Moving dev back to LF Gerrit

[it/dep.git] / ric-aux / 80-Auxiliary-Functions / helm / mc-stack / charts / elasticsearch / examples / security / security.yml

diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml
new file mode 100755 (executable)
index 0000000..04d932c
--- /dev/null
+++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml
@@ -0,0 +1,38 @@
+---
+clusterName: "security"
+nodeGroup: "master"
+
+roles:
+  master: "true"
+  ingest: "true"
+  data: "true"
+
+protocol: https
+
+esConfig:
+  elasticsearch.yml: |
+    xpack.security.enabled: true
+    xpack.security.transport.ssl.enabled: true
+    xpack.security.transport.ssl.verification_mode: certificate
+    xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
+    xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
+    xpack.security.http.ssl.enabled: true
+    xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
+    xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
+
+extraEnvs:
+  - name: ELASTIC_PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: elastic-credentials
+        key: password
+  - name: ELASTIC_USERNAME
+    valueFrom:
+      secretKeyRef:
+        name: elastic-credentials
+        key: username
+
+secretMounts:
+  - name: elastic-certificates
+    secretName: elastic-certificates
+    path: /usr/share/elasticsearch/config/certs