diff --git a/ansible/roles/bambi-arkime/files/Dockerfile b/ansible/roles/bambi-arkime/files/Dockerfile index 7ea2a3b..f24b593 100644 --- a/ansible/roles/bambi-arkime/files/Dockerfile +++ b/ansible/roles/bambi-arkime/files/Dockerfile @@ -8,4 +8,4 @@ RUN dpkg -i ./*.deb; apt-get install -fy RUN touch /opt/arkime/etc/oui.txt RUN touch /opt/arkime/etc/ipv4-address-space.csv -ENTRYPOINT ["tail", "-f", "/dev/null"] +ENTRYPOINT /BambiArkime/docker-entrypoint.sh diff --git a/ansible/roles/bambi-arkime/files/docker-entrypoint.sh b/ansible/roles/bambi-arkime/files/docker-entrypoint.sh new file mode 100644 index 0000000..ac4d981 --- /dev/null +++ b/ansible/roles/bambi-arkime/files/docker-entrypoint.sh @@ -0,0 +1,6 @@ +#!/bin/sh +set -e + +sh ./arkime-capture.sh bambiarkime1 & +sh ./arkime-viewer.sh bambiarkime1 & +wait diff --git a/ansible/roles/bambi-arkime/files/init.sh b/ansible/roles/bambi-arkime/files/init.sh deleted file mode 100644 index 8eb45d0..0000000 --- a/ansible/roles/bambi-arkime/files/init.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -set -e -elasticsearch="192.168.2.1" - -while ! curl -sq http://$elasticsearch:9200; do - echo "Waiting for elasticsearch to start..."; - sleep 3; -done - -echo "Initializing Arkime Elasticsearch" -/opt/arkime/db/db.pl http://$elasticsearch:9200 init -/opt/arkime/bin/arkime_add_user.sh admin "Admin User" admin --admin - -sh ./arkime-capture.sh bambiarkime1 & -sh ./arkime-viewer.sh bambiarkime1 & -wait diff --git a/configgen/configgen/gen_wireguard_internal.py b/configgen/configgen/gen_wireguard_internal.py index cfe7f80..a0e7438 100644 --- a/configgen/configgen/gen_wireguard_internal.py +++ b/configgen/configgen/gen_wireguard_internal.py @@ -80,7 +80,9 @@ def gen_wireguard_internal( listen_port=WG_LISTEN_PORT_INTERNAL, ) ) - router_configs[0].responsible_ips.append("192.168.2.0/24") + # TODO replace with peers? + if routers > 0: + router_configs[0].responsible_ips.append("192.168.2.0/24") # Route traffic to teams through the correct router for team in range(1, teams + 1): diff --git a/terraform/bambiarkime.tf b/terraform/bambiarkime.tf index 07ba8f8..0a6244f 100644 --- a/terraform/bambiarkime.tf +++ b/terraform/bambiarkime.tf @@ -10,6 +10,10 @@ variable "arkime_count" { nullable = false } +locals { + subnet = "192.168.2.0/24" +} + data "hcloud_image" "bambiarkime" { with_selector = var.arkime_count > 0 ? "type=bambiarkime" : null name = var.arkime_count > 0 ? null : "debian-10" @@ -36,6 +40,8 @@ resource "hcloud_server" "bambiarkime" { user_data = templatefile( "user_data_arkime.tftpl", { id = "${count.index + 1}", + masters = join(",", [for i in range(var.arkime_count) : cidrhost(local.subnet, i+1)]), + seeds = join(",", setsubtract([for i in range(var.arkime_count) : cidrhost(local.subnet, i+1)], [cidrhost(local.subnet, count.index+1)])) router_ips = hcloud_floating_ip.bambirouter_ip, elk = var.elk_count > 0 ? hcloud_floating_ip.bambielk_ip[0].ip_address : "127.0.0.1", engine = var.engine_count > 0 ? hcloud_floating_ip.bambiengine_ip[0].ip_address : "127.0.0.1", diff --git a/terraform/user_data_arkime.tftpl b/terraform/user_data_arkime.tftpl index 3c31b2f..6594e40 100644 --- a/terraform/user_data_arkime.tftpl +++ b/terraform/user_data_arkime.tftpl @@ -13,6 +13,19 @@ systemctl enable --now "wg-quick@internal" # Start elasticsearch cluster sed -i -e "s#\[\[ARKIME\]\]#192.168.2.${id}#g" /services/BambiArkimeElasticsearch/docker-compose.yml +sed -i -e "s#\[\[INITIAL_MASTER_NODES\]\]#${masters}#g" /services/BambiArkimeElasticsearch/docker-compose.yml +sed -i -e "s#\[\[SEED_HOSTS\]\]#${seeds}#g" /services/BambiArkimeElasticsearch/docker-compose.yml +cd /services/BamiArkimeElasticsearch/ +docker compose up -d # Start Arkime cluster sed -i -e "s#\[\[ARKIME\]\]#192.168.2.${id}#g" /services/BambiArkime/config.ini +cd /services/BamiArkime/ +docker compose build +if [ ${id} -eq 1 ] + #/opt/arkime/db/db.pl "http://192.168.2.${id}:9200" init + #/opt/arkime/bin/arkime_add_user.sh admin "Admin User" admin --admin +then +fi + +#docker compose up -d