logging and supervisord for thehive

b95d6e0e · Temur Maisuradze · 3262f400 · b95d6e0e · b95d6e0e · b95d6e0e
Commit b95d6e0e authored 4 years ago by Temur Maisuradze
--- a/inventories/filebeat
+++ b/inventories/filebeat
@@ -11,3 +11,4 @@ dsoclab-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb
 dsoclab-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
 #dsoclab-zookeeper ansible_connection=docker FILEBEAT_FILES='[""]'
 dsoclab-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
+dsoclab-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
--- a/roles/build/files/thehivesupervisord.conf
+++ b/roles/build/files/thehivesupervisord.conf
+[unix_http_server]
+file=/tmp/supervisor.sock
+
+[supervisord]
+pidfile=/tmp/supervisord.pid
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log
+logfile_maxbytes=10MB
+logfile_backups=10
+loglevel=info
+childlogdir=/var/log/supervisor/
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock
+
+[program:thehive]
+directory=/opt/thehive
+user=thehive
+group=thehive
+command=/bin/bash -c '/opt/thehive/bin/thehive -Dconfig.file=/etc/thehive/application.conf -Dlogger.file=/etc/thehive/logback.xml -J-Xms1g -J-Xmx1g -Dpidfile.path=/dev/null'
+autostart=false
+autorestart=true
+logfile_maxbytes=10MB
+stdout_logfile_backups = 0
+stderr_logfile_backups = 0
+stderr_logfile = /var/log/supervisor/thehive_stderr.log
+stdout_logfile = /var/log/supervisor/thehive_stdout.log
--- a/roles/build/templates/thehive/Dockerfile.j2
+++ b/roles/build/templates/thehive/Dockerfile.j2
@@ -19,6 +19,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
    chown -R thehive:thehive /home/thehive /etc/thehive && \
    yum -y clean all
 EXPOSE 9000
-#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
-USER thehive
+COPY thehivesupervisord.conf /etc/supervisord.conf
+ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
+#USER thehive
 # ENTRYPOINT ["/start.sh"]
--- a/roles/docker/tasks/thehive.yml
+++ b/roles/docker/tasks/thehive.yml
@@ -10,7 +10,6 @@
    networks_cli_compatible: yes
 #    published_ports:
 #      - "9000:9000"
-    entrypoint: "/bin/bash"
    interactive: "yes"
  with_items: "{{ groups['thehive'] }}"
  tags:

--- a/roles/thehive/tasks/main.yml
+++ b/roles/thehive/tasks/main.yml
 ---

 - name: Configure TheHive
+  remote_user: thehive
  template:
    src: application.conf.j2
    dest: /etc/thehive/application.conf
@@ -8,21 +9,13 @@
    - start

 - name: Start TheHive
-  command: >
-    daemonize 
-    -c /opt/thehive 
-    -p /tmp/thehive.pid
-    -o /tmp/thehive-stdout.log 
-    /opt/thehive/bin/thehive 
-    -Dconfig.file=/etc/thehive/application.conf 
-    -Dlogger.file=/etc/thehive/logback.xml 
-    -J-Xms1g
-    -J-Xmx1g
-    -Dpidfile.path=/dev/null
+  remote_user: root
+  command: "supervisorctl start thehive"
  tags:
    - start

 - name: Wait for TheHive
+  remote_user: root
  wait_for:
    host: "{{groups['thehive'][0]}}"
    port: 9000
@@ -32,7 +25,8 @@
    - start

 - name: Stop TheHive
-  command: "pkill -SIGTERM -F /tmp/thehive.pid"
+  remote_user: root
+  command: "supervisorctl stop thehive"
  tags:
    - stop