Skip to content
Snippets Groups Projects
Commit 5703d6cc authored by Alexander Käb's avatar Alexander Käb
Browse files

Initial commit

parents
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
README.md 0 → 100644
+ 34
0
View file @ 5703d6cc
# Ansible role for graylog sidecars
Ansible role to install and configure graylog sidecars on Debian / Ubuntu / RedHat.
**Default variables**
```yaml
# Unique node id. Default uses '/etc/machine-id'
node_id: 'file:/etc/machine-id'
# Sidecar repository urls based on OS family
sidecar_repo_urls:
"RedHat": "https://packages.graylog2.org/repo/packages/graylog-sidecar-repository-1-5.noarch.rpm"
"Debian": "https://packages.graylog2.org/repo/packages/graylog-sidecar-repository_1-5_all.deb"
# Whether to install filebeat (default: true)
install_filebeat: true
# Filebeat repository urls based on OS family
filebeat_repo_urls:
"RedHat": "https://artifacts.elastic.co/packages/oss-8.x/yum"
"Debian": "https://artifacts.elastic.co/packages/oss-8.x/apt"
```
**Variables required by the user**
```yaml
# API URL for graylog server
graylog_sidecar_server_url:
# SECRET: token to be used for sidecars
graylog_sidecar_server_api_token:
```
\ No newline at end of file
defaults/main.yml 0 → 100644
+ 9
0
View file @ 5703d6cc
node_id: 'file:/etc/machine-id'
sidecar_repo_urls:
"RedHat": "https://packages.graylog2.org/repo/packages/graylog-sidecar-repository-1-5.noarch.rpm"
"Debian": "https://packages.graylog2.org/repo/packages/graylog-sidecar-repository_1-5_all.deb"
install_filebeat: true
filebeat_repo_urls:
"RedHat": "https://artifacts.elastic.co/packages/oss-8.x/yum"
"Debian": "https://artifacts.elastic.co/packages/oss-8.x/apt"
handlers/main.yml 0 → 100644
+ 12
0
View file @ 5703d6cc
---
- name: Restart Rsyslogd
ansible.builtin.service:
name: rsyslog
state: restarted
become: true
- name: Restart Sidecar
ansible.builtin.service:
name: graylog-sidecar
state: restarted
become: true
meta/main.yml 0 → 100644
+ 7
0
View file @ 5703d6cc
---
galaxy_info:
author: The hdacloud Authors
description: Ansible role for setting up graylog-sidecars
min_ansible_version: '2.4'
dependencies: []
tasks/filebeat.yml 0 → 100644
+ 37
0
View file @ 5703d6cc
- name: Add filebeat repository (Debian | Ubuntu)
become: true
when: {{ ansible_os_family == 'Debian' }}
block:
- name: Ensure Apt Can Use Https
ansible.builtin.apt:
name: apt-transport-https
state: present
- name: Ensure ES Signing Key Is Present
ansible.builtin.apt_key:
url: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
state: present^
- name: Ensure ES Repo Is Enabled
ansible.builtin.apt_repository:
repo: "deb {{ filebeat_repo_urls['Debian'] }} stable main"
state: present
- name: Add filebeat repository (RedHat)
ansible.builtin.yum_repository:
name: elastic-8.x
description: Elastic Yum Repo 8.x
baseurl: "{{ filebeat_repo_urls['RedHat'] }}"
gpgcheck: true
gpgkey: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
state: present
when: {{ ansible_os_family == 'RedHat' }}
become: true
- name: Install filebeat package
ansible.builtin.package:
name: filebeat
state: present
become: true
\ No newline at end of file
tasks/main.yml 0 → 100644
+ 67
0
View file @ 5703d6cc
---
- name: Temp switch to legacy crypto policy
ansible.builtin.command:
cmd: update-crypto-policies --set DEFAULT:SHA1
changed_when: false
become: true
- name: Add sidecar repo (Debian | Ubuntu)
when: {{ ansible_os_family == 'Debian' }}
become: true
block:
- name: Download repository file
ansible.builtin.get_url:
url: "{{ sidecar_repo_urls['Debian'] }}"
dest: /tmp/graylog-sidecar-repository.deb
- name: Add repository using dpkg
ansible.builtin.command:
cmd: dpkg -i /tmp/graylog-sidecar-repository.deb
- name: Add sidecar repo (RedHat)
ansible.builtin.yum:
name: "{{ sidecar_repo_urls['RedHat'] }}"
state: present
when: {{ ansible_os_family == 'RedHat' }}
become: true
- name: Install sidecar package
ansible.builtin.package:
name: graylog-sidecar
state: present
become: true
- name: Run install command
ansible.builtin.command:
cmd: /usr/bin/graylog-sidecar -service install
ignore_errors: true
changed_when: false
become: true
- name: Generate sidecar config
ansible.builtin.template:
dest: /etc/graylog/sidecar/sidecar.yml
src: sidecar.yml.j2
validate: /usr/bin/graylog-sidecar -c %s -configtest
mode: 0640
notify: Restart Sidecar
become: true
- name: Enable / start sidecar service
ansible.builtin.service:
name: graylog-sidecar
state: started
enabled: true
become: true
- name: Install filebeat
ansible.builtin.import_tasks:
- filebeat.yml
when: {{ install_filebeat }}
- name: Switch back to default policy
ansible.builtin.command:
cmd: update-crypto-policies --set DEFAULT
changed_when: false
become: true
\ No newline at end of file
templates/sidecar.yml.j2 0 → 100644
+ 6
0
View file @ 5703d6cc
{{ ansible_managed | comment }}
server_url: {{ graylog_sidecar_server_url }}
server_api_token: {{ graylog_sidecar_server_api_token }}
node_id: {{ graylog_sidecar_node_id }}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment