aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorbinary <me@rgoncalves.se>2021-01-22 21:48:14 +0100
committerbinary <me@rgoncalves.se>2021-01-22 21:48:14 +0100
commit165de68d264460d6cf02dec394d9c9d1c8138c4c (patch)
tree37d46a3ef0f9cfd93d556370df85f91d2a267709 /roles
parent3ee51178ccf8b4ed610da788efe757b633125331 (diff)
downloadinfrastructure-165de68d264460d6cf02dec394d9c9d1c8138c4c.tar.gz
First revision for elastic/kibana stack
Diffstat (limited to 'roles')
-rw-r--r--roles/elasticsearch/tasks/main.yml12
-rw-r--r--roles/kibana/meta/main.yml8
-rw-r--r--roles/kibana/tasks/main.yml20
-rw-r--r--roles/kibana/templates/kibana.yml.j2115
-rw-r--r--roles/kibana/vars/main.yml14
5 files changed, 169 insertions, 0 deletions
diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml
new file mode 100644
index 0000000..ce53f2b
--- /dev/null
+++ b/roles/elasticsearch/tasks/main.yml
@@ -0,0 +1,12 @@
+
+# elasticsearch ~~ roles/elasticsearch/tasks/main.yml
+# elasticsearch setup
+
+---
+
+- name: install elasticsearch
+ package: name=elasticsearch state=present
+
+- name: start and enable elasticsearch service
+ service: name=elasticsearch state=restarted enabled=true
+
diff --git a/roles/kibana/meta/main.yml b/roles/kibana/meta/main.yml
new file mode 100644
index 0000000..879437e
--- /dev/null
+++ b/roles/kibana/meta/main.yml
@@ -0,0 +1,8 @@
+
+# grafana ~~ roles/grafana/meta/main.yml
+# Meta parameters
+
+---
+
+dependencies:
+ - { role: elasticsearch, tags: "dependency" }
diff --git a/roles/kibana/tasks/main.yml b/roles/kibana/tasks/main.yml
new file mode 100644
index 0000000..5031368
--- /dev/null
+++ b/roles/kibana/tasks/main.yml
@@ -0,0 +1,20 @@
+
+# kibana ~~ roles/kibana/tasks/main.yml
+# kibana setup
+
+---
+
+- name: install kibana
+ package: name=kibana state=present
+
+- name: generate kibana configuration
+ template:
+ src: kibana.yml.j2
+ dest: /etc/kibana/kibana.yml
+ owner: "{{ user_root }}"
+ group: "{{ group_root }}"
+ mode: 0644
+
+- name: start and enable kibana service
+ service: name=kibana state=restarted enabled=true
+
diff --git a/roles/kibana/templates/kibana.yml.j2 b/roles/kibana/templates/kibana.yml.j2
new file mode 100644
index 0000000..3729a7c
--- /dev/null
+++ b/roles/kibana/templates/kibana.yml.j2
@@ -0,0 +1,115 @@
+# Kibana is served by a back end server. This setting specifies the port to use.
+server.port: {{ kibana_port }}
+
+# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
+# The default is 'localhost', which usually means remote machines will not be able to connect.
+# To allow connections from remote users, set this parameter to a non-loopback address.
+server.host: "0.0.0.0"
+
+# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
+# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
+# from requests it receives, and to prevent a deprecation warning at startup.
+# This setting cannot end in a slash.
+#server.basePath: ""
+
+# Specifies whether Kibana should rewrite requests that are prefixed with
+# `server.basePath` or require that they are rewritten by your reverse proxy.
+# This setting was effectively always `false` before Kibana 6.3 and will
+# default to `true` starting in Kibana 7.0.
+#server.rewriteBasePath: false
+
+# The maximum payload size in bytes for incoming server requests.
+#server.maxPayloadBytes: 1048576
+
+# The Kibana server's name. This is used for display purposes.
+server.name: "{{ global.domain_name }} kibana"
+
+# The URLs of the Elasticsearch instances to use for all your queries.
+#elasticsearch.hosts: ["http://localhost:9200"]
+
+# When this setting's value is true Kibana uses the hostname specified in the server.host
+# setting. When the value of this setting is false, Kibana uses the hostname of the host
+# that connects to this Kibana instance.
+#elasticsearch.preserveHost: true
+
+# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
+# dashboards. Kibana creates a new index if the index doesn't already exist.
+#kibana.index: ".kibana"
+
+# The default application to load.
+#kibana.defaultAppId: "home"
+
+# If your Elasticsearch is protected with basic authentication, these settings provide
+# the username and password that the Kibana server uses to perform maintenance on the Kibana
+# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
+# is proxied through the Kibana server.
+#elasticsearch.username: "kibana_system"
+#elasticsearch.password: "pass"
+
+# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
+# These settings enable SSL for outgoing requests from the Kibana server to the browser.
+#server.ssl.enabled: false
+#server.ssl.certificate: /path/to/your/server.crt
+#server.ssl.key: /path/to/your/server.key
+
+# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
+# These files are used to verify the identity of Kibana to Elasticsearch and are required when
+# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
+#elasticsearch.ssl.certificate: /path/to/your/client.crt
+#elasticsearch.ssl.key: /path/to/your/client.key
+
+# Optional setting that enables you to specify a path to the PEM file for the certificate
+# authority for your Elasticsearch instance.
+#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]
+
+# To disregard the validity of SSL certificates, change this setting's value to 'none'.
+#elasticsearch.ssl.verificationMode: full
+
+# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
+# the elasticsearch.requestTimeout setting.
+#elasticsearch.pingTimeout: 1500
+
+# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
+# must be a positive integer.
+#elasticsearch.requestTimeout: 30000
+
+# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
+# headers, set this value to [] (an empty list).
+#elasticsearch.requestHeadersWhitelist: [ authorization ]
+
+# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
+# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
+#elasticsearch.customHeaders: {}
+
+# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
+#elasticsearch.shardTimeout: 30000
+
+# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.
+#elasticsearch.startupTimeout: 5000
+
+# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
+#elasticsearch.logQueries: false
+
+# Specifies the path where Kibana creates the process ID file.
+#pid.file: /var/run/kibana.pid
+
+# Enables you to specify a file where Kibana stores log output.
+logging.dest: /var/log/kibana/kibana.log
+
+# Set the value of this setting to true to suppress all logging output.
+#logging.silent: false
+
+# Set the value of this setting to true to suppress all logging output other than error messages.
+logging.quiet: true
+
+# Set the value of this setting to true to log all events, including system usage information
+# and all requests.
+logging.verbose: true
+
+# Set the interval in milliseconds to sample system and process performance
+# metrics. Minimum is 100ms. Defaults to 5000.
+#ops.interval: 5000
+
+# Specifies locale to be used for all localizable strings, dates and number formats.
+# Supported languages are the following: English - en , by default , Chinese - zh-CN .
+#i18n.locale: "en"
diff --git a/roles/kibana/vars/main.yml b/roles/kibana/vars/main.yml
new file mode 100644
index 0000000..5823447
--- /dev/null
+++ b/roles/kibana/vars/main.yml
@@ -0,0 +1,14 @@
+
+# kibana ~~ roles/kibana/tasks/main.yml
+# kibana variables
+
+---
+
+kibana_dir: /data/kibana
+kibana_port: 5601
+kibana_port_out: 5600
+kibana_user: _kibana
+kibana_group: _kibana
+
+kibana_db: sqlite
+kibana_instance_name: "rgoncalves.se logging"
remember that computers suck.