github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/deploy/opensearch/configs/opensearch.yaml.tpl (about) 1 {{- $clusterName := $.cluster.metadata.name }} 2 3 cluster.name: {{$clusterName}} 4 5 # Bind to all interfaces because we don't know what IP address Docker will assign to us. 6 network.host: 0.0.0.0 7 8 # Setting network.host to a non-loopback address enables the annoying bootstrap checks. "Single-node" mode disables them again. 9 # Implicitly done if ".singleNode" is set to "true". 10 # discovery.type: single-node 11 12 # Start OpenSearch Security Demo Configuration 13 # WARNING: revise all the lines below before you go into production 14 plugins: 15 security: 16 ssl: 17 transport: 18 pemcert_filepath: esnode.pem 19 pemkey_filepath: esnode-key.pem 20 pemtrustedcas_filepath: root-ca.pem 21 enforce_hostname_verification: false 22 http: 23 enabled: true 24 pemcert_filepath: esnode.pem 25 pemkey_filepath: esnode-key.pem 26 pemtrustedcas_filepath: root-ca.pem 27 allow_unsafe_democertificates: true 28 allow_default_init_securityindex: true 29 authcz: 30 admin_dn: 31 - CN=kirk,OU=client,O=client,L=test,C=de 32 audit.type: internal_opensearch 33 enable_snapshot_restore_privilege: true 34 check_snapshot_restore_write_privileges: true 35 restapi: 36 roles_enabled: ["all_access", "security_rest_api_access"] 37 system_indices: 38 enabled: true 39 indices: 40 [ 41 ".opendistro-alerting-config", 42 ".opendistro-alerting-alert*", 43 ".opendistro-anomaly-results*", 44 ".opendistro-anomaly-detector*", 45 ".opendistro-anomaly-checkpoints", 46 ".opendistro-anomaly-detection-state", 47 ".opendistro-reports-*", 48 ".opendistro-notifications-*", 49 ".opendistro-notebooks", 50 ".opendistro-asynchronous-search-response*", 51 ] 52 ######## End OpenSearch Security Demo Configuration ########