commit 34c7873af90f9358153fc1d430d8b11c464f7263 Author: phil Date: Sat May 13 08:30:14 2023 +0200 Inital commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..9b91e1f --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ +Opensearch +========== + +Installation and configuration of [Opensearche](https://opensearch.org/). diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..1210d43 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,8 @@ +--- +opensearch_apt_key_url: https://artifacts.opensearch.org/publickeys/opensearch.pgp +opensearch_apt_repo: https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main +opensearch_network_host: 127.0.0.1 +opensearch_http_port: 9200 +opensearch_attachment_max_size: 50 +opensearch_plugin_update_script: update-opensearch-plugins +opensearch_monit_service: opensearch diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..0e9a185 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: reload monit + ansible.builtin.service: + name: monit + state: reloaded + +- name: restart opensearch + ansible.builtin.service: + name: opensearch + state: restarted diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..4e509b9 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,10 @@ +galaxy_info: + author: systemausfall.org + description: Install and configure Opensearch + company: Sense.Lab e.V. + license: GPLv3 + min_ansible_version: "2.9" + platforms: + - name: Debian + versions: + - bullseye diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..56fdfb7 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,66 @@ +--- +- name: "Opensearch | Füge Schlüssel des Apt-Repositories hinzu" + ansible.builtin.apt_key: + url: "{{ opensearch_apt_key_url }}" + +- name: "Opensearch | Füge Repository hinzu" + ansible.builtin.apt_repository: + repo: "deb {{ opensearch_apt_repo }}" + update_cache: true + +- name: "Opensearch | Installiere deb-Paket" + ansible.builtin.apt: + name: opensearch + +- name: "Opensearch | Installiere Ingest-Plugin" + ansible.builtin.command: + cmd: ./opensearch-plugin install ingest-attachment --batch + chdir: /usr/share/opensearch/bin/ + creates: /usr/share/opensearch/plugins/ingest-attachment + become: true + become_user: opensearch + +- name: "Opensearch | Kopiere Opensearch-Konfiguration" + ansible.builtin.template: + src: opensearch.yml.j2 + dest: /etc/opensearch/opensearch.yml + mode: "0644" + +- name: "Opensearch | Setze empfohlene Optionen" + ansible.builtin.replace: + path: /etc/opensearch/jvm.options + regexp: "{{ item.regexp }}" + replace: "{{ item.replace }}" + loop: + - regexp: '^-Xms[0-9]*g$' + replace: -Xms{{ (ansible_memtotal_mb / 1024 * 0.5) | round | int }}g + - regexp: '^-Xmx[0-9]*g$' + replace: -Xmx{{ (ansible_memtotal_mb / 1024 * 0.5) | round | int }}g + notify: restart opensearch + +- name: "Opensearch | Starte Opensearch-Dienst" + ansible.builtin.systemd: + name: opensearch + enabled: true + state: started + daemon_reload: true + +- name: "Opensearch | Richte Monit-Überwachung ein" + ansible.builtin.template: + src: opensearch.monit.j2 + dest: /etc/monit/conf-enabled/opensearch + mode: "0644" + notify: reload monit + +- name: "Opensearch | Kopiere Update-Skript" + ansible.builtin.template: + src: update-opensearch-plugins.j2 + dest: "/usr/local/bin/{{ opensearch_plugin_update_script }}" + mode: "0755" + +- name: "Opensearch | Kopiere DPKG-Hook" + ansible.builtin.template: + src: 72opensearch-updates.j2 + dest: /etc/apt/apt.conf.d/72opensearch-updates + mode: "0644" + \ No newline at end of file diff --git a/templates/72opensearch-updates.j2 b/templates/72opensearch-updates.j2 new file mode 100644 index 0000000..bdf3334 --- /dev/null +++ b/templates/72opensearch-updates.j2 @@ -0,0 +1,5 @@ +# {{ ansible_managed }} +# Neuinstallation der Plugins + +DPkg::Pre-Invoke {"/usr/local/bin//{{ opensearch_plugin_update_script }} purge";}; +DPkg::Post-Invoke {"/usr/local/bin//{{ opensearch_plugin_update_script }} install";}; diff --git a/templates/opensearch.monit.j2 b/templates/opensearch.monit.j2 new file mode 100644 index 0000000..8555f06 --- /dev/null +++ b/templates/opensearch.monit.j2 @@ -0,0 +1,7 @@ +# {{ ansible_managed }} + +check process {{ opensearch_monit_service }} with pidfile /run/opensearch/opensearch.pid + start program = "/usr/sbin/service opensearch start" + stop program = "/usr/sbin/service opensearch stop" + if failed host {{ opensearch_network_host }} port {{ opensearch_http_port }} for 3 cycles then restart + if 5 restarts within 5 cycles then timeout diff --git a/templates/opensearch.yml.j2 b/templates/opensearch.yml.j2 new file mode 100644 index 0000000..0b921d3 --- /dev/null +++ b/templates/opensearch.yml.j2 @@ -0,0 +1,11 @@ +# {{ ansible_managed }} + +path.data: /var/lib/opensearch +path.logs: /var/log/opensearch + +network.host: {{ opensearch_network_host }} +http.port: {{ opensearch_http_port }} +discovery.type: single-node + +compatibility.override_main_response_version: true +plugins.security.disabled: true