['interface'] = '127.0.0.1'
+
#<> The port on which to bind.
default['kibana']['port'] = 5601
#<> An Array of the elasticsearch service hosts.
default['kibana']['elasticsearch']['hosts'] = ['127.0.0.1']
#<> The port of the elasticsearch http service.
default['kibana']['elasticsearch']['port'] = 9200
+
+default['kibana']['index'] = if node['kibana']['version'] > '3'
+ '.kibana'
+ else
+ 'kibana-int'
+ end
+
#<> The which fields are shown by default.
default['kibana']['default_fields'] = '["@message"]'
#<> The operator used if no explicit operator is specified.
default['kibana']['default_operator'] = 'OR'
-#<> The cookbook from which config.js template is taken
+#<> The cookbook from which configuration template is taken
default['kibana']['config']['cookbook'] = nil
-#<> The template from which config.js is generated from
+#<> The template from which configuration is generated from
default['kibana']['config']['source'] = nil
#<> Fields specifiers which default to @message (may need to be changed for newer logstash)
default['kibana']['highlighted_field'] = '@message'
@@ -65,7 +80,10 @@
#<> The port on which to bind apache.
default['kibana']['apache']['port'] = 80
#<> Boolean switch to enable apache search query proxy
-default['kibana']['apache']['port'] = false
+default['kibana']['apache']['proxy'] = false
+#<> The apache configuration source
+default['kibana']['apache']['cookbook'] = 'kibana'
+
#<> The port on which to bind nginx
default['kibana']['nginx']['port'] = 80
@@ -105,3 +123,19 @@
default['kibana']['nginx']['server_name'] = 'kibana'
default['kibana']['elasticsearch_host'] = ''
+
+#<> The nginx configuration source
+default['kibana']['nginx']['cookbook'] = 'kibana'
+
+#<> Redirect requests to kibana service
+default['kibana']['kibana_service'] = nil
+unless node['kibana']['version'] =~ /^3/
+ default['kibana']['kibana_service'] = "http://#{node['kibana']['interface']}:#{node['kibana']['port']}"
+end
+
+#<> The kibana service configuration source
+default['kibana']['service']['source'] = 'upstart.conf.erb'
+default['kibana']['service']['cookbook'] = 'kibana'
+
+#<> The kibana 4 default application on load
+default['kibana']['defaultapp'] = 'discover'
diff --git a/libraries/version.rb b/libraries/version.rb
new file mode 100644
index 0000000..d8768b8
--- /dev/null
+++ b/libraries/version.rb
@@ -0,0 +1,41 @@
+# Encoding: utf-8
+
+class Kibana
+ # All to find correct url to download kibana
+ class Url
+ def initialize(node, version)
+ @node = node
+ @version = version
+ end
+
+ def get
+ prefix = 'https://download.elastic.co/kibana/kibana/kibana-'
+ suffix = case @version
+ when /^3\./
+ "#{@version}.#{ext}"
+ else
+ "#{@version}-#{@node['os']}#{arch}.#{ext}"
+ end
+ prefix + suffix
+ end
+
+ def ext
+ case @node['os']
+ when 'windows'
+ 'zip'
+ else
+ 'tar.gz'
+ end
+ end
+
+ def arch
+ return '' if @node['os'] == 'windows'
+ case @node['kernel']['machine']
+ when 'x86_64'
+ '-x64'
+ else
+ '-x86'
+ end
+ end
+ end
+end
diff --git a/metadata.rb b/metadata.rb
index a547da0..c5c84c8 100644
--- a/metadata.rb
+++ b/metadata.rb
@@ -1,12 +1,12 @@
# Encoding: utf-8
-name 'kibana'
-maintainer 'Peter Donald'
+name 'kibana'
+maintainer 'Peter Donald'
maintainer_email 'peter@realityforge.org'
-license 'Apache 2.0'
-description 'Installs/Configures kibana, the logstash UI'
+license 'Apache 2.0'
+description 'Installs/Configures kibana, the logstash UI'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version '0.1.9'
+version '0.1.9'
depends 'build-essential'
depends 'ark'
@@ -14,3 +14,5 @@
suggests 'authbind'
suggests 'apt'
suggests 'nginx'
+suggests 'java'
+suggests 'elasticsearch'
diff --git a/recipes/_service.rb b/recipes/_service.rb
new file mode 100644
index 0000000..b98d628
--- /dev/null
+++ b/recipes/_service.rb
@@ -0,0 +1,18 @@
+# Encoding: utf-8
+
+service 'kibana' do
+ provider Chef::Provider::Service::Upstart
+ supports start: true, restart: true, stop: true, status: true
+ action :nothing
+end
+
+template '/etc/init/kibana.conf' do
+ cookbook node['kibana']['service']['cookbook']
+ source node['kibana']['service']['source']
+ variables(
+ version: node['kibana']['version'],
+ options: '', # TODO
+ recent_upstart: (node['platform_family'] != 'rhel')
+ )
+ notifies :restart, 'service[kibana]', :delayed
+end
diff --git a/recipes/apache.rb b/recipes/apache.rb
index 1d8cdd7..df062f9 100644
--- a/recipes/apache.rb
+++ b/recipes/apache.rb
@@ -16,11 +16,18 @@
owner node['apache']['user']
group node['apache']['group']
mode 00644
+ not_if { node['kibana']['apache']['basic_auth'] == 'off' }
end
template "#{node['apache']['dir']}/sites-available/kibana.conf" do
+ variables(
+ 'index' => node['kibana']['index'],
+ 'kibana_service' => node['kibana']['kibana_service']
+ )
source 'vhost.conf.erb' if node['kibana']['version'] =~ /^2/
source 'vhost3.conf.erb' if node['kibana']['version'] =~ /^3/
+ source 'vhost4.conf.erb' if node['kibana']['version'] =~ /^4/
+ cookbook node['kibana']['apache']['cookbook']
owner node['apache']['user']
group node['apache']['group']
mode 00644
diff --git a/recipes/kibana2.rb b/recipes/kibana2.rb
index aeb9eca..a1b7758 100644
--- a/recipes/kibana2.rb
+++ b/recipes/kibana2.rb
@@ -21,7 +21,7 @@
end
#gem1.8 doesn't get brought in with ruby1.8.x
-if node['kibana']['rubyversion'] == '1.8'
+if node['kibana']['rubyversion'] == '1.8'
package "rubygems#{node['kibana']['rubyversion']}"
end
diff --git a/recipes/kibana3.rb b/recipes/kibana3.rb
index 3f88b28..41b5120 100644
--- a/recipes/kibana3.rb
+++ b/recipes/kibana3.rb
@@ -26,12 +26,13 @@
template File.join(node['kibana']['base_dir'], config_path) do
cookbook node['kibana']['config']['cookbook']
- source node['kibana']['config']['source']
+ source node['kibana']['config']['source']
owner node['kibana']['user']
group node['kibana']['group']
mode '0644'
variables({
:es_port => node['kibana']['elasticsearch']['port'],
- :elasticsearch_host => node['kibana']['elasticsearch_host']
+ :elasticsearch_host => node['kibana']['elasticsearch_host'],
+ :index => node['kibana']['index']
})
end
diff --git a/recipes/kibana4.rb b/recipes/kibana4.rb
new file mode 100644
index 0000000..b07a8fd
--- /dev/null
+++ b/recipes/kibana4.rb
@@ -0,0 +1,40 @@
+# Encoding: utf-8
+
+include_recipe 'kibana'
+
+if node['kibana']['install_method'] == 'release'
+ ark 'kibana' do
+ url node['kibana']['url']
+ version node['kibana']['kibana4_version']
+ checksum node['kibana']['kibana4_checksum']
+ path node['kibana']['base_dir']
+ home_dir File.join(node['kibana']['base_dir'], 'current')
+ owner node['kibana']['user']
+ group node['kibana']['group']
+ end
+ config_path = 'current/config/kibana.yml'
+else
+ Chef::Application.fatal!("Since Kibana version 4, install method can only be only 'release'")
+end
+
+# Apply config template
+template File.join(node['kibana']['base_dir'], config_path) do
+ cookbook node['kibana']['config']['cookbook']
+ source node['kibana']['config']['source']
+ owner node['kibana']['user']
+ group node['kibana']['group']
+ mode '0644'
+ variables(
+ bind: node['kibana']['interface'],
+ port: node['kibana']['port'],
+ es_host: node['kibana']['elasticsearch']['hosts'].first,
+ es_port: node['kibana']['elasticsearch']['port'],
+ index: node['kibana']['index'],
+ defaultapp: node['kibana']['defaultapp'],
+ elasticsearch_host: node['kibana']['elasticsearch_host']
+ )
+ notifies :restart, 'service[kibana]'
+end
+
+# Install service
+include_recipe 'kibana::_service'
diff --git a/recipes/nginx.rb b/recipes/nginx.rb
index a7a5e84..06fc195 100644
--- a/recipes/nginx.rb
+++ b/recipes/nginx.rb
@@ -4,6 +4,7 @@
template File.join(node['nginx']['dir'], 'sites-available', 'kibana') do
source 'nginx.erb'
+ cookbook node['kibana']['nginx']['cookbook']
owner node['nginx']['user']
mode '0644'
variables(
@@ -22,7 +23,9 @@
'ssl_session_timeout' => node['kibana']['nginx']['ssl_session_timeout'],
'proxy' => node['kibana']['nginx']['proxy'],
'auth' => node['kibana']['nginx']['auth'],
- 'auth_file' => node['kibana']['auth_file']
+ 'auth_file' => node['kibana']['auth_file'],
+ 'index' => node['kibana']['index'],
+ 'kibana_service' => node['kibana']['kibana_service']
)
end
diff --git a/templates/default/config.js.erb b/templates/default/config.js.erb
index 9f66cb1..6bfd1e8 100644
--- a/templates/default/config.js.erb
+++ b/templates/default/config.js.erb
@@ -21,7 +21,11 @@ function (Settings) {
<% if @elasticsearch_host != "" %>
elasticsearch: "<%= @elasticsearch_host %>",
<% else %>
- elasticsearch: "http://"+window.location.hostname+":<%= @es_port %>",
+ <% if node['kibana']['apache']['proxy'] or node['kibana']['nginx']['proxy'] %>
+ elasticsearch: window.location.protocol + "//" + window.location.hostname,
+ <% else %>
+ elasticsearch: "http://" + window.location.hostname + ":<%= @es_port %>",
+ <% end %>
<% end %>
/**
@@ -29,7 +33,7 @@ function (Settings) {
* such as stored dashboards
* @type {String}
*/
- kibana_index: "kibana-int",
+ kibana_index: "<%= @index %>",
/**
* Panel modules available. Panels will only be loaded when they are defined in the
diff --git a/templates/default/kibana.yml.erb b/templates/default/kibana.yml.erb
new file mode 100644
index 0000000..017244f
--- /dev/null
+++ b/templates/default/kibana.yml.erb
@@ -0,0 +1,85 @@
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# !! Managed by Chef, do not edit !!
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+# Kibana is served by a back end server. This controls which port to use.
+port: <%= @port %>
+
+# The host to bind the server to.
+host: "<%= @bind %>"
+
+# The Elasticsearch instance to use for all your queries.
+<% if @elasticsearch_host != "" %>
+elasticsearch_url: "<%= @elasticsearch_host %>"
+<% else %>
+elasticsearch_url: "http://<%= @es_host %>:<%= @es_port %>"
+<% end %>
+
+# preserve_elasticsearch_host true will send the hostname specified in `elasticsearch`. If you set it to false,
+# then the host you use to connect to *this* Kibana instance will be sent.
+elasticsearch_preserve_host: true
+
+# Kibana uses an index in Elasticsearch to store saved searches, visualizations
+# and dashboards. It will create a new index if it doesn't already exist.
+kibana_index: "<%= @index %>"
+
+# If your Elasticsearch is protected with basic auth, this is the user credentials
+# used by the Kibana server to perform maintence on the kibana_index at statup. Your Kibana
+# users will still need to authenticate with Elasticsearch (which is proxied thorugh
+# the Kibana server)
+# kibana_elasticsearch_username: user
+# kibana_elasticsearch_password: pass
+
+# If your Elasticsearch requires client certificate and key
+# kibana_elasticsearch_client_crt: /path/to/your/client.crt
+# kibana_elasticsearch_client_key: /path/to/your/client.key
+
+# If you need to provide a CA certificate for your Elasticsarech instance, put
+# the path of the pem file here.
+# ca: /path/to/your/CA.pem
+
+# The default application to load.
+default_app_id: "<%= @defaultapp %>"
+
+# Time in milliseconds to wait for elasticsearch to respond to pings, defaults to
+# request_timeout setting
+# ping_timeout: 1500
+
+# Time in milliseconds to wait for responses from the back end or elasticsearch.
+# This must be > 0
+request_timeout: 300000
+
+# Time in milliseconds for Elasticsearch to wait for responses from shards.
+# Set to 0 to disable.
+shard_timeout: 0
+
+# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying
+# startup_timeout: 5000
+
+# Set to false to have a complete disregard for the validity of the SSL
+# certificate.
+verify_ssl: true
+
+# SSL for outgoing requests from the Kibana Server (PEM formatted)
+# ssl_key_file: /path/to/your/server.key
+# ssl_cert_file: /path/to/your/server.crt
+
+# Set the path to where you would like the process id file to be created.
+# pid_file: /var/run/kibana.pid
+
+# If you would like to send the log output to a file you can set the path below.
+# This will also turn off the STDOUT log output.
+# log_file: ./kibana.log
+
+# Plugins that are included in the build, and no longer found in the plugins/ folder
+bundled_plugin_ids:
+ - plugins/dashboard/index
+ - plugins/discover/index
+ - plugins/doc/index
+ - plugins/kibana/index
+ - plugins/markdown_vis/index
+ - plugins/metric_vis/index
+ - plugins/settings/index
+ - plugins/table_vis/index
+ - plugins/vis_types/index
+ - plugins/visualize/index
diff --git a/templates/default/nginx.erb b/templates/default/nginx.erb
index d98a760..d1ebdd6 100644
--- a/templates/default/nginx.erb
+++ b/templates/default/nginx.erb
@@ -33,6 +33,9 @@ server {
auth_basic "Kibana Auth";
auth_basic_user_file <%= @auth_file %>;
<% end %>
+ <% if @kibana_service %>
+ proxy_pass <%= @kibana_service %>;
+ <% end %>
}
<% if @proxy %>
@@ -57,11 +60,11 @@ server {
proxy_read_timeout 90;
}
- location ~ ^/kibana-int/dashboard/.*$ {
+ location ~ ^/<%= @index %>/dashboard/.*$ {
proxy_pass http://127.0.0.1:9200;
proxy_read_timeout 90;
}
- location ~ ^/kibana-int/temp.*$ {
+ location ~ ^/<%= @index %>/temp.*$ {
proxy_pass http://127.0.0.1:9200;
proxy_read_timeout 90;
}
diff --git a/templates/default/upstart.conf.erb b/templates/default/upstart.conf.erb
index ed1a08c..1f2bb6e 100644
--- a/templates/default/upstart.conf.erb
+++ b/templates/default/upstart.conf.erb
@@ -1,13 +1,15 @@
-#
-# Generated by Chef
-#
-description "Kibana Server"
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# !! Managed by Chef, do not edit !!
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+description "Kibana Server"
start on filesystem or runlevel [2345]
stop on runlevel [!2345]
+<% if @recent_upstart %>
setuid <%= node['kibana']['user'] %>
setgid <%= node['kibana']['group'] %>
+<% end %>
respawn limit 15 5
umask 0077
@@ -16,4 +18,22 @@ pre-start script
end script
chdir <%= node['kibana']['base_dir'] %>
-exec <%= node['kibana']['port'] < 1024 ? "/usr/bin/authbind --deep " : "" %>ruby<%= node['kibana']['rubyversion'] %> kibana.rb
+<%
+ command = case @version
+ when /^2/
+ "ruby#{node['kibana']['rubyversion']} kibana.rb"
+ when /^3/
+ raise "kibana 3 cannot be started as a service"
+ when /^4/
+ "current/bin/kibana #{@options}"
+ end
+ if node['kibana']['port'] < 1024
+ command = "/usr/bin/authbind --deep " + command
+ end
+%>
+
+<% if @recent_upstart %>
+exec <%= command %>
+<% else %>
+exec su -s /bin/sh -c 'exec "$0" "$@"' <%= node['kibana']['user'] %> -- <%= command %>
+<% end %>
diff --git a/templates/default/vhost3.conf.erb b/templates/default/vhost3.conf.erb
index 719c283..6db6961 100644
--- a/templates/default/vhost3.conf.erb
+++ b/templates/default/vhost3.conf.erb
@@ -6,53 +6,42 @@
NameVirtualHost <%= node['kibana']['apache']['interface'] %>:<%= node['kibana']['apache']['port'] %>
<% end -%>
:<%= node['kibana']['apache']['port'] %>>
-
ServerName <%= node['kibana']['apache']['host'] %>
ServerAlias <%= node['kibana']['apache']['host'] %>
DocumentRoot "<%= "#{node['kibana']['base_dir']}/current" %>"
+<% if node['kibana']['apache']['proxy'] %>
- <% if node['kibana']['apache']['proxy'] %>
- <% node['kibana']['elasticsearch']['hosts'].each do |ip| %>
+<% node['kibana']['elasticsearch']['hosts'].each do |ip| %>
# Set global proxy timeouts
:9200>
ProxySet connectiontimeout=5 timeout=90
-
# Proxy for _aliases and .*/_search
ProxyPassMatch http://<%= ip %>:9200
ProxyPassReverse http://<%= ip %>:9200
-
- # Proxy for kibana-int/{dashboard,temp} stuff (if you don't want auth on /, then you will want these to be protected)
-
+ # Proxy for <%= @index %>/{dashboard,temp} stuff (if you don't want auth on /, then you will want these to be protected)
+ /dashboard/|/<%= @index %>/temp).*$">
ProxyPassMatch http://<%= ip %>:9200
ProxyPassReverse http://<%= ip %>:9200
- <% end %>
- <% end %>
-
- <% if node['kibana']['apache']['basic_auth'] == 'on' %>
-
-
- Order allow,deny
- Allow from all
- AuthType basic
- AuthName "Kibana"
- AuthBasicProvider file
- AuthUserFile <%= node['apache']['dir'] %>/htpasswd
- require valid-user
-
-
- <% else %>
-
-
- Order allow,deny
- Allow from all
- Require all granted
- SetHandler None
-
-
- <% end %>
-
+<% end %>
+<% end %>
+
+
+ <% if node['apache']['version'] == '2.4' %>
+ Require all granted
+ <% else %>
+ Order allow,deny
+ Allow from all
+ <% end %>
+<% if node['kibana']['apache']['basic_auth'] == 'on' %>
+ AuthType basic
+ AuthName "Kibana"
+ AuthBasicProvider file
+ AuthUserFile <%= node['apache']['dir'] %>/htpasswd
+ require valid-user
+<% end %>
+
diff --git a/templates/default/vhost4.conf.erb b/templates/default/vhost4.conf.erb
new file mode 100644
index 0000000..12456ea
--- /dev/null
+++ b/templates/default/vhost4.conf.erb
@@ -0,0 +1,51 @@
+# Kibana Apache Virtual Host
+#
+# Generated by Chef
+
+<% if !node['apache']['listen_ports'].include?(node['kibana']['apache']['port'].to_s) %>
+NameVirtualHost <%= node['kibana']['apache']['interface'] %>:<%= node['kibana']['apache']['port'] %>
+<% end -%>
+:<%= node['kibana']['apache']['port'] %>>
+ ServerName <%= node['kibana']['apache']['host'] %>
+ ServerAlias <%= node['kibana']['apache']['host'] %>
+
+ ProxyPass / <%= @kibana_service %>/
+ ProxyPassReverse / <%= @kibana_service %>/
+<% if node['kibana']['apache']['proxy'] %>
+
+<% node['kibana']['elasticsearch']['hosts'].each do |ip| %>
+ # Set global proxy timeouts
+ :9200>
+ ProxySet connectiontimeout=5 timeout=90
+
+
+ # Proxy for _aliases and .*/_search
+
+ ProxyPassMatch http://<%= ip %>:9200
+ ProxyPassReverse http://<%= ip %>:9200
+
+
+ # Proxy for <%= @index %>/{dashboard,temp} stuff (if you don't want auth on /, then you will want these to be protected)
+ /dashboard/|/<%= @index %>/temp).*$">
+ ProxyPassMatch http://<%= ip %>:9200
+ ProxyPassReverse http://<%= ip %>:9200
+
+<% end %>
+<% end %>
+
+
+ <% if node['apache']['version'] == '2.4' %>
+ Require all granted
+ <% else %>
+ Order allow,deny
+ Allow from all
+ <% end %>
+<% if node['kibana']['apache']['basic_auth'] == 'on' %>
+ AuthType basic
+ AuthName "Kibana"
+ AuthBasicProvider file
+ AuthUserFile <%= node['apache']['dir'] %>/htpasswd
+ require valid-user
+<% end %>
+
+