Skip to content
Snippets Groups Projects
Commit 58b9d1a0 authored by Alexander Käb's avatar Alexander Käb
Browse files

Split sidecar tasks to separate file for conditional include

parent 2458c29c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
tasks/main.yml
+ 19
94
View file @ 58b9d1a0
---
- name: Run install tasks
- name: Temp switch to legacy crypto policy
ansible.builtin.command:
cmd: update-crypto-policies --set DEFAULT:SHA1
changed_when: false
become: true
- name: Include sidecar tasks
ansible.builtin.include_tasks: sidecar.yml
when: (groups['sidecar-ca'] is defined | ternary(inventory_hostname not in groups['sidecar-ca'], true))
block:
- name: Temp switch to legacy crypto policy
ansible.builtin.command:
cmd: update-crypto-policies --set DEFAULT:SHA1
changed_when: false
become: true
- name: Add sidecar repo (Debian | Ubuntu)
when: ansible_os_family == 'Debian'
become: true
block:
- name: Download repository file (Debian | Ubuntu)
ansible.builtin.get_url:
url: "{{ sidecar_repo_urls['Debian'] }}"
dest: /tmp/graylog-sidecar-repository.deb
mode: 0644
delegate_to: localhost
run_once: true
- name: Include filebeat tasks
ansible.builtin.import_tasks: filebeat.yml
when: install_filebeat and (groups['sidecar-ca'] is defined | ternary(inventory_hostname not in groups['sidecar-ca'], true))
- name: Copy DEB to nodes (Debian | Ubuntu)
ansible.builtin.copy:
src: /tmp/graylog-sidecar-repository.deb
dest: /tmp/graylog-sidecar-repository.deb
mode: 0644
- name: Switch back to default policy
ansible.builtin.command:
cmd: update-crypto-policies --set DEFAULT
changed_when: false
become: true
- name: Add repository using dpkg (Debian | Ubuntu)
ansible.builtin.command:
cmd: dpkg -i /tmp/graylog-sidecar-repository.deb
changed_when: false
- name: Add sidecar repo (RedHat)
when: ansible_os_family == 'RedHat'
become: true
block:
- name: Download rpm file (RedHat)
ansible.builtin.get_url:
url: "{{ sidecar_repo_urls['RedHat'] }}"
dest: /tmp/graylog-sidecar-repository.rpm
mode: 0644
delegate_to: localhost
run_once: true
- name: Copy RPM to nodes (RedHat)
ansible.builtin.copy:
src: /tmp/graylog-sidecar-repository.rpm
dest: /tmp/graylog-sidecar-repository.rpm
mode: 0644
- name: Install rpm (RedHat)
ansible.builtin.yum:
name: /tmp/graylog-sidecar-repository.rpm
state: present
disable_gpg_check: true # Here, we are installing the package that contains the gpg key
- name: Install sidecar package
ansible.builtin.package:
name: graylog-sidecar
state: present
become: true
- name: Run install command
ansible.builtin.command:
cmd: /usr/bin/graylog-sidecar -service install
ignore_errors: true
changed_when: false
become: true
- name: Generate sidecar config
ansible.builtin.template:
dest: /etc/graylog/sidecar/sidecar.yml
src: sidecar.yml.j2
validate: /usr/bin/graylog-sidecar -c %s -configtest
mode: 0640
notify: Restart Sidecar
become: true
- name: Enable / start sidecar service
ansible.builtin.service:
name: graylog-sidecar
state: started
enabled: true
become: true
- name: Install filebeat
ansible.builtin.import_tasks: filebeat.yml
when: install_filebeat
- name: Switch back to default policy
ansible.builtin.command:
cmd: update-crypto-policies --set DEFAULT
changed_when: false
become: true
- name: Generate Node certificates
ansible.builtin.import_tasks: node-certs.yml
when: generate_node_certs
- name: Generate Node certificates
ansible.builtin.import_tasks: node-certs.yml
when: generate_node_certs
tasks/sidecar.yml 0 → 100644
+ 75
0
View file @ 58b9d1a0
- name: Add sidecar repo (Debian | Ubuntu)
when: ansible_os_family == 'Debian'
become: true
block:
- name: Download repository file (Debian | Ubuntu)
ansible.builtin.get_url:
url: "{{ sidecar_repo_urls['Debian'] }}"
dest: /tmp/graylog-sidecar-repository.deb
mode: 0644
delegate_to: localhost
run_once: true
- name: Copy DEB to nodes (Debian | Ubuntu)
ansible.builtin.copy:
src: /tmp/graylog-sidecar-repository.deb
dest: /tmp/graylog-sidecar-repository.deb
mode: 0644
- name: Add repository using dpkg (Debian | Ubuntu)
ansible.builtin.command:
cmd: dpkg -i /tmp/graylog-sidecar-repository.deb
changed_when: false
- name: Add sidecar repo (RedHat)
when: ansible_os_family == 'RedHat'
become: true
block:
- name: Download rpm file (RedHat)
ansible.builtin.get_url:
url: "{{ sidecar_repo_urls['RedHat'] }}"
dest: /tmp/graylog-sidecar-repository.rpm
mode: 0644
delegate_to: localhost
run_once: true
- name: Copy RPM to nodes (RedHat)
ansible.builtin.copy:
src: /tmp/graylog-sidecar-repository.rpm
dest: /tmp/graylog-sidecar-repository.rpm
mode: 0644
- name: Install rpm (RedHat)
ansible.builtin.yum:
name: /tmp/graylog-sidecar-repository.rpm
state: present
disable_gpg_check: true # Here, we are installing the package that contains the gpg key
- name: Install sidecar package
ansible.builtin.package:
name: graylog-sidecar
state: present
become: true
- name: Run install command
ansible.builtin.command:
cmd: /usr/bin/graylog-sidecar -service install
ignore_errors: true
changed_when: false
become: true
- name: Generate sidecar config
ansible.builtin.template:
dest: /etc/graylog/sidecar/sidecar.yml
src: sidecar.yml.j2
validate: /usr/bin/graylog-sidecar -c %s -configtest
mode: 0640
notify: Restart Sidecar
become: true
- name: Enable / start sidecar service
ansible.builtin.service:
name: graylog-sidecar
state: started
enabled: true
become: true
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment