Add ansible provisioning (#122)
* first ansible skeleton * first commit of ansible installation of vulnwhisperer outside docker * first ansible skeleton * first commit of ansible installation of vulnwhisperer outside docker * refactor the ansible role a bit * update readme, add fail validation step to provision.yml and fix typo when calling a logging funciton
This commit is contained in:
Andrea Lusuardi
committed by
Quim Montal
Quim Montal
parent
a8671a7303
commit
3a09f60543
@ -0,0 +1,129 @@
|
||||
---
|
||||
# Configure Elasticsearch Node
|
||||
|
||||
#Create required directories
|
||||
- name: Create Directories
|
||||
become: yes
|
||||
file: path={{ item }} state=directory owner={{ es_user }} group={{ es_group }}
|
||||
with_items:
|
||||
- "{{pid_dir}}"
|
||||
- "{{log_dir}}"
|
||||
- "{{conf_dir}}"
|
||||
|
||||
- name: Create Data Directories
|
||||
become: yes
|
||||
file: path={{ item }} state=directory owner={{ es_user }} group={{ es_group }}
|
||||
with_items:
|
||||
- "{{data_dirs}}"
|
||||
|
||||
|
||||
#Copy the config template
|
||||
- name: Copy Configuration File
|
||||
become: yes
|
||||
template: src=elasticsearch.yml.j2 dest={{conf_dir}}/elasticsearch.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
|
||||
register: system_change
|
||||
notify: restart elasticsearch
|
||||
|
||||
#Copy the instance specific default file
|
||||
- name: Copy Default File for Instance
|
||||
become: yes
|
||||
template: src=elasticsearch.j2 dest={{instance_default_file}} mode=0644 force=yes
|
||||
notify: restart elasticsearch
|
||||
|
||||
#Copy the instance specific init file
|
||||
- name: Copy Debian Init File for Instance
|
||||
become: yes
|
||||
template: src=init/debian/elasticsearch.j2 dest={{instance_init_script}} mode=0755 force=yes
|
||||
when: ansible_os_family == 'Debian' and not use_system_d
|
||||
notify: restart elasticsearch
|
||||
|
||||
#Copy the instance specific init file
|
||||
- name: Copy Redhat Init File for Instance
|
||||
become: yes
|
||||
template: src=init/redhat/elasticsearch.j2 dest={{instance_init_script}} mode=0755 force=yes
|
||||
when: ansible_os_family == 'RedHat' and not use_system_d
|
||||
notify: restart elasticsearch
|
||||
|
||||
#Copy the systemd specific file if systemd is installed
|
||||
- name: Copy Systemd File for Instance
|
||||
become: yes
|
||||
template: src=systemd/elasticsearch.j2 dest={{instance_sysd_script}} mode=0644 force=yes
|
||||
when: use_system_d
|
||||
notify:
|
||||
- reload systemd configuration
|
||||
- restart elasticsearch
|
||||
|
||||
#Copy the logging.yml
|
||||
- name: Copy log4j2.properties File for Instance
|
||||
become: yes
|
||||
template: src={{es_config_log4j2}} dest={{conf_dir}}/log4j2.properties owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
|
||||
notify: restart elasticsearch
|
||||
|
||||
- name: Copy jvm.options File for Instance
|
||||
become: yes
|
||||
template: src=jvm.options.j2 dest={{conf_dir}}/jvm.options owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
|
||||
notify: restart elasticsearch
|
||||
|
||||
#Clean up un-wanted package scripts to avoid confusion
|
||||
|
||||
- name: Delete Default Init
|
||||
become: yes
|
||||
file: dest=/etc/init.d/elasticsearch state=absent
|
||||
|
||||
- name: Create empty default environment file
|
||||
become: yes
|
||||
changed_when: False
|
||||
copy:
|
||||
dest: /etc/default/elasticsearch
|
||||
content: ''
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Create empty default environment file
|
||||
become: yes
|
||||
changed_when: False
|
||||
copy:
|
||||
dest: /etc/sysconfig/elasticsearch
|
||||
content: ''
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Symlink default systemd service to first instance of elasticsearch
|
||||
when: use_system_d
|
||||
block:
|
||||
- name: Check if default systemd file exists
|
||||
stat:
|
||||
path: "{{ sysd_script }}"
|
||||
register: sysd_stat_result
|
||||
|
||||
- name: Remove if it is a normal file
|
||||
become: yes
|
||||
file:
|
||||
path: "{{ sysd_script }}"
|
||||
state: absent
|
||||
when: sysd_stat_result.stat.exists and not sysd_stat_result.stat.islnk
|
||||
|
||||
- name: Create a symbolic link to the default systemd location to the first instance running on this host
|
||||
become: yes
|
||||
file:
|
||||
state: link
|
||||
src: "{{ instance_sysd_script }}"
|
||||
path: "{{ sysd_script }}"
|
||||
when: sysd_stat_result.stat.exists and not sysd_stat_result.stat.islnk
|
||||
notify:
|
||||
- reload systemd configuration
|
||||
- restart elasticsearch
|
||||
|
||||
- name: Delete Default Configuration File
|
||||
become: yes
|
||||
file: dest=/etc/elasticsearch/elasticsearch.yml state=absent
|
||||
|
||||
- name: Delete Default Logging File
|
||||
become: yes
|
||||
file: dest=/etc/elasticsearch/logging.yml state=absent
|
||||
|
||||
- name: Delete Default Logging File
|
||||
become: yes
|
||||
file: dest=/etc/elasticsearch/log4j2.properties state=absent
|
||||
|
||||
- name: Delete Default JVM Options File
|
||||
become: yes
|
||||
file: dest=/etc/elasticsearch/jvm.options state=absent
|
||||
Reference in New Issue
Block a user