7c632352a0
The behaviour of the `include` module is badly defined (it try to choose between statically importing the tasks and dynamically including them) and can cause problems depending on any number of constraints (mostly if it choose the wrong behaviour). Replace it with the `import_tasks` (always statically import tasks) unless the `include` is in a loop in which case we replace it with `include_tasks` (always dynamically include tasks).
151 lines
3.2 KiB
YAML
151 lines
3.2 KiB
YAML
---
|
|
|
|
- name: APT https transport is enabled
|
|
apt:
|
|
name: apt-transport-https
|
|
state: present
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: Look for legacy apt keyring
|
|
stat:
|
|
path: /etc/apt/trusted.gpg
|
|
register: _trusted_gpg_keyring
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: Elastic embedded GPG key is absent
|
|
apt_key:
|
|
id: "D88E42B4"
|
|
keyring: /etc/apt/trusted.gpg
|
|
state: absent
|
|
when: _trusted_gpg_keyring.stat.exists
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: Elastic GPG key is installed
|
|
copy:
|
|
src: elastic.asc
|
|
dest: "{{ apt_keyring_dir }}/elastic.asc"
|
|
force: yes
|
|
mode: "0644"
|
|
owner: root
|
|
group: root
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: Elastic sources list is available
|
|
apt_repository:
|
|
repo: "deb [signed-by={{ apt_keyring_dir }}/elastic.asc] https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
|
filename: elastic
|
|
state: present
|
|
update_cache: yes
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: Unsigned Elastic sources list is not available
|
|
apt_repository:
|
|
repo: "deb https://artifacts.elastic.co/packages/{{ elastic_stack_version | mandatory }}/apt stable main"
|
|
filename: elastic
|
|
state: absent
|
|
update_cache: yes
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: Kibana is installed
|
|
apt:
|
|
name: kibana
|
|
state: present
|
|
tags:
|
|
- kibana
|
|
- packages
|
|
|
|
- name: kibana server host configuration
|
|
lineinfile:
|
|
dest: /etc/kibana/kibana.yml
|
|
line: "server.host: \"{{ kibana_server_host }}\""
|
|
regexp: '^server.host:'
|
|
insertafter: '^#server.host:'
|
|
notify: restart kibana
|
|
tags:
|
|
- kibana
|
|
|
|
- name: kibana server basepath configuration
|
|
lineinfile:
|
|
dest: /etc/kibana/kibana.yml
|
|
line: "server.basePath: \"{{ kibana_server_basepath }}\""
|
|
regexp: '^server.basePath:'
|
|
insertafter: '^#server.basePath:'
|
|
notify: restart kibana
|
|
tags:
|
|
- kibana
|
|
|
|
- name: kibana log destination is present
|
|
file:
|
|
dest: /var/log/kibana
|
|
owner: kibana
|
|
group: kibana
|
|
mode: "0750"
|
|
state: directory
|
|
tags:
|
|
- kibana
|
|
|
|
- name: kibana log messages go to custom file
|
|
lineinfile:
|
|
dest: /etc/kibana/kibana.yml
|
|
line: "logging.dest: \"/var/log/kibana/kibana.log\""
|
|
regexp: '^logging.dest:'
|
|
insertafter: '^#logging.dest:'
|
|
notify: restart kibana
|
|
tags:
|
|
- kibana
|
|
|
|
- name: Kibana service is enabled and started
|
|
systemd:
|
|
name: kibana
|
|
enabled: yes
|
|
state: started
|
|
tags:
|
|
- kibana
|
|
|
|
- name: Logrotate configuration is enabled
|
|
copy:
|
|
src: logrotate
|
|
dest: /etc/logrotate.d/kibana
|
|
mode: "0644"
|
|
owner: root
|
|
group: root
|
|
tags:
|
|
- kibana
|
|
|
|
# - name: Get mount options for /usr partition
|
|
# shell: "mount | grep 'on /usr type'"
|
|
# register: mount
|
|
# changed_when: False
|
|
# failed_when: False
|
|
# when: not ansible_check_mode
|
|
#
|
|
# - block:
|
|
# - include_role:
|
|
# name: evolix/remount-usr
|
|
#
|
|
# - name: Move kibana optimize directory
|
|
# shell: "mv /usr/share/kibana/{{ item }} /var/lib/kibana/{{ item }} && ln -s /var/lib/kibana/{{ item }} /usr/share/kibana/{{ item }}"
|
|
# args:
|
|
# creates: "/var/lib/kibana/{{ item }}"
|
|
# notify: restart kibana
|
|
# loop:
|
|
# - optimize
|
|
# - data
|
|
|
|
- import_tasks: proxy_nginx.yml
|
|
when: kibana_proxy_nginx | bool
|
|
tags:
|
|
- kibana
|