5aff0b59f4
The osquery tooling needed a little work to be fully automated and repeatable. This change tunes up the tools and makes the entire deployment process multi-node capable and repeatable. The osquery role was vendored because of bugs within their use of aarmor profiles and there was no way to disable them. The fleet use of commands for ssl creation have been removed. The ssl modules are now being used to generate all of the certificates. New pre-tasks have been added to check for required variables. If the required variables are not set the playbooks will fail early and notify the user of the issue. Change-Id: I88c2b40ed9d9a88a39bdf07b0dce2900fda50151 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
43 lines
1.3 KiB
YAML
43 lines
1.3 KiB
YAML
---
|
|
- name: Install Kolide Fleet
|
|
hosts: "fleet_all"
|
|
become: true
|
|
|
|
vars_files:
|
|
- vars/variables.yml
|
|
|
|
environment: "{{ deployment_environment_variables | default({}) }}"
|
|
|
|
gather_facts: "{{ osa_gather_facts | default(True) }}"
|
|
|
|
pre_tasks:
|
|
- name: Test for kolide db password
|
|
fail:
|
|
msg: >-
|
|
The DB password for the Kolide / Fleet cluster is not defined. To proceed with this
|
|
installation define the variable `kolide_fleet_db_password` in line or within a
|
|
variable file.
|
|
when:
|
|
- kolide_fleet_db_password is undefined
|
|
|
|
- name: Test for kolide shared key
|
|
fail:
|
|
msg: >-
|
|
The shared token for the Kolide / Fleet cluster is not defined. To proceed with this
|
|
installation define the variable `kolide_fleet_jwt_key` in line or within a
|
|
variable file.
|
|
when:
|
|
- kolide_fleet_jwt_key is undefined
|
|
|
|
- name: Test for kolide admin password
|
|
fail:
|
|
msg: >-
|
|
The admin password for the Kolide / Fleet cluster is not defined. To proceed with this
|
|
installation define the variable `kolide_fleet_admin_password` in line or within a
|
|
variable file.
|
|
when:
|
|
- kolide_fleet_admin_password is undefined
|
|
|
|
roles:
|
|
- role: fleet
|