[NEW] added Kibana inslattion playbook

Author: ismoilovdevml

Ansible/elasticsearch/templates/elasticsearch.yml

@@ -91,18 +91,18 @@ http.port: {{ http_port }}
 # --------------------------------------------------------------------------------
 
 # Enable security features
-xpack.security.enabled: {{ xpack_security_enabled }}
+xpack.security.enabled: {{ xpack_security_enabled | lower }}
 
-xpack.security.enrollment.enabled: {{ xpack_security_enrollment_enabled }}
+xpack.security.enrollment.enabled: {{ xpack_security_enrollment_enabled | lower }}
 
 # Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
 xpack.security.http.ssl:
-  enabled: {{ xpack_security_http_ssl_enabled }}
+  enabled: {{ xpack_security_http_ssl_enabled | lower }}
   keystore.path: {{ xpack_security_http_ssl_keystore_path }}
 
 # Enable encryption and mutual authentication between cluster nodes
 xpack.security.transport.ssl:
-  enabled: {{ xpack_security_transport_ssl_enabled }}
+  enabled: {{ xpack_security_transport_ssl_enabled | lower }}
   verification_mode: {{ xpack_security_transport_ssl_verification_mode }}
   keystore.path: {{ xpack_security_transport_ssl_keystore_path }}
   truststore.path: {{ xpack_security_transport_ssl_truststore_path }}

Ansible/elasticsearch/templates/elasticsearch.yml.j2

@@ -19,7 +19,7 @@ discovery_seed_hosts:
 cluster_initial_master_nodes:
   - node-1
   - node-2
-xpack_security_enabled: true
+xpack_security_enabled: false
 xpack_security_enrollment_enabled: true
 xpack_security_http_ssl_enabled: true
 xpack_security_http_ssl_keystore_path: certs/http.p12

Ansible/elasticsearch/vars.yml

@@ -0,0 +1,2 @@
+[defaults]
+callbacks_enabled = profile_tasks

Ansible/kibana/ansible.cfg

@@ -0,0 +1,75 @@
+---
+- name: Install Kibana dynamically based on OS
+  hosts: all
+  become: yes
+  vars_files:
+    - vars.yml
+
+  tasks:
+    - name: Install required packages for Debian/Ubuntu
+      apt:
+        name: "{{ item }}"
+        state: present
+      loop:
+        - apt-transport-https
+        - wget
+        - gnupg
+      when: ansible_os_family == "Debian"
+      
+    - name: Download and add Kibana GPG key for Debian/Ubuntu
+      shell: |
+        wget -qO - {{ elastic_gpg_key }} | gpg --dearmor -o /usr/share/keyrings/elastic-keyring.gpg
+      args:
+        creates: /usr/share/keyrings/elastic-keyring.gpg
+      when: ansible_os_family == "Debian"
+
+    - name: Add Kibana APT repository for Debian/Ubuntu
+      apt_repository:
+        repo: "deb [signed-by=/usr/share/keyrings/elastic-keyring.gpg] {{ elastic_repo_url_apt }} stable main"
+        state: present
+      when: ansible_os_family == "Debian"
+
+    - name: Update APT cache for Debian/Ubuntu
+      apt:
+        update_cache: yes
+      when: ansible_os_family == "Debian"
+
+    - name: Install Kibana for Debian/Ubuntu
+      apt:
+        name: kibana
+        state: present
+      when: ansible_os_family == "Debian"
+
+    - name: Import Kibana GPG key for RedHat/CentOS
+      rpm_key:
+        state: present
+        key: "{{ elastic_gpg_key }}"
+      when: ansible_os_family == "RedHat"
+
+    - name: Create Kibana repository file for RedHat/CentOS
+      template:
+        src: templates/kibana-yum.j2
+        dest: /etc/yum.repos.d/kibana.repo
+      when: ansible_os_family == "RedHat"
+
+    - name: Install Kibana for RedHat/CentOS
+      yum:
+        name: kibana
+        state: present
+      when: ansible_os_family == "RedHat"
+
+    - name: Enable and start Kibana service
+      systemd:
+        name: kibana
+        enabled: yes
+        state: started
+
+    - name: Verify Kibana is running
+      shell: |
+        systemctl status kibana | grep 'active (running)'
+      register: kibana_status
+      changed_when: false
+
+    - name: Display Kibana status
+      debug:
+        msg: "Kibana is running: {{ kibana_status.stdout }}"

Ansible/kibana/install.yml

@@ -0,0 +1,4 @@
+[all]
+debian ansible_host=142.93.193.106 ansible_user=root
+ubuntu ansible_host=143.198.115.57 ansible_user=root
+rockylinux ansible_host=178.128.150.243 ansible_user=root

Ansible/kibana/inventory.ini

@@ -0,0 +1,8 @@
+[kibana-{{ elastic_version }}.x]
+name=Kibana repository for {{ elastic_version }}.x packages
+baseurl={{ elastic_repo_url_yum }}
+gpgcheck=1
+gpgkey={{ elastic_gpg_key }}
+enabled=1
+autorefresh=1
+type=rpm-md

Ansible/kibana/templates/kibana-yum.j2

@@ -0,0 +1,4 @@
+elastic_version: "8"  # 7 or 8
+elastic_gpg_key: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+elastic_repo_url_apt: "https://artifacts.elastic.co/packages/{{ elastic_version }}.x/apt"
+elastic_repo_url_yum: "https://artifacts.elastic.co/packages/{{ elastic_version }}.x/yum"