Skip to content

Instantly share code, notes, and snippets.

@Craigson
Last active January 23, 2021 18:35
Show Gist options
  • Save Craigson/20d534bd9983d09438e564386a0ea7cd to your computer and use it in GitHub Desktop.
Save Craigson/20d534bd9983d09438e564386a0ea7cd to your computer and use it in GitHub Desktop.
Examining the playbook and roles for deploying Kibana and Nginx
deploy_services.yaml
# Deploy Kibana and Nginx
- name: Deploy Kibana & Nginx
hosts: kibana-nginx
vars:
subnet: 172.22.0.0/24
agent_name: "log_3_kibana_nginx"
agent_tags: "log3,logger"
agent_provider: "1" # <=== replace this
service_name: "kibana-nginx"
network_name: "syntropynet"
roles:
- create_docker_network
- launch_nginx_proxy
- launch_letsencrypt_companion
- launch_syntropy_agent
- launch_kibana
...
roles/launch_nginx_proxy/tasks/main.yaml
- name: Copy DuckDNS htpasswd credentials
copy:
content: "{{htpasswd_credentials}}" # <====== from your secrets.yml
dest: "~/{{duck_dns_domain}}" # <====== from your secrets.yml
mode: "0644"
- name: Launch Nginx proxy
docker_container:
image: jwilder/nginx-proxy
name: nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- "~/{{duck_dns_domain}}:/etc/nginx/htpasswd/{{duck_dns_domain}}" # <====== USES YOUR HTPASSWD CREDENTIALS
- /etc/nginx/vhost.d
- /etc/nginx/certs
- /usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
restart: true
purge_networks: yes
networks:
- name: "{{network_name}}"
...
roles/launch_letsencrypt_companion/tasks/main.yaml
- include_vars: ../../../secrets.yaml
- name: Launch letsencrypt
docker_container:
image: jrcs/letsencrypt-nginx-proxy-companion
name: letsencrypt-nginx
volumes_from:
- nginx-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
env:
DEFAULT_EMAIL: "{{letsencrypt_email}}"
purge_networks: yes
networks:
- name: "{{network_name}}"
...
roles/launch_kibana/tasks/main.yaml
- include_vars: ../../../secrets.yaml
- name: Copy Kibana template
copy:
src: kibana.yaml
dest: ~/auth/
mode: "0644"
- name: Launch kibana
docker_container:
image: docker.elastic.co/kibana/kibana:7.10.2
name: kibana
volumes:
- ~/auth/kibana.yaml:/usr/share/kibana/config/kibana.yml
env:
discovery.type: "single-node"
VIRTUAL_HOST: "{{duck_dns_domain}}"
VIRTUAL_PORT: "5601"
LETSENCRYPT_HOST: "{{duck_dns_domain}}"
LETSENCRYPT_EMAIL: "{{letsencrypt_email}}"
purge_networks: yes
networks:
- name: "{{network_name}}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment