From e08d7c2e192edfb6e08082bbaecbfc42aacb6a0e Mon Sep 17 00:00:00 2001
From: Pablo Castorino <castorinop@gmail.com>
Date: Fri, 23 Sep 2016 16:02:30 -0300
Subject: [PATCH] add support to forward logs to ELK stack.

---
 docker-compose.elk.yml.dist | 34 ++++++++++++++++++++++++++++++++++
 target/start-mailserver.sh  |  8 ++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 docker-compose.elk.yml.dist

diff --git a/docker-compose.elk.yml.dist b/docker-compose.elk.yml.dist
new file mode 100644
index 00000000..3ba73404
--- /dev/null
+++ b/docker-compose.elk.yml.dist
@@ -0,0 +1,34 @@
+version: '2'
+
+services:
+  mail:
+    image: tvial/docker-mailserver:v2
+    hostname: mail
+    domainname: domain.com
+    container_name: mail
+    links:
+    - elk
+    ports:
+    - "25:25"
+    - "143:143"
+    - "587:587"
+    - "993:993"
+    volumes:
+    - maildata:/var/mail
+    - ./config/:/tmp/docker-mailserver/
+    environment:
+    - ENABLE_FAIL2BAN=1
+    - ENABLE_ELK=1
+    cap_add:
+    - NET_ADMIN
+  elk:
+     build elk
+     ports:
+     - "5601:5601"
+     - "9200:9200"
+     - "5044:5044"
+     - "5000:5000"
+
+volumes:
+  maildata:
+    driver: local
diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh
index 81611b72..5bead6c4 100644
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@@ -354,6 +354,14 @@ if [ "$ONE_DIR" = 1 -a -d $statedir ]; then
     fi
   done
 fi
+if [ "$ENABLE_ELK" = 1 ]; then
+ELK_PORT=${ELK_PORT:="10514"}
+ELK_HOST=${ELK_HOST:="elk"}
+echo "forward logs to ELK ($ELK_HOST:$ELK_PORT)"
+echo " *.* @$ELK_HOST:$ELK_PORT " > /etc/rsyslog.d/60-elk.conf
+else 
+  rm -f /etc/rsyslog.d/60-elk.conf
+fi
 
 echo "Starting daemons"
 cron