diff --git a/inventories/filebeat b/inventories/filebeat
index e4442b309dd5235b4b0462cbdf8e4760730db898..81047ba6bbb52b04ed3e0935a7b8ff439a9e6772 100644
--- a/inventories/filebeat
+++ b/inventories/filebeat
@@ -11,3 +11,4 @@ dsoclab-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb
dsoclab-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
#dsoclab-zookeeper ansible_connection=docker FILEBEAT_FILES='[""]'
dsoclab-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
+dsoclab-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
diff --git a/roles/build/files/thehivesupervisord.conf b/roles/build/files/thehivesupervisord.conf
new file mode 100644
index 0000000000000000000000000000000000000000..5da785016f982911f3db02ed0e80f418f7468e4c
--- /dev/null
+++ b/roles/build/files/thehivesupervisord.conf
@@ -0,0 +1,30 @@
+[unix_http_server]
+file=/tmp/supervisor.sock
+
+[supervisord]
+pidfile=/tmp/supervisord.pid
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log
+logfile_maxbytes=10MB
+logfile_backups=10
+loglevel=info
+childlogdir=/var/log/supervisor/
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock
+
+[program:thehive]
+directory=/opt/thehive
+user=thehive
+group=thehive
+command=/bin/bash -c '/opt/thehive/bin/thehive -Dconfig.file=/etc/thehive/application.conf -Dlogger.file=/etc/thehive/logback.xml -J-Xms1g -J-Xmx1g -Dpidfile.path=/dev/null'
+autostart=false
+autorestart=true
+logfile_maxbytes=10MB
+stdout_logfile_backups = 0
+stderr_logfile_backups = 0
+stderr_logfile = /var/log/supervisor/thehive_stderr.log
+stdout_logfile = /var/log/supervisor/thehive_stdout.log
diff --git a/roles/build/templates/thehive/Dockerfile.j2 b/roles/build/templates/thehive/Dockerfile.j2
index 773c7c2c7846ade845264764c68e22f36a0cf957..d5599c7af533d465888eee5c08b4e3ebce1b5178 100644
--- a/roles/build/templates/thehive/Dockerfile.j2
+++ b/roles/build/templates/thehive/Dockerfile.j2
@@ -19,6 +19,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
chown -R thehive:thehive /home/thehive /etc/thehive && \
yum -y clean all
EXPOSE 9000
-#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
-USER thehive
+COPY thehivesupervisord.conf /etc/supervisord.conf
+ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
+#USER thehive
# ENTRYPOINT ["/start.sh"]
diff --git a/roles/docker/tasks/thehive.yml b/roles/docker/tasks/thehive.yml
index f8effea72c1f2dd0a5d938e89012ffe5b3f1269b..68fdd3c3f21e711ee957feee298b24544e9bbc66 100644
--- a/roles/docker/tasks/thehive.yml
+++ b/roles/docker/tasks/thehive.yml
@@ -10,7 +10,6 @@
networks_cli_compatible: yes
# published_ports:
# - "9000:9000"
- entrypoint: "/bin/bash"
interactive: "yes"
with_items: "{{ groups['thehive'] }}"
tags:
diff --git a/roles/thehive/tasks/main.yml b/roles/thehive/tasks/main.yml
index 7d8f8599b4993245b64d48f8064d78d99d1fc174..3a11515fb8daa50ddda5406bbaf1af93bd21275d 100644
--- a/roles/thehive/tasks/main.yml
+++ b/roles/thehive/tasks/main.yml
@@ -1,6 +1,7 @@
---
- name: Configure TheHive
+ remote_user: thehive
template:
src: application.conf.j2
dest: /etc/thehive/application.conf
@@ -8,21 +9,13 @@
- start
- name: Start TheHive
- command: >
- daemonize
- -c /opt/thehive
- -p /tmp/thehive.pid
- -o /tmp/thehive-stdout.log
- /opt/thehive/bin/thehive
- -Dconfig.file=/etc/thehive/application.conf
- -Dlogger.file=/etc/thehive/logback.xml
- -J-Xms1g
- -J-Xmx1g
- -Dpidfile.path=/dev/null
+ remote_user: root
+ command: "supervisorctl start thehive"
tags:
- start
- name: Wait for TheHive
+ remote_user: root
wait_for:
host: "{{groups['thehive'][0]}}"
port: 9000
@@ -32,7 +25,8 @@
- start
- name: Stop TheHive
- command: "pkill -SIGTERM -F /tmp/thehive.pid"
+ remote_user: root
+ command: "supervisorctl stop thehive"
tags:
- stop