Added elk draft

2024-11-10 06:51:04 +01:00 · 2020-12-30 15:41:34 +01:00 · 2020-12-30 15:41:34 +01:00 · 3448734482
commit 3448734482
parent 0ff9953127
7 changed files with 147 additions and 0 deletions
--- a/roles/docker-elk/handlers/main.yml
+++ b/roles/docker-elk/handlers/main.yml
@ -0,0 +1,5 @@
 ---
 - name: recreate docker-elk
  command:
    cmd: docker-compose -p docker-elk up -d --force-recreate
    chdir: /srv/docker-elk
--- a/roles/docker-elk/tasks/main.yml
+++ b/roles/docker-elk/tasks/main.yml
@ -0,0 +1,80 @@
 ---
 - name: recieve {{domain}} certificate
  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
 - name: configure {{domain}}.conf
  template: src=roles/native-nginx-docker-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
  notify: restart nginx
 - name: "create /etc/docker-elk"
  file:
    path: "/etc/docker-elk"
    state: directory
    mode: 0755
 - name: copy elasticsearch.yml
  template: src=elasticsearch.yml dest=/etc/docker-elk/elasticsearch.yml
 - name: copy kibana.yml
  template: src=kibana.yml dest=/etc/docker-elk/kibana.yml
 - name: copy logstash.yml
  template: src=logstash.yml dest=/etc/docker-elk/logstash.yml
 - name: copy logstash.conf
  template: src=logstash.conf dest=/etc/docker-elk/logstash.conf
 - name: "setup elk"
  docker_compose:
    project_name: elk
    definition:
      elasticsearch:
        image: elasticsearch
        restart: always
        volumes:
          - type: bind
            source: /etc/docker-elk/elasticsearch.yml
            target: /usr/share/elasticsearch/config/elasticsearch.yml
            read_only: true
          - type: volume
            source: elasticsearch
            target: /usr/share/elasticsearch/data
        ports:
          - "9200:9200"
          - "9300:9300"
        environment:
          ES_JAVA_OPTS: "-Xmx256m -Xms256m"
          ELASTIC_PASSWORD: changeme
          # Use single node discovery in order to disable production mode and avoid bootstrap checks.
          # see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
          discovery.type: single-node
      logstash:
        image: logstash
        restart: always
        volumes:
          - type: bind
            source: /etc/docker-elk/logstash.yml
            target: /usr/share/logstash/config/logstash.yml
            read_only: true
          - type: bind
            source: /etc/docker-elk/logstash.conf
            target: /usr/share/logstash/pipeline/logstash.conf
            read_only: true
        ports:
          - "5044:5044"
          - "5000:5000/tcp"
          - "5000:5000/udp"
          - "9600:9600"
        environment:
          LS_JAVA_OPTS: "-Xmx256m -Xms256m"
      kibana:
        image: kibana
        restart: always
        volumes:
          - type: bind
            source: /etc/docker-elk/kibana.yml
            target: /usr/share/kibana/config/kibana.yml
            read_only: true
        ports:
          - "5601:5601"
--- a/roles/docker-elk/templates/elasticsearch.yml
+++ b/roles/docker-elk/templates/elasticsearch.yml
@ -0,0 +1,13 @@
 ---
 ## Default Elasticsearch configuration from Elasticsearch base image.
 ## https://github.com/elastic/elasticsearch/blob/master/distribution/docker/src/docker/config/elasticsearch.yml
 #
 cluster.name: "docker-cluster"
 network.host: 0.0.0.0
 ## X-Pack settings
 ## see https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-xpack.html
 #
 xpack.license.self_generated.type: basic
 xpack.security.enabled: true
 xpack.monitoring.collection.enabled: true
--- a/roles/docker-elk/templates/kibana.yml
+++ b/roles/docker-elk/templates/kibana.yml
@ -0,0 +1,13 @@
 ---
 ## Default Kibana configuration from Kibana base image.
 ## https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/templates/kibana_yml.template.ts
 #
 server.name: kibana
 server.host: 0.0.0.0
 elasticsearch.hosts: [ "http://elasticsearch:9200" ]
 monitoring.ui.container.elasticsearch.enabled: true
 ## X-Pack security credentials
 #
 elasticsearch.username: elastic
 elasticsearch.password: changeme
--- a/roles/docker-elk/templates/logstash.conf
+++ b/roles/docker-elk/templates/logstash.conf
@ -0,0 +1,20 @@
 input {
 	beats {
 		port => 5044
 	}
 	tcp {
 		port => 5000
 	}
 }
 ## Add your filters / logstash plugins configuration here
 output {
 	elasticsearch {
 		hosts => "elasticsearch:9200"
 		user => "elastic"
 		password => "changeme"
 		ecs_compatibility => disabled
 	}
 }
--- a/roles/docker-elk/templates/logstash.yml
+++ b/roles/docker-elk/templates/logstash.yml
@ -0,0 +1,12 @@
 ---
 ## Default Logstash configuration from Logstash base image.
 ## https://github.com/elastic/logstash/blob/master/docker/data/logstash/config/logstash-full.yml
 #
 http.host: "0.0.0.0"
 xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]
 ## X-Pack security credentials
 #
 xpack.monitoring.enabled: true
 xpack.monitoring.elasticsearch.username: elastic
 xpack.monitoring.elasticsearch.password: changeme
--- a/site.yml
+++ b/site.yml
@ -47,4 +47,8 @@
        domain: "mail.{{top_domain}}"
        http_port: 8007
        https_port:  4431
   -  role: docker-elk
      vars:
        domain: "kibana.{{top_domain}}"
        http_port: 8008
   - native-docker-volume-backup