diff --git a/README.md b/README.md index 85f97acf..e4d0ac68 100644 --- a/README.md +++ b/README.md @@ -342,6 +342,9 @@ In addition to es_config, the following parameters allow the customization of th es_plugins: - plugin: ingest-geoip ``` +* ```es_path_repo``` Sets the whitelist for allowing local back-up repositories +* ```es_action_auto_create_index ``` Sets the value for auto index creation, use the syntax below for specifying indexes (else true/false): + es_action_auto_create_index: '[".watches", ".triggered_watches", ".watcher-history-*"]' * ```es_allow_downgrades``` For development purposes only. (true or false (default) ) * ```es_java_install``` If set to false, Java will not be installed. (true (default) or false) * ```update_java``` Updates Java to the latest version. (true or false (default)) @@ -352,7 +355,20 @@ In addition to es_config, the following parameters allow the customization of th Earlier examples illustrate the installation of plugins using `es_plugins`. For officially supported plugins no version or source delimiter is required. The plugin script will determine the appropriate plugin version based on the target Elasticsearch version. For community based plugins include the full url. This approach should NOT be used for the X-Pack plugin. See X-Pack below for details here. -If installing Monitoring or Alerting, ensure the license plugin is also specified. Security configuration is currently not supported but planned for later versions. +If installing Monitoring or Alerting, ensure the license plugin is also specified. Security configuration currently has limited support, but more support is planned for later versions. + +To configure X-pack to send mail, the following configuration can be added to the role. When require_auth is true, you will also need to provide the user and password. If not these can be removed: +``` + es_mail_config: + account: + profile: standard + from: + require_auth: + host: + port: + user: --optional + pass: --optional +``` * ```es_user``` - defaults to elasticsearch. * ```es_group``` - defaults to elasticsearch. diff --git a/defaults/main.yml b/defaults/main.yml index ad2be6ec..524f65dd 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -22,6 +22,7 @@ es_config_log4j2: log4j2.properties.j2 es_pid_dir: "/var/run/elasticsearch" es_data_dirs: "/var/lib/elasticsearch" es_log_dir: "/var/log/elasticsearch" +es_action_auto_create_index: true es_max_open_files: 65536 es_max_threads: "{{ 2048 if ( es_version | version_compare('6.0.0', '<')) else 8192 }}" es_max_map_count: 262144 diff --git a/tasks/elasticsearch-Debian.yml b/tasks/elasticsearch-Debian.yml index ebaaa617..3677b3ed 100644 --- a/tasks/elasticsearch-Debian.yml +++ b/tasks/elasticsearch-Debian.yml @@ -25,10 +25,6 @@ - { repo: "{{ es_apt_url }}", state: "present" } when: es_use_repository -- name: Debian - Include versionlock - include: elasticsearch-Debian-version-lock.yml - when: es_version_lock - - name: Debian - Ensure elasticsearch is installed become: yes apt: name=elasticsearch{% if es_version is defined and es_version != "" %}={{ es_version }}{% endif %} state=present force={{force_install}} allow_unauthenticated={{ 'no' if es_apt_key else 'yes' }} cache_valid_time=86400 @@ -36,6 +32,10 @@ register: debian_elasticsearch_install_from_repo notify: restart elasticsearch +- name: Debian - Include versionlock + include: elasticsearch-Debian-version-lock.yml + when: es_version_lock + - name: Debian - Download elasticsearch from url get_url: url={% if es_custom_package_url is defined %}{{ es_custom_package_url }}{% else %}{{ es_package_url }}-{{ es_version }}.deb{% endif %} dest=/tmp/elasticsearch-{{ es_version }}.deb validate_certs=no when: not es_use_repository diff --git a/tasks/xpack/elasticsearch-xpack.yml b/tasks/xpack/elasticsearch-xpack.yml index ace1500a..ec82a68a 100644 --- a/tasks/xpack/elasticsearch-xpack.yml +++ b/tasks/xpack/elasticsearch-xpack.yml @@ -1,7 +1,7 @@ --- - name: set fact es_version_changed - set_fact: es_version_changed={{ ((elasticsearch_install_from_package is defined and ((debian_elasticsearch_install_from_repo is defined and debian_elasticsearch_install_from_repo.changed) or (redhat_elasticsearch_install_from_repo is defined and redhat_elasticsearch_install_from_repo.changed))) or (elasticsearch_install_from_package is defined and elasticsearch_install_from_package.changed)) }} + set_fact: es_version_changed={{ ((elasticsearch_install_from_package is defined and (debian_elasticsearch_install_from_repo.changed or redhat_elasticsearch_install_from_repo.changed)) or (elasticsearch_install_from_package is defined and elasticsearch_install_from_package.changed)) }} - name: include elasticsearch-xpack-install.yml include: elasticsearch-xpack-install.yml diff --git a/templates/elasticsearch.yml.j2 b/templates/elasticsearch.yml.j2 index 111f6f46..ef8dd9be 100644 --- a/templates/elasticsearch.yml.j2 +++ b/templates/elasticsearch.yml.j2 @@ -23,6 +23,18 @@ path.data: {{ data_dirs | array_to_str }} path.logs: {{ log_dir }} +{% if es_path_repo is defined %} +path.repo: {{ es_path_repo }} +{% endif %} + +{% if es_action_auto_create_index == true %} +action.auto_create_index: true +{% elif not es_action_auto_create_index %} +action.auto_create_index: false +{% else %} +action.auto_create_index: {{ es_action_auto_create_index }} +{% endif %} + {% if es_enable_xpack %} {% if not "security" in es_xpack_features %} xpack.security.enabled: false @@ -44,3 +56,20 @@ xpack.ml.enabled: false xpack.graph.enabled: false {% endif %} {% endif %} + +{% if es_mail_config is defined %} +xpack.notification.email: + account: + {{ es_mail_config['account'] }}: + profile: {{ es_mail_config['profile'] }} + email_defaults: + from: {{ es_mail_config['from'] }} + smtp: + auth: {{ es_mail_config['require_auth'] }} + host: {{ es_mail_config['host'] }} + port: {{ es_mail_config['port'] }} + {% if es_mail_config['require_auth'] == true %} + user: {{ es_mail_config['user'] }} + password: {{ es_mail_config['pass'] }} + {% endif %} +{% endif %}