kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-15 08:30:46 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/web-app-elk
History
Kevin Veen-Birkenbach 4fa1c6cfbd
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup 
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
  * kcadm login with no_log protection,
  * fetch LDAP UserStorage component by name,
  * compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).

Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}

https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
2025-08-13 02:20:38 +02:00
..
config
Restructured server config
2025-08-07 11:31:06 +02:00
defaults
Restructure and cleaned up in preparation of new backup logic
2025-07-15 23:51:51 +02:00
files
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
handlers
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
meta
Optimized URLS
2025-08-13 00:33:47 +02:00
tasks
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
2025-08-13 02:20:38 +02:00
templates
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
vars
Restructure and cleaned up in preparation of new backup logic
2025-07-15 23:51:51 +02:00
Administration.md
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
README.md
Optimized URLS
2025-08-13 00:33:47 +02:00
TODO.md
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00

README.md

ELK Stack

Warning

For security reasons, this role is not recommended. If you prefer to keep your logs safe without relying on external servers, consider using an alternative tool.

Overview

This Ansible role deploys and configures an ELK Stack (comprising Elasticsearch, Logstash, and Kibana) using Docker Compose. The ELK Stack is widely used for centralized log collection, analysis, and visualization of log and machine-generated data.

Description

This role performs the following tasks:

  • Setup & Configuration: Installs and configures the three main components—Elasticsearch, Logstash, and Kibana.
  • Template-Driven Adjustments: Adapts configuration files through templates and variables.
  • Docker Integration: Deploys the stack using Docker Compose, integrating it into your containerized environment.
  • Service Management: Handles service restarts and updates through Ansible handlers.

Purpose

The ELK Stack is primarily used for:

  • Centralized Log Management: Consolidating logs from various systems into one location.
  • Real-Time Troubleshooting: Quickly diagnosing issues through live log analysis.
  • Performance Monitoring: Tracking system performance and identifying anomalies.
  • Security Analysis: Detecting and investigating security incidents based on log data.

Features

  • Centralized Log Management: Collects and aggregates logs from disparate systems.
  • Real-Time Analysis: Leverages Elasticsearch for fast data search and analytics.
  • Flexible Data Pipelines: Processes and transforms log data with Logstash.
  • Interactive Visualization: Creates dashboards and visual reports with Kibana.
  • Scalable & Extensible: Easily integrates additional tools and custom configurations via templates.

Credits 📝

Developed and maintained by Kevin Veen-Birkenbach.
For more information, visit www.veen.world.
Part of the Infinito.Nexus Project.
License: Infinito.Nexus NonCommercial License (CNCL)