Added kibana (#2286)

Added kibana to make elastic management easier.
PR #1710 did this. 
PR #1714 revert this.
This PR did again and fix some bugs.

- [x] Bug Fix (non-breaking change which fixes an issue)
- [x] New Feature (non-breaking change which adds functionality)

docker/init-kibana.sh

@@ -1,30 +1,67 @@
 #!/bin/bash
 
-# 等待 Elasticsearch 啟動
-until curl -u "elastic:${ELASTIC_PASSWORD}" -s http://es01:9200 >/dev/null; do
-  echo "等待 Elasticsearch 啟動..."
-  sleep 5
+# unset http proxy which maybe set by docker daemon
+export http_proxy=""; export https_proxy=""; export no_proxy=""; export HTTP_PROXY=""; export HTTPS_PROXY=""; export NO_PROXY=""
+
+echo "Elasticsearch built-in user: elastic:${ELASTIC_PASSWORD}"
+
+# Wait Elasticsearch be healthy
+while true; do
+    response=$(curl -s -v -w "\n%{http_code}" -u "elastic:${ELASTIC_PASSWORD}" "http://es01:9200")
+    exit_code=$?
+    status=$(echo "$response" | tail -n1)
+    if [ $exit_code -eq 0 ] && [ "$status" = "200" ]; then
+        echo "Elasticsearch is healthy"
+        break
+    else
+        echo "Elasticsearch is unhealthy: $exit_code $status"
+        echo "$response"
+        sleep 5
+    fi
 done
 
+# Create new role with all privileges to all indices
+# https://www.elastic.co/guide/en/elasticsearch/reference/current/security-privileges.html#privileges-list-indices
+echo "Going to create Elasticsearch role own_indices with all privileges to all indices"
+while true; do
+    response=$(curl -s -v -w "\n%{http_code}" -u "elastic:${ELASTIC_PASSWORD}" -X POST http://es01:9200/_security/role/own_indices -H 'Content-Type: application/json' -d '{"indices": [{"names": ["*"], "privileges": ["all"]}]}')
+    exit_code=$?
+    status=$(echo "$response" | tail -n1)
+    if [ $exit_code -eq 0 ] && [ "$status" = "200" ]; then
+        echo "Elasticsearch role own_indices created"
+        break
+    else
+        echo "Elasticsearch role own_indices failure: $exit_code $status"
+        echo "$response"
+        sleep 5
+    fi
+done
 
-echo "使用者: elastic:${ELASTIC_PASSWORD}"
+echo "Elasticsearch role own_indices:"
+curl -u "elastic:${ELASTIC_PASSWORD}" -X GET "http://es01:9200/_security/role/own_indices"
+echo ""
 
+PAYLOAD="{\"password\": \"${KIBANA_PASSWORD}\", \"roles\": [\"kibana_admin\", \"kibana_system\", \"own_indices\"], \"full_name\": \"${KIBANA_USER}\", \"email\": \"${KIBANA_USER}@example.com\"}"
 
+echo "Going to create Elasticsearch user ${KIBANA_USER}: ${PAYLOAD}"
 
-PAYLOAD="{
-  \"password\" : \"${KIBANA_PASSWORD}\",
-  \"roles\" : [ \"kibana_admin\",\"kibana_system\" ],
-  \"full_name\" : \"${KIBANA_USER}\",
-  \"email\" : \"${KIBANA_USER}@example.com\"
-}"
-echo "新用戶帳戶: $PAYLOAD"
+# Create new user
+while true; do
+    response=$(curl -s -v -w "\n%{http_code}" -u "elastic:${ELASTIC_PASSWORD}" -X POST http://es01:9200/_security/user/${KIBANA_USER} -H "Content-Type: application/json" -d "${PAYLOAD}")
+    exit_code=$?
+    status=$(echo "$response" | tail -n1)
+    if [ $exit_code -eq 0 ] && [ "$status" = "200" ]; then
+        echo "Elasticsearch user ${KIBANA_USER} created"
+        break
+    else
+        echo "Elasticsearch user ${KIBANA_USER} failure: $exit_code $status"
+        echo "$response"
+        sleep 5
+    fi
+done
 
-# 創建新用戶帳戶
-curl -X POST "http://es01:9200/_security/user/${KIBANA_USER}" \
--u "elastic:${ELASTIC_PASSWORD}" \
--H "Content-Type: application/json" \
--d "$PAYLOAD"s
-
-echo "新用戶帳戶已創建"
+echo "Elasticsearch user ${KIBANA_USER}:"
+curl -u "elastic:${ELASTIC_PASSWORD}" -X GET "http://es01:9200/_security/user/${KIBANA_USER}"
+echo ""
 
 exit 0