sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-06 07:41:36 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: enable filebeat for all hosts

Browse Source
This commit is contained in:
Johnathen Sheppard
2024-11-23 22:32:26 +00:00
parent b56c7e63e0
commit ca2cfa319c
7 changed files with 36 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
playbook.yaml
View File

@@ -16,8 +16,7 @@
roles:
- { role : signal, tags : [ "signal" ] }
- hosts:
- kube1
- hosts: all
strategy: free
roles:
- { role : filebeat, tags : [ "filebeat" ] }

1
roles/base/tasks/main.yaml
View File

@@ -9,6 +9,7 @@
- apt-file
- htop
- ncdu
- gpg
- name: Ensure Opt dir exists and accessible
file:

5
roles/base/templates/wg-client.conf Normal file
View File

@@ -0,0 +1,5 @@
[Peer]
PublicKey = {{ hypervisor_wg_public_key }}
Endpoint= {{ hypervisor_internal_ip }}:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21

11
roles/base/templates/wg-hypervisor.conf Normal file
View File

@@ -0,0 +1,11 @@
[Interface]
PrivateKey = <server_private_key>
Address = 10.0.0.1/24
ListenPort = 51820
{% for client in clients %}
# {{ client.name }}
[Peer]
PublicKey = <client1_public_key>
AllowedIPs = 10.0.0.{{ loop.index + }}/32
{% endfor %}

4
roles/filebeat/handlers/main.yml Normal file
View File

@@ -0,0 +1,4 @@
- name: restart filebeat
systemd:
name: filebeat
state: restarted

7
roles/filebeat/tasks/main.yaml
View File

@@ -31,3 +31,10 @@
ansible.builtin.systemd:
name: filebeat
enabled: yes
- name: copy filebeat config
template:
src: filebeat.yml
dest: /etc/filebeat/filebeat.yml
notify:
- restart filebeat

8
roles/filebeat/templates/filebeat.yml
View File

@@ -1,10 +1,16 @@
logging.level: error
filebeat.inputs:
- type: filestream
id: kube1-var-log
enabled: true
paths:
- /var/log/*.log
- /var/log/syslog
fields:
syslog: true
processors:
- syslog:
field: message
- type: log
paths: