From a3656099a78a2e94f86941cfff196bcf7181692a Mon Sep 17 00:00:00 2001
From: Temur Maisuradze <temur@grena.ge>
Date: Wed, 23 Dec 2020 18:32:36 +0400
Subject: [PATCH] stop, update and restart configs for thehive
---
roles/build/templates/thehive/Dockerfile.j2 | 7 +---
roles/build/templates/thehive/start.sh | 10 -----
.../build/templates/thehive/supervisord.conf | 10 -----
roles/build/templates/thehive/thehive.repo | 7 ----
roles/thehive/tasks/main.yml | 41 +++++--------------
roles/thehive/tasks/restart.yml | 13 ++++++
roles/thehive/tasks/start.yml | 29 +++++++++++++
roles/thehive/tasks/stop.yml | 5 +++
roles/thehive/tasks/update-config.yml | 7 ++++
soctools.yml | 6 +--
10 files changed, 69 insertions(+), 66 deletions(-)
delete mode 100644 roles/build/templates/thehive/start.sh
delete mode 100644 roles/build/templates/thehive/supervisord.conf
delete mode 100644 roles/build/templates/thehive/thehive.repo
create mode 100644 roles/thehive/tasks/restart.yml
create mode 100644 roles/thehive/tasks/start.yml
create mode 100644 roles/thehive/tasks/stop.yml
create mode 100644 roles/thehive/tasks/update-config.yml
diff --git a/roles/build/templates/thehive/Dockerfile.j2 b/roles/build/templates/thehive/Dockerfile.j2
index d5599c7..870e3ac 100644
--- a/roles/build/templates/thehive/Dockerfile.j2
+++ b/roles/build/templates/thehive/Dockerfile.j2
@@ -1,9 +1,6 @@
FROM {{repo}}/openjdk:{{version}}{{suffix}}
USER root
-#COPY thehive.repo /etc/yum.repos.d/thehive.repo
-#COPY supervisord.conf /etc/supervisord.conf
-#COPY start.sh /start.sh
RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \
echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \
@@ -12,7 +9,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
echo "gpgcheck=1" >> /etc/yum.repos.d/thehive.repo && \
yum install -y epel-release && \
rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \
- yum install -y thehive4 supervisor daemonize vim net-tools telnet htop && \
+ yum install -y thehive4 supervisor daemonize vim net-tools telnet htop rsync && \
mkdir -p /opt/thp_data/files/thehive && \
chown -R thehive:thehive /opt/thp_data/files/thehive && \
mkdir -p /home/thehive && \
@@ -21,5 +18,3 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
EXPOSE 9000
COPY thehivesupervisord.conf /etc/supervisord.conf
ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
-#USER thehive
-# ENTRYPOINT ["/start.sh"]
diff --git a/roles/build/templates/thehive/start.sh b/roles/build/templates/thehive/start.sh
deleted file mode 100644
index fa91e92..0000000
--- a/roles/build/templates/thehive/start.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-export CASSANDRA_HOME=/usr/share/cassandra
-export CASSANDRA_CONF=$CASSANDRA_HOME/conf
-export CASSANDRA_INCLUDE=$CASSANDRA_HOME/cassandra.in.sh
-log_file=/var/log/cassandra/cassandra.log
-pid_file=/var/run/cassandra/cassandra.pid
-lock_file=/var/lock/subsys/cassandra
-CASSANDRA_PROG=/usr/sbin/cassandra
-
-$CASSANDRA_PROG -p $pid_file > $log_file 2>&1
diff --git a/roles/build/templates/thehive/supervisord.conf b/roles/build/templates/thehive/supervisord.conf
deleted file mode 100644
index d1f405e..0000000
--- a/roles/build/templates/thehive/supervisord.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-[supervisord]
-loglevel=debug
-nodaemon=true
-[program:cassandra]
-user=cassandra
-directory=/usr/share/cassandra
-stdout_logfile=/var/log/cassandra/cassandra.log
-redirect_stderr=true
-environment=CASSANDRA_HOME="/usr/share/cassandra",CASSANDRA_CONF="/usr/share/cassandra/conf",CASSANDRA_INCLUDE="$CASSANDRA_HOME/cassandra.in.sh"
-command=/usr/sbin/cassandra -p /var/run/cassandra/cassandra.pid
diff --git a/roles/build/templates/thehive/thehive.repo b/roles/build/templates/thehive/thehive.repo
deleted file mode 100644
index ff38064..0000000
--- a/roles/build/templates/thehive/thehive.repo
+++ /dev/null
@@ -1,7 +0,0 @@
-[thehive-project]
-enabled=1
-priority=1
-name=TheHive-Project RPM repository
-baseurl=http://rpm.thehive-project.org/stable/noarch
-gpgcheck=1
-
diff --git a/roles/thehive/tasks/main.yml b/roles/thehive/tasks/main.yml
index b9ed5b5..a0f7edf 100644
--- a/roles/thehive/tasks/main.yml
+++ b/roles/thehive/tasks/main.yml
@@ -1,37 +1,18 @@
---
-- name: Configure TheHive
- remote_user: thehive
- template:
- src: application.conf.j2
- dest: /etc/thehive/application.conf
+- include: start.yml
tags:
- - start
-
-- name: Start TheHive
- remote_user: root
- command: "supervisorctl start thehive"
+ - start
+- include: stop.yml
tags:
- - start
-
-- name: Wait for TheHive
- remote_user: root
- wait_for:
- host: "{{groups['thehive'][0]}}"
- port: 9000
- state: started
- delay: 5
+ - stop
+ - stop-thehive
+- include: update-config.yml
tags:
- - start
-
-- name: Set Autostart for supervisord's services
- shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf"
- tags:
- - start
-
-- name: Stop TheHive
- remote_user: root
- command: "supervisorctl stop thehive"
+ - update-config
+ - update-thehive-config
+- include: restart.yml
tags:
- - stop
+ - restart
+ - restart-thehive
diff --git a/roles/thehive/tasks/restart.yml b/roles/thehive/tasks/restart.yml
new file mode 100644
index 0000000..f3b3644
--- /dev/null
+++ b/roles/thehive/tasks/restart.yml
@@ -0,0 +1,13 @@
+---
+
+- name: Restart TheHive
+ remote_user: root
+ command: "supervisorctl restart thehive"
+
+- name: Wait for TheHive
+ remote_user: root
+ wait_for:
+ host: "{{groups['thehive'][0]}}"
+ port: 9000
+ state: started
+ delay: 5
diff --git a/roles/thehive/tasks/start.yml b/roles/thehive/tasks/start.yml
new file mode 100644
index 0000000..e1766f5
--- /dev/null
+++ b/roles/thehive/tasks/start.yml
@@ -0,0 +1,29 @@
+---
+
+- name: Configure TheHive
+ remote_user: thehive
+ template:
+ src: application.conf.j2
+ dest: /etc/thehive/application.conf
+
+- name: Start TheHive
+ remote_user: root
+ command: "supervisorctl start thehive"
+
+- name: Wait for TheHive
+ remote_user: root
+ wait_for:
+ host: "{{groups['thehive'][0]}}"
+ port: 9000
+ state: started
+ delay: 5
+
+- name: Set Autostart for supervisord's services
+ replace:
+ path: /etc/supervisord.conf
+ regexp: '^autostart=false$'
+ replace: 'autostart=true'
+
+- name: Stop TheHive
+ remote_user: root
+ command: "supervisorctl stop thehive"
diff --git a/roles/thehive/tasks/stop.yml b/roles/thehive/tasks/stop.yml
new file mode 100644
index 0000000..87d605a
--- /dev/null
+++ b/roles/thehive/tasks/stop.yml
@@ -0,0 +1,5 @@
+---
+
+- name: Stop TheHive
+ remote_user: root
+ command: "supervisorctl stop thehive"
diff --git a/roles/thehive/tasks/update-config.yml b/roles/thehive/tasks/update-config.yml
new file mode 100644
index 0000000..7b02823
--- /dev/null
+++ b/roles/thehive/tasks/update-config.yml
@@ -0,0 +1,7 @@
+---
+
+- name: Configure TheHive
+ remote_user: thehive
+ template:
+ src: application.conf.j2
+ dest: /etc/thehive/application.conf
diff --git a/soctools.yml b/soctools.yml
index b798d97..142b7e5 100644
--- a/soctools.yml
+++ b/soctools.yml
@@ -6,12 +6,12 @@
- name: Stop soctools cluster
import_playbook: stopsoctools.yml
- when: "'stop' in ansible_run_tags"
+ when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags"
- name: Update soctools cluster configs
import_playbook: update-config-soctools.yml
- when: "'update-config' in ansible_run_tags"
+ when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags"
- name: restart soctools cluster servics
import_playbook: restart-soctools.yml
- when: "'restart' in ansible_run_tags"
+ when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags"
--
GitLab