44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
---
|
|
|
|
- hosts: all
|
|
#- hosts: test-kitchen
|
|
vars:
|
|
- mysql_root_password: 'Toor=2017.'
|
|
- kolide_mysql_root_pass: "{{ mysql_root_password }}"
|
|
- mysql_databases:
|
|
- name: "{{ kolide_mysql_db }}"
|
|
- mysql_users:
|
|
- name: "{{ kolide_mysql_user }}"
|
|
host: "localhost"
|
|
#host: "%"
|
|
password: "{{ kolide_mysql_pass }}"
|
|
priv: "{{ kolide_mysql_db }}.*:ALL"
|
|
- mysql_enablerepo: epel
|
|
- osquery_flags:
|
|
- '--enroll_secret_path=/etc/osquery/osquery_enroll_secret'
|
|
- "--tls_server_certs={{ ssl_dir }}/{{ ansible_fqdn }}.crt"
|
|
- '--tls_hostname=acme.kolide.co:8080'
|
|
- '--host_identifier=hostname'
|
|
- '--enroll_tls_endpoint=/api/v1/osquery/enroll'
|
|
- '--config_plugin=tls'
|
|
- '--config_tls_endpoint=/api/v1/osquery/config'
|
|
- '--config_tls_refresh=10'
|
|
- '--disable_distributed=false'
|
|
- '--distributed_plugin=tls'
|
|
- '--distributed_interval=10'
|
|
- '--distributed_tls_max_attempts=3'
|
|
- '--distributed_tls_read_endpoint=/api/v1/osquery/distributed/read'
|
|
- '--distributed_tls_write_endpoint=/api/v1/osquery/distributed/write'
|
|
- '--logger_plugin=tls'
|
|
pre_tasks:
|
|
- name: map acme.kolide.co to localhost
|
|
lineinfile:
|
|
dest: /etc/hosts
|
|
line: 127.0.0.1 acme.kolide.co
|
|
ignore_errors: true
|
|
roles:
|
|
- { role: geerlingguy.mysql, when: ansible_os_family == 'Debian' }
|
|
- juju4.kolide
|
|
- kbrebanov.osquery
|
|
|