├── .gitignore ├── .kitchen.yml ├── .travis.yml ├── Gemfile ├── Gemfile.lock ├── README.md ├── Vagrantfile ├── defaults └── main.yml ├── handlers └── main.yml ├── library └── yumrepo ├── meta └── main.yml ├── tasks ├── debian.yml ├── main.yml ├── redhat.yml └── setup.yml ├── templates └── filebeat.yml.j2 └── test ├── integration ├── 1.x │ ├── bats │ │ └── default.bats │ └── default.yml ├── 5.x │ ├── bats │ │ └── default.bats │ └── default.yml ├── 6.x │ ├── bats │ │ └── default.bats │ └── default.yml ├── absent │ ├── bats │ │ └── default.bats │ └── default.yml └── tls │ ├── bats │ └── default.bats │ └── default.yml └── test.yml /.gitignore: -------------------------------------------------------------------------------- 1 | ansible.cfg 2 | .vagrant 3 | .kitchen 4 | *.swp 5 | *.pyc 6 | *.retry 7 | -------------------------------------------------------------------------------- /.kitchen.yml: -------------------------------------------------------------------------------- 1 | --- 2 | driver: 3 | name: vagrant 4 | 5 | provisioner: 6 | hosts: all 7 | name: ansible_playbook 8 | require_chef_for_busser: true 9 | require_ruby_for_busser: false 10 | ansible_verbose: true 11 | ansible_verbosity: 1 12 | extra_vars: 13 | docker_opts: "--userland-proxy=false --bip=192.168.200.1/22" 14 | 15 | platforms: 16 | - name: ubuntu-14.04 17 | - name: ubuntu-16.04 18 | - name: centos-6.8 19 | - name: centos-7.2 20 | provisioner: 21 | ansible_yum_repo: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 22 | 23 | suites: 24 | - name: 1.x 25 | - name: 5.x 26 | - name: 6.x 27 | - name: tls 28 | - name: absent 29 | 30 | transport: 31 | max_ssh_sessions: 6 32 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | sudo: required 5 | 6 | env: 7 | - ANSIBLE_VERSION=1.9.6 8 | - ANSIBLE_VERSION=2.1.3 9 | - ANSIBLE_VERSION=latest 10 | 11 | install: 12 | - if [ "$ANSIBLE_VERSION" = "latest" ]; then pip install ansible; else pip install ansible==$ANSIBLE_VERSION; fi 13 | 14 | script: 15 | # Syntax check 16 | - ansible-playbook -i localhost, test/test.yml --syntax-check 17 | - ansible-playbook -i localhost, test/test.yml --connection=local 18 | - > 19 | ansible-playbook -i localhost, test/test.yml --connection=local 20 | | grep -q 'changed=0.*failed=0' 21 | && (echo 'Idempotency: PASS' && exit 0) 22 | || (echo 'Idempotency: FAIL' && exit 1) 23 | 24 | notifications: 25 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 26 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source "https://rubygems.org" 2 | 3 | gem "test-kitchen" 4 | gem "kitchen-ansible", "~> 0.0.17" 5 | gem "kitchen-vagrant" 6 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | builder (3.2.3) 5 | erubis (2.7.0) 6 | faraday (0.15.3) 7 | multipart-post (>= 1.2, < 3) 8 | ffi (1.9.25) 9 | gssapi (1.2.0) 10 | ffi (>= 1.0.1) 11 | gyoku (1.3.1) 12 | builder (>= 2.1.2) 13 | highline (2.0.0) 14 | httpclient (2.8.3) 15 | kitchen-ansible (0.0.39) 16 | librarian-ansible 17 | test-kitchen (~> 1.4) 18 | kitchen-vagrant (1.3.4) 19 | test-kitchen (~> 1.4) 20 | librarian (0.1.2) 21 | highline 22 | thor (~> 0.15) 23 | librarian-ansible (3.0.2) 24 | faraday 25 | librarian (~> 0.1.0) 26 | little-plugger (1.1.4) 27 | logging (2.2.2) 28 | little-plugger (~> 1.1) 29 | multi_json (~> 1.10) 30 | mixlib-install (3.11.5) 31 | mixlib-shellout 32 | mixlib-versioning 33 | thor 34 | mixlib-shellout (2.4.0) 35 | mixlib-versioning (1.2.2) 36 | multi_json (1.13.1) 37 | multipart-post (2.0.0) 38 | net-scp (1.2.1) 39 | net-ssh (>= 2.6.5) 40 | net-ssh (4.2.0) 41 | net-ssh-gateway (1.3.0) 42 | net-ssh (>= 2.6.5) 43 | nori (2.6.0) 44 | rubyntlm (0.6.2) 45 | rubyzip (1.2.2) 46 | test-kitchen (1.23.2) 47 | mixlib-install (~> 3.6) 48 | mixlib-shellout (>= 1.2, < 3.0) 49 | net-scp (~> 1.1) 50 | net-ssh (>= 2.9, < 5.0) 51 | net-ssh-gateway (~> 1.2) 52 | thor (~> 0.19) 53 | winrm (~> 2.0) 54 | winrm-elevated (~> 1.0) 55 | winrm-fs (~> 1.1) 56 | thor (0.20.0) 57 | winrm (2.3.0) 58 | builder (>= 2.1.2) 59 | erubis (~> 2.7) 60 | gssapi (~> 1.2) 61 | gyoku (~> 1.0) 62 | httpclient (~> 2.2, >= 2.2.0.2) 63 | logging (>= 1.6.1, < 3.0) 64 | nori (~> 2.0) 65 | rubyntlm (~> 0.6.0, >= 0.6.1) 66 | winrm-elevated (1.1.0) 67 | winrm (~> 2.0) 68 | winrm-fs (~> 1.0) 69 | winrm-fs (1.3.1) 70 | erubis (~> 2.7) 71 | logging (>= 1.6.1, < 3.0) 72 | rubyzip (~> 1.1) 73 | winrm (~> 2.0) 74 | 75 | PLATFORMS 76 | ruby 77 | 78 | DEPENDENCIES 79 | kitchen-ansible (~> 0.0.17) 80 | kitchen-vagrant 81 | test-kitchen 82 | 83 | BUNDLED WITH 84 | 1.13.6 85 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Ansible Filebeat role 2 | ========= 3 | 4 | [![Ansible Galaxy](https://img.shields.io/badge/galaxy-DavidWittman.filebeat-blue.svg?style=flat)](https://galaxy.ansible.com/detail#/role/6293) [![Travis](https://travis-ci.org/DavidWittman/ansible-filebeat.svg?branch=master)](https://travis-ci.org/DavidWittman/ansible-filebeat) 5 | 6 | Installs Elastic's Filebeat for forwarding logs. 7 | 8 | Role Variables 9 | -------------- 10 | 11 | - `filebeat_version` - The version of filebeat to install. Defaults to `6.4.2`. 12 | - `filebeat_state` - Defaults to `present`. Set it to `absent` to uninstall filebeat. 13 | - `filebeat_config` - YAML representation of your filebeat config. This is templated directly into the configuration file as YAML. See the [example configuration](https://github.com/elastic/beats/blob/master/filebeat/filebeat.reference.yml) for an exhaustive list of configuration options. Defaults to: 14 | 15 | ``` yaml 16 | filebeat_config: 17 | filebeat: 18 | prospectors: 19 | - paths: 20 | - /var/log/messages 21 | - /var/log/*.log 22 | input_type: log 23 | output: 24 | file: 25 | path: /tmp/filebeat 26 | filename: filebeat 27 | logging: 28 | to_syslog: true 29 | level: error 30 | ``` 31 | - `filebeat_ca_cert` - If provided, the contents of this variable will be placed into the file identified by `filebeat_ca_path` on the target host. You can then include the `filebeat_ca_path` within your configuration to properly authenticate your TLS connections to Logstash/Elasticsearch/etc. 32 | 33 | If you wish to load your CA certificate from a file, use the `file` lookup plugin, e.g.: 34 | ``` yaml 35 | filebeat_ca_cert: "{{ lookup('file', '/path/to/ca.crt') }}" 36 | ``` 37 | - `filebeat_ca_path` - If a CA certificate is provided in `filebeat_ca_cert`, it will be created at this path. 38 | 39 | Similar to the CA variables, you can upload SSL certificates and keys for filebeat using these variables: 40 | 41 | - `filebeat_ssl_cert` - Contents of the SSL certificate 42 | - `filebeat_ssl_cert_path` - Destination of the certificate on the Ansible controlled host 43 | - `filebeat_ssl_key` - Contents of the SSL key 44 | - `filebeat_ssl_key_path` - Destination of the SSL key on the Ansible controlled host 45 | 46 | You can also store the config in separate `filebeat.yml` file and include it using [lookup](http://docs.ansible.com/ansible/playbooks_lookups.html#intro-to-lookups-getting-file-contents): 47 | 48 | ``` yaml 49 | filebeat_config: "{{ lookup('file', './filebeat.yml')|from_yaml }}" 50 | ``` 51 | 52 | Common Configurations 53 | --------------------- 54 | 55 | Connecting to Elasticsearch: 56 | 57 | ``` yaml 58 | filebeat_config: 59 | filebeat: 60 | prospectors: 61 | - paths: 62 | - /var/log/messages 63 | - /var/log/*.log 64 | input_type: log 65 | output: 66 | elasticsearch: 67 | hosts: 68 | - "http://localhost:9200" 69 | username: "bob" 70 | password: "12345" 71 | logging: 72 | to_syslog: true 73 | level: error 74 | ``` 75 | 76 | License 77 | ------- 78 | 79 | BSD 80 | 81 | Author Information 82 | ------------------ 83 | 84 | David Wittman 85 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | Vagrant.configure(2) do |config| 2 | config.vm.provider :virtualbox do |v| 3 | v.check_guest_additions = false 4 | v.customize ["modifyvm", :id, "--cpus", 1, "--memory", 512] 5 | end 6 | 7 | config.vm.provision :ansible do |ansible| 8 | ansible.playbook = "test/test.yml" 9 | ansible.force_remote_user = true 10 | ansible.verbose = "" 11 | end 12 | 13 | config.vm.define "cent7" do |cent7| 14 | cent7.vm.box = "wittman/centos-7.3" 15 | cent7.vm.hostname = "vagrant-cent7" 16 | end 17 | 18 | config.vm.define "cent6" do |cent6| 19 | cent6.vm.box = "wittman/centos-6.5" 20 | cent6.vm.hostname = "vagrant-cent6" 21 | end 22 | 23 | config.vm.define "precise" do |precise| 24 | precise.vm.box = "ubuntu/precise64" 25 | precise.vm.hostname = "vagrant-precise" 26 | end 27 | 28 | end 29 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # The version of filebeat to install 3 | filebeat_version: 6.4.2 4 | 5 | # Set absent to uninstall filebeat 6 | filebeat_state: present 7 | 8 | # Amount of time allowed to pass before refreshing the repository 9 | filebeat_cache_valid_time: 3600 10 | 11 | # `filebeat_config` is templated directly into filebeat.yml for the config. 12 | # You are expected to override this variable, as these configurations are 13 | # only suited for development purposes. 14 | # See https://github.com/elastic/beats/blob/master/filebeat/filebeat.yml for 15 | # an exhaustive list of configurations. 16 | filebeat_config: 17 | filebeat: 18 | prospectors: 19 | - paths: 20 | - /var/log/messages 21 | - /var/log/*.log 22 | input_type: log 23 | output: 24 | file: 25 | path: /tmp/filebeat 26 | filename: filebeat 27 | logging: 28 | to_syslog: true 29 | level: error 30 | 31 | # The contents of this variable will be placed into the `filebeat_ca_path` 32 | # This should either be set to a string containing your CA certificate or 33 | # use a lookup plugin to retrieve it. 34 | # ex: 35 | # filebeat_ca_cert: "{{ lookup('file', '/path/to/ca.crt') }}" 36 | filebeat_ca_cert: null 37 | # Path to which the above certificate will be uploaded 38 | filebeat_ca_path: /etc/filebeat/ca.crt 39 | 40 | # Similar to the above but for ssl cert and ssl key 41 | filebeat_ssl_cert: null 42 | filebeat_ssl_cert_path: /etc/filebeat/ssl.crt 43 | filebeat_ssl_key: null 44 | filebeat_ssl_key_path: /etc/filebeat/ssl.key 45 | 46 | # Repository settings 47 | filebeat_gpg_url: https://artifacts.elastic.co/GPG-KEY-elasticsearch 48 | ## Debian 49 | filebeat_apt_repo_v1: "deb https://packages.elastic.co/beats/apt stable main" 50 | filebeat_apt_repo_v5: "deb https://artifacts.elastic.co/packages/{{ filebeat_version.split('.')[0] }}.x/apt stable main" 51 | filebeat_apt_repo: "{{ filebeat_version|version_compare('5', '<')|ternary(filebeat_apt_repo_v1, filebeat_apt_repo_v5) }}" 52 | ## Redhat 53 | filebeat_repo_url_v1: https://packages.elastic.co/beats/yum/el/$basearch 54 | filebeat_repo_url_v5: https://artifacts.elastic.co/packages/{{ filebeat_version.split('.')[0] }}.x/yum 55 | filebeat_repo_url: "{{ filebeat_version|version_compare('5', '<')|ternary(filebeat_repo_url_v1, filebeat_repo_url_v5) }}" 56 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart filebeat 3 | service: 4 | name: filebeat 5 | state: restarted 6 | when: filebeat_state == 'present' 7 | -------------------------------------------------------------------------------- /library/yumrepo: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # encoding: utf-8 3 | 4 | # (c) 2015, Jiri Tyr 5 | # 6 | # This file is part of Ansible 7 | # 8 | # Ansible is free software: you can redistribute it and/or modify 9 | # it under the terms of the GNU General Public License as published by 10 | # the Free Software Foundation, either version 3 of the License, or 11 | # (at your option) any later version. 12 | # 13 | # Ansible is distributed in the hope that it will be useful, 14 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | # GNU General Public License for more details. 17 | # 18 | # You should have received a copy of the GNU General Public License 19 | # along with Ansible. If not, see . 20 | 21 | 22 | import ConfigParser 23 | import os 24 | 25 | 26 | DOCUMENTATION = ''' 27 | --- 28 | module: yumrepo 29 | author: Jiri Tyr (@jtyr) 30 | version_added: '2.0' 31 | short_description: Add and remove YUM repositories 32 | description: 33 | - Add or remove YUM repositories in RPM-based Linux distributions. 34 | 35 | options: 36 | bandwidth: 37 | required: false 38 | default: 0 39 | description: 40 | - Maximum available network bandwidth in bytes/second. Used with the 41 | I(throttle) option. 42 | - If I(throttle) is a percentage and bandwidth is C(0) then bandwidth 43 | throttling will be disabled. If I(throttle) is expressed as a data rate 44 | (bytes/sec) then this option is ignored. Default is C(0) (no bandwidth 45 | throttling). 46 | baseurl: 47 | required: false 48 | default: None 49 | description: 50 | - URL to the directory where the yum repository's 'repodata' directory 51 | lives. 52 | - This or the I(mirrorlist) parameter is required. 53 | cost: 54 | required: false 55 | default: 1000 56 | description: 57 | - Relative cost of accessing this repository. Useful for weighing one 58 | repo's packages as greater/less than any other. 59 | description: 60 | required: false 61 | default: None 62 | description: 63 | - A human readable string describing the repository. 64 | enabled: 65 | required: false 66 | choices: ['yes', 'no'] 67 | default: 'yes' 68 | description: 69 | - This tells yum whether or not use this repository. 70 | enablegroups: 71 | required: false 72 | choices: ['yes', 'no'] 73 | default: 'yes' 74 | description: 75 | - Determines whether yum will allow the use of package groups for this 76 | repository. 77 | exclude: 78 | required: false 79 | default: None 80 | description: 81 | - List of packages to exclude from updates or installs. This should be a 82 | space separated list. Shell globs using wildcards (eg. C(*) and C(?)) 83 | are allowed. 84 | - The list can also be a regular YAML array. 85 | failovermethod: 86 | required: false 87 | choices: [roundrobin, priority] 88 | default: roundrobin 89 | description: 90 | - C(roundrobin) randomly selects a URL out of the list of URLs to start 91 | with and proceeds through each of them as it encounters a failure 92 | contacting the host. 93 | - C(priority) starts from the first baseurl listed and reads through them 94 | sequentially. 95 | file: 96 | required: false 97 | default: None 98 | description: 99 | - File to use to save the repo in. Defaults to the value of I(name). 100 | gpgcakey: 101 | required: false 102 | default: None 103 | description: 104 | - A URL pointing to the ASCII-armored CA key file for the repository. 105 | gpgcheck: 106 | required: false 107 | choices: ['yes', 'no'] 108 | default: 'no' 109 | description: 110 | - Tells yum whether or not it should perform a GPG signature check on 111 | packages. 112 | gpgkey: 113 | required: false 114 | default: None 115 | description: 116 | - A URL pointing to the ASCII-armored GPG key file for the repository. 117 | http_caching: 118 | required: false 119 | choices: [all, packages, none] 120 | default: all 121 | description: 122 | - Determines how upstream HTTP caches are instructed to handle any HTTP 123 | downloads that Yum does. 124 | - C(all) means that all HTTP downloads should be cached. 125 | - C(packages) means that only RPM package downloads should be cached (but 126 | not repository metadata downloads). 127 | - C(none) means that no HTTP downloads should be cached. 128 | includepkgs: 129 | required: false 130 | default: None 131 | description: 132 | - List of packages you want to only use from a repository. This should be 133 | a space separated list. Shell globs using wildcards (eg. C(*) and C(?)) 134 | are allowed. Substitution variables (e.g. C($releasever)) are honored 135 | here. 136 | - The list can also be a regular YAML array. 137 | keepalive: 138 | required: false 139 | choices: ['yes', 'no'] 140 | default: 'no' 141 | description: 142 | - This tells yum whether or not HTTP/1.1 keepalive should be used with 143 | this repository. This can improve transfer speeds by using one 144 | connection when downloading multiple files from a repository. 145 | metadata_expire: 146 | required: false 147 | default: 21600 148 | description: 149 | - Time (in seconds) after which the metadata will expire. 150 | - Default value is 6 hours. 151 | metalink: 152 | required: false 153 | default: None 154 | description: 155 | - Specifies a URL to a metalink file for the repomd.xml, a list of 156 | mirrors for the entire repository are generated by converting the 157 | mirrors for the repomd.xml file to a baseurl. 158 | mirrorlist: 159 | required: false 160 | default: None 161 | description: 162 | - Specifies a URL to a file containing a list of baseurls. 163 | - This or the I(baseurl) parameter is required. 164 | mirrorlist_expire: 165 | required: false 166 | default: 21600 167 | description: 168 | - Time (in seconds) after which the mirrorlist locally cached will 169 | expire. 170 | - Default value is 6 hours. 171 | name: 172 | required: true 173 | description: 174 | - Unique repository ID. 175 | password: 176 | required: false 177 | default: None 178 | description: 179 | - Password to use with the username for basic authentication. 180 | protect: 181 | required: false 182 | choices: ['yes', 'no'] 183 | default: 'no' 184 | description: 185 | - Protect packages from updates from other repositories. 186 | proxy: 187 | required: false 188 | default: None 189 | description: 190 | - URL to the proxy server that yum should use. 191 | proxy_password: 192 | required: false 193 | default: None 194 | description: 195 | - Username to use for proxy. 196 | proxy_username: 197 | required: false 198 | default: None 199 | description: 200 | - Password for this proxy. 201 | repo_gpgcheck: 202 | required: false 203 | choices: ['yes', 'no'] 204 | default: 'no' 205 | description: 206 | - This tells yum whether or not it should perform a GPG signature check 207 | on the repodata from this repository. 208 | reposdir: 209 | required: false 210 | default: /etc/yum.repos.d 211 | description: 212 | - Directory where the C(.repo) files will be stored. 213 | retries: 214 | required: false 215 | default: 10 216 | description: 217 | - Set the number of times any attempt to retrieve a file should retry 218 | before returning an error. Setting this to C(0) makes yum try forever. 219 | skip_if_unavailable: 220 | required: false 221 | choices: ['yes', 'no'] 222 | default: 'no' 223 | description: 224 | - If set to C(yes) yum will continue running if this repository cannot be 225 | contacted for any reason. This should be set carefully as all repos are 226 | consulted for any given command. 227 | sslcacert: 228 | required: false 229 | default: None 230 | description: 231 | - Path to the directory containing the databases of the certificate 232 | authorities yum should use to verify SSL certificates. 233 | ssl_check_cert_permissions: 234 | required: false 235 | choices: ['yes', 'no'] 236 | default: 'no' 237 | description: 238 | - Whether yum should check the permissions on the paths for the 239 | certificates on the repository (both remote and local). 240 | - If we can't read any of the files then yum will force 241 | I(skip_if_unavailable) to be true. This is most useful for non-root 242 | processes which use yum on repos that have client cert files which are 243 | readable only by root. 244 | sslclientcert: 245 | required: false 246 | default: None 247 | description: 248 | - Path to the SSL client certificate yum should use to connect to 249 | repos/remote sites. 250 | sslclientkey: 251 | required: false 252 | default: None 253 | description: 254 | - Path to the SSL client key yum should use to connect to repos/remote 255 | sites. 256 | sslverify: 257 | required: false 258 | choices: ['yes', 'no'] 259 | default: 'yes' 260 | description: 261 | - Defines whether yum should verify SSL certificates/hosts at all. 262 | state: 263 | required: false 264 | choices: [absent, present] 265 | default: present 266 | description: 267 | - A source string state. 268 | throttle: 269 | required: false 270 | default: None 271 | description: 272 | - Enable bandwidth throttling for downloads. 273 | - This option can be expressed as a absolute data rate in bytes/sec. An 274 | SI prefix (k, M or G) may be appended to the bandwidth value. 275 | timeout: 276 | required: false 277 | default: 30 278 | description: 279 | - Number of seconds to wait for a connection before timing out. 280 | username: 281 | required: false 282 | default: None 283 | description: 284 | - Username to use for basic authentication to a repo or really any url. 285 | 286 | extends_documentation_fragment: files 287 | 288 | notes: 289 | - All comments will be removed if modifying an existing repo file. 290 | - Section order is preserved in an existing repo file. 291 | - Parameters in a section are ordered alphabetically in an existing repo 292 | file. 293 | - The repo file will be automatically deleted if it contains no repository. 294 | ''' 295 | 296 | EXAMPLES = ''' 297 | - name: Add repository 298 | yumrepo: 299 | name: epel 300 | description: EPEL YUM repo 301 | baseurl: http://download.fedoraproject.org/pub/epel/$releasever/$basearch/ 302 | 303 | - name: Add multiple repositories into the same file (1/2) 304 | yumrepo: 305 | name: epel 306 | description: EPEL YUM repo 307 | file: external_repos 308 | baseurl: http://download.fedoraproject.org/pub/epel/$releasever/$basearch/ 309 | gpgcheck: no 310 | - name: Add multiple repositories into the same file (2/2) 311 | yumrepo: 312 | name: rpmforge 313 | description: RPMforge YUM repo 314 | file: external_repos 315 | baseurl: http://apt.sw.be/redhat/el7/en/$basearch/rpmforge 316 | mirrorlist: http://mirrorlist.repoforge.org/el7/mirrors-rpmforge 317 | enabled: no 318 | 319 | - name: Remove repository 320 | yumrepo: 321 | name: epel 322 | state: absent 323 | 324 | - name: Remove repository from a specific repo file 325 | yumrepo: 326 | name: epel 327 | file: external_repos 328 | state: absent 329 | ''' 330 | 331 | RETURN = ''' 332 | repo: 333 | description: repository name 334 | returned: success 335 | type: string 336 | sample: "epel" 337 | state: 338 | description: state of the target, after execution 339 | returned: success 340 | type: string 341 | sample: "present" 342 | ''' 343 | 344 | 345 | class YumRepo(object): 346 | # Class global variables 347 | module = None 348 | params = None 349 | section = None 350 | repofile = ConfigParser.RawConfigParser() 351 | 352 | # List of parameters which will be allowed in the repo file output 353 | allowed_params = [ 354 | 'bandwidth', 'baseurl', 'cost', 'enabled', 'enablegroups', 'exclude', 355 | 'failovermethod', 'gpgcakey', 'gpgcheck', 'gpgkey', 'http_caching', 356 | 'includepkgs', 'keepalive', 'metadata_expire', 'metalink', 357 | 'mirrorlist', 'mirrorlist_expire', 'name', 'password', 'protect', 358 | 'proxy', 'proxy_password', 'proxy_username', 'repo_gpgcheck', 359 | 'retries', 'skip_if_unavailable', 'sslcacert', 360 | 'ssl_check_cert_permissions', 'sslclientcert', 'sslclientkey', 361 | 'sslverify', 'throttle', 'timeout', 'username'] 362 | 363 | # List of parameters which can be a list 364 | list_params = ['exclude', 'includepkgs'] 365 | 366 | def __init__(self, module): 367 | # To be able to use fail_json 368 | self.module = module 369 | # Shortcut for the params 370 | self.params = self.module.params 371 | # Section is always the repoid 372 | self.section = self.params['repoid'] 373 | 374 | # Check if repo directory exists 375 | repos_dir = self.params['reposdir'] 376 | if not os.path.isdir(repos_dir): 377 | self.module.fail_json( 378 | msg='Repo directory "%s" does not exist.' % repos_dir) 379 | 380 | # Get the given or the default repo file name 381 | repo_file = self.params['repoid'] 382 | if self.params['file'] is not None: 383 | repo_file = self.params['file'] 384 | 385 | # Set dest; also used to set dest parameter for the FS attributes 386 | self.params['dest'] = os.path.join(repos_dir, "%s.repo" % repo_file) 387 | 388 | # Read the repo file if it exists 389 | if os.path.isfile(self.params['dest']): 390 | self.repofile.read(self.params['dest']) 391 | 392 | def add(self): 393 | # Remove already existing repo and create a new one 394 | if self.repofile.has_section(self.section): 395 | self.repofile.remove_section(self.section) 396 | 397 | # Add section 398 | self.repofile.add_section(self.section) 399 | 400 | # Baseurl/mirrorlist is not required because for removal we need only 401 | # the repo name. This is why we check if the baseurl/mirrorlist is 402 | # defined. 403 | if (self.params['baseurl'], self.params['mirrorlist']) == (None, None): 404 | self.module.fail_json( 405 | msg='Paramater "baseurl" or "mirrorlist" is required for ' 406 | 'adding a new repo.') 407 | 408 | # Set options 409 | for key, value in sorted(self.params.items()): 410 | if key in self.list_params and isinstance(value, list): 411 | # Join items into one string for specific parameters 412 | value = ' '.join(value) 413 | elif isinstance(value, bool): 414 | # Convert boolean value to integer 415 | value = int(value) 416 | 417 | # Set the value only if it was defined (default is None) 418 | if value is not None and key in self.allowed_params: 419 | self.repofile.set(self.section, key, value) 420 | 421 | def save(self): 422 | if len(self.repofile.sections()): 423 | # Write data into the file 424 | try: 425 | fd = open(self.params['dest'], 'wb') 426 | except IOError: 427 | self.module.fail_json( 428 | msg='Cannot open repo file %s.' % 429 | self.params['dest']) 430 | 431 | try: 432 | try: 433 | self.repofile.write(fd) 434 | except Error: 435 | self.module.fail_json( 436 | msg='Cannot write repo file %s.' % 437 | self.params['dest']) 438 | finally: 439 | fd.close() 440 | else: 441 | # Remove the file if there are not repos 442 | try: 443 | os.remove(self.params['dest']) 444 | except OSError: 445 | self.module.fail_json( 446 | msg='Cannot remove empty repo file %s.' % 447 | self.params['dest']) 448 | 449 | def remove(self): 450 | # Remove section if exists 451 | if self.repofile.has_section(self.section): 452 | self.repofile.remove_section(self.section) 453 | 454 | def dump(self): 455 | repo_string = "" 456 | 457 | # Compose the repo file 458 | for section in sorted(self.repofile.sections()): 459 | repo_string += "[%s]\n" % section 460 | 461 | for key, value in sorted(self.repofile.items(section)): 462 | repo_string += "%s = %s\n" % (key, value) 463 | 464 | repo_string += "\n" 465 | 466 | return repo_string 467 | 468 | 469 | def main(): 470 | # Module settings 471 | module = AnsibleModule( 472 | argument_spec=dict( 473 | bandwidth=dict(), 474 | baseurl=dict(), 475 | cost=dict(), 476 | description=dict(), 477 | enabled=dict(type='bool'), 478 | enablegroups=dict(type='bool'), 479 | exclude=dict(), 480 | failovermethod=dict(choices=['roundrobin', 'priority']), 481 | file=dict(), 482 | gpgcakey=dict(), 483 | gpgcheck=dict(type='bool'), 484 | gpgkey=dict(), 485 | http_caching=dict(choices=['all', 'packages', 'none']), 486 | includepkgs=dict(), 487 | keepalive=dict(type='bool'), 488 | metadata_expire=dict(), 489 | metalink=dict(), 490 | mirrorlist=dict(), 491 | mirrorlist_expire=dict(), 492 | name=dict(required=True), 493 | password=dict(no_log=True), 494 | protect=dict(type='bool'), 495 | proxy=dict(), 496 | proxy_password=dict(no_log=True), 497 | proxy_username=dict(), 498 | repo_gpgcheck=dict(type='bool'), 499 | reposdir=dict(default='/etc/yum.repos.d'), 500 | retries=dict(), 501 | skip_if_unavailable=dict(type='bool'), 502 | sslcacert=dict(), 503 | ssl_check_cert_permissions=dict(type='bool'), 504 | sslclientcert=dict(), 505 | sslclientkey=dict(), 506 | sslverify=dict(type='bool'), 507 | state=dict(choices=['present', 'absent'], default='present'), 508 | throttle=dict(), 509 | timeout=dict(), 510 | username=dict(), 511 | ), 512 | add_file_common_args=True, 513 | supports_check_mode=True, 514 | ) 515 | 516 | name = module.params['name'] 517 | state = module.params['state'] 518 | 519 | # Rename "name" and "description" to ensure correct key sorting 520 | module.params['repoid'] = module.params['name'] 521 | module.params['name'] = module.params['description'] 522 | del module.params['description'] 523 | 524 | # Instantiate the YumRepo object 525 | yumrepo = YumRepo(module) 526 | 527 | # Get repo status before change 528 | yumrepo_before = yumrepo.dump() 529 | 530 | # Perform action depending on the state 531 | if state == 'present': 532 | yumrepo.add() 533 | elif state == 'absent': 534 | yumrepo.remove() 535 | 536 | # Get repo status after change 537 | yumrepo_after = yumrepo.dump() 538 | 539 | # Compare repo states 540 | changed = yumrepo_before != yumrepo_after 541 | 542 | # Save the file only if not in check mode and if there was a change 543 | if not module.check_mode and changed: 544 | yumrepo.save() 545 | 546 | # Change file attributes if needed 547 | if os.path.isfile(module.params['dest']): 548 | file_args = module.load_file_common_arguments(module.params) 549 | changed = module.set_fs_attributes_if_different(file_args, changed) 550 | 551 | # Print status of the change 552 | module.exit_json(changed=changed, repo=name, state=state) 553 | 554 | 555 | # Import module snippets 556 | from ansible.module_utils.basic import * 557 | 558 | 559 | if __name__ == '__main__': 560 | main() 561 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: David Wittman 4 | description: Installs Elastic's Filebeat for forwarding logs. 5 | license: BSD 6 | min_ansible_version: 1.2 7 | platforms: 8 | - name: EL 9 | versions: 10 | - all 11 | - name: Ubuntu 12 | versions: 13 | - all 14 | categories: 15 | - monitoring 16 | - system 17 | dependencies: [] 18 | -------------------------------------------------------------------------------- /tasks/debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: add elastic gpg key 3 | apt_key: 4 | url: "{{ filebeat_gpg_url }}" 5 | state: present 6 | 7 | - name: add beats repository 8 | apt_repository: 9 | repo: "{{ filebeat_apt_repo }}" 10 | state: "{{ filebeat_state }}" 11 | update_cache: yes 12 | 13 | - name: install filebeat 14 | apt: 15 | name: filebeat={{ filebeat_version }} 16 | state: "{{ filebeat_state }}" 17 | cache_valid_time: "{{ filebeat_cache_valid_time }}" 18 | notify: 19 | - restart filebeat 20 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: stop filebeat 3 | service: 4 | name: filebeat 5 | state: stopped 6 | enabled: false 7 | when: filebeat_state == 'absent' 8 | 9 | - include: redhat.yml 10 | when: ansible_os_family == 'RedHat' 11 | 12 | - include: debian.yml 13 | when: ansible_os_family == 'Debian' 14 | 15 | - include: setup.yml 16 | when: filebeat_state == 'present' 17 | -------------------------------------------------------------------------------- /tasks/redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: add rpm key for elastic.co 3 | rpm_key: 4 | key: "{{ filebeat_gpg_url }}" 5 | state: "{{ filebeat_state }}" 6 | 7 | - name: create beats yum repo 8 | yumrepo: 9 | name: beats 10 | baseurl: "{{ filebeat_repo_url }}" 11 | enabled: yes 12 | gpgcheck: yes 13 | gpgkey: "{{ filebeat_gpg_url }}" 14 | state: "{{ filebeat_state }}" 15 | 16 | - name: install filebeat 17 | yum: 18 | name: "filebeat-{{ filebeat_version }}" 19 | state: "{{ filebeat_state }}" 20 | notify: 21 | - restart filebeat 22 | -------------------------------------------------------------------------------- /tasks/setup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: create filebeat.yml 3 | template: 4 | src: filebeat.yml.j2 5 | dest: /etc/filebeat/filebeat.yml 6 | notify: 7 | - restart filebeat 8 | 9 | - name: copy ca certificate if required 10 | copy: 11 | content: "{{ filebeat_ca_cert }}" 12 | dest: "{{ filebeat_ca_path }}" 13 | owner: root 14 | group: root 15 | mode: 0400 16 | when: filebeat_ca_cert != None 17 | 18 | - name: copy ssl certificate if required 19 | copy: 20 | content: "{{ filebeat_ssl_cert }}" 21 | dest: "{{ filebeat_ssl_cert_path }}" 22 | owner: root 23 | group: root 24 | mode: 0400 25 | when: filebeat_ssl_cert != None 26 | 27 | - name: copy ssl key if required 28 | copy: 29 | content: "{{ filebeat_ssl_key }}" 30 | dest: "{{ filebeat_ssl_key_path }}" 31 | owner: root 32 | group: root 33 | mode: 0400 34 | when: filebeat_ssl_key != None 35 | 36 | - name: flush handlers to prevent start then restart 37 | meta: flush_handlers 38 | 39 | - name: start and enable filebeat 40 | service: 41 | name: filebeat 42 | state: started 43 | enabled: true 44 | -------------------------------------------------------------------------------- /templates/filebeat.yml.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | {{ filebeat_config|to_yaml }} 3 | -------------------------------------------------------------------------------- /test/integration/1.x/bats/default.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "filebeat binary is in path" { 4 | command -v filebeat 5 | } 6 | 7 | @test "/tmp/filebeat is in filebeat.yml config" { 8 | grep "file: {filename: filebeat, path: /tmp/filebeat}" /etc/filebeat/filebeat.yml 9 | } 10 | 11 | @test "filebeat is running" { 12 | service filebeat status 13 | } 14 | 15 | @test "ca certificate does not exist" { 16 | [ ! -f /etc/filebeat/ca.crt ] 17 | } 18 | -------------------------------------------------------------------------------- /test/integration/1.x/default.yml: -------------------------------------------------------------------------------- 1 | - name: test playbook 2 | hosts: all 3 | become: yes 4 | vars: 5 | filebeat_version: 1.3.1 6 | roles: 7 | - ansible-filebeat 8 | -------------------------------------------------------------------------------- /test/integration/5.x/bats/default.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "filebeat script is in path" { 4 | command -v filebeat.sh 5 | } 6 | 7 | @test "/tmp/filebeat is in filebeat.yml config" { 8 | grep "file: {filename: filebeat, path: /tmp/filebeat}" /etc/filebeat/filebeat.yml 9 | } 10 | 11 | @test "filebeat is running" { 12 | service filebeat status 13 | } 14 | 15 | @test "ca certificate does not exist" { 16 | [ ! -f /etc/filebeat/ca.crt ] 17 | } 18 | -------------------------------------------------------------------------------- /test/integration/5.x/default.yml: -------------------------------------------------------------------------------- 1 | - name: test filebeat 5.0.0 install 2 | hosts: all 3 | become: yes 4 | vars: 5 | filebeat_version: 5.0.0 6 | roles: 7 | - ansible-filebeat 8 | -------------------------------------------------------------------------------- /test/integration/6.x/bats/default.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "filebeat binary is in path" { 4 | command -v filebeat 5 | } 6 | 7 | @test "/tmp/filebeat is in filebeat.yml config" { 8 | grep "file: {filename: filebeat, path: /tmp/filebeat}" /etc/filebeat/filebeat.yml 9 | } 10 | 11 | @test "filebeat is running" { 12 | service filebeat status 13 | } 14 | 15 | @test "ca certificate does not exist" { 16 | [ ! -f /etc/filebeat/ca.crt ] 17 | } 18 | -------------------------------------------------------------------------------- /test/integration/6.x/default.yml: -------------------------------------------------------------------------------- 1 | - name: test filebeat 6.x install 2 | hosts: all 3 | become: yes 4 | vars: 5 | filebeat_version: 6.4.2 6 | roles: 7 | - ansible-filebeat 8 | -------------------------------------------------------------------------------- /test/integration/absent/bats/default.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "filebeat binary has been removed" { 4 | [ ! -f /usr/bin/filebeat ] 5 | } 6 | 7 | @test "filebeat is not running" { 8 | run pgrep filebeat 9 | [ "$status" -ne 0 ] 10 | } 11 | -------------------------------------------------------------------------------- /test/integration/absent/default.yml: -------------------------------------------------------------------------------- 1 | # These need to be separate plays because if we run them in the same play, 2 | # Ansible creates the `restart filebeat` handler only for the first role 3 | # and then the `when: filebeat_state == present` condition is always true. 4 | 5 | - name: install filebeat 6 | hosts: all 7 | become: yes 8 | roles: 9 | - ansible-filebeat 10 | 11 | - name: test filebeat removal 12 | hosts: all 13 | become: yes 14 | roles: 15 | - name: ansible-filebeat 16 | filebeat_state: absent 17 | -------------------------------------------------------------------------------- /test/integration/tls/bats/default.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "filebeat binary is in path" { 4 | command -v filebeat 5 | } 6 | 7 | @test "/tmp/filebeat is in filebeat.yml config" { 8 | grep "file: {filename: filebeat, path: /tmp/filebeat}" /etc/filebeat/filebeat.yml 9 | } 10 | 11 | @test "filebeat is running" { 12 | service filebeat status 13 | } 14 | 15 | @test "ca certificate was created" { 16 | grep "BEGIN CERTIFICATE" /etc/filebeat/ca.crt 17 | } 18 | 19 | @test "ssl certificate was created" { 20 | grep "BEGIN CERTIFICATE" /etc/filebeat/ssl.crt 21 | } 22 | 23 | @test "ssl key was created" { 24 | grep "BEGIN PRIVATE KEY" /etc/filebeat/ssl.key 25 | } 26 | -------------------------------------------------------------------------------- /test/integration/tls/default.yml: -------------------------------------------------------------------------------- 1 | - name: test playbook 2 | hosts: all 3 | become: yes 4 | vars: 5 | filebeat_ca_cert: |- 6 | -----BEGIN CERTIFICATE----- 7 | MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw 8 | TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh 9 | cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 10 | WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu 11 | ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY 12 | MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc 13 | h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ 14 | 0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U 15 | A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW 16 | T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH 17 | B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC 18 | B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv 19 | KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn 20 | OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn 21 | jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw 22 | qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI 23 | rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV 24 | HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq 25 | hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL 26 | ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ 27 | 3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK 28 | NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 29 | ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur 30 | TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC 31 | jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc 32 | oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq 33 | 4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA 34 | mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d 35 | emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= 36 | -----END CERTIFICATE----- 37 | 38 | filebeat_ssl_cert: "{{ filebeat_ca_cert }}" 39 | filebeat_ssl_key: | 40 | -----BEGIN PRIVATE KEY----- 41 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDT70tl0suM5+s1 42 | kHnUY4Lf51XhplxuRNLxbuvtWwClXQ6QQjiaGeHwlQYG132johbH4IKredF2EBQW 43 | sJkKcIhK0aVBOjvXoPLzc5vfF7u4m6QKmfBTYQVMOq2X6Lenq8SG7x3PjdWTSN1f 44 | p+Kk/VMof3AuspgumcfxlVBa5hhph+4mUAinf0D4c7rQVjJM/dSL/FFttXtiTT7F 45 | 3hw4NANoDORX4wBtC/omNZ2ozGOzFNutPI+YMeeizBE9cjzJUQ+jJ8VDRUrQNnyx 46 | uz7FsU6gT+tLApvSgWAMXRtlXkpcf4IEHfMnyMqMGoNqr5YV+7kLiwjBHzn+oWia 47 | ru4enUl7AgMBAAECggEADKJwaUKW1fChihDx4mKIU9bTvN8RFZXOyYvmTsElGbah 48 | fqIkA7PVT2Vi9Zd1KwMnvoS45YYeoZ41xGCEzyWESomTA394P9OdiDv1J+ifTVMi 49 | BWvF8wKOsUuyO6MpB7rqvWyV52C6QcyPPfuhPFrJ0Vk/k9kbz3NlgxZ2suSSwf+3 50 | pm/BEfQocofO0PX8pBSmzrzsnbamuUR91gxiUUBsFbhuqn2j8eex0TmtX6YXhVPb 51 | iU7O+VW71I8zncyMCSVbXebRLRajg8nwLWLPP9XAAvxO21at0tbADCn6Wafr0sqX 52 | BUC2RZvDD7r72fYDxscR+RO52LlBg/zOrBCo1JU64QKBgQD+ZxqR3VuMeeUmDwuN 53 | okPc6InuIMLW5ENYF65Q35xKboYueiO3eDp/UEWHk5cUWwlmyZ0+5PPKeNjW1w6n 54 | 2b1xTPuVEkZ07SO2Co2CbzNJcnmvckMRr04tX4WT2ezZmU3cj383rNBYKtxFPM2R 55 | LGwif34SIOpTwWYwqiosBJs1kQKBgQDVQ+7L7HVztkz4K1JFIRurik2r7JxilMLd 56 | 7jBLZxckwFscrW+2BF72jJWwsl5RBSIBbRFff8KoL3O1QZ6hE+qZmhu8nUCU3Bki 57 | TI+FQYZaDJh0nPSrIJtjO8/16P4nQ5e+fuy8gfqyO6E17Ukaz47iN4uPRBLxS/Pz 58 | ipuh+q8YSwKBgCJUr5U3lf8jA/Va2mhGmXnaN6LW8PQm4Z+lsnRfeKvitmDXQrKj 59 | muFLZ9af6CdrEZ25X2r5YpzUKg7z/ppQG+yKQvke+jsVNVh/nBEaCIXE2P8AIGTm 60 | j1o4JcKKChhjQ8qb4sMUoxkCz67YQbVxlTYillTD9FtRIgU3MXG3PWrBAoGASOVE 61 | fV2gs+GPI5CjOU/cxmCqteZVefjBNtyQk2V0arJ5Mi8yLPQHhZx+GfyN8oGfov8l 62 | 3g+seJJnqX/5ebN2D/S2IF1b0sX8rVWgBPtlsef2QH3Zv5iQpHWwWqy+Gqum9Y0q 63 | 3DBNgZiSPP2TbF+fxkEYKesp0mKUyx0In3AxY0sCgYEAlZANkBYvh6UAH83G5zdt 64 | jz18Rkp5RbKsX2RP7CiBzT99y1UYCZMlP62YMLybdMQbArTuJWj6pyisn8GE83N4 65 | XVYA3FQPoVE3wAS2Mc6Pd/ASElVYQOG3Ixtw1qJUQit834LRyNHXJz/5Yq4/e0Py 66 | jcCwasz2OfdS4ZIaCXnCEU8= 67 | -----END PRIVATE KEY----- 68 | 69 | roles: 70 | - ansible-filebeat 71 | -------------------------------------------------------------------------------- /test/test.yml: -------------------------------------------------------------------------------- 1 | - name: test playbook 2 | hosts: all 3 | become: yes 4 | roles: 5 | - ../../ansible-filebeat 6 | --------------------------------------------------------------------------------