Commit 757e1c6e authored by Oliver Lowe's avatar Oliver Lowe
Browse files

initial commit

parents
Copyright (c) 2020 Sol1 <support@sol1.com.au>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# sol1.graylog
sol1.graylog installs and configures a basic, standalone graylog
server. It installs barebones elasticsearch and mongodb on the local
host. This setup is based on the official Debian install
[instructions](https://docs.graylog.org/en/3.2/pages/installation/os/debian.html).
Variables:
**password_secret** Secret used for password encryption and salting.
** root_password** Password for the graylog root/admin user.
This is written to the graylog configuration file as a SHA256 hash.
## Example
- hosts: graylog.example.com
roles:
- role: sol1.graylog
vars:
password_secret: "somethingsecret1234"
root_password: "someothersecret"
## Author
Oliver Lowe at [Sol1](https://www.sol1.com.au)
Vagrant.configure("2") do |config|
config.vm.box = "debian/buster64"
config.vm.provision "shell", inline: "sudo apt-get update && apt-get install -y ansible"
config.vm.provision "file", source: ".", destination: ".ansible/roles/sol1.graylog"
config.vm.provision "ansible_local" do |ansible|
ansible.playbook = "tests/test.yml"
end
end
# Managed by ansible
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
cluster.name: graylog
action.auto_create_index: false
---
- name: restart mongod
service:
name: mongod
enabled: yes
state: restarted
- name: set mongodb compatibility
command: 'mongo --eval "db.adminCommand( { setFeatureCompatibilityVersion: \"4.0\" } )"'
- name: restart elasticsearch
service:
name: elasticsearch
enabled: yes
state: restarted
- name: restart graylog
service:
name: graylog-server
enabled: yes
state: restarted
galaxy_info:
author: "Sol1 <support@sol1.com.au>"
description: Install and configure Graylog
company: Sol1
issue_tracker_url: https://gitlab.sol1.net/sars/graylog/issues
license: ISC
min_ansible_version: 2.7
platforms:
- name: Debian
versions:
- buster
galaxy_tags:
- graylog
---
- name: install prerequisite packages
package:
name:
- apt-transport-https
- openjdk-11-jre-headless
- uuid-runtime
- pwgen
- dirmngr
- gnupg
- wget
- name: mongob apt repo key
apt_key:
url: "https://www.mongodb.org/static/pgp/server-4.2.asc"
- name: mongodb apt repo
apt_repository:
repo: "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.2 main"
- name: install mongodb
package:
name: mongodb-org
notify:
- restart mongod
- set mongodb compatibility
- name: elasticsearch apt repo key
apt_key:
url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
- name: elasticsearch apt repo
apt_repository:
repo: "deb https://artifacts.elastic.co/packages/oss-6.x/apt stable main"
- name: install elasticsearch
package:
name: elasticsearch-oss
notify:
- restart elasticsearch
- name: configure elasticsearch
copy:
src: elasticsearch.yml
dest: /etc/elasticsearch/elasticsearch.yml
notify:
- restart elasticsearch
- name: graylog apt repo
apt:
deb: "https://packages.graylog2.org/repo/packages/graylog-3.2-repository_latest.deb"
- name: install graylog
apt:
update_cache: True
name: graylog-server
notify:
- restart graylog
- name: configure graylog
template:
src: server.conf.j2
dest: /etc/graylog/server/server.conf
# Managed by ansible
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = {{ password_secret }}
root_password_sha2 = {{ root_password | hash('sha256') }}
bin_dir = /usr/share/graylog-server/bin
data_dir = /var/lib/graylog-server
plugin_dir = /usr/share/graylog-server/plugin
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://localhost/graylog
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
proxied_requests_thread_pool_size = 32
---
- hosts: default
become: True
roles:
- role: sol1.graylog
vars:
password_secret: "somesecret1234"
root_password: "anothersecret5678"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment