43 lines
2.0 KiB
Django/Jinja
43 lines
2.0 KiB
Django/Jinja
services:
|
|
elastic-agent:
|
|
image: docker.elastic.co/elastic-agent/elastic-agent:{{ edge_vps_elastic_version }}
|
|
container_name: elastic-agent
|
|
restart: always
|
|
network_mode: host
|
|
dns:
|
|
- {{ edge_vps_elastic_dns_server }}
|
|
dns_search:
|
|
- elastic-system.svc.cluster.local
|
|
- svc.cluster.local
|
|
- cluster.local
|
|
user: "0:0"
|
|
privileged: true
|
|
entrypoint: ["/usr/bin/env", "bash", "-c"]
|
|
command:
|
|
- |
|
|
set -e
|
|
if [[ -f /mnt/elastic-internal/elasticsearch-association/elastic-system/elasticsearch/certs/ca.crt ]]; then
|
|
if [[ -f /usr/bin/update-ca-trust ]]; then
|
|
cp /mnt/elastic-internal/elasticsearch-association/elastic-system/elasticsearch/certs/ca.crt /etc/pki/ca-trust/source/anchors/
|
|
/usr/bin/update-ca-trust
|
|
elif [[ -f /usr/sbin/update-ca-certificates ]]; then
|
|
cp /mnt/elastic-internal/elasticsearch-association/elastic-system/elasticsearch/certs/ca.crt /usr/local/share/ca-certificates/
|
|
/usr/sbin/update-ca-certificates
|
|
fi
|
|
fi
|
|
exec /usr/bin/tini -- /usr/local/bin/docker-entrypoint -e -c /etc/agent/elastic-agent.yml
|
|
environment:
|
|
- FLEET_CA=/mnt/elastic-internal/fleetserver-association/elastic-system/fleet-server/certs/ca.crt
|
|
- FLEET_ENROLL=true
|
|
- FLEET_ENROLLMENT_TOKEN={{ vault_edge_vps.elastic.fleet_enrollment_token }}
|
|
- FLEET_URL={{ edge_vps_elastic_fleet_url }}
|
|
- STATE_PATH=/usr/share/elastic-agent/state
|
|
- CONFIG_PATH=/usr/share/elastic-agent/state
|
|
- NODE_NAME={{ inventory_hostname }}
|
|
volumes:
|
|
- {{ edge_vps_elastic_state_dir }}:/usr/share/elastic-agent/state
|
|
- ./elastic-agent.yml:/etc/agent/elastic-agent.yml:ro
|
|
- ./elasticsearch-ca.crt:/mnt/elastic-internal/elasticsearch-association/elastic-system/elasticsearch/certs/ca.crt:ro
|
|
- ./fleet-ca.crt:/mnt/elastic-internal/fleetserver-association/elastic-system/fleet-server/certs/ca.crt:ro
|
|
- {{ edge_vps_traefik_logs_dir }}:/var/log/traefik:ro
|