diff options
Diffstat (limited to 'ansible')
-rw-r--r-- | ansible/ansible.cfg | 1 | ||||
-rw-r--r-- | ansible/elasticsearch.yml | 64 | ||||
-rw-r--r-- | ansible/experiments/elasticsearch-server/tasks/main.yml | 17 | ||||
-rw-r--r-- | ansible/experiments/strongswan/files/swanctl/CA/ca-cert.der (renamed from ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der) | bin | 834 -> 834 bytes | |||
-rw-r--r-- | ansible/experiments/strongswan/files/swanctl/CA/ca-key.der (renamed from ansible/strongswan-experiment/files/swanctl/CA/ca-key.der) | bin | 1191 -> 1191 bytes | |||
-rw-r--r-- | ansible/experiments/strongswan/files/swanctl/arius/rsa/arius-key.der (renamed from ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der) | bin | 1190 -> 1190 bytes | |||
-rw-r--r-- | ansible/experiments/strongswan/files/swanctl/arius/x509/arius-cert.der (renamed from ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der) | bin | 806 -> 806 bytes | |||
-rw-r--r-- | ansible/experiments/strongswan/roles/strongswan-rw/tasks/main.yml (renamed from ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml) | 0 | ||||
-rw-r--r-- | ansible/experiments/strongswan/roles/strongswan-rw/templates/swanctl.conf (renamed from ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf) | 0 | ||||
-rw-r--r-- | ansible/experiments/strongswan/strongswan-rw.yml (renamed from ansible/strongswan-experiment/strongswan-rw.yml) | 0 | ||||
-rw-r--r-- | ansible/experiments/strongswan/strongswan-server.yml (renamed from ansible/strongswan-experiment/strongswan-server.yml) | 0 | ||||
-rw-r--r-- | ansible/experiments/strongswan/strongswan-vars.yml (renamed from ansible/strongswan-experiment/strongswan-vars.yml) | 0 | ||||
-rw-r--r-- | ansible/experiments/strongswan/strongswan.md (renamed from ansible/strongswan-experiment/strongswan.md) | 0 | ||||
-rw-r--r-- | ansible/host_vars/fuckaduck/elasticsearch.yml | 4 | ||||
-rw-r--r-- | ansible/inventory | 5 | ||||
m--------- | ansible/thirdparty/ansible-elasticsearch | 0 |
16 files changed, 91 insertions, 0 deletions
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 4c70c17..44749f8 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -5,3 +5,4 @@ inventory = ./inventory nocows = True stdout_callback = debug vault_password_file = vault-password +roles_path = roles:thirdparty diff --git a/ansible/elasticsearch.yml b/ansible/elasticsearch.yml new file mode 100644 index 0000000..670bbe1 --- /dev/null +++ b/ansible/elasticsearch.yml @@ -0,0 +1,64 @@ +- hosts: + - elasticsearch-servers + tasks: + - name: Create elasticsearch user + become: yes + user: + name: elasticsearch + system: yes + state: "{{ elasticsearch__state }}" + shell: /bin/bash + - become: yes + file: + path: "{{ elasticsearch__data_dir }}" + state: directory + owner: elasticsearch + group: elasticsearch + mode: u=rwx,go=rx + +- hosts: + - elasticsearch-servers + roles: + - ansible-elasticsearch + vars: + es_instance_name: "node1" + es_data_dirs: + - "{{ elasticsearch__data_dir }}" + es_config: + http.port: "{{ elasticsearch__http_port }}" + transport.tcp.port: "{{ elasticsearch__tcp_port }}" + discovery.zen.ping.unicast.hosts: "localhost:9301" + es_api_basic_auth_username: admin + es_api_basic_auth_password: admin + tasks: + - name: enable elasticsearch + tags: elasticsearch + systemd: + name: elasticsearch + state: started + enabled: yes + + - tags: kibana + become: yes + block: + - apt: + name: kibana + install_recommends: false + - lineinfile: + path: /etc/kibana/kibana.yml + #elasticsearch.url: "http://localhost:9200" + regexp: "elasticsearch\\.url" + line: 'elasticsearch.url: "http://localhost:{{ elasticsearch__http_port }}"' + notify: restart kibana + - name: enable kibana + systemd: + name: kibana + state: started + enabled: yes + + handlers: + - name: restart kibana + become: yes + systemd: + name: kibana + state: restarted diff --git a/ansible/experiments/elasticsearch-server/tasks/main.yml b/ansible/experiments/elasticsearch-server/tasks/main.yml new file mode 100644 index 0000000..0019cb6 --- /dev/null +++ b/ansible/experiments/elasticsearch-server/tasks/main.yml @@ -0,0 +1,17 @@ +- become: yes + tags: + - elasticsearch-server + block: + - name: Create elasticsearch user + user: + name: elasticsearch + system: yes + state: "{{ elasticsearch_server__state }}" + shell: /bin/bash + - name: Download ES + when: elasticsearch_server__state == 'present' + get_url: + url: "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{ elasticsearch_server__version }}.tar.gz" + checksum: "{{ elasticsearch_server__checksum }}" + dest: /opt/elasticsearch + mode: u=rwx,go=rx diff --git a/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der b/ansible/experiments/strongswan/files/swanctl/CA/ca-cert.der Binary files differindex 73e9b45..73e9b45 100644 --- a/ansible/strongswan-experiment/files/swanctl/CA/ca-cert.der +++ b/ansible/experiments/strongswan/files/swanctl/CA/ca-cert.der diff --git a/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der b/ansible/experiments/strongswan/files/swanctl/CA/ca-key.der Binary files differindex 740545a..740545a 100644 --- a/ansible/strongswan-experiment/files/swanctl/CA/ca-key.der +++ b/ansible/experiments/strongswan/files/swanctl/CA/ca-key.der diff --git a/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der b/ansible/experiments/strongswan/files/swanctl/arius/rsa/arius-key.der Binary files differindex 5c988d9..5c988d9 100644 --- a/ansible/strongswan-experiment/files/swanctl/arius/rsa/arius-key.der +++ b/ansible/experiments/strongswan/files/swanctl/arius/rsa/arius-key.der diff --git a/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der b/ansible/experiments/strongswan/files/swanctl/arius/x509/arius-cert.der Binary files differindex 562c76b..562c76b 100644 --- a/ansible/strongswan-experiment/files/swanctl/arius/x509/arius-cert.der +++ b/ansible/experiments/strongswan/files/swanctl/arius/x509/arius-cert.der diff --git a/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml b/ansible/experiments/strongswan/roles/strongswan-rw/tasks/main.yml index fb09476..fb09476 100644 --- a/ansible/strongswan-experiment/roles/strongswan-rw/tasks/main.yml +++ b/ansible/experiments/strongswan/roles/strongswan-rw/tasks/main.yml diff --git a/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf b/ansible/experiments/strongswan/roles/strongswan-rw/templates/swanctl.conf index 90d212b..90d212b 100644 --- a/ansible/strongswan-experiment/roles/strongswan-rw/templates/swanctl.conf +++ b/ansible/experiments/strongswan/roles/strongswan-rw/templates/swanctl.conf diff --git a/ansible/strongswan-experiment/strongswan-rw.yml b/ansible/experiments/strongswan/strongswan-rw.yml index 136e9ad..136e9ad 100644 --- a/ansible/strongswan-experiment/strongswan-rw.yml +++ b/ansible/experiments/strongswan/strongswan-rw.yml diff --git a/ansible/strongswan-experiment/strongswan-server.yml b/ansible/experiments/strongswan/strongswan-server.yml index e555b90..e555b90 100644 --- a/ansible/strongswan-experiment/strongswan-server.yml +++ b/ansible/experiments/strongswan/strongswan-server.yml diff --git a/ansible/strongswan-experiment/strongswan-vars.yml b/ansible/experiments/strongswan/strongswan-vars.yml index e72b040..e72b040 100644 --- a/ansible/strongswan-experiment/strongswan-vars.yml +++ b/ansible/experiments/strongswan/strongswan-vars.yml diff --git a/ansible/strongswan-experiment/strongswan.md b/ansible/experiments/strongswan/strongswan.md index 4258037..4258037 100644 --- a/ansible/strongswan-experiment/strongswan.md +++ b/ansible/experiments/strongswan/strongswan.md diff --git a/ansible/host_vars/fuckaduck/elasticsearch.yml b/ansible/host_vars/fuckaduck/elasticsearch.yml new file mode 100644 index 0000000..1eb42bc --- /dev/null +++ b/ansible/host_vars/fuckaduck/elasticsearch.yml @@ -0,0 +1,4 @@ +elasticsearch__state: present +elasticsearch__data_dir: /opt/elasticsearch/data +elasticsearch__http_port: 9201 +elasticsearch__tcp_port: 9301 diff --git a/ansible/inventory b/ansible/inventory index ebf9485..990b299 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -18,6 +18,8 @@ all: ansible_host: conflatorio.trygvis.io nextcloud: ansible_host: 192.168.90.101 + fuckaduck: + ansible_host: fuckaduck.local children: desktops: hosts: @@ -25,6 +27,9 @@ all: conflatorio: arius: akysis: + elasticsearch-servers: + hosts: + fuckaduck: sbcs: hosts: homepi: diff --git a/ansible/thirdparty/ansible-elasticsearch b/ansible/thirdparty/ansible-elasticsearch new file mode 160000 +Subproject f89f56bc347fc4f8ecbf1155fc35082a3a21579 |