From ca2cfa319c56cacd10dfb551aa46908536cb1754 Mon Sep 17 00:00:00 2001
From: Sheppy <sheppy@atlantishq.de>
Date: Sat, 23 Nov 2024 22:32:26 +0000
Subject: [PATCH] chore: enable filebeat for all hosts

---
 playbook.yaml                           |  3 +--
 roles/base/tasks/main.yaml              |  1 +
 roles/base/templates/wg-client.conf     |  5 +++++
 roles/base/templates/wg-hypervisor.conf | 11 +++++++++++
 roles/filebeat/handlers/main.yml        |  4 ++++
 roles/filebeat/tasks/main.yaml          |  7 +++++++
 roles/filebeat/templates/filebeat.yml   |  8 +++++++-
 7 files changed, 36 insertions(+), 3 deletions(-)
 create mode 100644 roles/base/templates/wg-client.conf
 create mode 100644 roles/base/templates/wg-hypervisor.conf
 create mode 100644 roles/filebeat/handlers/main.yml

diff --git a/playbook.yaml b/playbook.yaml
index 500d539..f5d8007 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -16,8 +16,7 @@
   roles:
     - { role : signal, tags : [ "signal" ] }
 
-- hosts:
-    - kube1
+- hosts: all
   strategy: free
   roles:
     - { role : filebeat, tags : [ "filebeat" ] }
diff --git a/roles/base/tasks/main.yaml b/roles/base/tasks/main.yaml
index b7b694f..30d0b14 100644
--- a/roles/base/tasks/main.yaml
+++ b/roles/base/tasks/main.yaml
@@ -9,6 +9,7 @@
         - apt-file
         - htop
         - ncdu
+        - gpg
 
 - name: Ensure Opt dir exists and accessible
   file:
diff --git a/roles/base/templates/wg-client.conf b/roles/base/templates/wg-client.conf
new file mode 100644
index 0000000..9398006
--- /dev/null
+++ b/roles/base/templates/wg-client.conf
@@ -0,0 +1,5 @@
+[Peer]
+PublicKey = {{ hypervisor_wg_public_key }}
+Endpoint= {{ hypervisor_internal_ip }}:51820
+AllowedIPs = 0.0.0.0/0
+PersistentKeepalive = 21
diff --git a/roles/base/templates/wg-hypervisor.conf b/roles/base/templates/wg-hypervisor.conf
new file mode 100644
index 0000000..b82f154
--- /dev/null
+++ b/roles/base/templates/wg-hypervisor.conf
@@ -0,0 +1,11 @@
+[Interface]
+PrivateKey = <server_private_key>
+Address = 10.0.0.1/24
+ListenPort = 51820
+
+{% for client in clients %}
+# {{ client.name }}
+[Peer]
+PublicKey = <client1_public_key>
+AllowedIPs = 10.0.0.{{ loop.index + }}/32
+{% endfor %}
diff --git a/roles/filebeat/handlers/main.yml b/roles/filebeat/handlers/main.yml
new file mode 100644
index 0000000..fc16b2b
--- /dev/null
+++ b/roles/filebeat/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart filebeat
+  systemd:
+    name: filebeat
+    state: restarted
diff --git a/roles/filebeat/tasks/main.yaml b/roles/filebeat/tasks/main.yaml
index 9293276..ee78965 100644
--- a/roles/filebeat/tasks/main.yaml
+++ b/roles/filebeat/tasks/main.yaml
@@ -31,3 +31,10 @@
   ansible.builtin.systemd:
     name: filebeat
     enabled: yes
+
+- name: copy filebeat config
+  template:
+    src: filebeat.yml
+    dest: /etc/filebeat/filebeat.yml
+  notify:
+    - restart filebeat
diff --git a/roles/filebeat/templates/filebeat.yml b/roles/filebeat/templates/filebeat.yml
index 3d1a072..bb03bcd 100644
--- a/roles/filebeat/templates/filebeat.yml
+++ b/roles/filebeat/templates/filebeat.yml
@@ -1,10 +1,16 @@
+logging.level: error
 filebeat.inputs:
 
 - type: filestream
   id: kube1-var-log
   enabled: true
   paths:
-    - /var/log/*.log
+    - /var/log/syslog
+  fields:
+    syslog: true
+  processors:
+    - syslog:
+        field: message
 
 - type: log
   paths: