nkakouros-original · abhi8080 · Jul 11, 2024
diff --git a/meta/main.yml b/meta/main.yml
@@ -2,6 +2,7 @@
 
 galaxy_info:
   role_name: kibana
+  namespace: nkakouros
   author: Nikolaos Kakouros
   description: Installs and configures Kibana
   license: GPLv3

diff --git a/molecule/default/playbook.yml → molecule/default/converge.yml b/molecule/default/playbook.yml → molecule/default/converge.yml
@@ -9,7 +9,7 @@
     # (`prepare.yml` and `playbook.yml` in one).
     elastic_certificates_password: 'nk}$Q%];a3Gy$E!QvT8E'
     elastic_builtin_users_password_backup_file: ~/elk/elastic-passwords
-    elastic_certificates_download_dir: ~/elk/certs/
+    elastic_certificates_download_dir: ~/elk/certs
     kibana_host: "{{ ansible_default_ipv4.address }}"
     kibana_elasticsearch_user: >-
       {{

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -3,26 +3,26 @@ dependency:
   name: galaxy
 driver:
   name: docker
-lint:
-  name: yamllint
+lint: |
+  set -e
+  yamllint --config-file molecule/default/yamllint.yml .
+  ansible-lint -c molecule/default/ansible-lint.yml .
+  flake8
 platforms:
-  - name: "instance-${MOLECULE_DISTRO:-ubuntu1604}"
-    image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1604}-ansible:latest"
-    command: ${MOLECULE_INIT_CMD-""}
+  - name: "${MOLECULE_INSTANCE_NAME:-systemd-ubuntu-20.04}"
+    image: "${MOLECULE_DISTRO:-jrei/systemd-ubuntu:20.04}"
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    command: /usr/sbin/init
     privileged: true
     pre_build_image: true
 provisioner:
   name: ansible
-  lint:
-    name: ansible-lint
   options:
     vvv: true
   env:
     IN_MOLECULE: 'true'
+scenario:
+  name: default
 verifier:
-  name: testinfra
-  enabled: false
-  lint:
-    name: flake8
+  name: ansible
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
@@ -5,10 +5,16 @@
   roles:
     - reallyenglish.apt-repo
     - geerlingguy.java
+    - geerlingguy.git
     - nkakouros.elasticsearch
   vars:
-    apt_repo_to_add:
-      - ppa:webupd8team/java
+    apt_repo_to_add: >-
+      {{
+        ['ppa:webupd8team/java']
+        if ansible_distribution_version != '20.04'
+          and ansible_distribution == 'Ubuntu'
+        else []
+      }}
     java_packages:
       - openjdk-8-jre
     elastic_cluster_name: watchmen
@@ -30,7 +36,7 @@
             - "35.210.0.23"
         - name: beats
     elastic_certificates_password: 'nk}$Q%];a3Gy$E!QvT8E'
-    elastic_certificates_download_dir: ~/elk/certs/
+    elastic_certificates_download_dir: ~/elk/certs
     elastic_certificates:
       ca: "{{ elastic_certificates_download_dir }}/ca/ca.crt"
       crt: "{{ elastic_certificates_download_dir }}/elastic/elastic.crt"
@@ -39,11 +45,36 @@
     elastic_builtin_users_set_random_passwords: true
     elastic_builtin_users_password_backup_file: ~/elk/elastic-passwords
     elastic_config:
+      http:
+        host:
+          - localhost
+        port: 9200
+      transport:
+        host:
+          - localhost
+        port: 9300
+      cluster:
+        name: elasticsearch
+      node:
+        name: "{{ inventory_hostname }}"
+        roles: [ master, data, ingest ]
+      discovery:
+        seed_providers:
+          - settings
+        seed_hosts:
+          - 127.0.0.1
+        type: single-node  # `zen`: multi-node cluster, `single-node`: single node cluster
+      path:
+        data: /var/lib/elasticsearch
+        logs: /var/log/elasticsearch
       xpack:
         security:
           hide_settings: 'xpack.security.authc.realms.native.*'
+          enabled: false
+          transport.ssl.enabled: false
+          http.ssl.enabled: false
           authc:
-            accept_default_password: false
+#            accept_default_password: false
             realms:
               native:
                 native1:
@@ -73,3 +104,16 @@
           },
         {%- endfor -%}
       ]
+  pre_tasks:
+    - name: Install necessary packages
+      package:
+        name: "{{ package }}"
+      loop: "{{ packages }}"
+      loop_control:
+        loop_var: package
+      vars:
+        packages:
+          - gnupg
+          - ca-certificates
+          - software-properties-common
+          - sudo
diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml
@@ -3,3 +3,4 @@
 - src: reallyenglish.apt-repo
 - src: geerlingguy.java
 - src: nkakouros.elasticsearch
+- src: geerlingguy.git
diff --git a/tasks/core/keystore.yml b/tasks/core/keystore.yml
@@ -7,7 +7,7 @@
   register: result
 
 - name: Create kibana keystore
-  command: /usr/share/kibana/bin/kibana-keystore create
+  command: /usr/share/kibana/bin/kibana-keystore create --allow-root
   when: not result.stat.exists | bool
   become: true
   become_user: "{{ kibana_user }}"