e0f77d531a
Systemd overrides have been added to the service unit files for all beats and services. All of the playbooks have been updated to make them look and feel uniform. This also sets handlers within the playbooks so that we're improving the idempotence. Change-Id: I2dd3183dae4bfddc607cc74f9dfb7af115b80abc Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
85 lines
2.0 KiB
YAML
85 lines
2.0 KiB
YAML
---
|
|
- name: Install Auditbeat
|
|
hosts: hosts
|
|
become: true
|
|
vars:
|
|
haproxy_ssl: false
|
|
|
|
vars_files:
|
|
- vars/variables.yml
|
|
|
|
environment: "{{ deployment_environment_variables | default({}) }}"
|
|
|
|
pre_tasks:
|
|
- include_tasks: common_task_data_node_hosts.yml
|
|
tags:
|
|
- always
|
|
|
|
tasks:
|
|
- include_tasks: common_task_install_elk_repo.yml
|
|
|
|
- name: Ensure Auditbeat is installed
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: "{{ elk_package_state | default('present') }}"
|
|
update_cache: true
|
|
with_items:
|
|
- audispd-plugins
|
|
- auditbeat
|
|
register: _apt_task
|
|
until: _apt_task is success
|
|
retries: 3
|
|
delay: 2
|
|
notify:
|
|
- Enable and restart auditbeat
|
|
tags:
|
|
- package_install
|
|
|
|
- name: exit playbook after uninstall
|
|
meta: end_play
|
|
when:
|
|
- (elk_package_state | default('present')) == 'absent'
|
|
|
|
post_tasks:
|
|
- name: Create auditbeat systemd service config dir
|
|
file:
|
|
path: "/etc/systemd/system/auditbeat.service.d"
|
|
state: "directory"
|
|
group: "root"
|
|
owner: "root"
|
|
mode: "0755"
|
|
|
|
- name: Apply systemd options
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "/etc/systemd/system/auditbeat.service.d/{{ item.dest }}"
|
|
mode: "0644"
|
|
with_items:
|
|
- { src: "systemd.general-overrides.conf.j2", dest: "auditbeat-overrides.conf" }
|
|
notify:
|
|
- Enable and restart auditbeat
|
|
|
|
- name: Drop auditbeat conf file
|
|
template:
|
|
src: templates/auditbeat.yml.j2
|
|
dest: /etc/auditbeat/auditbeat.yml
|
|
notify:
|
|
- Enable and restart auditbeat
|
|
|
|
handlers:
|
|
- name: Enable and restart auditbeat
|
|
systemd:
|
|
name: "auditbeat"
|
|
enabled: "true"
|
|
state: restarted
|
|
daemon_reload: true
|
|
when:
|
|
- (elk_package_state | default('present')) != 'absent'
|
|
tags:
|
|
- config
|
|
|
|
tags:
|
|
- beat-install
|
|
|
|
- import_playbook: setupAuditbeat.yml
|