deeily/mail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
mail/deploy/elk/install.sh
deeily 5024bf9a8d init: full mail stack — phases 0..8 (web client, admin, IMAP/SMTP, 
sieve, search, sessions, dramatiq, deploy/install, ELK, monitoring)
2026-04-29 16:30:43 +03:00

36 lines
1.1 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
# Install Filebeat configured for the mail stack.
# Run as root: sudo ./install.sh [ELK_HOST]
set -euo pipefail
ELK_HOST="${1:-${ELK_HOST:-logstash.internal}}"
ELK_PORT="${ELK_PORT:-5044}"
ENV_NAME="${ENV:-prod}"
HERE="$(cd "$(dirname "$0")" && pwd)"
if ! command -v filebeat >/dev/null; then
echo "Filebeat is not installed. On Debian/Ubuntu:"
echo " curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.15.0-amd64.deb"
echo " dpkg -i filebeat-8.15.0-amd64.deb"
exit 1
fi
# Render config with substitutions and copy.
sed \
-e "s|\${ELK_HOST:logstash.internal}|$ELK_HOST|g" \
-e "s|\${ELK_PORT:5044}|$ELK_PORT|g" \
-e "s|\${ENV:dev}|$ENV_NAME|g" \
"$HERE/filebeat.yml" > /etc/filebeat/filebeat.yml
chown root:root /etc/filebeat/filebeat.yml
chmod 0644 /etc/filebeat/filebeat.yml
# Filebeat must be able to read mail logs.
usermod -a -G adm filebeat 2>/dev/null || true
usermod -a -G deeily filebeat 2>/dev/null || true
systemctl enable filebeat
systemctl restart filebeat
echo "Filebeat shipping logs → $ELK_HOST:$ELK_PORT (env=$ENV_NAME)"
systemctl --no-pager status filebeat | head -10
Reference in New Issue View Git Blame Copy Permalink