fws
/
ansible-roles
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update to 2020-05-27 13:00

Browse Source
master
Daniel Berteaud 5 years ago
parent c643fd3a45
commit f0481cc8a3
3 changed files with 10 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      roles/elasticsearch/templates/post-backup.j2
  2. 5
      roles/graylog/defaults/main.yml
  3. 4
      roles/graylog/templates/server.conf.j2

1
roles/elasticsearch/templates/post-backup.j2
Unescape View File

@ -6,3 +6,4 @@ rm -rf {{ es_backup_dir }}/*
# Can't delete elasticsearch dumps, set es_backup_dir to a non empty path # Can't delete elasticsearch dumps, set es_backup_dir to a non empty path
{% endif %} {% endif %}
umount /home/lbkp/es umount /home/lbkp/es
fstrim -a -v

5
roles/graylog/defaults/main.yml
Unescape View File

@ -61,3 +61,8 @@ graylog_mongodb_uri:
# If you want to obtain a cert with dehydrated # If you want to obtain a cert with dehydrated
# it'll be deployed as {{ graylog_root_dir }}/ssl/cert.pem and {{ graylog_root_dir }}/ssl/key.pem # it'll be deployed as {{ graylog_root_dir }}/ssl/cert.pem and {{ graylog_root_dir }}/ssl/key.pem
# graylog_letsencrypt_cert: graylog.domain.tls # graylog_letsencrypt_cert: graylog.domain.tls
# If set, will populate enabled_tls_protocols
# on el7, TLSv1.3 seems to break filebeat connections, so, just enable TLSv1.2
graylog_tls_versions:
- TLSv1.2

4
roles/graylog/templates/server.conf.j2
Unescape View File

@ -43,3 +43,7 @@ allow_leading_wildcard_searches = true
{% if 'dnsresolver' in graylog_plugins_to_install %} {% if 'dnsresolver' in graylog_plugins_to_install %}
dns_resolver_enabled = true dns_resolver_enabled = true
{% endif %} {% endif %}
{% if graylog_tls_versions | length > 0 %}
enabled_tls_protocols = {{ graylog_tls_versions | join(',') }}
{% endif %}

Write Preview
Loading…
Cancel
Save