diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..600d2d33badf45cc068e01d2e3c837e11c417bc4
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.vscode
\ No newline at end of file
diff --git a/defaults/main.yml b/defaults/main.yml
index 465dc335fbc39c6bfee01a97e81e6897f8752a48..5e01d2629a93d871f258fa2a4391795c16b6e90d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -7,8 +7,12 @@ sidecar_checksum: https://github.com/Graylog2/collector-sidecar/releases/downloa
install_filebeat: true
filebeat_repo_urls:
- "RedHat": "https://artifacts.elastic.co/packages/oss-8.x/yum"
- "Debian": "https://artifacts.elastic.co/packages/oss-8.x/apt"
+ "RedHat": "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.8.0-x86_64.rpm"
+ "Debian": "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.8.0-amd64.deb"
+
+filebeat_checksums:
+ "RedHat": "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.8.0-x86_64.rpm.sha512"
+ "Debian": "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.8.0-amd64.deb.sha512"
# --- OTHER ---
use_central_ca_host: false
diff --git a/tasks/filebeat.yml b/tasks/filebeat.yml
index e94f359a8c594ae7738428ca65649cbb9f3c2ca5..36a9d5a1832882925e5dd686ded32243303b9e0a 100644
--- a/tasks/filebeat.yml
+++ b/tasks/filebeat.yml
@@ -3,35 +3,50 @@
become: true
when: ansible_os_family == 'Debian'
block:
- - name: Ensure Apt Can Use Https
- ansible.builtin.apt:
- name: apt-transport-https
- state: present
+ - name: install filebeat (Debian | Ubuntu)
+ when: ansible_os_family == 'Debian'
+ become: true
+ block:
+ - name: Download repository file (Debian | Ubuntu)
+ ansible.builtin.get_url:
+ url: "{{ filebeat_repo_urls['Debian'] }}"
+ checksum: "sha256:{{ filebeat_checksums['Debian'] }}"
+ dest: /tmp/graylog-filebeat.deb
+ mode: 0644
+ delegate_to: localhost
+ run_once: true
- - name: Ensure ES Signing Key Is Present
- ansible.builtin.apt_key:
- url: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
- id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
- state: present^
+ - name: Copy DEB to nodes (Debian | Ubuntu)
+ ansible.builtin.copy:
+ src: /tmp/graylog-filebeat.deb
+ dest: /tmp/graylog-filebeat.deb
+ mode: 0644
- - name: Ensure ES Repo Is Enabled
- ansible.builtin.apt_repository:
- repo: "deb {{ filebeat_repo_urls['Debian'] }} stable main"
- state: present
+ - name: Add package using dpkg (Debian | Ubuntu)
+ ansible.builtin.command:
+ cmd: dpkg -i /tmp/graylog-filebeat.deb
+ changed_when: false
-- name: Add filebeat repository (RedHat)
- ansible.builtin.yum_repository:
- name: elastic-8.x
- description: Elastic Yum Repo 8.x
- baseurl: "{{ filebeat_repo_urls['RedHat'] }}"
- gpgcheck: true
- gpgkey: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
- state: present
- when: ansible_os_family == 'RedHat'
- become: true
+ - name: install filebeat (RedHat)
+ when: ansible_os_family == 'RedHat'
+ become: true
+ block:
+ - name: Download rpm file (RedHat)
+ ansible.builtin.get_url:
+ url: "{{ filebeat_repo_urls['RedHat'] }}"
+ checksum: "sha256:{{ filebeat_checksums['RedHat'] }}"
+ dest: /tmp/graylog-filebeat.rpm
+ mode: 0644
+ delegate_to: localhost
+ run_once: true
-- name: Install filebeat package
- ansible.builtin.package:
- name: filebeat
- state: present
- become: true
+ - name: Copy RPM to nodes (RedHat)
+ ansible.builtin.copy:
+ src: /tmp/graylog-filebeat.rpm
+ dest: /tmp/graylog-filebeat.rpm
+ mode: 0644
+
+ - name: Install rpm (RedHat)
+ ansible.builtin.yum:
+ name: /tmp/graylog-filebeat.rpm
+ state: present