From d2e2e6745cd865bcf6c9e7a395e7200ae2be5f6f Mon Sep 17 00:00:00 2001 From: Temur Maisuradze <temur@grena.ge> Date: Fri, 25 Dec 2020 18:01:39 +0400 Subject: [PATCH] stop, update and restart configs for cortex --- HOWTOS.md | 3 + roles/build/templates/cortex/Dockerfile.j2 | 2 +- roles/cortex/tasks/main.yml | 102 +++------------------ roles/cortex/tasks/restart.yml | 18 ++++ roles/cortex/tasks/start.yml | 56 +++++++++++ roles/cortex/tasks/stop.yml | 9 ++ roles/cortex/tasks/update-config.yml | 14 +++ soctools.yml | 8 +- 8 files changed, 117 insertions(+), 95 deletions(-) create mode 100644 roles/cortex/tasks/restart.yml create mode 100644 roles/cortex/tasks/start.yml create mode 100644 roles/cortex/tasks/stop.yml create mode 100644 roles/cortex/tasks/update-config.yml diff --git a/HOWTOS.md b/HOWTOS.md index a80cc5a..a9090b5 100644 --- a/HOWTOS.md +++ b/HOWTOS.md @@ -20,6 +20,7 @@ To update configuration files for all docker containers together, run the follow To update configuration files only for specific services, run the following commands: ansible-playbook -i inventories soctools.yml -t update-keycloak-config ansible-playbook -i inventories soctools.yml -t update-thehive-config + ansible-playbook -i inventories soctools.yml -t update-cortex-config Restart services inside docker containers using Ansible @@ -29,6 +30,7 @@ To restart services for all docker containers together, run the following comman To restart services only for specific docker containers, run the following commands: ansible-playbook -i inventories soctools.yml -t restart-keycloak ansible-playbook -i inventories soctools.yml -t restart-thehive + ansible-playbook -i inventories soctools.yml -t restart-cortex Stop services inside docker containers using Ansible ---------------------------------------------------- @@ -37,6 +39,7 @@ To stop services for all docker containers together, run the following command: To stop services only for specific docker containers, run the following commands: ansible-playbook -i inventories soctools.yml -t stop-keycloak ansible-playbook -i inventories soctools.yml -t stop-thehive + ansible-playbook -i inventories soctools.yml -t stop-cortex Restart services inside docker containers manually -------------------------------------------------- diff --git a/roles/build/templates/cortex/Dockerfile.j2 b/roles/build/templates/cortex/Dockerfile.j2 index 76c6066..ceeb6a5 100644 --- a/roles/build/templates/cortex/Dockerfile.j2 +++ b/roles/build/templates/cortex/Dockerfile.j2 @@ -10,7 +10,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ yum install -y epel-release && \ rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ - yum install -y cortex supervisor daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \ + yum install -y cortex supervisor rsync daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \ rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.8.13.rpm && \ chown -R elasticsearch:elasticsearch /etc/elasticsearch && \ mkdir -p /home/cortex && \ diff --git a/roles/cortex/tasks/main.yml b/roles/cortex/tasks/main.yml index 0c150c2..42dbce2 100644 --- a/roles/cortex/tasks/main.yml +++ b/roles/cortex/tasks/main.yml @@ -1,96 +1,18 @@ --- -- name: Copy cacert to ca-trust dir - remote_user: root - copy: - src: "files/{{ca_cn}}.crt" - dest: /etc/pki/ca-trust/source/anchors/ca.crt +- include: start.yml tags: - - start - - startcortex - -- name: Install cacert to root truststore - remote_user: root - command: "update-ca-trust" - tags: - - start - - startcortex - -- name: Copy certificates in cortex conf dir - remote_user: cortex - copy: - src: "{{ item }}" - dest: "/etc/cortex/{{ item }}" - mode: 0600 - with_items: - - "{{ inventory_hostname }}.p12" - - "{{ inventory_hostname }}.crt" - - "{{ inventory_hostname }}.key" - - cacerts.jks - - "{{ca_cn}}.crt" - tags: - - start - - startcortex - -- name: Configure embedded Elasticsearch 6 - remote_user: root - template: - src: jvm.options.j2 - dest: /etc/elasticsearch/jvm.options - tags: - - start - - startcortex - -- name: Start embedded Elasticsearch 6 - remote_user: root - command: "supervisorctl start elasticsearch" - tags: - - start - - startcortex - -- name: Configure Cortex - remote_user: cortex - template: - src: application.conf.j2 - dest: /etc/cortex/application.conf + - start + - startcortex +- include: stop.yml tags: - - start - - startcortex - -- name: Start Cortex - remote_user: root - command: "supervisorctl start cortex" + - stop + - stop-cortex +- include: update-config.yml tags: - - start - - startcortex - -- name: Wait for Cortex - remote_user: root - wait_for: - host: "{{groups['cortex'][0]}}" - port: 9001 - state: started - delay: 5 + - update-config + - update-cortex-config +- include: restart.yml tags: - - start - - startcortex - -- name: Set Autostart for supervisord's services - shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf" - tags: - - start - -- name: Stop Elasticsearch - remote_user: root - command: "supervisorctl stop elasticsearch" - tags: - - stop - - stopelasticsearch - -- name: Stop Cortex - remote_user: root - command: "supervisorctl stop cortex" - tags: - - stop - - stopcortex - + - restart + - restart-cortex diff --git a/roles/cortex/tasks/restart.yml b/roles/cortex/tasks/restart.yml new file mode 100644 index 0000000..2c4486b --- /dev/null +++ b/roles/cortex/tasks/restart.yml @@ -0,0 +1,18 @@ +--- + +- name: Restart embedded Elasticsearch 6 + remote_user: root + command: "supervisorctl restart elasticsearch" + +- name: Restart Cortex + remote_user: root + command: "supervisorctl restart cortex" + +- name: Wait for Cortex + remote_user: root + wait_for: + host: "{{groups['cortex'][0]}}" + port: 9001 + state: started + delay: 5 + diff --git a/roles/cortex/tasks/start.yml b/roles/cortex/tasks/start.yml new file mode 100644 index 0000000..b80b61c --- /dev/null +++ b/roles/cortex/tasks/start.yml @@ -0,0 +1,56 @@ +--- + +- name: Copy cacert to ca-trust dir + remote_user: root + copy: + src: "files/{{ca_cn}}.crt" + dest: /etc/pki/ca-trust/source/anchors/ca.crt + +- name: Install cacert to root truststore + remote_user: root + command: "update-ca-trust" + +- name: Copy certificates in cortex conf dir + remote_user: cortex + copy: + src: "{{ item }}" + dest: "/etc/cortex/{{ item }}" + mode: 0600 + with_items: + - "{{ inventory_hostname }}.p12" + - "{{ inventory_hostname }}.crt" + - "{{ inventory_hostname }}.key" + - cacerts.jks + - "{{ca_cn}}.crt" + +- name: Configure embedded Elasticsearch 6 + remote_user: root + template: + src: jvm.options.j2 + dest: /etc/elasticsearch/jvm.options + +- name: Start embedded Elasticsearch 6 + remote_user: root + command: "supervisorctl start elasticsearch" + +- name: Configure Cortex + remote_user: cortex + template: + src: application.conf.j2 + dest: /etc/cortex/application.conf + +- name: Start Cortex + remote_user: root + command: "supervisorctl start cortex" + +- name: Wait for Cortex + remote_user: root + wait_for: + host: "{{groups['cortex'][0]}}" + port: 9001 + state: started + delay: 5 + +- name: Set Autostart for supervisord's services + shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf" + diff --git a/roles/cortex/tasks/stop.yml b/roles/cortex/tasks/stop.yml new file mode 100644 index 0000000..97dd720 --- /dev/null +++ b/roles/cortex/tasks/stop.yml @@ -0,0 +1,9 @@ +--- + +- name: Stop Elasticsearch + remote_user: root + command: "supervisorctl stop elasticsearch" + +- name: Stop Cortex + remote_user: root + command: "supervisorctl stop cortex" diff --git a/roles/cortex/tasks/update-config.yml b/roles/cortex/tasks/update-config.yml new file mode 100644 index 0000000..a49f24f --- /dev/null +++ b/roles/cortex/tasks/update-config.yml @@ -0,0 +1,14 @@ +--- + +- name: Configure embedded Elasticsearch 6 + remote_user: root + template: + src: jvm.options.j2 + dest: /etc/elasticsearch/jvm.options + +- name: Configure Cortex + remote_user: cortex + template: + src: application.conf.j2 + dest: /etc/cortex/application.conf + diff --git a/soctools.yml b/soctools.yml index 142b7e5..d89befd 100644 --- a/soctools.yml +++ b/soctools.yml @@ -2,16 +2,16 @@ - name: Start soctools cluster import_playbook: startsoctools.yml - when: "'start' in ansible_run_tags or 'config' in ansible_run_tags" + when: "'start' or 'config' in ansible_run_tags" - name: Stop soctools cluster import_playbook: stopsoctools.yml - when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags" + when: "'stop' or 'stop-thehive' or 'stop-keycloak' or 'stop-cortex' in ansible_run_tags" - name: Update soctools cluster configs import_playbook: update-config-soctools.yml - when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags" + when: "'update-config' or 'update-keycloak-config' or 'update-thehive-config' or 'update-cortex-config' in ansible_run_tags" - name: restart soctools cluster servics import_playbook: restart-soctools.yml - when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags" + when: "'restart' or 'restart-thehive' or 'restart-keycloak' or 'restart-cortex' in ansible_run_tags" -- GitLab