diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 0000000..13566b8
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
diff --git a/.idea/graylog.iml b/.idea/graylog.iml
new file mode 100644
index 0000000..c956989
--- /dev/null
+++ b/.idea/graylog.iml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 0000000..789b884
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/php.xml b/.idea/php.xml
new file mode 100644
index 0000000..2b95591
--- /dev/null
+++ b/.idea/php.xml
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..35eb1dd
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/app-name/.env b/app-name/.env
deleted file mode 100644
index db65b31..0000000
--- a/app-name/.env
+++ /dev/null
@@ -1 +0,0 @@
-RANDOM=value
diff --git a/app-name/compose.yml b/app-name/compose.yml
deleted file mode 100644
index cc10e19..0000000
--- a/app-name/compose.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-services:
- app:
-
- database:
diff --git a/graylog/.env b/graylog/.env
new file mode 100644
index 0000000..b9b7aeb
--- /dev/null
+++ b/graylog/.env
@@ -0,0 +1,14 @@
+# You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
+# Generate one by using for example: pwgen -N 1 -s 96
+# ATTENTION: This value must be the same on all Graylog nodes in the cluster.
+# Changing this value after installation will render all user sessions and encrypted values in the database invalid. (e.g. encrypted access tokens)
+GRAYLOG_PASSWORD_SECRET="j3rzQ5PtN7G0cSwbeZ3kOKYKEdAxe1mAkCpAT4P8x3EVyvh3ne36yEbUCWHj1UXc"
+
+# You MUST specify a hash password for the root user (which you only need to initially set up the
+# system and in case you lose connectivity to your authentication backend)
+# This password cannot be changed using the API or via the web interface. If you need to change it,
+# modify it in this file.
+# Create one by using for example: echo -n yourpassword | shasum -a 256
+# and put the resulting hash value into the following line
+# CHANGE THIS!
+GRAYLOG_ROOT_PASSWORD_SHA2="5bc4d00447024a72da02976443b4a4b88d1656b545d2bef70ceed61a70f68fa1"
\ No newline at end of file
diff --git a/graylog/compose.yml b/graylog/compose.yml
new file mode 100644
index 0000000..1bdc4d6
--- /dev/null
+++ b/graylog/compose.yml
@@ -0,0 +1,95 @@
+services:
+ # MongoDB: https://hub.docker.com/_/mongo/
+ mongodb:
+ image: "mongo:6.0"
+ restart: "on-failure"
+ networks:
+ - graylog
+ volumes:
+ - "mongodb_data:/data/db"
+ - "mongodb_config:/data/configdb"
+
+ # For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch.
+ # Please take a look at the README at the top of this repo or the regular docs for more info.
+ # Graylog Data Node: https://hub.docker.com/r/graylog/graylog-datanode
+
+ # ⚠️ Make sure this is set on the host before starting:
+ # echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
+ # sudo sysctl -p
+ datanode:
+ image: "${DATANODE_IMAGE:-graylog/graylog-datanode:6.3}"
+ hostname: "datanode"
+ environment:
+ GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id"
+ # GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value
+ GRAYLOG_DATANODE_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}"
+ GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog"
+ ulimits:
+ memlock:
+ hard: -1
+ soft: -1
+ nofile:
+ soft: 65536
+ hard: 65536
+ ports:
+ - "8999:8999/tcp" # DataNode API
+ - "9200:9200/tcp"
+ - "9300:9300/tcp"
+ networks:
+ - graylog
+ volumes:
+ - "graylog-datanode:/var/lib/graylog-datanode"
+ restart: "on-failure"
+
+ # Graylog: https://hub.docker.com/r/graylog/graylog-enterprise
+ graylog:
+ hostname: "server"
+ image: "${GRAYLOG_IMAGE:-graylog/graylog:6.3}"
+ depends_on:
+ mongodb:
+ condition: "service_started"
+ datanode:
+ condition: "service_started"
+ entrypoint: "/usr/bin/tini -- /docker-entrypoint.sh"
+ environment:
+ GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/data/node-id"
+ # GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value
+ GRAYLOG_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}"
+ GRAYLOG_ROOT_PASSWORD_SHA2: "${GRAYLOG_ROOT_PASSWORD_SHA2:?Please configure GRAYLOG_ROOT_PASSWORD_SHA2 in the .env file}"
+ GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
+ GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/"
+ GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
+ ports:
+ - "5044:5044/tcp" # Beats
+ - "5140:5140/udp" # Syslog
+ - "5140:5140/tcp" # Syslog
+ - "5555:5555/tcp" # RAW TCP
+ - "5555:5555/udp" # RAW UDP
+ - "9000:9000/tcp" # Server API
+ - "12201:12201/tcp" # GELF TCP
+ - "12201:12201/udp" # GELF UDP
+ - "12202:12202/tcp" # GELF TCP
+ - "12202:12202/udp" # GELF UDP
+ - "12203:12203/tcp" # GELF TCP
+ - "12203:12203/udp" # GELF UDP
+ - "12204:12204/tcp" # GELF TCP
+ - "12204:12204/udp" # GELF UDP
+ #- "10000:10000/tcp" # Custom TCP port
+ #- "10000:10000/udp" # Custom UDP port
+ - "13301:13301/tcp" # Forwarder data
+ - "13302:13302/tcp" # Forwarder config
+ networks:
+ - graylog
+ volumes:
+ - "graylog_data:/usr/share/graylog/data/data"
+ restart: "on-failure"
+
+networks:
+ graylog:
+ driver: "bridge"
+
+volumes:
+ mongodb_data:
+ mongodb_config:
+ graylog-datanode:
+ graylog_data:
\ No newline at end of file
diff --git a/hosts.yml b/hosts.yml
index 4076308..435258f 100644
--- a/hosts.yml
+++ b/hosts.yml
@@ -1,7 +1,13 @@
all:
children:
- server:
+ servers:
hosts:
- app-name:
- ansible_host: 192.168.1.x
+ zabbix:
+ ansible_host: 192.168.1.197
ansible_user: ansible
+
+ forwarders:
+ hosts:
+ webproxy:
+ ansible_host: 192.168.1.10
+ ansible_user: brock
diff --git a/main.yml b/main.yml
index c01e05c..86657b9 100644
--- a/main.yml
+++ b/main.yml
@@ -1,9 +1,10 @@
-- name: Template Ansible project
- hosts: servers
+- name: Deploy Graylog
+ hosts: all
become: true
vars:
- app_name: "zabbix"
+ app_name: "graylog"
+ forwarder_app_name: "graylog-forwarder"
docker_users:
- "{{ ansible_user }}"
- brock
@@ -21,52 +22,55 @@
- name: geerlingguy.docker
tasks:
- - name: Install packages
- ansible.builtin.package:
- name:
- - nfs-common
- - python3-docker
- state: present
- tags: vpn
+ - name: Install Server
+ when: inventory_hostname in groups["servers"]
+ block:
+ - name: Install packages
+ ansible.builtin.package:
+ name:
+ - nfs-common
+ - python3-docker
+ state: present
+ tags: vpn
- - name: Mount an NFS volume
- ansible.posix.mount:
- src: 192.168.1.200:/mnt/data-02/share/web
- path: /mnt/share
- opts: "rw,sync,hard,nfsvers=3"
- state: mounted
- fstype: nfs
- tags: mount-nfs
+ - name: Mount an NFS volume
+ ansible.posix.mount:
+ src: 192.168.1.200:/mnt/data-02/share/web
+ path: /mnt/share
+ opts: "rw,sync,hard,nfsvers=3"
+ state: mounted
+ fstype: nfs
+ tags: mount-nfs
- - name: Create /opt/stacks
- ansible.builtin.file:
- path: "/opt/stacks"
- state: directory
- owner: "{{ ansible_user }}"
- group: docker
- mode: '0775'
+ - name: Create /opt/stacks
+ ansible.builtin.file:
+ path: "/opt/stacks"
+ state: directory
+ owner: "{{ ansible_user }}"
+ group: docker
+ mode: '0775'
- - name: "Create /opt/stacks/{{ app_name }}"
- ansible.builtin.file:
- path: "/opt/stacks/{{ app_name }}"
- state: directory
- owner: "{{ ansible_user }}"
- group: docker
- mode: '0775'
+ - name: "Create /opt/stacks/{{ app_name }}"
+ ansible.builtin.file:
+ path: "/opt/stacks/{{ app_name }}"
+ state: directory
+ owner: "{{ ansible_user }}"
+ group: docker
+ mode: '0775'
- - name: Copy compose stack
- ansible.builtin.copy:
- src: "./{{ app_name }}/"
- dest: "/opt/stacks/{{ app_name }}"
- owner: "{{ ansible_user }}"
- mode: '0755'
- tags: update-config
+ - name: Copy compose stack
+ ansible.builtin.copy:
+ src: "./{{ app_name }}/"
+ dest: "/opt/stacks/{{ app_name }}"
+ owner: "{{ ansible_user }}"
+ mode: '0755'
+ tags: update-config
- - name: "Start {{ app_name }}"
- community.docker.docker_compose_v2:
- project_src: "/opt/stacks/{{ app_name }}"
- recreate: always
- pull: always
- tags:
- - update-config
- - redeploy
\ No newline at end of file
+ - name: "Start {{ app_name }}"
+ community.docker.docker_compose_v2:
+ project_src: "/opt/stacks/{{ app_name }}"
+ recreate: always
+ pull: always
+ tags:
+ - update-config
+ - redeploy