Last active
March 26, 2025 13:24
-
-
Save linuxmalaysia/2d356c1548f1cd6fa5a49eed87ba1cd9 to your computer and use it in GitHub Desktop.
Download Elastic Assets for airgap installation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ### Script mudah untuk download asset daripada elastic downloads bagi tujuan | |
| ### Internal repo kepada Elastic Fleet. | |
| ### use with own risks | |
| ### buat directory ini bawah html /usr/share/nginx/html | |
| ### Harisfazillah Bin Jamel 28/12/2024, update 26/03/2025 | |
| ### Ubuntu / Debian - apt install nginx | |
| ### Alma Linux / Rocky Linux - dnf install nginx | |
| ### Created with Google Gemini | |
| # Check for distribution and install Nginx | |
| if [[ -f /etc/os-release ]]; then | |
| # Assuming Ubuntu/Debian based distribution | |
| source /etc/os-release | |
| if [[ "$ID" == "ubuntu" ]]; then | |
| sudo apt update | |
| sudo apt install -y nginx | |
| elif [[ "$ID" == "debian" ]]; then | |
| sudo apt update | |
| sudo apt install -y nginx | |
| fi | |
| elif [[ -f /etc/redhat-release ]] || [[ -f /etc/centos-release ]] || [[ -f /etc/rocky-release ]] || [[ -f /etc/almalinux-release ]]; then | |
| # Assuming RedHat/CentOS/Rocky/AlmaLinux based distribution | |
| sudo dnf install -y nginx | |
| fi | |
| DOWNLPATH="/usr/share/nginx/html" | |
| VERSI="8.17.3" | |
| ENDPOINT_VERSION="$VERSI" # Use consistent versioning | |
| # Function to download assets | |
| download_asset() { | |
| local asset_name="$1" | |
| local base_url="https://artifacts.elastic.co/downloads/" | |
| local download_dir="$DOWNLPATH/downloads/$asset_name" | |
| echo "Downloading $asset_name..." | |
| mkdir -p "$download_dir" | |
| chmod 755 "$download_dir" | |
| cd "$download_dir" || return 1 # Exit function if cd fails | |
| curl -O "$base_url$asset_name/$asset_name-$VERSI-linux-x86_64.tar.gz" || echo "Error downloading tar.gz for $asset_name" | |
| curl -O "$base_url$asset_name/$asset_name-$VERSI-linux-x86_64.tar.gz.sha512" || echo "Error downloading sha512 for $asset_name" | |
| curl -O "$base_url$asset_name/$asset_name-$VERSI-linux-x86_64.tar.gz.asc" || echo "Error downloading asc for $asset_name" | |
| cd "$DOWNLPATH" || return 1 # Go back to the main directory | |
| } | |
| # Function to download beats assets (Linux) | |
| download_beats_asset_linux() { | |
| local beat_name="$1" | |
| local base_url="https://artifacts.elastic.co/downloads/beats/" | |
| local download_dir="$DOWNLPATH/downloads/beats/$beat_name" | |
| echo "Downloading $beat_name (Linux)..." | |
| mkdir -p "$download_dir" | |
| chmod 755 "$download_dir" | |
| cd "$download_dir" || return 1 # Exit function if cd fails | |
| curl -O "$base_url$beat_name/$beat_name-$VERSI-linux-x86_64.tar.gz" || echo "Error downloading tar.gz for $beat_name (Linux)" | |
| curl -O "$base_url$beat_name/$beat_name-$VERSI-linux-x86_64.tar.gz.sha512" || echo "Error downloading sha512 for $beat_name (Linux)" | |
| curl -O "$base_url$beat_name/$beat_name-$VERSI-linux-x86_64.tar.gz.asc" || echo "Error downloading asc for $beat_name (Linux)" | |
| cd "$DOWNLPATH" || return 1 # Go back to the main directory | |
| } | |
| # Function to download beats assets (Windows) | |
| download_beats_asset_windows() { | |
| local beat_name="$1" | |
| local base_url="https://artifacts.elastic.co/downloads/beats/" | |
| local download_dir="$DOWNLPATH/downloads/beats/$beat_name" | |
| echo "Downloading $beat_name (Windows)..." | |
| mkdir -p "$download_dir" | |
| chmod 755 "$download_dir" | |
| cd "$download_dir" || return 1 # Exit function if cd fails | |
| curl -O "$base_url$beat_name/$beat_name-$VERSI-windows-x86_64.zip" || echo "Error downloading zip for $beat_name (Windows)" | |
| curl -O "$base_url$beat_name/$beat_name-$VERSI-windows-x86_64.zip.sha512" || echo "Error downloading sha512 for $beat_name (Windows)" | |
| curl -O "$base_url$beat_name/$beat_name-$VERSI-windows-x86_64.zip.asc" || echo "Error downloading asc for $beat_name (Windows)" | |
| cd "$DOWNLPATH" || return 1 # Go back to the main directory | |
| } | |
| # Function to download the Endpoint Security offline package (Linux x86_64) | |
| download_endpoint_offline_package() { | |
| local base_url="https://artifacts.elastic.co/downloads/endpoint/packages/" | |
| local download_dir="$DOWNLPATH/downloads/endpoint/offline_package" | |
| echo "Downloading Endpoint Security offline package (Linux x86_64)..." | |
| mkdir -p "$download_dir" | |
| chmod 755 "$download_dir" | |
| cd "$download_dir" || return 1 # Exit function if cd fails | |
| curl -O "$base_url/endpoint-bundle-offline-linux-x86_64-$ENDPOINT_VERSION.zip" || echo "Error downloading offline package zip" | |
| curl -O "$base_url/endpoint-bundle-offline-linux-x86_64-$ENDPOINT_VERSION.zip.sha512" || echo "Error downloading offline package sha512" | |
| curl -O "$base_url/endpoint-bundle-offline-linux-x86_64-$ENDPOINT_VERSION.zip.asc" || echo "Error downloading offline package asc" | |
| cd "$DOWNLPATH" || return 1 # Go back to the main directory | |
| } | |
| # Function to download the Kibana plugin for Endpoint Security | |
| download_kibana_plugin() { | |
| local base_url="https://artifacts.elastic.co/downloads/security/" | |
| local download_dir="$DOWNLPATH/downloads/kibana_plugin" | |
| local kibana_version_suffix="-8.17.3" # Assuming Kibana version matches Elastic Stack version | |
| echo "Downloading Kibana plugin for Endpoint Security..." | |
| mkdir -p "$download_dir" | |
| chmod 755 "$download_dir" | |
| cd "$download_dir" || return 1 # Exit function if cd fails | |
| curl -O "$base_url/security-$VERSI$kibana_version_suffix.zip" || echo "Error downloading Kibana plugin zip" | |
| cd "$DOWNLPATH" || return 1 # Go back to the main directory | |
| } | |
| # Download APM Server | |
| download_asset apm-server | |
| # Download Auditbeat (Linux) | |
| download_beats_asset_linux auditbeat | |
| # Download Elastic Agent (Linux) | |
| download_beats_asset_linux elastic-agent | |
| # Download Elastic Agent (Windows) | |
| download_beats_asset_windows elastic-agent | |
| # Download Filebeat (Linux) | |
| download_beats_asset_linux filebeat | |
| # Download Heartbeat (Linux) | |
| download_beats_asset_linux heartbeat | |
| # Download Metricbeat (Linux) | |
| download_beats_asset_linux metricbeat | |
| # Download Osquerybeat (Linux) | |
| download_beats_asset_linux osquerybeat | |
| # Download Packetbeat (Linux) | |
| download_beats_asset_linux packetbeat | |
| # Download Cloudbeat | |
| download_asset cloudbeat | |
| # Download Endpoint Security (single tar.gz) | |
| download_asset endpoint-dev | |
| # --- Confirm latest Endpoint Security artifact manifest version --- | |
| echo "Confirming latest Endpoint Security artifact manifest version..." | |
| if command -v curl &> /dev/null && command -v zcat &> /dev/null && command -v jq &> /dev/null; then | |
| LATEST_MANIFEST_VERSION=$(curl -s "https://artifacts.security.elastic.co/downloads/endpoint/manifest/artifacts-$ENDPOINT_VERSION.zip" | zcat -q | jq -r .manifest_version) | |
| if [[ -n "$LATEST_MANIFEST_VERSION" ]]; then | |
| echo "Latest Endpoint Security artifact manifest version for $ENDPOINT_VERSION is: $LATEST_MANIFEST_VERSION" | |
| else | |
| echo "Warning: Could not retrieve the latest Endpoint Security artifact manifest version." | |
| fi | |
| else | |
| echo "Warning: Some dependencies are missing for checking the manifest version (curl, zcat, jq). Skipping." | |
| fi | |
| # --- Download more granular Endpoint Security artifacts --- | |
| echo "Downloading more granular Endpoint Security artifacts..." | |
| ENDPOINT_DOWNLOAD_PATH="$DOWNLPATH/downloads/endpoint" | |
| mkdir -p "$ENDPOINT_DOWNLOAD_PATH/manifest" | |
| chmod 755 "$ENDPOINT_DOWNLOAD_PATH" "$ENDPOINT_DOWNLOAD_PATH/manifest" | |
| cd "$ENDPOINT_DOWNLOAD_PATH/manifest" || exit 1 | |
| if command -v wget &> /dev/null && command -v zcat &> /dev/null && command -v jq &> /dev/null && command -v xargs &> /dev/null; then | |
| wget -q "https://artifacts.security.elastic.co/downloads/endpoint/manifest/artifacts-$ENDPOINT_VERSION.zip" -O "artifacts-$ENDPOINT_VERSION.zip" | |
| if [[ -f "artifacts-$ENDPOINT_VERSION.zip" ]]; then | |
| zcat -q "artifacts-$ENDPOINT_VERSION.zip" | jq -r '.artifacts | to_entries| .value.relative_url' | xargs -I@ -P4 curl -s "https://artifacts.security.elastic.co@" --create-dirs -o "../@" | |
| echo "Finished downloading granular Endpoint Security artifacts to $ENDPOINT_DOWNLOAD_PATH" | |
| rm "artifacts-$ENDPOINT_VERSION.zip" | |
| else | |
| echo "Error: Could not download Endpoint Security manifest." | |
| fi | |
| else | |
| echo "Warning: Some dependencies are missing for granular Endpoint Security download (wget, zcat, jq, xargs). Skipping." | |
| fi | |
| cd "$DOWNLPATH" || exit 1 | |
| # Download Endpoint Security Offline Package | |
| download_endpoint_offline_package | |
| # Download Kibana Plugin for Endpoint Security | |
| download_kibana_plugin | |
| # Download Fleet Server | |
| download_asset fleet-server | |
| # Download Prodfiler | |
| mkdir -p "$DOWNLPATH/downloads/prodfiler" | |
| chmod 755 "$DOWNLPATH/downloads/prodfiler" | |
| cd "$DOWNLPATH/downloads/prodfiler" || exit 1 | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-host-agent-$VERSI-linux-x86_64.tar.gz" || echo "Error downloading pf-host-agent" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-host-agent-$VERSI-linux-x86_64.tar.gz.sha512" || echo "Error downloading pf-host-agent sha512" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-host-agent-$VERSI-linux-x86_64.tar.gz.asc" || echo "Error downloading pf-host-agent asc" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-elastic-collector-$VERSI-linux-x86_64.tar.gz" || echo "Error downloading pf-elastic-collector" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-elastic-collector-$VERSI-linux-x86_64.tar.gz.sha512" || echo "Error downloading pf-elastic-collector sha512" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-elastic-collector-$VERSI-linux-x86_64.tar.gz.asc" || echo "Error downloading pf-elastic-collector asc" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-elastic-symbolizer-$VERSI-linux-x86_64.tar.gz" || echo "Error downloading pf-elastic-symbolizer" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-elastic-symbolizer-$VERSI-linux-x86_64.tar.gz.sha512" || echo "Error downloading pf-elastic-symbolizer sha512" | |
| curl -O "https://artifacts.elastic.co/downloads/prodfiler/pf-elastic-symbolizer-$VERSI-linux-x86_64.tar.gz.asc" || echo "Error downloading pf-elastic-symbolizer asc" | |
| cd "$DOWNLPATH" || exit 1 | |
| find "$DOWNLPATH/downloads" -type f -exec chmod 644 {} \; | |
| find "$DOWNLPATH/downloads" -type d -exec chmod 755 {} \; | |
| # --- Add Nginx Configuration --- | |
| echo "Adding Nginx configuration..." | |
| NGINX_CONF_DIR="/etc/nginx/conf.d" | |
| ELASTIC_ASSETS_CONF_FILE="$NGINX_CONF_DIR/elastic_assets.conf" | |
| NGINX_MAIN_CONF="/etc/nginx/nginx.conf" | |
| ELASTIC_ASSETS_CONFIG="# set compatible etag format | |
| map \$sent_http_etag \$elastic_etag { | |
| \"~(.*)-(.*)\" \"\$1\$2\"; | |
| } | |
| server { | |
| listen 80; | |
| server_name _ default_server; # You might want to adjust this | |
| root $DOWNLPATH/downloads; | |
| location / { | |
| add_header ETag \"\$elastic_etag\"; | |
| } | |
| }" | |
| # Check if the conf.d directory exists | |
| if [[ -d "$NGINX_CONF_DIR" ]]; then | |
| echo "Creating Nginx configuration file: $ELASTIC_ASSETS_CONF_FILE" | |
| echo "$ELASTIC_ASSETS_CONFIG" | sudo tee "$ELASTIC_ASSETS_CONF_FILE" > /dev/null | |
| else | |
| echo "Warning: Directory $NGINX_CONF_DIR not found. Appending to main Nginx configuration: $NGINX_MAIN_CONF" | |
| echo "$ELASTIC_ASSETS_CONFIG" | sudo tee -a "$NGINX_MAIN_CONF" > /dev/null | |
| fi | |
| # Reload Nginx to apply changes | |
| if command -v systemctl &> /dev/null; then | |
| sudo systemctl reload nginx | |
| if [[ "$?" -eq 0 ]]; then | |
| echo "Nginx reloaded successfully." | |
| else | |
| echo "Error reloading Nginx." | |
| fi | |
| elif command -v service &> /dev/null; then | |
| sudo service nginx reload | |
| if [[ "$?" -eq 0 ]]; then | |
| echo "Nginx reloaded successfully." | |
| else | |
| echo "Error reloading Nginx." | |
| fi | |
| else | |
| echo "Warning: Could not find systemctl or service command to reload Nginx. Please reload Nginx manually." | |
| fi | |
| echo "" | |
| echo "-------------------------------------------------------------------------" | |
| echo "Air-Gapped Installation Considerations:" | |
| echo "-------------------------------------------------------------------------" | |
| echo "1. Configure Elastic Agents to point to this internal artifact server." | |
| echo " (Modify the elastic-agent.yml configuration file)" | |
| echo "2. Configure Fleet Server to be aware of this internal artifact server." | |
| echo "3. In Fleet, configure Endpoint Security policies to use the offline" | |
| echo " package hosted on this internal server for updates." | |
| echo "4. Install the downloaded Kibana plugin for Endpoint Security in your Kibana instance." | |
| echo "-------------------------------------------------------------------------" | |
| echo "Artifacts have been downloaded to: $DOWNLPATH/downloads" | |
| echo "You can access them via your Nginx server (e.g., http://your_nginx_ip/downloads/)." | |
| echo "-------------------------------------------------------------------------" | |
| ### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bash script yang OK. Asal.