Docker Compose 1Nodes Elastic

1. services:
2.   setup:
3.     image: docker.elastic.co/elasticsearch/elasticsearch:8.15.2
4.     volumes:
5.      - certs:/usr/share/elasticsearch/config/certs
6.     user: "0"
7.     command: >
8.      bash -c '
9.         if [ x${ELASTIC_PASSWORD} == x ]; then
10.           echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
11.           exit 1;
12.         elif [ x${KIBANA_PASSWORD} == x ]; then
13.           echo "Set the KIBANA_PASSWORD environment variable in the .env file";
14.           exit 1;
15.         fi;
16.         if [ ! -f config/certs/ca.zip ]; then
17.           echo "Creating CA";
18.           bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
19.           unzip config/certs/ca.zip -d config/certs;
20.         fi;
21.         if [ ! -f config/certs/certs.zip ]; then
22.           echo "Creating certs";
23.           echo -ne \
24.           "instances:\n"\
25.           "  - name: dedaleiro01\n"\
26.           "    dns:\n"\
27.           "      - dedaleiro01\n"\
28.           "      - localhost\n"\
29.           "    ip:\n"\
30.           "      - 127.0.0.1\n"\
31.           > config/certs/instances.yml;
32.           bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
33.           unzip config/certs/certs.zip -d config/certs;
34.         fi;
35.         echo "Setting file permissions"
36.         chown -R root:root config/certs;
37.         find . -type d -exec chmod 750 \{\} \;;
38.         find . -type f -exec chmod 640 \{\} \;;
39.         echo "Waiting for Elasticsearch availability";
40.         until curl -s --cacert config/certs/ca/ca.crt https://dedaleiro01:9200 | grep -q "missing authentication credentials"; do sleep 60; done;
41.         echo "Setting kibana_system password";
42.         until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://dedaleiro01:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
43.         echo "All done!";
44.       '
45.     healthcheck:
46.       test: ["CMD-SHELL", "[ -f config/certs/dedaleiro01/dedaleiro01.crt ]"]
47.       interval: 1s
48.       timeout: 20s
49.       retries: 120
50.  
51.   dedaleiro01:
52.     depends_on:
53.       setup:
54.         condition: service_healthy
55.     image: docker.elastic.co/elasticsearch/elasticsearch:8.15.2
56.     volumes:
57.      - certs:/usr/share/elasticsearch/config/certs
58.       - dedaleirodata01:/usr/share/elasticsearch/data
59.     ports:
60.      - ${ES_PORT}:9200
61.     environment:
62.      - node.name=dedaleiro01
63.       - cluster.name=${CLUSTER_NAME}
64.       - cluster.initial_master_nodes=dedaleiro01
65.       - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
66.       - bootstrap.memory_lock=true
67.       - xpack.security.enabled=true
68.       - xpack.security.http.ssl.enabled=true
69.       - xpack.security.http.ssl.key=certs/dedaleiro01/dedaleiro01.key
70.       - xpack.security.http.ssl.certificate=certs/dedaleiro01/dedaleiro01.crt
71.       - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
72.       - xpack.security.transport.ssl.enabled=true
73.       - xpack.security.transport.ssl.key=certs/dedaleiro01/dedaleiro01.key
74.       - xpack.security.transport.ssl.certificate=certs/dedaleiro01/dedaleiro01.crt
75.       - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
76.       - xpack.security.transport.ssl.verification_mode=certificate
77.       - xpack.license.self_generated.type=${LICENSE}
78.     mem_limit: ${MEM_LIMIT}
79.     ulimits:
80.       memlock:
81.         soft: -1
82.         hard: -1
83.     healthcheck:
84.       test:
85.        [
86.           "CMD-SHELL",
87.           "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
88.         ]
89.       interval: 10s
90.       timeout: 20s
91.       retries: 120
92.  
93.   kibana:
94.     depends_on:
95.       dedaleiro01:
96.         condition: service_healthy
97.     image: docker.elastic.co/kibana/kibana:8.15.2
98.     volumes:
99.      - certs:/usr/share/kibana/config/certs
100.       - kibanadata:/usr/share/kibana/data
101.     ports:
102.      - ${KIBANA_PORT}:5601
103.     environment:
104.      - SERVERNAME=kibana
105.       - ELASTICSEARCH_HOSTS=https://dedaleiro01:9200
106.       - ELASTICSEARCH_USERNAME=kibana_system
107.       - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
108.       - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
109.     mem_limit: ${MEM_LIMIT}
110.     healthcheck:
111.       test:
112.        [
113.           "CMD-SHELL",
114.           "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
115.         ]
116.       interval: 10s
117.       timeout: 20s
118.       retries: 120
119.  
120. volumes:
121.   certs:
122.     driver: local
123.   dedaleirodata01:
124.     driver: local
125.   kibanadata:
126.     driver: local