diff --git a/Ansible-ELK-Stack/roles/elk/vars/main.yml b/Ansible-ELK-Stack/roles/elk/vars/main.yml index 24ce071..c5ecdfd 100644 --- a/Ansible-ELK-Stack/roles/elk/vars/main.yml +++ b/Ansible-ELK-Stack/roles/elk/vars/main.yml @@ -1,2 +1,3 @@ --- -# vars file for elk \ No newline at end of file +# vars file for elk +kibana_password: PleaseChangeMe \ No newline at end of file diff --git a/Ansible-ELK-Stack/roles/elk_ssl/vars/main.yml b/Ansible-ELK-Stack/roles/elk_ssl/vars/main.yml index 24ce071..8db1702 100644 --- a/Ansible-ELK-Stack/roles/elk_ssl/vars/main.yml +++ b/Ansible-ELK-Stack/roles/elk_ssl/vars/main.yml @@ -1,2 +1,10 @@ ---- -# vars file for elk \ No newline at end of file +$ANSIBLE_VAULT;1.1;AES256 +63356536353161643466306237376139666236303963636638353130626138386661653635616639 +3565363231303364353738613430386231353161306537620a313364306463643837313866383933 +39336638633934373263386666633061626230613935666435633765343734353435393664356563 +6563393538623632340a623830306137326666356363343638633236343538373331643530626236 +65323739386564666363626238666231653130376661333164646366303034316630663038376230 +63646338653131353565626161333762646237656433376338633064396364643034393131646539 +31653731353738636530393164373662613433393738316633313366633065643332366437656232 +36666662356232633362643932326339663834326466626666323864353463313136346533373061 +3665 diff --git a/Ansible-ELK-Stack/setupKibanaPassword.sh b/Ansible-ELK-Stack/setupKibanaPassword.sh index eeb6c2f..12e0b2e 100644 --- a/Ansible-ELK-Stack/setupKibanaPassword.sh +++ b/Ansible-ELK-Stack/setupKibanaPassword.sh @@ -13,5 +13,4 @@ do sleep 5 done -echo "fuckkkkkkkkkkkkkkkkkkk" curl -X POST -v -k "https://localhost:9200/_security/user/kibana/_password?pretty" -u elastic:PleaseChangeMe -H 'Content-Type: application/json' -d ' { "password" : "PleaseChangeMe" } ' diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..9d47857 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,3 @@ +[defaults] +host_key_checking=False +inventory=./inventory diff --git a/install-docker.yml b/install-docker.yml new file mode 100644 index 0000000..0d3d95a --- /dev/null +++ b/install-docker.yml @@ -0,0 +1,85 @@ +--- #centos8 edition +- hosts: elk_server + become: yes + become_method: sudo + tasks: + - name: VIEW ALL ANSIBLE FACT KEYS + debug: + msg: "{{ ansible_facts }}" + + - name: "Remove All Deprecated/ Install Docker" + yum: + name: "{{ item }}" + state: absent + loop: + - docker + - docker-client + - docker-client-latest + - docker-common + - docker-latest + - docker-latest-logrotate + - docker-logrotate + - docker-engine + + - name: "Install yum-utils" + yum: + name: yum-utils + state: present + + - name: "Add Repository repo yum-config-manager" + command: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + + - name: "DNF package update containerd.io" + yum: + name: "https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm" + state: present + + - name: "Yum install Docker" + yum: + name: "{{ item }}" + state: present + loop: + - docker-ce + - docker-ce-cli + - containerd.io + + - name: "Start Docker Service" + service: + name: docker + state: reloaded + + - name: "Add ansible_user (login user) to docker group" + user: + name: "{{ ansible_user }}" + shell: /bin/bash + groups: docker + append: yes + + - name: "Install Git & Python" + yum: + name: "{{ item }}" + state: present + loop: + - git + - python3 + + - name: "Install docker-compose" + yum: + name: "{{ item }}" + state: present + loop: + - git + - python3 + + + + + + + + + + + + + diff --git a/install-elk.yml b/install-elk.yml new file mode 100644 index 0000000..20a542d --- /dev/null +++ b/install-elk.yml @@ -0,0 +1,4 @@ +--- #centos8 edition +- hosts: elk_server + roles: + - elk \ No newline at end of file diff --git a/roles/docker/.travis.yml b/roles/docker/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/docker/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/docker/README.md b/roles/docker/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/docker/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml new file mode 100644 index 0000000..c456773 --- /dev/null +++ b/roles/docker/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for docker \ No newline at end of file diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml new file mode 100644 index 0000000..85610a1 --- /dev/null +++ b/roles/docker/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for docker \ No newline at end of file diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/roles/docker/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml new file mode 100644 index 0000000..dd0d454 --- /dev/null +++ b/roles/docker/tasks/main.yml @@ -0,0 +1,85 @@ +--- +# tasks file for docker +- name: VIEW ALL ANSIBLE FACT KEYS + debug: + msg: "{{ ansible_facts }}" + +- name: "Remove All Deprecated/ Install Docker" + yum: + name: "{{ item }}" + state: absent + loop: + - docker + - docker-client + - docker-client-latest + - docker-common + - docker-latest + - docker-latest-logrotate + - docker-logrotate + - docker-engine + +- name: "Install yum-utils" + yum: + name: yum-utils + state: present + +- name: "Add Repository repo yum-config-manager" + command: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + +- name: "DNF package update containerd.io" + yum: + name: "https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm" + state: present + +- name: "Yum install Docker" + yum: + name: "{{ item }}" + state: present + loop: + - docker-ce + - docker-ce-cli + - containerd.io + +- name: "Start Docker Service" + systemd: + name: docker + state: reloaded + enabled: yes + +- name: "Add ansible_user (login user) to docker group" + user: + name: "{{ ansible_user }}" + shell: /bin/bash + groups: + - docker + append: yes + +- name: "Install Git & Python" + yum: + name: "{{ item }}" + state: present + loop: + - git + - python3 + - python3-pip + +- name: "pip install docker-compose" + pip: + name: docker-compose + state: present + + # - name: "CURL docker-compose" + # get_url: + # url: "https://github.com/docker/compose/releases/download/1.26.0/docker-compose-{{ansible_system}}-{{ansible_userspace_architecture}}" + # dest: "/usr/local/bin/docker-compose" + + # - name: "Add permission to docker-compose inorder to run execute bin command" + # file: + # path: /usr/local/bin/docker-compose + # mode: +x + + # - name: "Add Symbolik Link to docker-compose bin /usr/bin" + # file: + # state: link + # src: /usr/local/bin/docker-compose + # dest: /usr/bin/docker-compose diff --git a/roles/docker/tests/inventory b/roles/docker/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/docker/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/docker/tests/test.yml b/roles/docker/tests/test.yml new file mode 100644 index 0000000..2c81ca4 --- /dev/null +++ b/roles/docker/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - docker \ No newline at end of file diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml new file mode 100644 index 0000000..dc934ce --- /dev/null +++ b/roles/docker/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for docker \ No newline at end of file diff --git a/roles/elk/.travis.yml b/roles/elk/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/elk/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/elk/README.md b/roles/elk/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/elk/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/elk/defaults/main.yml b/roles/elk/defaults/main.yml new file mode 100644 index 0000000..dd8c32f --- /dev/null +++ b/roles/elk/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for elk \ No newline at end of file diff --git a/roles/elk/handlers/main.yml b/roles/elk/handlers/main.yml new file mode 100644 index 0000000..ae50153 --- /dev/null +++ b/roles/elk/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for elk \ No newline at end of file diff --git a/roles/elk/meta/main.yml b/roles/elk/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/roles/elk/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/roles/elk/tasks/main.yml b/roles/elk/tasks/main.yml new file mode 100644 index 0000000..22b83dd --- /dev/null +++ b/roles/elk/tasks/main.yml @@ -0,0 +1,55 @@ +--- +# tasks file for elk +- name: "git clone project MeetU" + become: no + git: + repo: "https://github.com/wdrdres3qew5ts21/MeetU.git" + dest: "~/meetu" + update: yes + + +- name: "Start docker-compose Generate SSL & X.509" + become: no + docker_compose: + project_src: "~/meetu" + files: + - create-cert-pem.yml + state: present + +- name: "Teardown all ELK Stack" + become: no + docker_compose: + project_src: "~/meetu" + files: + - docker-compose-elastic-single.yml + state: absent + remove_orphans: true + +- name: "Start docker-compose ELK stack ;)" + become: no + docker_compose: + project_src: "~/meetu" + files: + - docker-compose-elastic-single.yml + state: present + remove_orphans: true + +- name: Change Kibana Password API + uri: + url: "http://localhost:9200/_security/user/kibana/_password?pretty" + follow_redirects: none + method: POST + user: elastic + password: PleaseChangeMe + force_basic_auth: yes + body_format: json + body: > + { "password": "{{kibana_password}}" } + register: _result + until: _result.status == 200 + retries: 20 + delay: 5 + + + + \ No newline at end of file diff --git a/roles/elk/tests/inventory b/roles/elk/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/elk/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/elk/tests/test.yml b/roles/elk/tests/test.yml new file mode 100644 index 0000000..1344312 --- /dev/null +++ b/roles/elk/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - elk \ No newline at end of file diff --git a/roles/elk/vars/main.yml b/roles/elk/vars/main.yml new file mode 100644 index 0000000..c5ecdfd --- /dev/null +++ b/roles/elk/vars/main.yml @@ -0,0 +1,3 @@ +--- +# vars file for elk +kibana_password: PleaseChangeMe \ No newline at end of file diff --git a/roles/elk_ansible/.travis.yml b/roles/elk_ansible/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/elk_ansible/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/elk_ansible/README.md b/roles/elk_ansible/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/elk_ansible/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/elk_ansible/defaults/main.yml b/roles/elk_ansible/defaults/main.yml new file mode 100644 index 0000000..c402ca0 --- /dev/null +++ b/roles/elk_ansible/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for elk_ansible \ No newline at end of file diff --git a/roles/elk_ansible/handlers/main.yml b/roles/elk_ansible/handlers/main.yml new file mode 100644 index 0000000..823f4a4 --- /dev/null +++ b/roles/elk_ansible/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for elk_ansible \ No newline at end of file diff --git a/roles/elk_ansible/meta/main.yml b/roles/elk_ansible/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/roles/elk_ansible/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/roles/elk_ansible/tasks/main.yml b/roles/elk_ansible/tasks/main.yml new file mode 100644 index 0000000..0c7516f --- /dev/null +++ b/roles/elk_ansible/tasks/main.yml @@ -0,0 +1,54 @@ +--- +# tasks file for elk_ansible +- name: "git clone project MeetU" + become: no + git: + repo: "https://github.com/wdrdres3qew5ts21/MeetU.git" + dest: "~/meetu" + update: yes + + +- name: "Start docker-compose Generate SSL & X.509" + docker_compose: + project_src: "~/meetu" + files: + - create-cert-pem.yml + state: present + +- name: "Teardown all ELK Stack" + docker_compose: + project_src: "~/meetu" + files: + - docker-compose-elastic-single-ssl.yml + state: absent + remove_orphans: true + +- name: "Start docker-compose ELK stack ;)" + docker_compose: + project_src: "~/meetu" + files: + - docker-compose-elastic-single-ssl.yml + state: present + remove_orphans: true + +- name: "Change password for Kibana" + shell: + cmd: > + bash -c " + while true + do + curl --fail -u elastic:PleaseChangeMe \ + 'http://localhost:9200/_cluster/health?wait_for_status=yellow' \ + && break + sleep 5 + done + + curl -X POST -v -k 'http://localhost:9200/_security/user/kibana/_password?pretty' \ + -u elastic:PleaseChangeMe -H 'Content-Type: application/json' \ + -d ' { \"password\" : \"PleaseChangeMe\" } ' && echo 'success change password success' + " + + + + + \ No newline at end of file diff --git a/roles/elk_ansible/tests/inventory b/roles/elk_ansible/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/elk_ansible/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/elk_ansible/tests/test.yml b/roles/elk_ansible/tests/test.yml new file mode 100644 index 0000000..47c7c8c --- /dev/null +++ b/roles/elk_ansible/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - elk_ansible \ No newline at end of file diff --git a/roles/elk_ansible/vars/main.yml b/roles/elk_ansible/vars/main.yml new file mode 100644 index 0000000..4a27c74 --- /dev/null +++ b/roles/elk_ansible/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for elk_ansible diff --git a/roles/elk_ssl/.travis.yml b/roles/elk_ssl/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/elk_ssl/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/elk_ssl/README.md b/roles/elk_ssl/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/elk_ssl/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/elk_ssl/defaults/main.yml b/roles/elk_ssl/defaults/main.yml new file mode 100644 index 0000000..dd8c32f --- /dev/null +++ b/roles/elk_ssl/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for elk \ No newline at end of file diff --git a/roles/elk_ssl/handlers/main.yml b/roles/elk_ssl/handlers/main.yml new file mode 100644 index 0000000..ae50153 --- /dev/null +++ b/roles/elk_ssl/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for elk \ No newline at end of file diff --git a/roles/elk_ssl/meta/main.yml b/roles/elk_ssl/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/roles/elk_ssl/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/roles/elk_ssl/tasks/main.yml b/roles/elk_ssl/tasks/main.yml new file mode 100644 index 0000000..2e0481b --- /dev/null +++ b/roles/elk_ssl/tasks/main.yml @@ -0,0 +1,61 @@ +--- +# tasks file for elk +# vars ไฟล์จะโดนดูดเข้ามาอัตโนมัติทันทีชื่อต้องตาม format yml แท้ๆ ห้ามมีจุด ต้องใช้แบบ key pair indent : +# - name: fdsfsd +# debug: +# msg: "{{kibana_password}}" + +- name: "git clone project MeetU {{kibana.password}}" + become: no + git: + repo: "https://github.com/wdrdres3qew5ts21/MeetU.git" + dest: "~/meetu" + update: yes + + +- name: "Start docker-compose Generate SSL & X.509" + become: no + docker_compose: + project_src: "~/meetu" + files: + - create-cert-pem.yml + state: present + +- name: "Teardown all ELK Stack" + become: no + docker_compose: + project_src: "~/meetu" + files: + - docker-compose-elastic-single-full-ssl.yml + state: absent + remove_orphans: true + +- name: "Start docker-compose ELK stack ;)" + become: no + docker_compose: + project_src: "~/meetu" + files: + - docker-compose-elastic-single-full-ssl.yml + state: present + remove_orphans: true + + +- name: Change Kibana Password API + uri: + url: "https://localhost:9200/_security/user/kibana/_password?pretty" + follow_redirects: none + method: POST + user: elastic + password: PleaseChangeMe + validate_certs: no + force_basic_auth: yes + body_format: json + body: > + { "password": "{{kibana_password}}" } + register: _result + until: _result.status == 200 + retries: 20 + delay: 5 + +# "{ \"password\": \"{{ kibana_password }}\" }" + \ No newline at end of file diff --git a/roles/elk_ssl/tests/inventory b/roles/elk_ssl/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/elk_ssl/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/elk_ssl/tests/test.yml b/roles/elk_ssl/tests/test.yml new file mode 100644 index 0000000..1344312 --- /dev/null +++ b/roles/elk_ssl/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - elk \ No newline at end of file diff --git a/roles/elk_ssl/vars/main.yml b/roles/elk_ssl/vars/main.yml new file mode 100644 index 0000000..8db1702 --- /dev/null +++ b/roles/elk_ssl/vars/main.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.1;AES256 +63356536353161643466306237376139666236303963636638353130626138386661653635616639 +3565363231303364353738613430386231353161306537620a313364306463643837313866383933 +39336638633934373263386666633061626230613935666435633765343734353435393664356563 +6563393538623632340a623830306137326666356363343638633236343538373331643530626236 +65323739386564666363626238666231653130376661333164646366303034316630663038376230 +63646338653131353565626161333762646237656433376338633064396364643034393131646539 +31653731353738636530393164373662613433393738316633313366633065643332366437656232 +36666662356232633362643932326339663834326466626666323864353463313136346533373061 +3665 diff --git a/roles/elk_ssl/vars/main_template.yml b/roles/elk_ssl/vars/main_template.yml new file mode 100644 index 0000000..15dcb42 --- /dev/null +++ b/roles/elk_ssl/vars/main_template.yml @@ -0,0 +1,4 @@ +--- +# vars file for elk +elastic_password: +kibana_password: \ No newline at end of file diff --git a/setup-ssl-stack.yml b/setup-ssl-stack.yml new file mode 100644 index 0000000..d744c22 --- /dev/null +++ b/setup-ssl-stack.yml @@ -0,0 +1,6 @@ +- hosts: elk_server + become: yes + become_method: sudo + roles: # ทำให้ ansible รันเฉพาะ tag ได้ถ้าไม่ระบุแท๊กก็จะรันทั้งมด ansible-playbook setup.yml -t docker + - {role: docker, tags: "docker"} + - {role: elk_ssl, tags: "elk_ssl"} diff --git a/setup-stack.yml b/setup-stack.yml new file mode 100644 index 0000000..4d9cb63 --- /dev/null +++ b/setup-stack.yml @@ -0,0 +1,6 @@ +- hosts: elk_server + # become: yes + # become_method: sudo + roles: # ทำให้ ansible รันเฉพาะ tag ได้ถ้าไม่ระบุแท๊กก็จะรันทั้งมด ansible-playbook setup.yml -t docker + - {role: docker, tags: "docker"} + - {role: elk, tags: "elk"}