Skip to content

Instantly share code, notes, and snippets.

@nnfuzzy

nnfuzzy/docker-compose.yml Secret

Last active April 23, 2022 22:12
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save nnfuzzy/ecaae98cda8b91065aa0cce5a1d1e559 to your computer and use it in GitHub Desktop.
Save nnfuzzy/ecaae98cda8b91065aa0cce5a1d1e559 to your computer and use it in GitHub Desktop.
Download ZIP
AWS EC2 Graylog playground
Raw
docker-compose.yml
version: '3'
services:
# MongoDB: https://hub.docker.com/mongo/
mongo:
image: mongo:4.2
networks:
- graylog
# Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
environment:
- http.host=0.0.0.0
- transport.host=localhost
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
deploy:
resources:
limits:
memory: 1g
networks:
- graylog
# Graylog: https://hub.docker.com/r/graylog/graylog/
graylog:
image: graylog/graylog:4.0
environment:
# CHANGE ME (must be at least 16 characters)!
- GRAYLOG_PASSWORD_SECRET=somepasswordpepper
# Password: admin
- GRAYLOG_ROOT_PASSWORD_SHA2=AnyPasssowrdHASH
- GRAYLOG_HTTP_EXTERNAL_URI=http://AWSExternalElasticIP:9000/ #Not ElasticSearch!
entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh
networks:
- graylog
restart: always
depends_on:
- mongo
- elasticsearch
ports:
# Graylog web interface and REST API
- 9000:9000
# Syslog TCP
- 5555:5555
# Syslog UDP
#- 1514:1514/udp
# GELF TCP
#- 12201:12201
# GELF UDP
#- 12201:12201/udp
networks:
graylog:
driver: bridge
Raw
install.sh
#! /bin/bash
sudo apt-get update -y
sudo apt-get install -y mc git tmux zsh
sudo apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update -y
sudo apt-get install -y docker-ce docker-ce-cli containerd.io
sudo usermod -aG docker ${USER}
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
Raw
main.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 2.70"
}
}
}
provider "aws" {
profile = "default"
region = "eu-central-1"
}
resource "aws_key_pair" "graylogkey" {
key_name = "graylogkey"
public_key = "cat > YourPublicKey"
}
resource "aws_security_group" "allow_limited" {
name = "${terraform.workspace}_allow_limited"
description = "Allow limited"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 9000
to_port = 9000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 5555
to_port = 5555
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "graylog" {
ami = "ami-05f7491af5eef733a" #Ubuntu20.04
instance_type = "t3a.large"
key_name = aws_key_pair.graylogkey.key_name
vpc_security_group_ids = [aws_security_group.allow_limited.id]
tags ={
Name = "graylog"
}
user_data=file("install.sh") # Docker install
root_block_device {
volume_type = "gp2"
volume_size = "40"
}
provisioner "file" {
source="~/.tmux.conf"
destination="~/.tmux.conf"
connection {
type = "ssh"
user = "ubuntu"
private_key = file("~/.ssh/graylog")
host = self.public_dns
}
}
}
resource "aws_eip" "graylog_ip" {
instance = aws_instance.graylog.id
vpc = true
}
output "graylog_ip" {
value = aws_eip.graylog_ip.public_ip
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment