diff --git a/roles/graylog_datanode/README.md b/roles/graylog_datanode/README.md index 7c381f9e3..e1294922f 100644 --- a/roles/graylog_datanode/README.md +++ b/roles/graylog_datanode/README.md @@ -56,6 +56,8 @@ graylog_datanode__password_secret: 'Linuxfabrik_GmbH' | `graylog_datanode__mongodb_uri` | String. MongoDB connection string. See https://docs.mongodb.com/manual/reference/connection-string/ for details. | `'mongodb://127.0.0.1/graylog'` | | `graylog_datanode__opensearch_data_location` | String. Set this OpenSearch folder if you need OpenSearch to be located in a special place. | `/var/lib/graylog-datanode/opensearch/data` | | `graylog_datanode__opensearch_heap` | String. Ensure the heap settings are set to half your system memory, up to a max of 31 GB. | 50% of system memory, e.g. 8g | +| `graylog_datanode__path_repo` | Filesystem paths where searchable snapshots should be stored. | `[]` | +| `graylog_datanode__service_enabled` | Enables or disables the opensearch service, analogous to ``systemctl enable/disable --now``. | `true` | Example: ```yaml diff --git a/roles/graylog_datanode/defaults/main.yml b/roles/graylog_datanode/defaults/main.yml index efb7081f6..702df7d3f 100644 --- a/roles/graylog_datanode/defaults/main.yml +++ b/roles/graylog_datanode/defaults/main.yml @@ -1,8 +1,9 @@ graylog_datanode__bind_address: '127.0.0.1' graylog_datanode__datanode_http_port: 8999 +graylog_datanode__mongodb_uri: 'mongodb://127.0.0.1/graylog' graylog_datanode__opensearch_data_location: '/var/lib/graylog-datanode/opensearch/data' graylog_datanode__opensearch_heap: '{{ [((ansible_facts["memtotal_mb"] * 0.5) | int), 31744] | min }}m' -graylog_datanode__mongodb_uri: 'mongodb://127.0.0.1/graylog' +graylog_datanode__path_repo: [] graylog_datanode__service_enabled: true # ------ diff --git a/roles/graylog_datanode/tasks/main.yml b/roles/graylog_datanode/tasks/main.yml index fb353ecde..6bd80c3c1 100644 --- a/roles/graylog_datanode/tasks/main.yml +++ b/roles/graylog_datanode/tasks/main.yml @@ -1,3 +1,16 @@ +- block: + + - name: 'Validate that graylog_datanode__password_secret length > 16 characters' + ansible.builtin.assert: + that: + - 'graylog_datanode__password_secret | length > 16' + fail_msg: 'graylog_datanode__password_secret must be longer than 16 characters' + quiet: true + + tags: + - 'graylog_datanode' + - 'graylog_datanode:configure' + - block: - name: 'Install graylog-datanode' diff --git a/roles/graylog_datanode/templates/etc/graylog/datanode/6.1-datanode.conf.j2 b/roles/graylog_datanode/templates/etc/graylog/datanode/6.1-datanode.conf.j2 index e99cb9371..2be1544ec 100644 --- a/roles/graylog_datanode/templates/etc/graylog/datanode/6.1-datanode.conf.j2 +++ b/roles/graylog_datanode/templates/etc/graylog/datanode/6.1-datanode.conf.j2 @@ -163,3 +163,7 @@ opensearch_logs_location = /var/log/graylog-datanode/opensearch # indexer_jwt_auth_token_expiration_duration = 180s opensearch_heap = {{ graylog_datanode__opensearch_heap }} + +#### Data Tiering Properties + +path_repo = {{ graylog_datanode__path_repo | join(',') }} diff --git a/roles/graylog_datanode/templates/etc/graylog/datanode/6.2-datanode.conf.j2 b/roles/graylog_datanode/templates/etc/graylog/datanode/6.2-datanode.conf.j2 index 21d6e67ab..b0617fa58 100644 --- a/roles/graylog_datanode/templates/etc/graylog/datanode/6.2-datanode.conf.j2 +++ b/roles/graylog_datanode/templates/etc/graylog/datanode/6.2-datanode.conf.j2 @@ -163,3 +163,7 @@ opensearch_logs_location = /var/log/graylog-datanode/opensearch # indexer_jwt_auth_token_expiration_duration = 180s opensearch_heap = {{ graylog_datanode__opensearch_heap }} + +#### Data Tiering Properties + +path_repo = {{ graylog_datanode__path_repo | join(',') }} diff --git a/roles/graylog_datanode/templates/etc/graylog/datanode/6.3-datanode.conf.j2 b/roles/graylog_datanode/templates/etc/graylog/datanode/6.3-datanode.conf.j2 index 1424bde31..22c3f29f0 100644 --- a/roles/graylog_datanode/templates/etc/graylog/datanode/6.3-datanode.conf.j2 +++ b/roles/graylog_datanode/templates/etc/graylog/datanode/6.3-datanode.conf.j2 @@ -163,3 +163,7 @@ opensearch_logs_location = /var/log/graylog-datanode/opensearch # indexer_jwt_auth_token_expiration_duration = 180s opensearch_heap = {{ graylog_datanode__opensearch_heap }} + +#### Data Tiering Properties + +path_repo = {{ graylog_datanode__path_repo | join(',') }} diff --git a/roles/graylog_datanode/templates/etc/graylog/datanode/7.0-datanode.conf.j2 b/roles/graylog_datanode/templates/etc/graylog/datanode/7.0-datanode.conf.j2 index 7dd1adf6c..c838d0eda 100644 --- a/roles/graylog_datanode/templates/etc/graylog/datanode/7.0-datanode.conf.j2 +++ b/roles/graylog_datanode/templates/etc/graylog/datanode/7.0-datanode.conf.j2 @@ -163,3 +163,7 @@ opensearch_logs_location = /var/log/graylog-datanode/opensearch # indexer_jwt_auth_token_expiration_duration = 180s opensearch_heap = {{ graylog_datanode__opensearch_heap }} + +#### Data Tiering Properties + +path_repo = {{ graylog_datanode__path_repo | join(',') }} diff --git a/roles/graylog_server/tasks/main.yml b/roles/graylog_server/tasks/main.yml index 1ace6b819..6262c6a4a 100644 --- a/roles/graylog_server/tasks/main.yml +++ b/roles/graylog_server/tasks/main.yml @@ -1,3 +1,16 @@ +- block: + + - name: 'Validate that graylog_server__password_secret length > 16 characters' + ansible.builtin.assert: + that: + - 'graylog_server__password_secret | length > 16' + fail_msg: 'graylog_server__password_secret must be longer than 16 characters' + quiet: true + + tags: + - 'graylog_server' + - 'graylog_server:configure' + - block: - name: 'Install graylog-server'