elastic: fix WS in JAIL_CONF_EXTRA

mail-toaster.sh

@@ -324,12 +324,17 @@ zfs_create_fs()
 zfs_destroy_fs()
 {
 	local _fs="$1"
-	local _flags=${2:=""}
+	local _flags="$2"
 
 	if ! zfs_filesystem_exists "$_fs"; then return; fi
 
-	echo "zfs destroy $2 $1"
-	zfs destroy "$2" "$1" || exit
+	if [ -n "$_flags" ]; then
+		echo "zfs destroy $2 $1"
+		zfs destroy "$2" "$1" || exit 1
+	else
+		echo "zfs destroy $1"
+		zfs destroy "$1" || exit 1
+	fi
 }
 
 base_snapshot_exists()
@@ -548,7 +553,7 @@ stage_unmount()
 {
 	for _fs in $(mount | grep stage | sort -u | awk '{ print $3 }'); do
 		if [ "$(basename "$_fs")" = "stage" ]; then continue; fi
-		umount "$_fs"
+		umount "$_fs" || echo "unable to umount $_fs"
 	done
 
 	# repeat, as sometimes a nested fs will prevent first try from success
@@ -559,7 +564,7 @@ stage_unmount()
 
 	if mount -t devfs | grep -q "$STAGE_MNT/dev"; then
 		echo "umount $STAGE_MNT/dev"
-		umount "$STAGE_MNT/dev" || exit 1
+		umount "$STAGE_MNT/dev"
 	fi
 }
 

provision/elasticsearch.sh

@@ -6,7 +6,8 @@ set -e -u
 
 export JAIL_START_EXTRA="enforce_statfs=1"
 # shellcheck disable=2016
-export JAIL_CONF_EXTRA="\n\t\tenforce_statfs = 1;"
+export JAIL_CONF_EXTRA="
+		enforce_statfs = 1;"
 export JAIL_FSTAB="fdescfs $ZFS_JAIL_MNT/elasticsearch/dev/fd fdescfs rw 0 0
 proc     $ZFS_JAIL_MNT/elasticsearch/proc   procfs  rw 0 0"
 
@@ -90,7 +91,7 @@ install_elasticsearch()
 {
 	#install_elasticsearch5
 	#install_elasticsearch6
-	# install_elasticsearch7
+	#install_elasticsearch7
 	install_elasticsearch8
 }
 
@@ -113,18 +114,8 @@ install_beats()
 
 configure_elasticsearch()
 {
-	local _data_conf="$STAGE_MNT/data/etc/elasticsearch.yml"
-	if [ -f "$_data_conf" ]; then
-		tell_status "preserving installed elasticsearch.yml"
-		return
-	fi
-
-	tell_status "installing elasticsearch.yml"
 	local _conf="$STAGE_MNT/usr/local/etc/elasticsearch/elasticsearch.yml"
-	mkdir -p "$STAGE_MNT/data/etc"
-	echo "cp $_conf $_data_conf"
-	cp "$_conf" "$_data_conf"
-	chown 965 "$_data_conf"
+	local _data_conf="$STAGE_MNT/data/etc/elasticsearch.yml"
 
 	if [ ! -f "$STAGE_MNT/data/etc/jvm.options" ]; then
 		if [ -f "$ZFS_JAIL_MNT/elasticsearch/usr/local/etc/elasticsearch/jvm.options" ]; then
@@ -136,6 +127,7 @@ configure_elasticsearch()
 	fi
 
 	if [ ! -f "$STAGE_MNT/data/etc/log4j2.properties" ]; then
+		tell_status "installing log4j2.properties"
 		cp "$STAGE_MNT/usr/local/etc/elasticsearch/log4j2.properties" "$STAGE_MNT/data/etc/"
 		chown 965 "$STAGE_MNT/data/etc/log4j2.properties"
 	fi
@@ -146,26 +138,39 @@ configure_elasticsearch()
 		-e '/^#cluster.initial/ s/^#//; s/node-1/stage/; s/, "node-2"//' \
 			"$_conf"
 
-	sed -i.bak \
-		-e "/^#network.host:/ s/#//; s/192.168.0.1/$(get_jail_ip elasticsearch)/" \
-		-e '/^path.data: / s/var/data/' \
-		-e '/^path.logs: / s/var/data/' \
-		-e '/^path\./ s/\/elasticsearch//' \
-		-e '/^#cluster_name/ s/^#//; s/my-application/mail-toaster/' \
-		-e '/^#node.name/ s/^#//; s/node-1/mt1/' \
-		-e '/^#cluster.initial/ s/^#//; s/node-1/mt1/; s/, "node-2"//' \
-			"$_data_conf"
-
-	tee -a "$_data_conf" <<EO_ES_CONF
+	if [ -f "$_data_conf" ]; then
+		tell_status "preserving installed elasticsearch.yml"
+	else
+		tell_status "installing elasticsearch.yml"
+		mkdir -p "$STAGE_MNT/data/etc"
+		echo "cp $_conf $_data_conf"
+		cp "$_conf" "$_data_conf"
+		chown 965 "$_data_conf"
+
+		sed -i.bak \
+			-e "/^#network.host:/ s/#//; s/192.168.0.1/$(get_jail_ip elasticsearch)/" \
+			-e '/^path.data: / s/var/data/' \
+			-e '/^path.logs: / s/var/data/' \
+			-e '/^path\./ s/\/elasticsearch//' \
+			-e '/^#cluster_name/ s/^#//; s/my-application/mail-toaster/' \
+			-e '/^#node.name/ s/^#//; s/node-1/mt1/' \
+			-e '/^#cluster.initial/ s/^#//; s/node-1/mt1/; s/, "node-2"//' \
+				"$_data_conf"
+
+		if ! grep -qs xpack.security.enabled "$_data_conf"; then
+			tee -a "$_data_conf" <<EO_ES_CONF
 xpack.security.enabled: false
 EO_ES_CONF
+		fi
+	fi
 }
 
 configure_kibana()
 {
 	tell_status "configuring kibana"
 
 	stage_sysrc kibana_syslog_output_enable=YES
+	stage_sysrc kibana_enable=YES
 
 	if [ -f "$STAGE_MNT/data/etc/kibana.yml" ]; then
 		tell_status "preserving kibana.yml"
@@ -174,14 +179,12 @@ configure_kibana()
 
 	chown 80:80 "$STAGE_MNT/usr/local/etc/kibana/kibana.yml"
 
-	tell_status "installing default kibana.yml"
 	sed -i '' \
 		-e 's/^#server.basePath: ""/server.basePath: "\/kibana"/' \
 		"$STAGE_MNT/usr/local/etc/kibana/kibana.yml"
 
+	tell_status "installing default kibana.yml"
 	cp "$STAGE_MNT/usr/local/etc/kibana/kibana.yml" "$STAGE_MNT/data/etc/"
-
-	stage_sysrc kibana_enable=YES
 }
 
 start_elasticsearch()
@@ -195,13 +198,15 @@ start_elasticsearch()
 	tell_status "generating a Kibana setup token"
 	echo
 	export ES_JAVA_HOME=/usr/local/openjdk17
-	stage_exec /usr/local/lib/elasticsearch/bin/elasticsearch-create-enrollment-token --scope kibana
+	stage_exec /usr/local/lib/elasticsearch/bin/elasticsearch-create-enrollment-token \
+		--scope kibana --url http://172.16.15.254:9200 \
+		|| echo "ERROR: could not create Kibana enrollment token"
 	echo
 
 	tell_status "starting Kibana"
 	stage_exec service kibana start
-	stage_exec bash -c "cd /usr/local/www/kibana8 && su -m www -c /usr/local/www/kibana8/bin/kibana"
-	stage_exec service kibana start
+	#stage_exec bash -c "cd /usr/local/www/kibana8 && su -m www -c /usr/local/www/kibana8/bin/kibana"
+	#stage_exec service kibana start
 }
 
 test_elasticsearch()