ELK Stack on Macosx via Homebrew with different users for any service, running as daemon at boot time

ElkonMac-0.1

# ElkOnMac 0.1
# This is not a script but a list of command for install the ELK stack on Macos via Homebrew, but using different users for different services,
# that starts at boot time. This kind of installation is not found in any guide who I have searched, only guide for starting the ELK stack after login.
# Released under Creative Commons license Attribution 4.0 International (CC BY 4.0)

NEW_UID=$(( $(dscl . -list /Users UniqueID | awk '{print $2}' | sort -n | tail -1) + 1 )); echo $NEW_UID

# Use first available gid from the output of:
dscl . list /Groups PrimaryGroupID | tr -s ' ' | sort -n -t ' ' -k2,2

sudo dscl . create /Groups/brew
sudo dscl . create /Groups/brew RealName "MacHomeBrew support group"
sudo dscl . create /Groups/brew passwd "*"
sudo dscl . create /Groups/brew gid 799

# Creating users for running services
sudo dscl . create "/Users/_elasticsearch"
sudo dscl . create "/Users/_elasticsearch" RealName "elasticsearch"
sudo dscl . create "/Users/_elasticsearch" UniqueID $NEW_UID
sudo dscl . create "/Users/_elasticsearch" PrimaryGroupID 20
sudo dscl . create "/Users/_elasticsearch" AuthenticationAuthority
sudo dscl . create "/Users/_elasticsearch" Password '*'
sudo dscl . create "/Users/_elasticsearch" NFSHomeDirectory "/Users/_elasticsearch"
sudo createhomedir -c -u "_elasticsearch"

sudo dscl . create "/Users/_logstash"
sudo dscl . create "/Users/_logstash" RealName "logstash"
sudo dscl . create "/Users/_logstash" UniqueID $NEW_UID+1
sudo dscl . create "/Users/_logstash" PrimaryGroupID 20
sudo dscl . create "/Users/_logstash" AuthenticationAuthority
sudo dscl . create "/Users/_logstash" Password '*'
sudo dscl . create "/Users/_logstash" NFSHomeDirectory "/Users/_logstash"
sudo createhomedir -c -u "_logstash"

sudo dscl . create "/Users/_kibana"
sudo dscl . create "/Users/_kibana" RealName "kibana"
sudo dscl . create "/Users/_kibana" UniqueID $NEW_UID+2
sudo dscl . create "/Users/_kibana" PrimaryGroupID 20
sudo dscl . create "/Users/_kibana" AuthenticationAuthority
sudo dscl . create "/Users/_kibana" Password '*'
sudo dscl . create "/Users/_kibana" NFSHomeDirectory "/Users/_kibana"
sudo createhomedir -c -u "_kibana"

# Give the user the group membership for access the MacHomebrew data
sudo dscl . create /Groups/brew GroupMembership $MYUSER
sudo dscl . append /Groups/brew GroupMembership _elasticsearch
sudo dscl . append /Groups/brew GroupMembership _logstash
sudo dscl . append /Groups/brew GroupMembership _kibana

# Install brew and packages
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

brew install elasticsearch
brew install logstash
brew install kibana

# Give the permission of service users
sudo chgrp -R brew  $(brew --prefix)
sudo chmod -R g+rwX $(brew --prefix)

# Uncomment the directives: 'server.port: 5601' and 'elasticsearch.hosts: "http://localhost:9200”'
sudo vi /usr/local/etc/kibana/kibana.yml

# Load the plist in launchd for lanching the services at boot time with different user

sudo cp /usr/local/Cellar/elasticsearch/6.7.0/homebrew.mxcl.elasticsearch.plist /Library/LaunchDaemons/
sudo defaults write /Library/LaunchDaemons/homebrew.mxcl.elasticsearch.plist UserName _elasticsearch
sudo plutil -convert xml1 /Library/LaunchDaemons/homebrew.mxcl.elasticsearch.plist
sudo chmod 644 /Library/LaunchDaemons/homebrew.mxcl.elasticsearch.plist

sudo cp /usr/local/Cellar/logstash/6.7.0/homebrew.mxcl.logstash.plist /Library/LaunchDaemons/
sudo defaults write /Library/LaunchDaemons/homebrew.mxcl.logstash.plist UserName _logstash
sudo plutil -convert xml1 /Library/LaunchDaemons/homebrew.mxcl.logstash.plist
sudo chmod 644 /Library/LaunchDaemons/homebrew.mxcl.logstash.plist

sudo cp /usr/local/Cellar/kibana/6.7.0/homebrew.mxcl.kibana.plist /Library/LaunchDaemons/
sudo defaults write /Library/LaunchDaemons/homebrew.mxcl.kibana.plist UserName _kibana
sudo plutil -convert xml1 /Library/LaunchDaemons/homebrew.mxcl.kibana.plist
sudo chmod 644 /Library/LaunchDaemons/homebrew.mxcl.kibana.plist

sudo launchctl enable system/Library/LaunchDaemons/homebrew.mxcl.elasticsearch.plist
sudo launchctl bootstrap system /Library/LaunchDaemons/homebrew.mxcl.elasticsearch.plist

sudo launchctl enable system/Library/LaunchDaemons/homebrew.mxcl.logstash.plist
sudo launchctl bootstrap system /Library/LaunchDaemons/homebrew.mxcl.logstash.plist

sudo launchctl enable system/Library/LaunchDaemons/homebrew.mxcl.kibana.plist
sudo launchctl bootstrap system /Library/LaunchDaemons/homebrew.mxcl.kibana.plist

# Delete the stale elasticsearch database created during brew installation
sudo rm -rf /usr/local/var/lib/elasticsearch/elasticsearch_*

# Uncomment the directives: 'server.port: 5601' and 'elasticsearch.hosts: "http://localhost:9200”'
sudo vi /usr/local/etc/kibana/kibana.yml

# Logstash don't start without a configured pipeline, so it is ok to get an error on /var/log/system.log
# You can check if Kibana and Elastic search is working going on the Mac with browser on the address: http://localhost:5601/status and get a kibana status page