From fefcd94866c8891d47556b528a48767bb65980bf Mon Sep 17 00:00:00 2001 From: Florent Date: Thu, 5 Jan 2023 17:12:12 +0100 Subject: [PATCH] Initial commit (heavily inspired from OpenSearch ynh package) --- .github/workflows/updater.sh | 10 +++--- conf/90-max_map_count-elasticsearch.conf | 3 ++ conf/90-max_map_count-opensearch.conf | 3 -- conf/{opensearch.yml => elasticsearch.yml} | 6 ++-- conf/jvm.options | 2 +- conf/systemd.service | 15 ++++---- config_panel.toml | 4 +-- doc/DESCRIPTION.md | 12 ++++--- doc/DISCLAIMER.md | 1 + manifest.json | 25 ++++++------- scripts/_common.sh | 3 -- scripts/backup | 2 +- scripts/install | 19 ++++------ scripts/remove | 16 +++++++++ scripts/restore | 15 ++------ scripts/upgrade | 42 ++++------------------ 16 files changed, 74 insertions(+), 104 deletions(-) create mode 100644 conf/90-max_map_count-elasticsearch.conf delete mode 100644 conf/90-max_map_count-opensearch.conf rename conf/{opensearch.yml => elasticsearch.yml} (68%) diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh index 50785a2..2a2b8ad 100755 --- a/.github/workflows/updater.sh +++ b/.github/workflows/updater.sh @@ -17,7 +17,7 @@ current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') # Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true) | .tag_name | select( startswith("v7") )' | sort -V | tail -1) # Later down the script, we assume the version has only digits and dots # Sometimes the release name starts with a "v", so let's filter it out. @@ -51,18 +51,18 @@ echo "1 available asset(s)" # UPDATE SOURCE FILES #================================================= -for arch in "x64" "arm64"; do -asset_url="https://artifacts.opensearch.org/releases/bundle/opensearch/$version/opensearch-$version-linux-$arch.tar.gz" +for arch in "x86_64" "aarch64"; do +asset_url="https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$version-linux-$arch.tar.gz" echo "Handling asset at $asset_url" # Assign the asset to a source file in conf/ directory # Here we base the source file name upon a unique keyword in the assets url (admin vs. update) # Leave $src empty to ignore the asset case $arch in - "x64") + "x86_64") src="amd64" ;; - "arm64") + "aarch64") src="arm64" ;; esac diff --git a/conf/90-max_map_count-elasticsearch.conf b/conf/90-max_map_count-elasticsearch.conf new file mode 100644 index 0000000..9605c78 --- /dev/null +++ b/conf/90-max_map_count-elasticsearch.conf @@ -0,0 +1,3 @@ +# Increase the number of allowed map count +# See: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/vm-max-map-count.html +vm.max_map_count=262144 diff --git a/conf/90-max_map_count-opensearch.conf b/conf/90-max_map_count-opensearch.conf deleted file mode 100644 index f8aa694..0000000 --- a/conf/90-max_map_count-opensearch.conf +++ /dev/null @@ -1,3 +0,0 @@ -# Increase the number of allowed map count -# See: https://opensearch.org/docs/latest/install-and-configure/install-opensearch/index/#important-settings -vm.max_map_count=262144 diff --git a/conf/opensearch.yml b/conf/elasticsearch.yml similarity index 68% rename from conf/opensearch.yml rename to conf/elasticsearch.yml index d80aa0b..3b12e62 100644 --- a/conf/opensearch.yml +++ b/conf/elasticsearch.yml @@ -1,4 +1,4 @@ -# Bind OpenSearch to the correct network interface. Use 0.0.0.0 +# Bind ElasticSearch to the correct network interface. Use 0.0.0.0 # to include all available interfaces or specify an IP address # assigned to a specific interface. network.host: 127.0.0.1 @@ -19,7 +19,5 @@ path.data: __DATADIR__ # fail when you try to start the service. discovery.type: single-node -# If you previously disabled the security plugin in opensearch.yml, -# be sure to re-enable it. Otherwise you can skip this setting. -plugins.security.disabled: true +xpack.security.enabled: false diff --git a/conf/jvm.options b/conf/jvm.options index 434a362..e805594 100644 --- a/conf/jvm.options +++ b/conf/jvm.options @@ -11,7 +11,7 @@ ## -Xms4g ## -Xmx4g ## -## See https://opensearch.org/docs/opensearch/install/important-settings/ +## See https://www.elastic.co/guide/en/elasticsearch/reference/7.17/advanced-configuration.html ## for more information ## ################################################################ diff --git a/conf/systemd.service b/conf/systemd.service index fc83b27..67f4497 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,18 +1,19 @@ [Unit] -Description=OpenSearch - Open source distributed and RESTful search engine -Documentation=https://opensearch.org +Description=ElasticSearch - Distributed and RESTful search engine +Documentation=https://elastic.co After=network.target [Service] Type=simple User=__APP__ Group=__APP__ -Environment="OPENSEARCH_JAVA_HOME=__FINALPATH__/jdk" -Environment="OPENSEARCH_PATH_CONF=__FINALPATH__/config" +Environment="ES_JAVA_HOME=__FINALPATH__/jdk" +Environment="ES_PATH_CONF=__FINALPATH__/config" Environment="PID_DIR=/run/__APP__" -Environment="OPENSEARCH_SD_NOTIFY=true" +Environment="ES_SD_NOTIFY=true" +EnvironmentFile=-@path.env@ WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/bin/opensearch -p ${PID_DIR}/__APP__.pid --quiet +ExecStart=__FINALPATH__/bin/elasticsearch -p ${PID_DIR}/__APP__.pid --quiet StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit @@ -44,7 +45,7 @@ SendSIGKILL=no SuccessExitStatus=143 # Allow a slow startup before the systemd notifier module kicks in to extend the timeout -TimeoutStartSec=75 +TimeoutStartSec=900 # Sandboxing options to harden security # Depending on specificities of your service/app, you may need to tweak these diff --git a/config_panel.toml b/config_panel.toml index 31bb53e..842106e 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -2,8 +2,8 @@ version = "1.0" [main] -name.en = "OpenSearch configuration" -name.fr = "Configuration d'OpenSearch" +name.en = "ElasticSearch configuration" +name.fr = "Configuration d'ElasticSearch" services = ["__APP__"] diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index ffc0c4c..f780789 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1,6 +1,10 @@ -OpenSearch makes it easy to ingest, search, visualize, and analyze your data. +Elasticsearch is the distributed, RESTful search and analytics engine at the heart of the [Elastic Stack](https://www.elastic.co/products). You can use Elasticsearch to store, search, and manage data for: + - Logs + - Metrics + - A search backend + - Application monitoring + - Endpoint security +... and more! -### Features - -OpenSearch is a scalable, flexible, and extensible open-source software suite for search, analytics, and observability applications licensed under Apache 2.0. Powered by Apache Lucene and driven by the OpenSearch Project community, OpenSearch offers a vendor-agnostic toolset you can use to build secure, high-performance, cost-efficient applications. Use OpenSearch as an end-to-end solution or connect it with your preferred open-source tools or partner projects. +To learn more about Elasticsearch’s features and capabilities, see the [product page](https://www.elastic.co/products/elasticsearch). diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index b82819b..5e62241 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,4 +1,5 @@ ### Limitations + - **Not totally free**: Licensed under SSPL, see for more information: - Currently the security is disabled - Therefore, the package is configured to remain not public for now (i.e. not accessible through the web, the apps depending on it should be installed on the same server) - Not scalable for now diff --git a/manifest.json b/manifest.json index 51570b6..11a4444 100644 --- a/manifest.json +++ b/manifest.json @@ -1,19 +1,19 @@ { - "name": "OpenSearch", - "id": "opensearch", + "name": "ElasticSearch 7", + "id": "elasticsearch7", "packaging_format": 1, "description": { - "en": "Open source distributed and RESTful search engine.", - "fr": "Moteur de recherche RESTful et open-source." + "en": "Distributed and RESTful search engine.", + "fr": "Moteur de recherche RESTful." }, - "version": "2.4.1~ynh1", - "url": "https://github.com/opensearch-project/OpenSearch", + "version": "7.0.0~ynh1", + "url": "https://github.com/elastic/elasticsearch", "upstream": { - "license": "Apache-2.0", - "website": "https://opensearch.org", - "demo": "https://playground.opensearch.org/app/home", - "admindoc": "https://opensearch.org/docs/latest/", - "code": "https://github.com/opensearch-project/OpenSearch" + "license": "SSPL-1.0", + "website": "https://elastic.co", + "demo": "https://www.elastic.co/demos", + "admindoc": "https://www.elastic.co/guide/en/elasticsearch/reference/7.17/elasticsearch-intro.html", + "code": "https://github.com/elastic/elasticsearch" }, "license": "AGPL-3.0-or-later", "maintainer": { @@ -24,9 +24,6 @@ "yunohost": ">= 11.0.0" }, "multi_instance": true, - "services": [ - "nginx" - ], "arguments": { "install": [] } diff --git a/scripts/_common.sh b/scripts/_common.sh index e40900d..2c37081 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,9 +3,6 @@ #================================================= # COMMON VARIABLES #================================================= -# PHP APP SPECIFIC -#================================================= -pkg_dependencies="" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index bbc5726..99ef323 100755 --- a/scripts/backup +++ b/scripts/backup @@ -60,7 +60,7 @@ ynh_backup --src_path="/etc/logrotate.d/$app" # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/etc/sysctl.d/90-max_map_count-opensearch.conf" +ynh_backup --src_path="/etc/sysctl.d/90-max_map_count-elasticsearch.conf" #================================================= # BACKUP SYSTEMD diff --git a/scripts/install b/scripts/install index 8c4adae..481e738 100755 --- a/scripts/install +++ b/scripts/install @@ -51,13 +51,6 @@ ynh_app_setting_set --app=$app --key=xms --value=$xms xmx=1g ynh_app_setting_set --app=$app --key=xmx --value=$xmx -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 - -ynh_install_app_dependencies $pkg_dependencies - #================================================= # CREATE DEDICATED USER #================================================= @@ -108,11 +101,11 @@ chown $app:$app "/run/$app" #================================================= ynh_script_progression --message="Adding the configuration files..." --weight=1 -ynh_add_config --template="opensearch.yml" --destination="$final_path/config/opensearch.yml" +ynh_add_config --template="elasticsearch.yml" --destination="$final_path/config/elasticsearch.yml" ynh_add_config --template="jvm.options" --destination="$final_path/config/jvm.options.d/yunohost.options" -chmod 400 "$final_path/config/opensearch.yml" "$final_path/config/jvm.options.d/yunohost.options" -chown $app:$app "$final_path/config/opensearch.yml" "$final_path/config/jvm.options.d/yunohost.options" +chmod 400 "$final_path/config/elasticsearch.yml" "$final_path/config/jvm.options.d/yunohost.options" +chown $app:$app "$final_path/config/elasticsearch.yml" "$final_path/config/jvm.options.d/yunohost.options" #================================================= @@ -121,11 +114,11 @@ chown $app:$app "$final_path/config/opensearch.yml" "$final_path/config/jvm.opti ynh_script_progression --message="Increasing maximum map count (sysctl)..." # Increase the maximum number of files inotify can monitor. -cp -a ../conf/90-max_map_count-opensearch.conf /etc/sysctl.d/ +cp -a ../conf/90-max_map_count-elasticsearch.conf /etc/sysctl.d/ # Then, reload the kernel configuration. if ! IS_PACKAGE_CHECK # LXC doesn't allow sysctl to play with kernel options. then - sysctl -p /etc/sysctl.d/90-max_map_count-opensearch.conf + sysctl -p /etc/sysctl.d/90-max_map_count-elasticsearch.conf fi @@ -153,7 +146,7 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="OpenSearch - Open source distributed and RESTful search engine" --log="/var/log/$app/$app.log" +yunohost service add $app --description="ElasticSearch - Distributed and RESTful search engine" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE diff --git a/scripts/remove b/scripts/remove index 3e99783..86adf51 100755 --- a/scripts/remove +++ b/scripts/remove @@ -103,6 +103,22 @@ ynh_script_progression --message="Removing the dedicated system user..." --weigh # Delete a system user ynh_system_user_delete --username=$app +#================================================= +# SPECIFIC REMOVE +#================================================= +# REMOVE VARIOUS FILES +#================================================= +ynh_script_progression --message="Removing various files..." + +if [ -e "/etc/sysctl.d/90-max_map_count-elasticsearch.conf" ]; then + ynh_secure_remove --file="/etc/sysctl.d/90-max_map_count-elasticsearch.conf" + # Reload the kernel configuration. + if ! IS_PACKAGE_CHECK # LXC doesn't allow sysctl to play with kernel options. + then + sysctl --system + fi +fi + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index fc9eff0..b765085 100755 --- a/scripts/restore +++ b/scripts/restore @@ -85,24 +85,15 @@ chown $app:$app "/run/$app" #================================================= # SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies - - #================================================= # RESTORE VARIOUS FILES #================================================= ynh_script_progression --message="Restoring various files..." -ynh_restore_file --origin_path="/etc/sysctl.d/90-max_map_count-opensearch.conf" +ynh_restore_file --origin_path="/etc/sysctl.d/90-max_map_count-elasticsearch.conf" if ! IS_PACKAGE_CHECK # LXC doesn't allow sysctl to play with kernel options. then - sysctl -p /etc/sysctl.d/90-max_map_count-opensearch.conf + sysctl -p /etc/sysctl.d/90-max_map_count-elasticsearch.conf fi #================================================= @@ -125,7 +116,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="OpenSearch - Open source distributed and RESTful search engine" --log="/var/log/$app/$app.log" +yunohost service add $app --description="ElasticSearch - Distributed and RESTful search engine" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE diff --git a/scripts/upgrade b/scripts/upgrade index 5717200..19def57 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -56,27 +56,6 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -# -# N.B. : the followings setting migrations snippets are provided as *EXAMPLES* -# of what you may want to do in some cases (e.g. a setting was not defined on -# some legacy installs and you therefore want to initiaze stuff during upgrade) -# - -# If db_name doesn't exist, create it -#if [ -z "$db_name" ]; then -# db_name=$(ynh_sanitize_dbid --db_name=$app) -# ynh_app_setting_set --app=$app --key=db_name --value=$db_name -#fi - -# If final_path doesn't exist, create it -#if [ -z "$final_path" ]; then -# final_path=/var/www/$app -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path -#fi - -### If nobody installed your app before 4.1, -### then you may safely remove these lines - #================================================= # CREATE DEDICATED USER #================================================= @@ -94,30 +73,23 @@ then ynh_script_progression --message="Upgrading source files..." --weight=20 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" --keep="config/opensearch.yml config/jvm.options.d/yunohost.conf" + ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" --keep="config/elasticsearch.yml config/jvm.options.d/yunohost.conf" fi chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=1 - -ynh_install_app_dependencies $pkg_dependencies - #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -ynh_add_config --template="opensearch.yml" --destination="$final_path/config/opensearch.yml" +ynh_add_config --template="elasticsearch.yml" --destination="$final_path/config/elasticsearch.yml" ynh_add_config --template="jvm.options" --destination="$final_path/config/jvm.options.d/yunohost.options" -chmod 400 "$final_path/config/opensearch.yml" "$final_path/config/jvm.options.d/yunohost.options" -chown $app:$app "$final_path/config/opensearch.yml" "$final_path/config/jvm.options.d/yunohost.options" +chmod 400 "$final_path/config/elasticsearch.yml" "$final_path/config/jvm.options.d/yunohost.options" +chown $app:$app "$final_path/config/elasticsearch.yml" "$final_path/config/jvm.options.d/yunohost.options" #================================================= # INCREASE MAX_MAP_COUNT @@ -125,11 +97,11 @@ chown $app:$app "$final_path/config/opensearch.yml" "$final_path/config/jvm.opti ynh_script_progression --message="Increasing maximum map count (sysctl)..." # Increase the maximum number of files inotify can monitor. -cp -a ../conf/90-max_map_count-opensearch.conf /etc/sysctl.d/ +cp -a ../conf/90-max_map_count-elasticsearch.conf /etc/sysctl.d/ # Then, reload the kernel configuration. if ! IS_PACKAGE_CHECK # LXC doesn't allow sysctl to play with kernel options. then - sysctl -p /etc/sysctl.d/90-max_map_count-opensearch.conf + sysctl -p /etc/sysctl.d/90-max_map_count-elasticsearch.conf fi #================================================= @@ -155,7 +127,7 @@ ynh_use_logrotate --non-append #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="OpenSearch - Open source distributed and RESTful search engine" --log="/var/log/$app/$app.log" +yunohost service add $app --description="ElasticSearch - Distributed and RESTful search engine" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE