convert to gitea

opensearch-dashboards/certs/oneunivrs.pem

@@ -0,0 +1,74 @@
+-----BEGIN CERTIFICATE-----
+MIIG3DCCBcSgAwIBAgIQI7HwYLK90Z/u0busbZkuOjANBgkqhkiG9w0BAQsFADCB
+lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
+EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
+dmVyIENBMB4XDTI1MDQzMDAwMDAwMFoXDTI2MDUyMjIzNTk1OVowVjELMAkGA1UE
+BhMCS1IxDjAMBgNVBAgTBVNlb3VsMR0wGwYDVQQKExRPTkVVTklWRVJTRSBDby4s
+THRkLjEYMBYGA1UEAwwPKi5vbmV1bml2cnMuY29tMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA2OX4KHAotKUEJ3aHcZ3SAw0q364DjDuQ68Yr/XbeGsP0
+6Uh4Hi4j7bxaYSE/iOPURbItuPduYpI16yuWorp4wnnsJM0Y81ynnzVH7wXFIQET
+c2TmO1Bm6sH/nE/70zTQvrel21bxDjNRjr52qKM/pgtcj87ljOevE+knMglJkLY1
+iS13Kwz5Eo1Gyp4GFICjFqovETSswUxKFWCoVxUQiy3NNsjLZYQGY5QscBOR3cT5
+AHihAJyFQivhl0G7D4fBvX19+kKyrtUHHIclVHfURJVZ78nGpJKuuZKwdB67hw7D
+mPJUJnHLGJFsg6mvzzdqBQQ9BMzyoiKfv62gwD5+awIDAQABo4IDZDCCA2AwHwYD
+VR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFOeCCHyzfBxA
+DQOtvxaUEQ/makYHMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEB
+AgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZn
+gQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9T
+ZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNy
+bDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3Rp
+Z28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2Vy
+dmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAp
+BgNVHREEIjAggg8qLm9uZXVuaXZycy5jb22CDW9uZXVuaXZycy5jb20wggF/Bgor
+BgEEAdZ5AgQCBIIBbwSCAWsBaQB3AJaXZL9VWJet90OHaDcIQnfp8DrV9qTzNm5G
+pD8PyqnGAAABloRdhrYAAAQDAEgwRgIhAN7bBgG7YfBKNZYEFpiXQLasqWEZpPYc
+7/HMQfqWHaTEAiEA8KcmKp0OovpLTIYDNOZvbcWf1DbS56RrjyC4UR0BelEAdgAZ
+htTHKKpv/roDb3gqTQGRqs4tcjEPrs5dcEEtJUzH1AAAAZaEXYaTAAAEAwBHMEUC
+IQDd8FgCGV0daf8q6UtPt0vU3Y8dFurpu0TzFHLvhLsp8QIgbn9AfJTvWolax+R2
+PEStX+gCsArz6Zopuu03MMiEsiUAdgAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0h
+qSWsYcVOIQAAAZaEXYaXAAAEAwBHMEUCIQCa5ZG/2uiQiNVTP9yFjftDsxKSsuFy
+QKADyYvD8RC7iAIgaRszfxOAefjvCWWjWaYqVkZRv7Q4CqRMbi9OjXmkneUwDQYJ
+KoZIhvcNAQELBQADggEBAIRkgwjittu7Rzb2tWzbsnLbYn9q0Q92xF9FDAJzoOTp
+3NNo9+di1ILzM/+oi/mbxqIEa/ZLebrZcz3m9ae70zfu9YZxZrHx+ycmOAwBo8C1
+PNXOjK6drWgEWdeW0ohLa3UgIFzVcaJfcb8J4CqJFbeYO+zA6ONceJXooNIlxJdS
+N4iwEAtCG5lnrscRjXFZZw9JyNPiL44y3Fyp0/x6hjuPL6Mts6CscMMTWq7cWs4M
+k79e3y6ZC0eyr/bCde9Hfw5Yw2IT8EHRyPMnZlZq3RVkAkPUQEUSTcfjRkdaoIrg
+rxTK93CaluJCMaigkoPt/8/R8I2UTEFCvoDuc2SwWbQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGGTCCBAGgAwIBAgIQE31TnKp8MamkM3AZaIR6jTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNV
+BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
+ChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6
+YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAnJMCRkVKUkiS/FeN+S3qU76zLNXYqKXsW2kDwB0Q
+9lkz3v4HSKjojHpnSvH1jcM3ZtAykffEnQRgxLVK4oOLp64m1F06XvjRFnG7ir1x
+on3IzqJgJLBSoDpFUd54k2xiYPHkVpy3O/c8Vdjf1XoxfDV/ElFw4Sy+BKzL+k/h
+fGVqwECn2XylY4QZ4ffK76q06Fha2ZnjJt+OErK43DOyNtoUHZZYQkBuCyKFHFEi
+rsTIBkVtkuZntxkj5Ng2a4XQf8dS48+wdQHgibSov4o2TqPgbOuEQc6lL0giE5dQ
+YkUeCaXMn2xXcEAG2yDoG9bzk4unMp63RBUJ16/9fAEc2wIDAQABo4IBbjCCAWow
+HwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBfZ1iUn
+Z/kxwklD2TA2RIxsqU/rMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYG
+BFUdIAAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
+bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ
+aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAThNA
+lsnD5m5bwOO69Bfhrgkfyb/LDCUW8nNTs3Yat6tIBtbNAHwgRUNFbBZaGxNh10m6
+pAKkrOjOzi3JKnSj3N6uq9BoNviRrzwB93fVC8+Xq+uH5xWo+jBaYXEgscBDxLmP
+bYox6xU2JPti1Qucj+lmveZhUZeTth2HvbC1bP6mESkGYTQxMD0gJ3NR0N6Fg9N3
+OSBGltqnxloWJ4Wyz04PToxcvr44APhL+XJ71PJ616IphdAEutNCLFGIUi7RPSRn
+R+xVzBv0yjTqJsHe3cQhifa6ezIejpZehEU4z4CqN2mLYBd0FUiRnG3wTqN3yhsc
+SPr5z0noX0+FCuKPkBurcEya67emP7SsXaRfz+bYipaQ908mgWB2XQ8kd5GzKjGf
+FlqyXYwcKapInI5v03hAcNt37N3j0VcFcC3mSZiIBYRiBXBWdoY5TtMibx3+bfEO
+s2LEPMvAhblhHrrhFYBZlAyuBbuMf1a+HNJav5fyakywxnB2sJCNwQs2uRHY1ihc
+6k/+JLcYCpsM0MF8XPtpvcyiTcaQvKZN8rG61ppnW5YCUtCC+cQKXA0o4D/I+pWV
+idWkvklsQLI+qGu41SWyxP7x09fn1txDAXYw+zuLXfdKiXyaNb78yvBXAfCNP6CH
+MntHWpdLgtJmwsQt6j8k9Kf5qLnjatkYYaA7jBU=
+-----END CERTIFICATE-----

opensearch-dashboards/certs/oneunivrs_key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA2OX4KHAotKUEJ3aHcZ3SAw0q364DjDuQ68Yr/XbeGsP06Uh4
+Hi4j7bxaYSE/iOPURbItuPduYpI16yuWorp4wnnsJM0Y81ynnzVH7wXFIQETc2Tm
+O1Bm6sH/nE/70zTQvrel21bxDjNRjr52qKM/pgtcj87ljOevE+knMglJkLY1iS13
+Kwz5Eo1Gyp4GFICjFqovETSswUxKFWCoVxUQiy3NNsjLZYQGY5QscBOR3cT5AHih
+AJyFQivhl0G7D4fBvX19+kKyrtUHHIclVHfURJVZ78nGpJKuuZKwdB67hw7DmPJU
+JnHLGJFsg6mvzzdqBQQ9BMzyoiKfv62gwD5+awIDAQABAoIBAHe8hIE2YZJP4noy
+mdTj7fLXSwrOUpEQtREjhldXTodyE/rQkdb/W8A7EZ27MArO0vliwpDwrxRlaLSZ
+jH/q9w1NJ0qtmo+GX9apIDvYcJmmsWkrk1m9KgOA8y4EjZ1r86zFTx9F4K8ZL3Xg
+uTqhXFq6vO96pQhjQih4trWNoPnsSAecgp1WZ/xFNOp3cvKQT3yTIpBvLOfNK/TS
+TW0IK189jcYH8rmh63kNFGrQVDIqxnFkOmephmurW2XLmh8ICzPSKeEi3PACgcCN
+NOljhy5RuIBsde7MWnqawEa/ikuAonH+rQk4K2MDHEh+G1h40HTq3nxRq8CWwhCQ
+7xujwikCgYEA+cObeeSoBPgJNZZlyGgVxv9FmviBPLeQ/0+MbJD1sbE8mTbSbdrg
+RNjjCPdPw9zWFAO8qXyxgOKCsB2VnDu/jJJVhZDefKx+yQJShqNFsCWqRJiWoLmN
+DNrfGhku4mL7Xmmx2zr6MEqk703YDwFsTk1cWDtPFc4a7pUMNV6YsMUCgYEA3lBM
+Dm2YR6/Nbdn2sZO96NfPr5NLELfl4HFeciLKsKVrCU6AA+DcxBp8LANc5HAacUfO
+Gpk5YeUUQGeHmFZzuf3lWkUHsyQHgNszp39bY8UTcEsoJkxe3zfxBXjZIIlnTx4M
+peUnbh5d0niMluaLOjAxJIL1K1kVCipOGHueBW8CgYEAuTGTDPTAqL6JhZR47/pN
+e3o4UEpG+ZBbERQY2T87DoCOoESIDzCl7iarYTCPknkiu0ByGXH948UQhinJj0i2
+JTMz+o+KiQMWF1GDg5V4zL2A3NAPkClFLuzzVFSr8OzX2g+g8x9t93TBizc7JxU1
+C3JNMJb5cv+Z9KHLpZ74tMkCgYAhPlChN7I1xgwqCRXip/0V/G+KCbSH43f0f/9n
+gdxdXd8LnTl3WwCoMm2vBzG01y6dEee4AoGaKe9FUjXsicD0ZwsM3JWyLAkTM7Qd
+r+WynZ2yhQqT74egSXU5JEETpHhWVF//zqx+wvu0pWIgjojzQpGWrB6NRNzokDrt
+Xk7a8QKBgBNwM01teDQQ5y2KTbfWbP8UMvHJ19DPDiAU2ySZ7+ph6chc+uAjgD6J
+Jxrf0aA9duROCkzOlsbpDTOsz91AD+OMmbOD3SGenhsEVLi52LwHPbPOVdfTJOGD
+ug/YMPrS+dLdoqBfEDS3OqRIBmq+zMgFmt1vF540H44yOHzfBOOG
+-----END RSA PRIVATE KEY-----

opensearch-dashboards/certs/root.pem

@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
+MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV
+BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU
+aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
+3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
+tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
+Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2
+VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT
+79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6
+c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT
+Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l
+c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee
+UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE
+Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd
+BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF
+Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO
+VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3
+ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs
+8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR
+iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze
+Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ
+XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
+qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
+VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
+L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
+jjxDah2nGN59PRbxYvnKkKj9
+-----END CERTIFICATE-----

opensearch-dashboards/node.options

@@ -0,0 +1,9 @@
+## Node command line options
+## See `node --help` and `node --v8-options` for available options
+## Please note you should specify one option per line
+
+## max size of old space in megabytes
+#--max-old-space-size=4096
+
+## max size of semi space in megabytes
+#--max-semi-space-size=64

opensearch-dashboards/opensearch_dashboards.yml

@@ -0,0 +1,47 @@
+# ================= DUAL USE: DO NOT EDIT =================
+# OpenSearch Dashboards가 사용할 포트. 기본값 5601.
+server.port: 5601
+
+# 외부에서 접속할 수 있도록 모든 네트워크 인터페이스에서 리슨.
+server.host: "0.0.0.0"
+
+# 브라우저에 표시될 대시보드 서버 이름.
+server.name: "oneunivrs-opensearch-dashboards"
+
+# 연결할 OpenSearch 클러스터 노드 목록. (HTTPS 필수)
+# 고가용성을 위해 3개 노드를 모두 기재.
+#opensearch.hosts:
+#  - https://ds-osearch001.oneunivrs.com:9200
+#  - https://ds-osearch002.oneunivrs.com:9200
+#  - https://ds-osearch003.oneunivrs.com:9200
+# [원상 복구] LB의 대표 주소 하나만 사용하되, https로 변경
+opensearch.hosts: ["https://ds-opensearch.oneunivrs.com:9200"]
+
+# 인증 관련 헤더를 허용 목록에 추가.
+opensearch.requestHeadersWhitelist: [ "securitytenant", "authorization" ]
+
+# 대시보드와 브라우저 간 통신을 HTTPS로 암호화.
+server.ssl.enabled: true
+server.ssl.certificate: /etc/opensearch-dashboards/certs/oneunivrs.pem
+server.ssl.key: /etc/opensearch-dashboards/certs/oneunivrs_key.pem
+
+# 대시보드가 OpenSearch 클러스터와 통신 시 SSL/TLS 설정.
+opensearch.ssl:
+  verificationMode: full
+  # 서버 인증서 검증에 사용할 CA 루트 인증서.
+  certificateAuthorities: [ "/etc/opensearch-dashboards/certs/root.pem" ]
+
+# OpenSearch 클러스터에 접속할 서비스 계정.
+# 보안상 admin 대신 기본 제공되는 kibanaserver 계정 사용을 권장.
+# (kibanaserver 계정의 기본 PW는 계정명과 동일)
+opensearch.username: "kibanaserver"
+opensearch.password: "mY9!lytaVBkX"
+
+# OpenSearch Security 플러그인과 연동 설정.
+opensearch_security:
+  # 멀티 테넌시 기능 활성화.
+  multitenancy.enabled: true
+  # 로그인하지 않은 사용자는 접속 불가.
+  auth.anonymous_auth_enabled: false
+  # 쿠키의 비밀번호. 임의의 긴 문자열로 변경하는 것을 권장.
+  cookie.password: "ChpPaDg2agzDD2czacgdAgivjXh1JSOPZuz+EhF3jDg="

opensearch-dashboards/opensearch_dashboards.yml.bak

@@ -0,0 +1,233 @@
+---
+# Copyright OpenSearch Contributors
+# SPDX-License-Identifier: Apache-2.0
+
+# Description:
+# Default configuration for OpenSearch Dashboards
+
+# OpenSearch Dashboards is served by a back end server. This setting specifies the port to use.
+# server.port: 5601
+
+# Specifies the address to which the OpenSearch Dashboards server will bind. IP addresses and host names are both valid values.
+# The default is 'localhost', which usually means remote machines will not be able to connect.
+# To allow connections from remote users, set this parameter to a non-loopback address.
+# server.host: "localhost"
+
+# Enables you to specify a path to mount OpenSearch Dashboards at if you are running behind a proxy.
+# Use the `server.rewriteBasePath` setting to tell OpenSearch Dashboards if it should remove the basePath
+# from requests it receives, and to prevent a deprecation warning at startup.
+# This setting cannot end in a slash.
+# server.basePath: ""
+
+# Specifies whether OpenSearch Dashboards should rewrite requests that are prefixed with
+# `server.basePath` or require that they are rewritten by your reverse proxy.
+# server.rewriteBasePath: false
+
+# The maximum payload size in bytes for incoming server requests.
+# server.maxPayloadBytes: 1048576
+
+# The OpenSearch Dashboards server's name.  This is used for display purposes.
+# server.name: "your-hostname"
+
+# The URLs of the OpenSearch instances to use for all your queries.
+# opensearch.hosts: ["http://localhost:9200"]
+
+# OpenSearch Dashboards uses an index in OpenSearch to store saved searches, visualizations and
+# dashboards. OpenSearch Dashboards creates a new index if the index doesn't already exist.
+# opensearchDashboards.index: ".opensearch_dashboards"
+
+# The default application to load.
+# opensearchDashboards.defaultAppId: "home"
+
+# Setting for an optimized healthcheck that only uses the local OpenSearch node to do Dashboards healthcheck.
+# This settings should be used for large clusters or for clusters with ingest heavy nodes.
+# It allows Dashboards to only healthcheck using the local OpenSearch node rather than fan out requests across all nodes.
+#
+# It requires the user to create an OpenSearch node attribute with the same name as the value used in the setting
+# This node attribute should assign all nodes of the same cluster an integer value that increments with each new cluster that is spun up
+# e.g. in opensearch.yml file you would set the value to a setting using node.attr.cluster_id:
+# Should only be enabled if there is a corresponding node attribute created in your OpenSearch config that matches the value here
+# opensearch.optimizedHealthcheckId: "cluster_id"
+
+# If your OpenSearch is protected with basic authentication, these settings provide
+# the username and password that the OpenSearch Dashboards server uses to perform maintenance on the OpenSearch Dashboards
+# index at startup. Your OpenSearch Dashboards users still need to authenticate with OpenSearch, which
+# is proxied through the OpenSearch Dashboards server.
+# opensearch.username: "opensearch_dashboards_system"
+# opensearch.password: "pass"
+
+# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
+# These settings enable SSL for outgoing requests from the OpenSearch Dashboards server to the browser.
+# server.ssl.enabled: false
+# server.ssl.certificate: /path/to/your/server.crt
+# server.ssl.key: /path/to/your/server.key
+
+# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
+# These files are used to verify the identity of OpenSearch Dashboards to OpenSearch and are required when
+# xpack.security.http.ssl.client_authentication in OpenSearch is set to required.
+# opensearch.ssl.certificate: /path/to/your/client.crt
+# opensearch.ssl.key: /path/to/your/client.key
+
+# Optional setting that enables you to specify a path to the PEM file for the certificate
+# authority for your OpenSearch instance.
+# opensearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]
+
+# To disregard the validity of SSL certificates, change this setting's value to 'none'.
+# opensearch.ssl.verificationMode: full
+
+# Time in milliseconds to wait for OpenSearch to respond to pings. Defaults to the value of
+# the opensearch.requestTimeout setting.
+# opensearch.pingTimeout: 1500
+
+# Time in milliseconds to wait for responses from the back end or OpenSearch. This value
+# must be a positive integer.
+# opensearch.requestTimeout: 30000
+
+# List of OpenSearch Dashboards client-side headers to send to OpenSearch. To send *no* client-side
+# headers, set this value to [] (an empty list).
+# opensearch.requestHeadersWhitelist: [ authorization ]
+
+# Header names and values that are sent to OpenSearch. Any custom headers cannot be overwritten
+# by client-side headers, regardless of the opensearch.requestHeadersWhitelist configuration.
+# opensearch.customHeaders: {}
+
+# Time in milliseconds for OpenSearch to wait for responses from shards. Set to 0 to disable.
+# opensearch.shardTimeout: 30000
+
+# Logs queries sent to OpenSearch. Requires logging.verbose set to true.
+# opensearch.logQueries: false
+
+# Specifies the path where OpenSearch Dashboards creates the process ID file.
+# pid.file: /var/run/opensearchDashboards.pid
+
+# Enables you to specify a file where OpenSearch Dashboards stores log output.
+# logging.dest: stdout
+
+# 2.15 Ignore 'ENOSPC' error for logging stream.
+# When set to true, the 'ENOSPC' error message will not cause the OpenSearch Dashboards process to crash. Otherwise,
+# the original behavior will be maintained. It is disabled by default.
+# logging.ignoreEnospcError: false
+
+# Set the value of this setting to true to suppress all logging output.
+# logging.silent: false
+
+# Set the value of this setting to true to suppress all logging output other than error messages.
+# logging.quiet: false
+
+# Set the value of this setting to true to log all events, including system usage information
+# and all requests.
+# logging.verbose: false
+
+# Set the interval in milliseconds to sample system and process performance
+# metrics. Minimum is 100ms. Defaults to 5000.
+# ops.interval: 5000
+
+# Specifies locale to be used for all localizable strings, dates and number formats.
+# Supported languages are the following: English - en , by default , Chinese - zh-CN .
+# i18n.locale: "en"
+
+# Set the allowlist to check input graphite Url. Allowlist is the default check list.
+# vis_type_timeline.graphiteAllowedUrls: ['https://www.hostedgraphite.com/UID/ACCESS_KEY/graphite']
+
+# Set the blocklist to check input graphite Url. Blocklist is an IP list.
+# Below is an example for reference
+# vis_type_timeline.graphiteBlockedIPs: [
+#  //Loopback
+#  '127.0.0.0/8',
+#  '::1/128',
+#  //Link-local Address for IPv6
+#  'fe80::/10',
+#  //Private IP address for IPv4
+#  '10.0.0.0/8',
+#  '172.16.0.0/12',
+#  '192.168.0.0/16',
+#  //Unique local address (ULA)
+#  'fc00::/7',
+#  //Reserved IP address
+#  '0.0.0.0/8',
+#  '100.64.0.0/10',
+#  '192.0.0.0/24',
+#  '192.0.2.0/24',
+#  '198.18.0.0/15',
+#  '192.88.99.0/24',
+#  '198.51.100.0/24',
+#  '203.0.113.0/24',
+#  '224.0.0.0/4',
+#  '240.0.0.0/4',
+#  '255.255.255.255/32',
+#  '::/128',
+#  '2001:db8::/32',
+#  'ff00::/8',
+# ]
+# vis_type_timeline.graphiteBlockedIPs: []
+
+# opensearchDashboards.branding:
+#   logo:
+#     defaultUrl: ""
+#     darkModeUrl: ""
+#   mark:
+#     defaultUrl: ""
+#     darkModeUrl: ""
+#   loadingLogo:
+#     defaultUrl: ""
+#     darkModeUrl: ""
+#   faviconUrl: ""
+#   applicationTitle: ""
+
+# Set the value of this setting to true to capture region blocked warnings and errors
+# for your map rendering services.
+# map.showRegionBlockedWarning: false%
+
+# Set the value of this setting to false to suppress search usage telemetry
+# for reducing the load of OpenSearch cluster.
+# data.search.usageTelemetry.enabled: false
+
+# 2.4 renames 'wizard.enabled: false' to 'vis_builder.enabled: false'
+# Set the value of this setting to false to disable VisBuilder
+# functionality in Visualization.
+# vis_builder.enabled: false
+
+# 2.4 New Experimental Feature
+# Set the value of this setting to true to enable the experimental multiple data source
+# support feature. Use with caution.
+# data_source.enabled: false
+# Set the value of these settings to customize crypto materials to encryption saved credentials
+# in data sources.
+# data_source.encryption.wrappingKeyName: 'changeme'
+# data_source.encryption.wrappingKeyNamespace: 'changeme'
+# data_source.encryption.wrappingKey: [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+
+# 2.6 New ML Commons Dashboards Feature
+# Set the value of this setting to true to enable the ml commons dashboards
+# ml_commons_dashboards.enabled: false
+
+# 2.12 New Experimental Assistant Dashboards Feature
+# Set the value of this setting to true to enable the assistant dashboards
+# assistant.chat.enabled: false
+
+# 2.13 New Query Assistant Feature
+# Set the value of this setting to false to disable the query assistant
+# observability.query_assist.enabled: false
+
+# 2.14 Enable Ui Metric Collectors in Usage Collector
+# Set the value of this setting to true to enable UI Metric collections
+# usageCollection.uiMetric.enabled: false
+
+# 2.18 New Experimental Settings
+# Set the value to true to enable
+# assistant.alertInsight.enabled: false
+# assistant.smartAnomalyDetector.enabled: false
+# assistant.text2viz.enabled: false
+# queryEnhancements.queryAssist.summary.enabled: false
+
+opensearch.hosts: [https://localhost:9200]
+opensearch.ssl.verificationMode: none
+opensearch.username: kibanaserver
+opensearch.password: kibanaserver
+opensearch.requestHeadersWhitelist: [authorization, securitytenant]
+
+opensearch_security.multitenancy.enabled: true
+opensearch_security.multitenancy.tenants.preferred: [Private, Global]
+opensearch_security.readonly_mode.roles: [kibana_read_only]
+# Use this setting if you are running opensearch-dashboards without https
+opensearch_security.cookie.secure: false