# Copyright 2014,2015,2016,2017,2018 Security Onion Solutions, LLC

#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.

{% set esclustername = salt['pillar.get'](master:esclustername) %}
{% set esheap = salt['pillar.get'](master:esheap) %}
{% set esaccessip = salt['pillar.get'](master:esaccessip) %}

# Add ES user
elasticsearch:
  user.present:
    - uid: 930
    - gid: 930
    - home: /opt/so/conf/elasticsearch

so-elasticsearch:
  dockerng.running:
    - image: pillaritem/so-elasticsearch
    - hostname: elasticsearch
    - user: elasticsearch
    - environment:
      - bootstrap.memory_lock=true
      - cluster.name={{ esclustername }}
      - ES_JAVA_OPTS="-Xms{{ esheap }} -Xmx{{ esheap }}"
      - http.host=0.0.0.0
      - transport.host=127.0.0.1
    - ulimits:
      - memlock=-1:-1
      - nofile=65536:65536
      - nproc=4096
    - port_bindings:
      - {{ esaccessip }}:9200:9200
      - {{ esaccessip }}:9300:9300
    - binds:
      - /opt/so/conf/logstash/log4j2.properties:/usr/share/logstash/config/log4j2.properties:ro
      - /opt/so/conf/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
      - /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro
      - /nsm/elasticsearch:/usr/share/elasticsearch/data:rw
      - /opt/so/log/elasticsearch:/var/log/elasticsearch:rw
    - network_mode: so-elastic-net