Merge branch 'dev5' into 'master'

Dev5

See merge request !2

dockercontainers.yml

+---
+
+- name: Manage docker containers 
+  hosts: soctoolsmain
+  roles:
+    - docker
+

initsoctools.yml

+---
+
+- name: Reconfigure and start haproxy
+  hosts: haproxy
+  roles:
+    - haproxy
+
+- name: Reconfigure and start mysql
+  hosts: mysql
+  roles:
+    - mysql
+
+- name: Reconfigure and start Cassandra
+  hosts: cassandra
+  roles:
+    - cassandra
+
+- name: Reconfigure and start Keycloak
+  hosts: keycloakcontainers
+  roles:
+    - keycloak
+
+- name: Reconfigure and start MISP
+  hosts: mispcontainers
+  roles:
+    - misp
+
+- name: Reconfigure and start NiFi
+  hosts: nificontainers
+  roles:
+    - nifi
+
+- name: Reconfigure and start TheHive
+  hosts: thehive
+  roles:
+    - thehive
+
+- name: Reconfigure and start Cortex
+  hosts: cortex
+  roles:
+    - cortex
+
+- name: Reconfigure and start OpenDistro for Elasticsearch
+  hosts: odfeescontainers
+  roles:
+    - odfees
+
+- name: Reconfigure and start OpenDistro Kibana for Elasticsearch
+  hosts: odfekibanacontainers
+  roles:
+    - odfekibana
+
+- name: Install and run filebeat
+  hosts: filebeat
+  roles:
+    - filebeat
+

roles/cassandra/tasks/init.yml

+---
+
+- name: Configure Cassandra
+  remote_user: cassandra
+  template:
+    src: cassandra.yaml.j2
+    dest: /usr/share/cassandra/conf/cassandra.yaml
+
+- name: Set Autostart for supervisord's services
+  replace:
+    path: /etc/supervisord.conf
+    regexp: '^autostart=false$'
+    replace: 'autostart=true'
+
+

roles/cassandra/tasks/main.yml

 ---
 
+- include: init.yml
+  tags:
+   - init
 - include: start.yml
   tags:
    - start
+   - start-cassandra
+   - init
 - include: stop.yml
   tags:
    - stop

roles/cassandra/tasks/restart.yml

@@ -4,3 +4,10 @@
   remote_user: root
   command: "supervisorctl restart cassandra"
 
+- name: Wait for Cassandra
+  remote_user: root
+  wait_for:
+    host: "{{groups['cassandra'][0]}}"
+    port: 9042
+    state: started
+    delay: 5

roles/cassandra/tasks/start.yml

 ---
 
-- name: Configure Cassandra
-  remote_user: cassandra
-  template:
-    src: cassandra.yaml.j2
-    dest: /usr/share/cassandra/conf/cassandra.yaml
-
 - name: Start Cassandra
   remote_user: root
   command: "supervisorctl start cassandra"
@@ -18,10 +12,4 @@
     state: started
     delay: 5
 
-- name: Set Autostart for supervisord's services
-  replace:
-    path: /etc/supervisord.conf
-    regexp: '^autostart=false$'
-    replace: 'autostart=true'
-
 

roles/cassandra/tasks/update-config.yml

@@ -6,10 +6,3 @@
     src: cassandra.yaml.j2
     dest: /usr/share/cassandra/conf/cassandra.yaml
 
-- name: Wait for Cassandra
-  remote_user: root
-  wait_for:
-    host: "{{groups['cassandra'][0]}}"
-    port: 9042
-    state: started
-    delay: 5

roles/cortex/tasks/init.yml

+---
+
+- name: Copy cacert to ca-trust dir
+  remote_user: root
+  copy:
+    src: "{{playbook_dir}}/secrets/CA/ca.crt"
+    dest: /etc/pki/ca-trust/source/anchors/ca.crt
+
+- name: Install cacert to root truststore
+  remote_user: root
+  command: "update-ca-trust"
+
+- name: Copy certificates in cortex conf dir
+  remote_user: cortex
+  copy:
+    src:  "{{ item }}"
+    dest: "/etc/cortex/"
+    mode: 0600
+  with_items:
+    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12"
+    - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt"
+    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key"
+    - "{{playbook_dir}}/secrets/CA/cacerts.jks"
+    - "{{playbook_dir}}/secrets/CA/ca.crt"
+
+- name: Get openid authkey
+  set_fact:
+    cortexsecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/cortexsecret',convert_data=False) | from_json}}"
+
+- name: Configure embedded Elasticsearch 6
+  remote_user: root
+  template:
+    src: jvm.options.j2
+    dest: /etc/elasticsearch/jvm.options
+
+- name: Configure Cortex
+  remote_user: cortex
+  template:
+    src: application.conf.j2
+    dest: /etc/cortex/application.conf
+
+- name: Set Autostart for supervisord's services
+  replace:
+    path: /etc/supervisord.conf
+    regexp: '^autostart=false$'
+    replace: 'autostart=true'
+

roles/cortex/tasks/main.yml

 ---
 
+- include: init.yml
+  tags:
+   - init
 - include: start.yml
   tags:
    - start
+   - start-cortex
+   - init
 - include: stop.yml
   tags:
    - stop

roles/cortex/tasks/start.yml

 ---
 
-- name: Copy cacert to ca-trust dir
-  remote_user: root
-  copy:
-    src: "{{playbook_dir}}/secrets/CA/ca.crt"
-    dest: /etc/pki/ca-trust/source/anchors/ca.crt
-
-- name: Install cacert to root truststore
-  remote_user: root
-  command: "update-ca-trust"
-
-- name: Copy certificates in cortex conf dir
-  remote_user: cortex
-  copy:
-    src:  "{{ item }}"
-    dest: "/etc/cortex/"
-    mode: 0600
-  with_items:
-    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12"
-    - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt"
-    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key"
-    - "{{playbook_dir}}/secrets/CA/cacerts.jks"
-    - "{{playbook_dir}}/secrets/CA/ca.crt"
-
-- name: Get openid authkey
-  set_fact:
-    cortexsecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/cortexsecret',convert_data=False) | from_json}}"
-
-- name: Configure embedded Elasticsearch 6
-  remote_user: root
-  template:
-    src: jvm.options.j2
-    dest: /etc/elasticsearch/jvm.options
-
 - name: Start embedded Elasticsearch 6
   remote_user: root
   command: "supervisorctl start elasticsearch"
 
-- name: Configure Cortex
-  remote_user: cortex
-  template:
-    src: application.conf.j2
-    dest: /etc/cortex/application.conf
-
 - name: Start Cortex
   remote_user: root
   command: "supervisorctl start cortex"
@@ -55,9 +16,3 @@
     state: started
     delay: 5
 
-- name: Set Autostart for supervisord's services
-  replace:
-    path: /etc/supervisord.conf
-    regexp: '^autostart=false$'
-    replace: 'autostart=true'
-

roles/docker/tasks/cassandra.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['cassandra'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect cassandra containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['cassandra'] }}"
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/cortex.yml

@@ -8,15 +8,12 @@
     networks:
       - name: "{{ soctools_netname }}"
     networks_cli_compatible: yes
-#    published_ports:
-#      - "9001:9001"
     volumes: 
       - "{{item}}:/var/lib/elasticsearch/"
     interactive: "yes"
   with_items: "{{ groups['cortex'] }}"
   tags:
-    - start
-    - startcortex
+    - start-docker-containers
 
 - name: Disconnect cortex containers from network and remove
   docker_container:
@@ -24,5 +21,4 @@
     state: absent
   with_items: "{{ groups['cortex'] }}"
   tags:
-    - stop
-    - stopcortex
+    - stop-docker-containers

roles/docker/tasks/haproxy.yml

@@ -21,11 +21,11 @@
       - "9001:9001"
     interactive: "yes"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Destroy haproxy container
   docker_container:
     name: "{{ haproxy_name }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers

roles/docker/tasks/keycloak.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['keycloakcontainers'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect keycloak containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['keycloakcontainers'] }}"
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/misp.yml

@@ -12,11 +12,11 @@
     published_ports:
       - "6443:6443"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Destroy misp container
   docker_container:
     name: "{{ misp_name }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers

roles/docker/tasks/mysql.yml

@@ -11,11 +11,11 @@
     volumes:
       - "{{mysql_name}}:/var/opt/rh/rh-mariadb103/lib/mysql"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Destroy mysql container
   docker_container:
     name: "{{ mysql_name }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers

roles/docker/tasks/networkcreate.yml

@@ -7,6 +7,5 @@
     ipam_config:
       - subnet: "{{ soctools_network }}"
   tags:
-    - start
-    - startcortex
+    - start-docker-containers
 

roles/docker/tasks/networkremove.yml

@@ -5,5 +5,5 @@
     name: "{{ soctools_netname }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/nifi.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['nificontainers'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect Nifi containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['nificontainers'] }}"
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/odfees.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['odfeescontainers'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect odfe elasticsearch containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['odfeescontainers'] }}"
   tags:
-    - stop
+    - stop-docker-containers