https://github.com/lmenezes/cerebro

https://hub.docker.com/r/lmenezes/cerebro

# elasticsearch web

docker run  -d  --restart=always  -v /etc/localtime:/etc/localtime:ro -v  /data/docker/monitor/elasticsearch/cerebro.conf:/opt/cerebro/conf/application.conf --name cerebro -p 9400:9000 lmenezes/cerebro:latest

vim  /data/docker/monitor/elasticsearch/cerebro.conf

# Secret will be used to sign session cookies, CSRF tokens and for other encryption utilities.

# It is highly recommended to change this value before running cerebro in production.

secret = "ki:s:[[@=Ag?QI`W2jMwkY:eqvrJ]JqoJyi2axj3ZvOv^/KavOT4ViJSv?6YY4[N"

# Application base path

basePath = "/"

# Defaults to RUNNING_PID at the root directory of the app.

# To avoid creating a PID file set this value to /dev/null

#pidfile.path = "/var/run/cerebro.pid"

pidfile.path=/dev/null

# Rest request history max size per user

rest.history.size = 50 // defaults to 50 if not specified

# Path of local database file

#data.path: "/var/lib/cerebro/cerebro.db"

data.path = "./cerebro.db"

play {

  # Cerebro port, by default it's 9000 (play's default)

  server.http.port = ${?CEREBRO_PORT}

}

es = {

  gzip = true

}

# Authentication

auth = {

  # either basic or ldap

  type: ${?AUTH_TYPE}

  settings {

    # LDAP

    url = ${?LDAP_URL}

    # OpenLDAP might be something like "ou=People,dc=domain,dc=com"

    base-dn = ${?LDAP_BASE_DN}

    # Usually method should  be "simple" otherwise, set it to the SASL mechanisms to try

    method = ${?LDAP_METHOD}

    # user-template executes a string.format() operation where

    # username is passed in first, followed by base-dn. Some examples

    #  - %s => leave user untouched

    #  - %s@domain.com => append "@domain.com" to username

    #  - uid=%s,%s => usual case of OpenLDAP

    user-template = ${?LDAP_USER_TEMPLATE}

    // User identifier that can perform searches

    bind-dn = ${?LDAP_BIND_DN}

    bind-pw = ${?LDAP_BIND_PWD}

    group-search {

      // If left unset parent's base-dn will be used

      base-dn = ${?LDAP_GROUP_BASE_DN}

      // Attribute that represent the user, for example uid or mail

      user-attr = ${?LDAP_USER_ATTR}

      // Define a separate template for user-attr

      // If left unset parent's user-template will be used

      user-attr-template = ${?LDAP_USER_ATTR_TEMPLATE}

      // Filter that tests membership of the group. If this property is empty then there is no group membership check

      // AD example => memberOf=CN=mygroup,ou=ouofthegroup,DC=domain,DC=com

      // OpenLDAP example => CN=mygroup

      group = ${?LDAP_GROUP}

    }

    # Basic auth

    username = ${?BASIC_AUTH_USER}

    password = ${?BASIC_AUTH_PWD}

  }

}

# A list of known hosts

hosts = [

  {

    host = "http://b.htmltoo.com:9200"

    name = "01"

  #  headers-whitelist = [ "x-proxy-user", "x-proxy-roles", "X-Forwarded-For" ]

  }

  # Example of host with authentication

  #{

  #  host = "http://some-authenticated-host:9200"

  #  name = "Secured Cluster"

  #  auth = {

  #    username = "username"

  #    password = "secret-password"

  #  }

  #}

]