refs #1125 #1300

script/script.sh

@@ -79,6 +79,53 @@ EOF
 
 systemctl enable --now journalbeat
 
+# Configurar Filebeat
+
+# Prueba de conexión a la URL de la clave GPG
+echo "Verificando conectividad"
+curl -I --connect-timeout 10 --max-time 30 -s -o /dev/null --retry 5 https://artifacts.elastic.co/downloads/beats/filebeat/
+
+if [[ $? -ne 0 ]]; then
+  echo "ERROR: No se puede conectar a https://artifacts.elastic.co/downloads/beats/filebeat. Verifica tu conexión a Internet o la disponibilidad"
+  exit 1
+fi
+
+curl --connect-timeout 10 --max-time 60 --retry 5 -L -o /tmp/filebeat-oss-7.12.1-amd64.deb https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-7.12.1-amd64.deb
+sudo dpkg -i /tmp/filebeat-oss-7.12.1-amd64.deb
+cp CA/certs/ogagent-fb.mytld.crt.pem          /etc/filebeat/
+cp CA/private/ogagent-fb.mytld.key.nopass.pem /etc/filebeat/ogagent-fb.mytld.key.pem
+cat >/etc/filebeat/filebeat.yml <<EOF
+filebeat.inputs:
+- type: log
+  enabled: true
+  paths:
+    - /var/log/opengnsys.log
+    - /home/*/opengnsys.log
+
+setup.template.settings:
+  index.number_of_shards: 1
+
+output.elasticsearch:
+  hosts: ["oglog-os.mytld:9200"]
+  username: "admin"
+  password: "$OPENSEARCH_INITIAL_ADMIN_PASSWORD"
+  protocol: "https"
+  ssl.enabled: true
+  ssl.verification_mode: full
+  ssl.certificate: "/etc/filebeat/ogagent-fb.mytld.crt.pem"
+  ssl.key: "/etc/filebeat/ogagent-fb.mytld.key.pem"
+
+processors:
+  - add_host_metadata:
+      when.not.contains.tags: forwarded
+  - add_cloud_metadata: ~
+  - add_docker_metadata: ~
+  - add_kubernetes_metadata: ~
+
+seccomp.enabled: false
+EOF
+systemctl enable --now filebeat
+
 # Configurar repositorios y llaves para OpenSearch
 curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring
 echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" > /etc/apt/sources.list.d/opensearch-2.x.list
@@ -183,7 +230,22 @@ cp CA/certs/oglog-graf.mytld.crt.pem               /etc/grafana/
 cp CA/private/oglog-graf.mytld.key.nopass.pem      /etc/grafana/oglog-graf.mytld.key.pem
 chown grafana:grafana /etc/grafana/oglog-graf.mytld.crt.pem /etc/grafana/oglog-graf.mytld.key.pem
 
+
+# Descargar el dashboard
+echo "Descargando el dashboard"
+mkdir -p /etc/grafana/dashboards
+if curl -o /etc/grafana/dashboards/1860.json --connect-timeout 10 --max-time 30 --retry 5 https://grafana.com/api/dashboards/1860/revisions/37/download; then
+  echo "Dashboard descargado correctamente en /etc/grafana/dashboards/1860.json."
+else
+  echo "Error: No se pudo descargar el dashboard desde https://grafana.com/api/dashboards/1860/revisions/37/download."
+  exit 1
+fi
+
+# Configurar Grafana
+echo "Haciendo copia de seguridad del archivo de configuración original..."
 cp -a /etc/grafana/grafana.ini /etc/grafana/grafana.ini.dist
+
+echo "Configurando Grafana..."
 cat >/etc/grafana/grafana.ini <<EOF
 [server]
 protocol = https
@@ -195,35 +257,79 @@ reporting_enabled = false
 check_for_updates = false
 check_for_plugin_updates = false
 
-# Añadido para configurar Prometheus como fuente de datos
 [database]
-enabled = true
 type = sqlite3
 path = /var/lib/grafana/grafana.db
 
 [auth]
 disable_login_form = false
-
-[datasources]
-  [datasources.prometheus]
-  name = Prometheus
-  type = prometheus
-  access = proxy
-  url = https://oglog-prom.mytld:9090
-  isDefault = true
-
-# Descargar y configurar dashboard
-[dashboardProviders]
-  [dashboardProviders.default]
-  enabled = true
-  folder = /etc/grafana/dashboards
-  type = file
-  options = {}
-  dashboard = /etc/grafana/dashboards/405.json
 EOF
 
-# Crear directorio y descargar el dashboard
+# Configuración de datasource para Prometheus
-mkdir -p /etc/grafana/dashboards
+echo "Creando configuración de datasource para Prometheus..."
-wget -O /etc/grafana/dashboards/405.json https://grafana.com/api/dashboards/405/revisions/8/download
+mkdir -p /etc/grafana/provisioning/datasources
+cat >/etc/grafana/provisioning/datasources/prometheus.yaml <<EOF
+apiVersion: 1
+datasources:
+  - name: Prometheus
+    type: prometheus
+    access: proxy
+    url: https://oglog-prom.mytld:9090
+    isDefault: true
+EOF
 
+# Configuración de dashboards
+echo "Configurando dashboards..."
+mkdir -p /etc/grafana/provisioning/dashboards
+cat >/etc/grafana/provisioning/dashboards/dashboard.yaml <<EOF
+apiVersion: 1
+providers:
+  - name: 'default'
+    folder: ''
+    type: file
+    options:
+      path: /etc/grafana/dashboards
+EOF
+
+# Habilitar e iniciar el servicio de Grafana
+echo "Habilitando e iniciando Grafana..."
 systemctl enable --now grafana-server
+
+
+# Reiniciar los servicios
+systemctl restart journalbeat
+sleep 5
+sudo systemctl restart filebeat
+sleep 5
+systemctl restart opensearch
+sleep 5
+systemctl restart opensearch-dashboards
+sleep 5
+systemctl restart systemd-journal-remote
+sleep 5
+systemctl restart prometheus
+sleep 5
+systemctl restart grafana-server
+sleep 5
+
+# Verificar el estado de los servicios
+echo "Estado de journalbeat:"
+systemctl status journalbeat --no-pager
+
+echo "Estado de filebeat:"
+systemctl status filebeat --no-pager
+
+echo "Estado de opensearch:"
+systemctl status opensearch --no-pager
+
+echo "Estado de opensearch-dashboards:"
+systemctl status opensearch-dashboards --no-pager
+
+echo "Estado de systemd-journal-remote:"
+systemctl status systemd-journal-remote --no-pager
+
+echo "Estado de prometheus:"
+systemctl status prometheus --no-pager
+
+echo "Estado de grafana-server:"
+systemctl status grafana-server --no-pager