Merge branch 'develop' into migration_debian10

Tony Lee · web-flow · commit c5cae0fa3292 · 2019-09-24T14:04:01.000-07:00
diff --git a/base/redhat-8/Dockerfile b/base/redhat-8/Dockerfile
@@ -25,9 +25,9 @@ LABEL name="splunk" \
       summary="UBI 8 Docker image of Splunk Enterprise" \
       description="Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."
 
-RUN mkdir /licenses; \
-	curl -o /licenses/apache-2.0.txt https://www.apache.org/licenses/LICENSE-2.0.txt; \
-	curl -o /licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf https://www.redhat.com/licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf
-
 COPY install.sh /install.sh
-RUN /install.sh && rm -rf /install.sh
+
+RUN mkdir /licenses \
+    && curl -o /licenses/apache-2.0.txt https://www.apache.org/licenses/LICENSE-2.0.txt \
+    && curl -o /licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf https://www.redhat.com/licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf \
+    && /install.sh && rm -rf /install.sh
diff --git a/docs/EXAMPLES.md b/docs/EXAMPLES.md
@@ -13,6 +13,7 @@ Note that for more complex scenarios, we will opt to use a [Docker compose file]
     * [...with HEC](#create-standalone-with-hec)
     * [...with any app](#create-standalone-with-app)
     * [...with a SplunkBase app](#create-standalone-with-splunkbase-app)
+    * [...with SSL enabled](#create-standalone-with-ssl-enabled)
 * [Create standalone and universal forwarder](#create-standalone-and-universal-forwarder)
 * [Create heavy forwarder](#create-heavy-forwarder)
 * [Create heavy forwarder and deployment server](#create-heavy-forwarder-and-deployment-server)
@@ -186,6 +187,26 @@ Execute the following to bring up your deployment:
 $ SPLUNKBASE_PASSWORD=<splunkbase_password> SPLUNK_PASSWORD=<password> docker-compose up -d
 ```
 
+## Create standalone with SSL enabled
+
+To enable SSL over SplunkWeb, you'll first need to generate your self-signed certificates. Please see the [Splunk docs](https://docs.splunk.com/Documentation/Splunk/latest/Security/Self-signcertificatesforSplunkWeb) on how to go about doing this. For the purposes of local development, you can use:
+```
+openssl req -x509 -newkey rsa:4096 -passout pass:abcd1234 -keyout /home/key.pem -out /home/cert.pem -days 365 -subj /CN=localhost
+```
+
+Once you have your certificates available, you can execute the following to bring up your deployment with SSL enabled on the Splunk Web UI:
+```
+$ docker run --name so1 --hostname so1 -p 8000:8000 \
+              -e "SPLUNK_HTTP_ENABLESSL=true" \
+              -e "SPLUNK_HTTP_ENABLESSL_CERT=/home/cert.pem" \
+              -e "SPLUNK_HTTP_ENABLESSL_PRIVKEY=/home/key.pem" \
+              -e "SPLUNK_HTTP_ENABLESSL_PRIVKEY_PASSWORD=abcd1234" \
+              -e "SPLUNK_PASSWORD=<password>" \
+              -e "SPLUNK_START_ARGS=--accept-license" \
+              -v /home:/home \ 
+              -it splunk/splunk:latest
+```
+
 ## Create standalone and universal forwarder
 You can also enable distributed deployments. In this case, we can create a Splunk universal forwarder running in a container to stream logs to a Splunk standalone, also running in a container.
 
diff --git a/splunk/common-files/Dockerfile b/splunk/common-files/Dockerfile
@@ -97,12 +97,12 @@ COPY splunk-ansible ${SPLUNK_ANSIBLE_HOME}
 # Set sudo rights
 RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' /etc/sudoers \
     && sudo echo -e '\nansible ALL=(splunk)NOPASSWD:ALL' >> /etc/sudoers \
-    # Create the ansible user/group
+    && echo 'Create the ansible user/group' \
     && groupadd -r ${ANSIBLE_GROUP} \
     && useradd -r -m -g ${ANSIBLE_GROUP} ${ANSIBLE_USER} \
     && usermod -aG sudo ${ANSIBLE_USER} \
     && usermod -aG ${ANSIBLE_GROUP} ${SPLUNK_USER} \
-    # Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".
+    && echo 'Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".' \
     && mkdir ${CONTAINER_ARTIFACT_DIR} \
     && chown -R ${ANSIBLE_USER}:${ANSIBLE_GROUP} ${CONTAINER_ARTIFACT_DIR} \
     && chmod -R 775 ${CONTAINER_ARTIFACT_DIR} \
diff --git a/splunk/common-files/entrypoint.sh b/splunk/common-files/entrypoint.sh
@@ -163,7 +163,7 @@ case "$1" in
 		configure_multisite $0
 		;;
 	create-defaults)
-	  create_defaults
+		create_defaults
 		;;
 	restart)
 		shift
