aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitmodules3
-rw-r--r--ansible/ansible.cfg1
-rw-r--r--ansible/elasticsearch.yml64
-rw-r--r--ansible/experiments/elasticsearch-server/tasks/main.yml17
-rw-r--r--ansible/experiments/strongswan/files/swanctl/CA/ca-cert.der (renamed from ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der)bin834 -> 834 bytes
-rw-r--r--ansible/experiments/strongswan/files/swanctl/CA/ca-key.der (renamed from ansible/strongswan-experiment/files/swanctl/CA/ca-key.der)bin1191 -> 1191 bytes
-rw-r--r--ansible/experiments/strongswan/files/swanctl/arius/rsa/arius-key.der (renamed from ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der)bin1190 -> 1190 bytes
-rw-r--r--ansible/experiments/strongswan/files/swanctl/arius/x509/arius-cert.der (renamed from ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der)bin806 -> 806 bytes
-rw-r--r--ansible/experiments/strongswan/roles/strongswan-rw/tasks/main.yml (renamed from ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml)0
-rw-r--r--ansible/experiments/strongswan/roles/strongswan-rw/templates/swanctl.conf (renamed from ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf)0
-rw-r--r--ansible/experiments/strongswan/strongswan-rw.yml (renamed from ansible/strongswan-experiment/strongswan-rw.yml)0
-rw-r--r--ansible/experiments/strongswan/strongswan-server.yml (renamed from ansible/strongswan-experiment/strongswan-server.yml)0
-rw-r--r--ansible/experiments/strongswan/strongswan-vars.yml (renamed from ansible/strongswan-experiment/strongswan-vars.yml)0
-rw-r--r--ansible/experiments/strongswan/strongswan.md (renamed from ansible/strongswan-experiment/strongswan.md)0
-rw-r--r--ansible/host_vars/fuckaduck/elasticsearch.yml4
-rw-r--r--ansible/inventory5
m---------ansible/thirdparty/ansible-elasticsearch0
17 files changed, 94 insertions, 0 deletions
diff --git a/.gitmodules b/.gitmodules
index 4e2cc60..49861e4 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,3 +4,6 @@
[submodule "ansible/misc/ansible-vault-tools"]
path = ansible/misc/ansible-vault-tools
url = https://github.com/building5/ansible-vault-tools
+[submodule "ansible/thirdparty/ansible-elasticsearch"]
+ path = ansible/thirdparty/ansible-elasticsearch
+ url = https://github.com/elastic/ansible-elasticsearch
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
index 4c70c17..44749f8 100644
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@@ -5,3 +5,4 @@ inventory = ./inventory
nocows = True
stdout_callback = debug
vault_password_file = vault-password
+roles_path = roles:thirdparty
diff --git a/ansible/elasticsearch.yml b/ansible/elasticsearch.yml
new file mode 100644
index 0000000..670bbe1
--- /dev/null
+++ b/ansible/elasticsearch.yml
@@ -0,0 +1,64 @@
+- hosts:
+ - elasticsearch-servers
+ tasks:
+ - name: Create elasticsearch user
+ become: yes
+ user:
+ name: elasticsearch
+ system: yes
+ state: "{{ elasticsearch__state }}"
+ shell: /bin/bash
+ - become: yes
+ file:
+ path: "{{ elasticsearch__data_dir }}"
+ state: directory
+ owner: elasticsearch
+ group: elasticsearch
+ mode: u=rwx,go=rx
+
+- hosts:
+ - elasticsearch-servers
+ roles:
+ - ansible-elasticsearch
+ vars:
+ es_instance_name: "node1"
+ es_data_dirs:
+ - "{{ elasticsearch__data_dir }}"
+ es_config:
+ http.port: "{{ elasticsearch__http_port }}"
+ transport.tcp.port: "{{ elasticsearch__tcp_port }}"
+ discovery.zen.ping.unicast.hosts: "localhost:9301"
+ es_api_basic_auth_username: admin
+ es_api_basic_auth_password: admin
+ tasks:
+ - name: enable elasticsearch
+ tags: elasticsearch
+ systemd:
+ name: elasticsearch
+ state: started
+ enabled: yes
+
+ - tags: kibana
+ become: yes
+ block:
+ - apt:
+ name: kibana
+ install_recommends: false
+ - lineinfile:
+ path: /etc/kibana/kibana.yml
+ #elasticsearch.url: "http://localhost:9200"
+ regexp: "elasticsearch\\.url"
+ line: 'elasticsearch.url: "http://localhost:{{ elasticsearch__http_port }}"'
+ notify: restart kibana
+ - name: enable kibana
+ systemd:
+ name: kibana
+ state: started
+ enabled: yes
+
+ handlers:
+ - name: restart kibana
+ become: yes
+ systemd:
+ name: kibana
+ state: restarted
diff --git a/ansible/experiments/elasticsearch-server/tasks/main.yml b/ansible/experiments/elasticsearch-server/tasks/main.yml
new file mode 100644
index 0000000..0019cb6
--- /dev/null
+++ b/ansible/experiments/elasticsearch-server/tasks/main.yml
@@ -0,0 +1,17 @@
+- become: yes
+ tags:
+ - elasticsearch-server
+ block:
+ - name: Create elasticsearch user
+ user:
+ name: elasticsearch
+ system: yes
+ state: "{{ elasticsearch_server__state }}"
+ shell: /bin/bash
+ - name: Download ES
+ when: elasticsearch_server__state == 'present'
+ get_url:
+ url: "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{ elasticsearch_server__version }}.tar.gz"
+ checksum: "{{ elasticsearch_server__checksum }}"
+ dest: /opt/elasticsearch
+ mode: u=rwx,go=rx
diff --git a/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der b/ansible/experiments/strongswan/files/swanctl/CA/ca-cert.der
index 73e9b45..73e9b45 100644
--- a/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der
+++ b/ansible/experiments/strongswan/files/swanctl/CA/ca-cert.der
Binary files differ
diff --git a/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der b/ansible/experiments/strongswan/files/swanctl/CA/ca-key.der
index 740545a..740545a 100644
--- a/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der
+++ b/ansible/experiments/strongswan/files/swanctl/CA/ca-key.der
Binary files differ
diff --git a/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der b/ansible/experiments/strongswan/files/swanctl/arius/rsa/arius-key.der
index 5c988d9..5c988d9 100644
--- a/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der
+++ b/ansible/experiments/strongswan/files/swanctl/arius/rsa/arius-key.der
Binary files differ
diff --git a/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der b/ansible/experiments/strongswan/files/swanctl/arius/x509/arius-cert.der
index 562c76b..562c76b 100644
--- a/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der
+++ b/ansible/experiments/strongswan/files/swanctl/arius/x509/arius-cert.der
Binary files differ
diff --git a/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml b/ansible/experiments/strongswan/roles/strongswan-rw/tasks/main.yml
index fb09476..fb09476 100644
--- a/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml
+++ b/ansible/experiments/strongswan/roles/strongswan-rw/tasks/main.yml
diff --git a/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf b/ansible/experiments/strongswan/roles/strongswan-rw/templates/swanctl.conf
index 90d212b..90d212b 100644
--- a/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf
+++ b/ansible/experiments/strongswan/roles/strongswan-rw/templates/swanctl.conf
diff --git a/ansible/strongswan-experiment/strongswan-rw.yml b/ansible/experiments/strongswan/strongswan-rw.yml
index 136e9ad..136e9ad 100644
--- a/ansible/strongswan-experiment/strongswan-rw.yml
+++ b/ansible/experiments/strongswan/strongswan-rw.yml
diff --git a/ansible/strongswan-experiment/strongswan-server.yml b/ansible/experiments/strongswan/strongswan-server.yml
index e555b90..e555b90 100644
--- a/ansible/strongswan-experiment/strongswan-server.yml
+++ b/ansible/experiments/strongswan/strongswan-server.yml
diff --git a/ansible/strongswan-experiment/strongswan-vars.yml b/ansible/experiments/strongswan/strongswan-vars.yml
index e72b040..e72b040 100644
--- a/ansible/strongswan-experiment/strongswan-vars.yml
+++ b/ansible/experiments/strongswan/strongswan-vars.yml
diff --git a/ansible/strongswan-experiment/strongswan.md b/ansible/experiments/strongswan/strongswan.md
index 4258037..4258037 100644
--- a/ansible/strongswan-experiment/strongswan.md
+++ b/ansible/experiments/strongswan/strongswan.md
diff --git a/ansible/host_vars/fuckaduck/elasticsearch.yml b/ansible/host_vars/fuckaduck/elasticsearch.yml
new file mode 100644
index 0000000..1eb42bc
--- /dev/null
+++ b/ansible/host_vars/fuckaduck/elasticsearch.yml
@@ -0,0 +1,4 @@
+elasticsearch__state: present
+elasticsearch__data_dir: /opt/elasticsearch/data
+elasticsearch__http_port: 9201
+elasticsearch__tcp_port: 9301
diff --git a/ansible/inventory b/ansible/inventory
index ebf9485..990b299 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -18,6 +18,8 @@ all:
ansible_host: conflatorio.trygvis.io
nextcloud:
ansible_host: 192.168.90.101
+ fuckaduck:
+ ansible_host: fuckaduck.local
children:
desktops:
hosts:
@@ -25,6 +27,9 @@ all:
conflatorio:
arius:
akysis:
+ elasticsearch-servers:
+ hosts:
+ fuckaduck:
sbcs:
hosts:
homepi:
diff --git a/ansible/thirdparty/ansible-elasticsearch b/ansible/thirdparty/ansible-elasticsearch
new file mode 160000
+Subproject f89f56bc347fc4f8ecbf1155fc35082a3a21579