init.sls 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108
  1. #
  2. # graylog
  3. #
  4. {% set graylog_config = salt['pillar.get']('logging:graylog') %}
  5. {% set mongodb_version = '5.0' %}
  6. {% set mongodb_admin_username = graylog_config['mongodb_admin_username'] %}
  7. {% set mongodb_admin_password = graylog_config['mongodb_admin_password'] %}
  8. {% set mongodb_admin_roles = graylog_config['mongodb_admin_roles'] %}
  9. {% include '../mongodb/init.sls' %}
  10. include:
  11. - elasticsearch
  12. mongouser:
  13. mongodb_user.present:
  14. - name: {{ graylog_config['mongodb_username'] }}
  15. - passwd: {{ graylog_config['mongodb_password'] }}
  16. - database: graylog
  17. - roles: {{ graylog_config['mongodb_roles'] }}
  18. - user: {{ mongodb_admin_username }}
  19. - password: {{ mongodb_admin_password }}
  20. graylog-repo:
  21. # add Graylog Repo
  22. pkgrepo.managed:
  23. - humanname: Graylog Repo
  24. - name: deb https://packages.graylog2.org/repo/debian/ stable 5.0
  25. - file: /etc/apt/sources.list.d/graylog.list
  26. - key_url: https://packages.graylog2.org/repo/debian/keyring.gpg
  27. # install graylog
  28. graylog-server:
  29. pkg.installed:
  30. - pkgs:
  31. - graylog-server
  32. - python3-ldap
  33. - ca-certificates-java
  34. - require:
  35. - pkgrepo: graylog-repo
  36. - service: mongodb
  37. - service: elasticsearch
  38. service.running:
  39. - enable: True
  40. - require:
  41. - pkg: graylog-server
  42. - file: /etc/graylog/server/server.conf
  43. - watch:
  44. - file: /etc/graylog/server/server.conf
  45. /etc/graylog/server/server.conf:
  46. file.managed:
  47. - source: salt://graylog/server.conf.tmpl
  48. - template: jinja
  49. - context:
  50. graylog_config: {{ graylog_config }}
  51. - require:
  52. - pkg: graylog-server
  53. /etc/default/graylog-server:
  54. file.managed:
  55. - source: salt://graylog/default-graylog-server
  56. - mode: 644
  57. - require:
  58. - pkg: graylog-server
  59. # Default connection config for graylog api scripts
  60. /etc/graylog-api-scripts.conf:
  61. file.managed:
  62. - source: salt://graylog/graylog-api-scripts.conf.tmpl
  63. - mode: 600
  64. - template: jinja
  65. - context:
  66. graylog_config: {{ graylog_config }}
  67. # Install cronjob and notification script
  68. /etc/cron.d/graylog-system-notifications:
  69. file.managed:
  70. - source: salt://graylog/graylog-system-notifications.cron
  71. /usr/local/sbin/graylog-system-notifications:
  72. file.managed:
  73. - source: salt://graylog/graylog-system-notifications
  74. - mode: 700
  75. - template: jinja
  76. - context:
  77. graylog_config: {{ graylog_config }}
  78. # Install cronjob, group mapping script and config files
  79. /etc/graylog-group-mapping.conf:
  80. file.managed:
  81. - source: salt://graylog/graylog-group-mapping.conf.tmpl
  82. - mode: 600
  83. - template: jinja
  84. - context:
  85. graylog_config: {{ graylog_config }}
  86. /etc/cron.d/graylog-group-mapping:
  87. file.managed:
  88. - source: salt://graylog/graylog-group-mapping.cron
  89. /usr/local/sbin/graylog-group-mapping:
  90. file.managed:
  91. - source: salt://graylog/graylog-group-mapping
  92. - mode: 700
  93. - template: jinja
  94. - context:
  95. graylog_config: {{ graylog_config }}