From 5f4db9856e957f710a4cbcc0c3e0431c394176ab Mon Sep 17 00:00:00 2001
From: Bitnami Bot <bitnami-bot@vmware.com>
Date: Fri, 14 Jul 2023 13:07:52 +0200
Subject: [PATCH] [bitnami/kibana] Release 8.8.2-debian-11-r5 (#41104)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
---
 bitnami/kibana/8/debian-11/Dockerfile         |   6 +-
 .../opt/bitnami/.bitnami_components.json      |   2 +-
 .../rootfs/opt/bitnami/scripts/kibana-env.sh  |  94 +-
 .../opt/bitnami/scripts/kibana/postunpack.sh  |   9 +-
 .../rootfs/opt/bitnami/scripts/kibana/run.sh  |   4 +-
 .../opt/bitnami/scripts/kibana/setup.sh       |   2 +-
 .../rootfs/opt/bitnami/scripts/libkibana.sh   | 826 ++++++++++--------
 7 files changed, 521 insertions(+), 422 deletions(-)

diff --git a/bitnami/kibana/8/debian-11/Dockerfile b/bitnami/kibana/8/debian-11/Dockerfile
index 974747edb506..92fa5a25fd61 100644
--- a/bitnami/kibana/8/debian-11/Dockerfile
+++ b/bitnami/kibana/8/debian-11/Dockerfile
@@ -6,10 +6,10 @@ FROM docker.io/bitnami/minideb:bullseye
 ARG TARGETARCH
 
 LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \
-      org.opencontainers.image.created="2023-07-11T09:09:18Z" \
+      org.opencontainers.image.created="2023-07-14T10:02:50Z" \
       org.opencontainers.image.description="Application packaged by VMware, Inc" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="8.8.2-debian-11-r4" \
+      org.opencontainers.image.ref.name="8.8.2-debian-11-r5" \
       org.opencontainers.image.title="kibana" \
       org.opencontainers.image.vendor="VMware, Inc." \
       org.opencontainers.image.version="8.8.2"
@@ -26,7 +26,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN install_packages ca-certificates curl libgcc-s1 libnss3 libstdc++6 procps
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
     COMPONENTS=( \
-      "yq-4.34.1-6-linux-${OS_ARCH}-debian-11" \
+      "yq-4.34.2-0-linux-${OS_ARCH}-debian-11" \
       "kibana-8.8.2-0-linux-${OS_ARCH}-debian-11" \
     ) && \
     for COMPONENT in "${COMPONENTS[@]}"; do \
diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
index bd445e35e8e1..562d55eee02d 100644
--- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -9,6 +9,6 @@
         "arch": "amd64",
         "distro": "debian-11",
         "type": "NAMI",
-        "version": "4.34.1-6"
+        "version": "4.34.2-0"
     }
 }
\ No newline at end of file
diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh
index b99f46dab5c7..a14a4c8ab3b0 100644
--- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh
+++ b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh
@@ -41,17 +41,19 @@ kibana_env_vars=(
     KIBANA_SERVER_KEY_LOCATION
     KIBANA_SERVER_KEY_PASSWORD
     KIBANA_PASSWORD
-    KIBANA_CREATE_USER
-    KIBANA_ELASTICSEARCH_PASSWORD
     KIBANA_ELASTICSEARCH_ENABLE_TLS
     KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE
     KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION
     KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD
     KIBANA_ELASTICSEARCH_TLS_USE_PEM
     KIBANA_ELASTICSEARCH_CA_CERT_LOCATION
+    KIBANA_DISABLE_STRICT_CSP
+    KIBANA_CREATE_USER
+    KIBANA_ELASTICSEARCH_PASSWORD
     ELASTICSEARCH_URL
+    KIBANA_ELASTICSEARCH_PORT_NUMBER
     KIBANA_ELASTICSEARCH_PORT
-    ELASTICSEARCH_PORT_NUMBER
+    KIBANA_PORT_NUMBER
     KIBANA_INITSCRIPTS_MAX_RETRIES
 )
 for env_var in "${kibana_env_vars[@]}"; do
@@ -66,61 +68,101 @@ for env_var in "${kibana_env_vars[@]}"; do
     fi
 done
 unset kibana_env_vars
+export SERVER_FLAVOR="kibana"
 
 # Paths
 export BITNAMI_VOLUME_DIR="/bitnami"
 export KIBANA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/kibana"
+export SERVER_VOLUME_DIR="$KIBANA_VOLUME_DIR"
 export KIBANA_BASE_DIR="${BITNAMI_ROOT_DIR}/kibana"
-export KIBANA_CONF_DIR="${KIBANA_BASE_DIR}/config"
-export KIBANA_LOGS_DIR="${KIBANA_BASE_DIR}/logs"
-export KIBANA_TMP_DIR="${KIBANA_BASE_DIR}/tmp"
-export KIBANA_BIN_DIR="${KIBANA_BASE_DIR}/bin"
-export KIBANA_PLUGINS_DIR="${KIBANA_BASE_DIR}/plugins"
-export KIBANA_OPTIMIZE_DIR="${KIBANA_BASE_DIR}/optimize"
-export KIBANA_DATA_DIR="${KIBANA_VOLUME_DIR}/data"
-export KIBANA_MOUNTED_CONF_DIR="${KIBANA_VOLUME_DIR}/conf"
-export KIBANA_CONF_FILE="${KIBANA_CONF_DIR}/kibana.yml"
-export KIBANA_LOG_FILE="${KIBANA_LOGS_DIR}/kibana.log"
-export KIBANA_PID_FILE="${KIBANA_TMP_DIR}/kibana.pid"
+export SERVER_BASE_DIR="$KIBANA_BASE_DIR"
+export KIBANA_CONF_DIR="${SERVER_BASE_DIR}/config"
+export SERVER_CONF_DIR="$KIBANA_CONF_DIR"
+export KIBANA_LOGS_DIR="${SERVER_BASE_DIR}/logs"
+export SERVER_LOGS_DIR="$KIBANA_LOGS_DIR"
+export KIBANA_TMP_DIR="${SERVER_BASE_DIR}/tmp"
+export SERVER_TMP_DIR="$KIBANA_TMP_DIR"
+export KIBANA_BIN_DIR="${SERVER_BASE_DIR}/bin"
+export SERVER_BIN_DIR="$KIBANA_BIN_DIR"
+export KIBANA_PLUGINS_DIR="${SERVER_BASE_DIR}/plugins"
+export SERVER_PLUGINS_DIR="$KIBANA_PLUGINS_DIR"
+export KIBANA_DATA_DIR="${SERVER_VOLUME_DIR}/data"
+export SERVER_DATA_DIR="$KIBANA_DATA_DIR"
+export KIBANA_MOUNTED_CONF_DIR="${SERVER_VOLUME_DIR}/conf"
+export SERVER_MOUNTED_CONF_DIR="$KIBANA_MOUNTED_CONF_DIR"
+export KIBANA_CONF_FILE="${SERVER_CONF_DIR}/kibana.yml"
+export SERVER_CONF_FILE="$KIBANA_CONF_FILE"
+export KIBANA_LOG_FILE="${SERVER_LOGS_DIR}/kibana.log"
+export SERVER_LOG_FILE="$KIBANA_LOG_FILE"
+export KIBANA_PID_FILE="${SERVER_TMP_DIR}/kibana.pid"
+export SERVER_PID_FILE="$KIBANA_PID_FILE"
 export KIBANA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d"
+export SERVER_INITSCRIPTS_DIR="$KIBANA_INITSCRIPTS_DIR"
 
 # System users (when running with a privileged user)
 export KIBANA_DAEMON_USER="kibana"
+export SERVER_DAEMON_USER="$KIBANA_DAEMON_USER"
 export KIBANA_DAEMON_GROUP="kibana"
+export SERVER_DAEMON_GROUP="$KIBANA_DAEMON_GROUP"
 
 # Kibana configuration
 KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-"${ELASTICSEARCH_URL:-}"}"
 export KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-elasticsearch}"
+export SERVER_DB_URL="$KIBANA_ELASTICSEARCH_URL"
+KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT_NUMBER:-}"}"
 KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT:-}"}"
-KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${ELASTICSEARCH_PORT_NUMBER:-}"}"
+KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_PORT_NUMBER:-}"}"
 export KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-9200}"
+export SERVER_DB_PORT_NUMBER="$KIBANA_ELASTICSEARCH_PORT_NUMBER"
 export KIBANA_HOST="${KIBANA_HOST:-0.0.0.0}"
+export SERVER_HOST="$KIBANA_HOST"
 export KIBANA_PORT_NUMBER="${KIBANA_PORT_NUMBER:-5601}"
+export SERVER_PORT_NUMBER="$KIBANA_PORT_NUMBER"
 KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-"${KIBANA_INITSCRIPTS_MAX_RETRIES:-}"}"
 export KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-30}"
+export SERVER_WAIT_READY_MAX_RETRIES="$KIBANA_WAIT_READY_MAX_RETRIES"
 export KIBANA_INITSCRIPTS_START_SERVER="${KIBANA_INITSCRIPTS_START_SERVER:-yes}"
+export SERVER_INITSCRIPTS_START_SERVER="$KIBANA_INITSCRIPTS_START_SERVER"
 export KIBANA_FORCE_INITSCRIPTS="${KIBANA_FORCE_INITSCRIPTS:-no}"
+export SERVER_FORCE_INITSCRIPTS="$KIBANA_FORCE_INITSCRIPTS"
 export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}"
+export SERVER_DISABLE_STRICT_CSP="$KIBANA_DISABLE_STRICT_CSP"
 
 # Kibana server SSL/TLS configuration
-export KIBANA_CERTS_DIR="${KIBANA_CERTS_DIR:-${KIBANA_CONF_DIR}/certs}"
+export KIBANA_CERTS_DIR="${KIBANA_CERTS_DIR:-${SERVER_CONF_DIR}/certs}"
+export SERVER_CERTS_DIR="$KIBANA_CERTS_DIR"
 export KIBANA_SERVER_ENABLE_TLS="${KIBANA_SERVER_ENABLE_TLS:-false}"
-export KIBANA_SERVER_KEYSTORE_LOCATION="${KIBANA_SERVER_KEYSTORE_LOCATION:-${KIBANA_CERTS_DIR}/server/kibana.keystore.p12}"
+export SERVER_ENABLE_TLS="$KIBANA_SERVER_ENABLE_TLS"
+export KIBANA_SERVER_KEYSTORE_LOCATION="${KIBANA_SERVER_KEYSTORE_LOCATION:-${SERVER_CERTS_DIR}/server/kibana.keystore.p12}"
+export SERVER_KEYSTORE_LOCATION="$KIBANA_SERVER_KEYSTORE_LOCATION"
 export KIBANA_SERVER_KEYSTORE_PASSWORD="${KIBANA_SERVER_KEYSTORE_PASSWORD:-}"
+export SERVER_KEYSTORE_PASSWORD="$KIBANA_SERVER_KEYSTORE_PASSWORD"
 export KIBANA_SERVER_TLS_USE_PEM="${KIBANA_SERVER_TLS_USE_PEM:-false}"
-export KIBANA_SERVER_CERT_LOCATION="${KIBANA_SERVER_CERT_LOCATION:-${KIBANA_CERTS_DIR}/server/tls.crt}"
-export KIBANA_SERVER_KEY_LOCATION="${KIBANA_SERVER_KEY_LOCATION:-${KIBANA_CERTS_DIR}/server/tls.key}"
+export SERVER_TLS_USE_PEM="$KIBANA_SERVER_TLS_USE_PEM"
+export KIBANA_SERVER_CERT_LOCATION="${KIBANA_SERVER_CERT_LOCATION:-${SERVER_CERTS_DIR}/server/tls.crt}"
+export SERVER_CERT_LOCATION="$KIBANA_SERVER_CERT_LOCATION"
+export KIBANA_SERVER_KEY_LOCATION="${KIBANA_SERVER_KEY_LOCATION:-${SERVER_CERTS_DIR}/server/tls.key}"
+export SERVER_KEY_LOCATION="$KIBANA_SERVER_KEY_LOCATION"
 export KIBANA_SERVER_KEY_PASSWORD="${KIBANA_SERVER_KEY_PASSWORD:-}"
+export SERVER_KEY_PASSWORD="$KIBANA_SERVER_KEY_PASSWORD"
 
-# Elasticsearch X-Pack configuration
+# Elasticsearch Security configuration
 export KIBANA_PASSWORD="${KIBANA_PASSWORD:-}"
+export SERVER_PASSWORD="$KIBANA_PASSWORD"
+export KIBANA_ELASTICSEARCH_ENABLE_TLS="${KIBANA_ELASTICSEARCH_ENABLE_TLS:-false}"
+export SERVER_DB_ENABLE_TLS="$KIBANA_ELASTICSEARCH_ENABLE_TLS"
+export KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE="${KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}"
+export SERVER_DB_TLS_VERIFICATION_MODE="$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE"
+export KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION="${KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/elasticsearch.truststore.p12}"
+export SERVER_DB_TRUSTSTORE_LOCATION="$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION"
+export KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD="${KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}"
+export SERVER_DB_TRUSTSTORE_PASSWORD="$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD"
+export KIBANA_ELASTICSEARCH_TLS_USE_PEM="${KIBANA_ELASTICSEARCH_TLS_USE_PEM:-false}"
+export SERVER_DB_TLS_USE_PEM="$KIBANA_ELASTICSEARCH_TLS_USE_PEM"
+export KIBANA_ELASTICSEARCH_CA_CERT_LOCATION="${KIBANA_ELASTICSEARCH_CA_CERT_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/ca.crt}"
+export SERVER_DB_CA_CERT_LOCATION="$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION"
+export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}"
 export KIBANA_CREATE_USER="${KIBANA_CREATE_USER:-false}"
 export KIBANA_ELASTICSEARCH_PASSWORD="${KIBANA_ELASTICSEARCH_PASSWORD:-}"
-export KIBANA_ELASTICSEARCH_ENABLE_TLS="${KIBANA_ELASTICSEARCH_ENABLE_TLS:-false}"
-export KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE="${KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}"
-export KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION="${KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION:-${KIBANA_CERTS_DIR}/elasticsearch/elasticsearch.trustore.p12}"
-export KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD="${KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}"
-export KIBANA_ELASTICSEARCH_TLS_USE_PEM="${KIBANA_ELASTICSEARCH_TLS_USE_PEM:-false}"
-export KIBANA_ELASTICSEARCH_CA_CERT_LOCATION="${KIBANA_ELASTICSEARCH_CA_CERT_LOCATION:-${KIBANA_CERTS_DIR}/elasticsearch/ca.crt}"
 
 # Custom environment variables may be defined below
diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh
index f5dd8e893418..437203e56cff 100755
--- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh
+++ b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh
@@ -16,14 +16,11 @@ set -o pipefail
 # Load environment
 . /opt/bitnami/scripts/kibana-env.sh
 
-for dir in "$KIBANA_TMP_DIR" "$KIBANA_LOGS_DIR" "$KIBANA_CONF_DIR" "$KIBANA_PLUGINS_DIR" "$KIBANA_VOLUME_DIR" "$KIBANA_DATA_DIR" "$KIBANA_INITSCRIPTS_DIR"; do
+for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_PLUGINS_DIR" "$SERVER_VOLUME_DIR" "$SERVER_DATA_DIR" "$SERVER_INITSCRIPTS_DIR"; do
     ensure_dir_exists "$dir"
     chmod -R ug+rwX "$dir"
 done
 
-# Optimize feature for Kibana 6
-[[ -d "$KIBANA_OPTIMIZE_DIR" ]] && chmod -R ug+rwX "$KIBANA_OPTIMIZE_DIR"
-
-kibana_conf_set "path.data" "$KIBANA_DATA_DIR"
+kibana_conf_set "path.data" "$SERVER_DATA_DIR"
 # For backwards compatibility, create a symlink to the default path
-! is_dir_empty "${KIBANA_BASE_DIR}/data" || rm -rf "${KIBANA_BASE_DIR}/data" && ln -s "$KIBANA_DATA_DIR" "${KIBANA_BASE_DIR}/data"
+! is_dir_empty "${SERVER_BASE_DIR}/data" || rm -rf "${SERVER_BASE_DIR}/data" && ln -s "$SERVER_DATA_DIR" "${SERVER_BASE_DIR}/data"
diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh
index 9b1668ed4359..a6007d0b2b45 100755
--- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh
+++ b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh
@@ -18,9 +18,9 @@ set -o pipefail
 . /opt/bitnami/scripts/kibana-env.sh
 
 info "** Starting Kibana **"
-start_command=("${KIBANA_BIN_DIR}/kibana" "serve")
+start_command=("${SERVER_BIN_DIR}/kibana" "serve")
 if am_i_root; then
-    exec_as_user "$KIBANA_DAEMON_USER" "${start_command[@]}"
+    exec_as_user "$SERVER_DAEMON_USER" "${start_command[@]}"
 else
     exec "${start_command[@]}"
 fi
diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh
index 8f13694f018e..ea8570b52bba 100755
--- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh
+++ b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh
@@ -20,7 +20,7 @@ set -o pipefail
 kibana_validate
 
 # Ensure 'daemon' user exists when running as 'root'
-am_i_root && ensure_user_exists "$KIBANA_DAEMON_USER" --group "$KIBANA_DAEMON_GROUP"
+am_i_root && ensure_user_exists "$SERVER_DAEMON_USER" --group "$SERVER_DAEMON_GROUP"
 
 # Ensure kibana is initialized
 kibana_initialize
diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh
index c87bf763ffa9..0cf4f25b9f16 100644
--- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh
+++ b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh
@@ -16,204 +16,6 @@
 
 # Functions
 
-########################
-# Validate settings in KIBANA_* env vars
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   0 if the validation succeeded, 1 otherwise
-#########################
-kibana_validate() {
-    debug "Validating settings in KIBANA_* environment variables..."
-    local error_code=0
-
-    # Auxiliary functions
-    print_validation_error() {
-        error "$1"
-        error_code=1
-    }
-    check_multi_value() {
-        if [[ " ${2} " != *" ${!1} "* ]]; then
-            print_validation_error "The allowed values for ${1} are: ${2}"
-        fi
-    }
-    check_empty_value() {
-        if is_empty_value "${!1}"; then
-            print_validation_error "${1} must be set"
-        fi
-    }
-    # Warn users in case the configuration file is not writable
-    is_file_writable "$KIBANA_CONF_FILE" || warn "The Kibana configuration file '${KIBANA_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
-
-    if is_boolean_yes "$KIBANA_CREATE_USER"; then
-        if is_empty_value "$KIBANA_PASSWORD"; then
-            print_validation_error "The variable KIBANA_CREATE_USER is set but no KIBANA_PASSWORD provided for the kibana_system user."
-        fi
-        if is_empty_value "$KIBANA_ELASTICSEARCH_PASSWORD"; then
-            print_validation_error "Password for the 'elastic' user is required in order to create the kibana_system user. Please provide it using the variable KIBANA_ELASTICSEARCH_PASSWORD."
-        fi
-    fi
-
-    # User inputs
-    check_empty_value "KIBANA_ELASTICSEARCH_URL"
-    check_empty_value "KIBANA_HOST"
-    for var in "KIBANA_ELASTICSEARCH_PORT_NUMBER" "KIBANA_PORT_NUMBER"; do
-        if ! err=$(validate_port "${!var}"); then
-            print_validation_error "An invalid port was specified in the environment variable $var: $err"
-        fi
-    done
-
-    if is_boolean_yes "$KIBANA_SERVER_ENABLE_TLS"; then
-        if is_boolean_yes "$KIBANA_SERVER_TLS_USE_PEM"; then
-            if [[ ! -f "$KIBANA_SERVER_CERT_LOCATION" ]] || [[ ! -f "$KIBANA_SERVER_KEY_LOCATION" ]]; then
-                print_validation_error "In order to configure the TLS encryption for Kibana server using PEM certs you must provide your a valid key and certificate."
-            fi
-        elif [[ ! -f "$KIBANA_SERVER_KEYSTORE_LOCATION" ]]; then
-            print_validation_error "In order to configure the TLS encryption for Kibana server using PKCS12 certs you must mount a valid keystore."
-        fi
-    fi
-
-    if is_boolean_yes "$KIBANA_ELASTICSEARCH_ENABLE_TLS"; then
-        check_multi_value "KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" "full certificate none"
-        if [[ "$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" != "none" ]];then
-            if is_boolean_yes "$KIBANA_ELASTICSEARCH_TLS_USE_PEM"; then
-                if [[ ! -f "$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION" ]]; then
-                    print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid CA certificate is required."
-                fi
-            elif [[ ! -f "$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION" ]]; then
-                print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid PKCS12 truststore is required."
-            fi
-        fi
-    fi
-
-    [[ "$error_code" -eq 0 ]] || exit "$error_code"
-}
-
-########################
-# Configure/initialize Kibana
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   None
-#########################
-kibana_initialize() {
-    info "Configuring/Initializing Kibana..."
-
-    debug "Ensuring expected directories/files exist..."
-    for dir in "$KIBANA_TMP_DIR" "$KIBANA_LOGS_DIR" "$KIBANA_CONF_DIR" "$KIBANA_DATA_DIR"; do
-        ensure_dir_exists "$dir"
-        am_i_root && chown -R "$KIBANA_DAEMON_USER:$KIBANA_DAEMON_GROUP" "$dir"
-    done
-
-    # Optimize feature for Kibana 6
-    am_i_root && [[ -d "$KIBANA_OPTIMIZE_DIR" ]] && chown -R "$KIBANA_DAEMON_USER:$KIBANA_DAEMON_GROUP" "$KIBANA_OPTIMIZE_DIR"
-
-    if is_file_writable "$KIBANA_CONF_FILE"; then
-        if is_mounted_dir_empty "$KIBANA_MOUNTED_CONF_DIR"; then
-            info "Setting default configuration"
-            kibana_conf_set "pid.file" "$KIBANA_PID_FILE"
-            kibana_conf_set "server.host" "$KIBANA_HOST"
-            kibana_conf_set "server.port" "$KIBANA_PORT_NUMBER" "int"
-            kibana_conf_set "elasticsearch.hosts" "$(kibana_sanitize_elasticsearch_hosts "${KIBANA_ELASTICSEARCH_URL}" "${KIBANA_ELASTICSEARCH_PORT_NUMBER}")"
-        else
-            info "Found mounted configuration directory"
-            if ! cp -Lr "$KIBANA_MOUNTED_CONF_DIR"/* "$KIBANA_CONF_DIR"; then
-                error "Issue copying mounted configuration files from $KIBANA_MOUNTED_CONF_DIR to $KIBANA_CONF_DIR. Make sure you are not mounting configuration files in $KIBANA_CONF_DIR and $KIBANA_MOUNTED_CONF_DIR at the same time"
-                exit 1
-            fi
-        fi
-        # Override configuration
-        if ! is_empty_value "$KIBANA_PASSWORD"; then
-            kibana_conf_set "elasticsearch.username" "kibana_system"
-            kibana_conf_set "elasticsearch.password" "$KIBANA_PASSWORD"
-        fi
-        if is_boolean_yes "$KIBANA_DISABLE_STRICT_CSP"; then
-            kibana_conf_set "csp.strict" "false" "bool"
-        fi
-        if is_boolean_yes "$KIBANA_SERVER_ENABLE_TLS"; then
-            kibana_conf_set "server.ssl.enabled" "true" "bool"
-            if "$KIBANA_SERVER_TLS_USE_PEM"; then
-                kibana_conf_set "server.ssl.certificate" "$KIBANA_SERVER_CERT_LOCATION"
-                kibana_conf_set "server.ssl.key" "$KIBANA_SERVER_KEY_LOCATION"
-                ! is_empty_value "$KIBANA_SERVER_KEY_PASSWORD" && kibana_set_key_value "server.ssl.keyPassphrase" "$KIBANA_SERVER_KEY_PASSWORD"
-            else
-                kibana_conf_set "server.ssl.keystore.path" "$KIBANA_SERVER_KEYSTORE_LOCATION"
-                ! is_empty_value "$KIBANA_SERVER_KEYSTORE_PASSWORD" && kibana_set_key_value "server.ssl.keystore.password" "$KIBANA_SERVER_KEYSTORE_PASSWORD"
-            fi
-        fi
-        if is_boolean_yes "$KIBANA_ELASTICSEARCH_ENABLE_TLS"; then
-            kibana_conf_set "elasticsearch.ssl.verificationMode" "$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE"
-            if [[ "$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" != "none" ]];then
-                if "$KIBANA_ELASTICSEARCH_TLS_USE_PEM"; then
-                    kibana_conf_set "elasticsearch.ssl.certificateAuthorities" "$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION"
-                else
-                    ! is_empty_value "$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD" && kibana_set_key_value "elasticsearch.ssl.truststore.password" "$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD"
-                    kibana_conf_set "elasticsearch.ssl.truststore.path" "$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION"
-                fi
-            fi
-        fi
-    fi
-}
-
-########################
-# Write a configuration setting value
-# Globals:
-#   KIBANA_CONF_FILE
-# Arguments:
-#   $1 - key
-#   $2 - value
-#   $3 - YAML type (string, int or bool)
-# Returns:
-#   None
-#########################
-kibana_conf_set() {
-    local -r key="${1:?Missing key}"
-    local -r value="${2:-}"
-    local -r type="${3:-string}"
-    local -r tempfile=$(mktemp)
-
-    case "$type" in
-    string)
-        yq eval "(.${key}) |= \"${value}\"" "$KIBANA_CONF_FILE" >"$tempfile"
-        ;;
-    int)
-        yq eval "(.${key}) |= ${value}" "$KIBANA_CONF_FILE" >"$tempfile"
-        ;;
-    bool)
-        yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$KIBANA_CONF_FILE" >"$tempfile"
-        ;;
-    *)
-        error "Type unknown: ${type}"
-        return 1
-        ;;
-    esac
-    cp "$tempfile" "$KIBANA_CONF_FILE"
-}
-
-########################
-# Read a configuration setting value
-# Globals:
-#   KIBANA_CONF_FILE
-# Arguments:
-#   $1 - key
-# Returns:
-#   Outputs the key to stdout (Empty response if key is not set)
-#########################
-kibana_conf_get() {
-    local key="${1:?missing key}"
-
-    if [[ -r "$KIBANA_CONF_FILE" ]]; then
-        local -r res="$(yq eval ".${key}" "$KIBANA_CONF_FILE")"
-        if [[ ! "$res" = "null" ]]; then
-            echo "$res"
-        fi
-    fi
-}
-
 ########################
 # Set Elasticsearch keystore values
 # Globals:
@@ -231,191 +33,6 @@ kibana_set_key_value() {
     kibana-keystore add --stdin --force "$key" <<<"$value"
 }
 
-########################
-# Configure/initialize Kibana
-# For backwards compatibility, it is allowed to specify the host and port in
-# different env-vars and this function will build the correct url.
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   $1 - hostUrl
-#   $2 - port
-# Returns:
-#   None
-#########################
-kibana_sanitize_elasticsearch_hosts() {
-    local -r hostUrl="${1:?missing hostUrl}"
-    local -r port="${2:?missing port}"
-    local scheme
-
-    if is_boolean_yes "$KIBANA_ELASTICSEARCH_ENABLE_TLS"; then
-        scheme="https"
-    else
-        scheme="http"
-    fi
-
-    if grep -q -E "^https?://[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. http://localhost:9200
-        echo "${hostUrl}"
-    elif grep -q -E "^https?://[^:]+$" <<<"$hostUrl"; then # i.e. http://localhost
-        echo "${hostUrl}:${port}"
-    elif grep -q -E "^[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. localhost:9200
-        echo "${scheme}://${hostUrl}"
-    else # i.e. localhost
-        echo "${scheme}://${hostUrl}:${port}"
-    fi
-}
-
-########################
-# Check if Kibana is running
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   Boolean
-#########################
-is_kibana_running() {
-    local pid
-    pid="$(get_pid_from_file "${KIBANA_PID_FILE}")"
-
-    if [[ -z "$pid" ]]; then
-        false
-    else
-        is_service_running "$pid"
-    fi
-}
-
-########################
-# Check if Kibana is not running
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   Boolean
-#########################
-is_kibana_not_running() {
-    ! is_kibana_running
-}
-
-########################
-# Check if Kibana is ready
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   Boolean
-#########################
-is_kibana_ready() {
-    local basePath
-    local rewriteBasePath
-    rewriteBasePath=$(kibana_conf_get "server.rewriteBasePath")
-    # The default value for is 'server.rewriteBasePath' is 'true' when ommited.'
-    # Therefore, we must check the value is not 'true'
-    [[ ! "$rewriteBasePath" = "false" ]] && basePath=$(kibana_conf_get "server.basePath")
-    if is_kibana_running; then
-        # Kibana 7 expects .status.overall.state to be 'green', while 8 expects .status.overall.level to be 'available'
-        local -r status="$(yq eval '.status.overall | pick(["state", "level"]) | .[]' - <<<"$(curl -s "127.0.0.1:${KIBANA_PORT_NUMBER}${basePath:-}/api/status")")"
-        [[ "$status" = "green" || "$status" = "available" ]] && return
-    else
-        false
-    fi
-}
-
-########################
-# Wait until Kibana is ready
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   Boolean
-#########################
-wait_for_kibana_ready() {
-    info "Waiting for Kibana to be started and ready"
-    retries="$KIBANA_WAIT_READY_MAX_RETRIES"
-    until is_kibana_ready || [[ "$retries" -eq 0 ]]; do
-        debug "Waiting for Kibana server: $((retries--)) remaining attempts..."
-        sleep 2
-    done
-    if [[ "$retries" -eq 0 ]]; then
-        error "Kibana is not available after ${KIBANA_WAIT_READY_MAX_RETRIES} retries"
-        if [[ -r "${KIBANA_LOGS_DIR}/init_scripts_start.log" ]]; then
-            info "Dumping ${KIBANA_LOGS_DIR}/init_scripts_start.log for additional diagnostics..."
-            cat "${KIBANA_LOGS_DIR}/init_scripts_start.log"
-        fi
-        exit 1
-    fi
-}
-
-########################
-# Start Kibana in background mode
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   Extra arguments to pass to the command (optional array)
-# Returns:
-#   None
-#########################
-kibana_start_bg() {
-    local extra_args=("${@}")
-
-    info "Starting Kibana in background"
-    local start_command=("${KIBANA_BIN_DIR}/kibana" "serve" "${extra_args[@]}")
-    am_i_root && start_command=("run_as_user" "$KIBANA_DAEMON_USER" "${start_command[@]}")
-    debug_execute "${start_command[@]}" &
-}
-
-########################
-# Run custom initialization scripts
-# Globals:
-#   KIBANA_*
-# Arguments:
-#   None
-# Returns:
-#   None
-#########################
-kibana_custom_init_scripts() {
-    read -r -a init_scripts <<<"$(find "$KIBANA_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)"
-    if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$KIBANA_VOLUME_DIR"/.user_scripts_initialized ]] || is_boolean_yes "$KIBANA_FORCE_INITSCRIPTS"; then
-        if is_boolean_yes "$KIBANA_FORCE_INITSCRIPTS"; then
-            info "Forcing execution of user files"
-        fi
-
-        if is_boolean_yes "${KIBANA_INITSCRIPTS_START_SERVER}"; then
-            # Binding to localhost to not give false positives for external connections
-            kibana_start_bg "--host" "127.0.0.1" "--log-file" "${KIBANA_LOGS_DIR}/init_scripts_start.log"
-            wait_for_kibana_ready
-        fi
-
-        info "Loading user's custom files from $KIBANA_INITSCRIPTS_DIR"
-        for f in "${init_scripts[@]}"; do
-            debug "Executing $f"
-            case "$f" in
-            *.sh)
-                if [[ -x "$f" ]]; then
-                    if ! "$f"; then
-                        error "Failed executing $f"
-                        return 1
-                    fi
-                else
-                    warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail"
-                    . "$f"
-                fi
-                ;;
-            *)
-                warn "Skipping $f, supported formats are: .sh"
-                ;;
-            esac
-        done
-        touch "$KIBANA_VOLUME_DIR"/.user_scripts_initialized
-
-        is_kibana_running && stop_service_using_pid "$KIBANA_PID_FILE"
-        retry_while "is_kibana_not_running"
-    fi
-}
-
 ########################
 # Waits for Elasticsearch to be available and creates the user 'kibana_user', if it doesn't exists
 # Globals:
@@ -461,3 +78,446 @@ kibana_create_system_user() {
         info "Skipping 'kibana_system' user creation. User already exists. Status code: ${status_code}"
     fi
 }
+
+#!/bin/bash
+# Copyright VMware, Inc.
+# SPDX-License-Identifier: APACHE-2.0
+#
+# Bitnami Kibana/Opensearch Dashboards common library
+
+# shellcheck disable=SC1090
+# shellcheck disable=SC1091
+
+# Load Generic Libraries
+. /opt/bitnami/scripts/libfs.sh
+. /opt/bitnami/scripts/libfile.sh
+. /opt/bitnami/scripts/liblog.sh
+. /opt/bitnami/scripts/libos.sh
+. /opt/bitnami/scripts/libservice.sh
+. /opt/bitnami/scripts/libvalidations.sh
+
+# Functions
+
+########################
+# Validate settings in SERVER_* env vars
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   0 if the validation succeeded, 1 otherwise
+#########################
+kibana_validate() {
+    debug "Validating settings in SERVER_* environment variables..."
+    local error_code=0
+
+    # Auxiliary functions
+    print_validation_error() {
+        error "$1"
+        error_code=1
+    }
+    check_multi_value() {
+        if [[ " ${2} " != *" ${!1} "* ]]; then
+            print_validation_error "The allowed values for ${1} are: ${2}"
+        fi
+    }
+    check_empty_value() {
+        if is_empty_value "${!1}"; then
+            print_validation_error "${1} must be set"
+        fi
+    }
+    # Warn users in case the configuration file is not writable
+    is_file_writable "$SERVER_CONF_FILE" || warn "The ${SERVER_FLAVOR^} configuration file '${SERVER_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
+
+    if [[ "$SERVER_FLAVOR" = "kibana" ]]; then
+        if is_boolean_yes "$KIBANA_CREATE_USER"; then
+            if is_empty_value "$KIBANA_PASSWORD"; then
+                print_validation_error "The variable KIBANA_CREATE_USER is set but no KIBANA_PASSWORD provided for the kibana_system user."
+            fi
+            if is_empty_value "$KIBANA_ELASTICSEARCH_PASSWORD"; then
+                print_validation_error "Password for the 'elastic' user is required in order to create the kibana_system user. Please provide it using the variable KIBANA_ELASTICSEARCH_PASSWORD."
+            fi
+        fi
+    fi
+
+    # User inputs
+    check_empty_value "SERVER_DB_URL"
+    check_empty_value "SERVER_HOST"
+    for var in "SERVER_DB_PORT_NUMBER" "SERVER_PORT_NUMBER"; do
+        if ! err=$(validate_port "${!var}"); then
+            print_validation_error "An invalid port was specified in the environment variable $var: $err"
+        fi
+    done
+
+    if is_boolean_yes "$SERVER_ENABLE_TLS"; then
+        if is_boolean_yes "$SERVER_TLS_USE_PEM"; then
+            if [[ ! -f "$SERVER_CERT_LOCATION" ]] || [[ ! -f "$SERVER_KEY_LOCATION" ]]; then
+                print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PEM certs you must provide your a valid key and certificate."
+            fi
+        elif [[ ! -f "$SERVER_KEYSTORE_LOCATION" ]]; then
+            print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PKCS12 certs you must mount a valid keystore."
+        fi
+    fi
+
+    if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
+        check_multi_value "SERVER_DB_TLS_VERIFICATION_MODE" "full certificate none"
+        if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then
+            if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then
+                if [[ ! -f "$SERVER_DB_CA_CERT_LOCATION" ]]; then
+                    print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid CA certificate is required."
+                fi
+            elif [[ ! -f "$SERVER_DB_TRUSTSTORE_LOCATION" ]]; then
+                print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid PKCS12 truststore is required."
+            fi
+        fi
+    fi
+
+    [[ "$error_code" -eq 0 ]] || exit "$error_code"
+}
+
+########################
+# Configure/initialize Kibana/Dashboards
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+kibana_initialize() {
+    info "Configuring/Initializing ${SERVER_FLAVOR^}..."
+
+    debug "Ensuring expected directories/files exist..."
+    for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_DATA_DIR"; do
+        ensure_dir_exists "$dir"
+        am_i_root && chown -R "$SERVER_DAEMON_USER:$SERVER_DAEMON_GROUP" "$dir"
+    done
+
+    if is_file_writable "$SERVER_CONF_FILE"; then
+        local dbFlavor="elasticsearch"
+        [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && dbFlavor="opensearch"
+        if is_mounted_dir_empty "$SERVER_MOUNTED_CONF_DIR"; then
+            info "Setting default configuration"
+            kibana_conf_set "pid.file" "$SERVER_PID_FILE"
+            kibana_conf_set "server.host" "$SERVER_HOST"
+            kibana_conf_set "server.port" "$SERVER_PORT_NUMBER" "int"
+            kibana_conf_set "${dbFlavor}.hosts" "$(kibana_sanitize_elasticsearch_hosts "${SERVER_DB_URL}" "${SERVER_DB_PORT_NUMBER}")"
+
+        else
+            info "Found mounted configuration directory"
+            if ! cp -Lr "$SERVER_MOUNTED_CONF_DIR"/* "$SERVER_CONF_DIR"; then
+                error "Issue copying mounted configuration files from $SERVER_MOUNTED_CONF_DIR to $SERVER_CONF_DIR. Make sure you are not mounting configuration files in $SERVER_CONF_DIR and $SERVER_MOUNTED_CONF_DIR at the same time"
+                exit 1
+            fi
+        fi
+        # Override configuration
+        if [[ "$SERVER_FLAVOR" = "kibana" ]] && is_boolean_yes "$KIBANA_DISABLE_STRICT_CSP"; then
+            kibana_conf_set "csp.strict" "false" "bool"
+        fi
+
+        # Configure Elasticsearch/Opensearch authentication
+        if ! is_empty_value "$SERVER_PASSWORD"; then
+            local user="kibana_system"
+            [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && user="kibanaserver"
+            kibana_conf_set "${dbFlavor}.username" "$user"
+            kibana_conf_set "${dbFlavor}.password" "$SERVER_PASSWORD"
+        elif [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
+            info "Security settings not provided, removing plugin"
+            opensearch-dashboards-plugin remove securityDashboards
+            replace_in_file "$SERVER_CONF_FILE" "^opensearch_security\." "#opensearch_security."
+        fi
+
+        # Configure Webserver TLS settings (Client -> Kibana/Dashboards)
+        if is_boolean_yes "$SERVER_ENABLE_TLS"; then
+            kibana_conf_set "server.ssl.enabled" "true" "bool"
+            [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && kibana_conf_set "opensearch_security.cookie.secure" "true" "bool"
+            if is_boolean_yes "$SERVER_TLS_USE_PEM"; then
+                kibana_conf_set "server.ssl.certificate" "$SERVER_CERT_LOCATION"
+                kibana_conf_set "server.ssl.key" "$SERVER_KEY_LOCATION"
+                if ! is_empty_value "$SERVER_KEY_PASSWORD"; then
+                    if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
+                        kibana_conf_set "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD"
+                    else
+                        kibana_set_key_value "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD"
+                    fi
+                fi
+            else
+                kibana_conf_set "server.ssl.keystore.path" "$SERVER_KEYSTORE_LOCATION"
+                if ! is_empty_value "$SERVER_KEYSTORE_PASSWORD"; then
+                    if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
+                        kibana_conf_set "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD"
+                    else
+                        kibana_set_key_value "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD"
+                    fi
+                fi
+            fi
+        fi
+
+        # Configure Database TLS settings (Kibana/Dashboards -> Elasticsearch/Opensearch)
+        if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
+            kibana_conf_set "${dbFlavor}.ssl.verificationMode" "$SERVER_DB_TLS_VERIFICATION_MODE"
+            if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then
+                if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then
+                    kibana_conf_set "${dbFlavor}.ssl.certificateAuthorities" "$SERVER_DB_CA_CERT_LOCATION"
+                else
+                    kibana_conf_set "${dbFlavor}.ssl.truststore.path" "$SERVER_DB_TRUSTSTORE_LOCATION"
+                    if ! is_empty_value "$SERVER_DB_TRUSTSTORE_PASSWORD"; then
+                        if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then
+                            kibana_conf_set "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD"
+                        else
+                            kibana_set_key_value "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD"
+                        fi
+                    fi
+                fi
+            fi
+        fi
+    fi
+}
+
+########################
+# Write a configuration setting value
+# Globals:
+#   SERVER_CONF_FILE
+# Arguments:
+#   $1 - key
+#   $2 - value
+#   $3 - YAML type (string, int or bool)
+# Returns:
+#   None
+#########################
+kibana_conf_set() {
+    local -r key="${1:?Missing key}"
+    local -r value="${2:-}"
+    local -r type="${3:-string}"
+    local -r tempfile=$(mktemp)
+
+    case "$type" in
+    string)
+        yq eval "(.${key}) |= \"${value}\"" "$SERVER_CONF_FILE" >"$tempfile"
+        ;;
+    int)
+        yq eval "(.${key}) |= ${value}" "$SERVER_CONF_FILE" >"$tempfile"
+        ;;
+    bool)
+        yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$SERVER_CONF_FILE" >"$tempfile"
+        ;;
+    *)
+        error "Type unknown: ${type}"
+        return 1
+        ;;
+    esac
+    cp "$tempfile" "$SERVER_CONF_FILE"
+}
+
+########################
+# Read a configuration setting value
+# Globals:
+#   SERVER_CONF_FILE
+# Arguments:
+#   $1 - key
+# Returns:
+#   Outputs the key to stdout (Empty response if key is not set)
+#########################
+kibana_conf_get() {
+    local key="${1:?missing key}"
+
+    if [[ -r "$SERVER_CONF_FILE" ]]; then
+        local -r res="$(yq eval ".${key}" "$SERVER_CONF_FILE")"
+        if [[ ! "$res" = "null" ]]; then
+            echo "$res"
+        fi
+    fi
+}
+
+########################
+# Configure/initialize Kibana/Dashboards
+# For backwards compatibility, it is allowed to specify the host and port in
+# different env-vars and this function will build the correct url.
+# Globals:
+#   SERVER_*
+# Arguments:
+#   $1 - hostUrl
+#   $2 - port
+# Returns:
+#   None
+#########################
+kibana_sanitize_elasticsearch_hosts() {
+    local -r hostUrl="${1:?missing hostUrl}"
+    local -r port="${2:?missing port}"
+    local scheme
+
+    if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
+        scheme="https"
+    else
+        scheme="http"
+    fi
+
+    if grep -q -E "^https?://[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. http://localhost:9200
+        echo "${hostUrl}"
+    elif grep -q -E "^https?://[^:]+$" <<<"$hostUrl"; then # i.e. http://localhost
+        echo "${hostUrl}:${port}"
+    elif grep -q -E "^[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. localhost:9200
+        echo "${scheme}://${hostUrl}"
+    else # i.e. localhost
+        echo "${scheme}://${hostUrl}:${port}"
+    fi
+}
+
+########################
+# Check if Kibana/Dashboards is running
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   Boolean
+#########################
+is_kibana_running() {
+    local pid
+    pid="$(get_pid_from_file "${SERVER_PID_FILE}")"
+
+    if [[ -z "$pid" ]]; then
+        false
+    else
+        is_service_running "$pid"
+    fi
+}
+
+########################
+# Check if Kibana/Dashboards is not running
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   Boolean
+#########################
+is_kibana_not_running() {
+    ! is_kibana_running
+}
+
+########################
+# Check if Kibana/Dashboards is ready
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   Boolean
+#########################
+is_kibana_ready() {
+    local basePath
+    local rewriteBasePath
+    local scheme="http"
+    local opts=()
+    rewriteBasePath=$(kibana_conf_get "server.rewriteBasePath")
+    # The default value for is 'server.rewriteBasePath' is 'true' when ommited.'
+    # Therefore, we must check the value is not 'true'
+    ! is_boolean_yes "$rewriteBasePath" && basePath=$(kibana_conf_get "server.basePath")
+
+    [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && ! is_empty_value "$SERVER_PASSWORD" && opts+=("-u" "kibanaserver:${SERVER_PASSWORD}")
+    if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then
+        scheme="https"
+        opts+=("-k")
+    fi
+    if is_kibana_running; then
+        # Kibana 7 and Opensearch expects .status.overall.state to be 'green', while 8 expects .status.overall.level to be 'available'
+        local -r status="$(yq eval '.status.overall | pick(["state", "level"]) | .[]' - <<<"$(curl -s "${opts[@]}" "${scheme}://127.0.0.1:${SERVER_PORT_NUMBER}${basePath}/api/status")")"
+        [[ "$status" = "green" || "$status" = "available" ]] && return
+    else
+        false
+    fi
+}
+
+########################
+# Wait until Kibana/Dashboards is ready
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   Boolean
+#########################
+wait_for_kibana_ready() {
+    info "Waiting for ${SERVER_FLAVOR^} to be started and ready"
+    retries="$SERVER_WAIT_READY_MAX_RETRIES"
+    until is_kibana_ready || [[ "$retries" -eq 0 ]]; do
+        debug "Waiting for ${SERVER_FLAVOR^} server: $((retries--)) remaining attempts..."
+        sleep 2
+    done
+    if [[ "$retries" -eq 0 ]]; then
+        error "${SERVER_FLAVOR^} is not available after ${SERVER_WAIT_READY_MAX_RETRIES} retries"
+        if [[ -r "${SERVER_LOGS_DIR}/init_scripts_start.log" ]]; then
+            info "Dumping ${SERVER_LOGS_DIR}/init_scripts_start.log for additional diagnostics..."
+            cat "${SERVER_LOGS_DIR}/init_scripts_start.log"
+        fi
+        exit 1
+    fi
+}
+
+########################
+# Start Kibana/Dashboards in background mode
+# Globals:
+#   SERVER_*
+# Arguments:
+#   Extra arguments to pass to the command (optional array)
+# Returns:
+#   None
+#########################
+kibana_start_bg() {
+    local extra_args=("${@}")
+
+    info "Starting ${SERVER_FLAVOR^} in background"
+    local start_command=("${SERVER_BIN_DIR}/${SERVER_FLAVOR}" "serve" "${extra_args[@]}")
+    am_i_root && start_command=("run_as_user" "$SERVER_DAEMON_USER" "${start_command[@]}")
+    debug_execute "${start_command[@]}" &
+}
+
+########################
+# Run custom initialization scripts
+# Globals:
+#   SERVER_*
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+kibana_custom_init_scripts() {
+    read -r -a init_scripts <<<"$(find "$SERVER_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)"
+    if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$SERVER_VOLUME_DIR"/.user_scripts_initialized ]] || is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then
+        if is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then
+            info "Forcing execution of user files"
+        fi
+
+        if is_boolean_yes "${SERVER_INITSCRIPTS_START_SERVER}"; then
+            # Binding to localhost to not give false positives for external connections
+            kibana_start_bg "--host" "127.0.0.1" "--log-file" "${SERVER_LOGS_DIR}/init_scripts_start.log"
+            wait_for_kibana_ready
+        fi
+
+        info "Loading user's custom files from $SERVER_INITSCRIPTS_DIR"
+        for f in "${init_scripts[@]}"; do
+            debug "Executing $f"
+            case "$f" in
+            *.sh)
+                if [[ -x "$f" ]]; then
+                    if ! "$f"; then
+                        error "Failed executing $f"
+                        return 1
+                    fi
+                else
+                    warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail"
+                    . "$f"
+                fi
+                ;;
+            *)
+                warn "Skipping $f, supported formats are: .sh"
+                ;;
+            esac
+        done
+        touch "$SERVER_VOLUME_DIR"/.user_scripts_initialized
+
+        is_kibana_running && stop_service_using_pid "$SERVER_PID_FILE"
+        retry_while "is_kibana_not_running"
+    fi
+}