Commit 16769791 authored by Temur Maisuradze's avatar Temur Maisuradze
Browse files

revert last 3 commits back as it coused some errors in keycloak and nifi

parent 6ec74544
......@@ -20,7 +20,6 @@ To update configuration files for all docker containers together, run the follow
To update configuration files only for specific services, run the following commands:
ansible-playbook -i inventories soctools.yml -t update-keycloak-config
ansible-playbook -i inventories soctools.yml -t update-thehive-config
ansible-playbook -i inventories soctools.yml -t update-cortex-config
Restart services inside docker containers using Ansible
......@@ -30,7 +29,6 @@ To restart services for all docker containers together, run the following comman
To restart services only for specific docker containers, run the following commands:
ansible-playbook -i inventories soctools.yml -t restart-keycloak
ansible-playbook -i inventories soctools.yml -t restart-thehive
ansible-playbook -i inventories soctools.yml -t restart-cortex
Stop services inside docker containers using Ansible
----------------------------------------------------
......@@ -39,7 +37,6 @@ To stop services for all docker containers together, run the following command:
To stop services only for specific docker containers, run the following commands:
ansible-playbook -i inventories soctools.yml -t stop-keycloak
ansible-playbook -i inventories soctools.yml -t stop-thehive
ansible-playbook -i inventories soctools.yml -t stop-cortex
Restart services inside docker containers manually
--------------------------------------------------
......
......@@ -10,7 +10,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
yum install -y epel-release && \
rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \
yum install -y cortex supervisor rsync daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \
yum install -y cortex supervisor daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \
rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.8.13.rpm && \
chown -R elasticsearch:elasticsearch /etc/elasticsearch && \
mkdir -p /home/cortex && \
......
---
- include: start.yml
- name: Copy cacert to ca-trust dir
remote_user: root
copy:
src: "files/{{ca_cn}}.crt"
dest: /etc/pki/ca-trust/source/anchors/ca.crt
tags:
- start
- startcortex
- include: stop.yml
- start
- startcortex
- name: Install cacert to root truststore
remote_user: root
command: "update-ca-trust"
tags:
- start
- startcortex
- name: Copy certificates in cortex conf dir
remote_user: cortex
copy:
src: "{{ item }}"
dest: "/etc/cortex/{{ item }}"
mode: 0600
with_items:
- "{{ inventory_hostname }}.p12"
- "{{ inventory_hostname }}.crt"
- "{{ inventory_hostname }}.key"
- cacerts.jks
- "{{ca_cn}}.crt"
tags:
- start
- startcortex
- name: Configure embedded Elasticsearch 6
remote_user: root
template:
src: jvm.options.j2
dest: /etc/elasticsearch/jvm.options
tags:
- start
- startcortex
- name: Start embedded Elasticsearch 6
remote_user: root
command: "supervisorctl start elasticsearch"
tags:
- start
- startcortex
- name: Configure Cortex
remote_user: cortex
template:
src: application.conf.j2
dest: /etc/cortex/application.conf
tags:
- stop
- stop-cortex
- include: update-config.yml
- start
- startcortex
- name: Start Cortex
remote_user: root
command: "supervisorctl start cortex"
tags:
- update-config
- update-cortex-config
- include: restart.yml
- start
- startcortex
- name: Wait for Cortex
remote_user: root
wait_for:
host: "{{groups['cortex'][0]}}"
port: 9001
state: started
delay: 5
tags:
- restart
- restart-cortex
- start
- startcortex
- name: Set Autostart for supervisord's services
shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf"
tags:
- start
- name: Stop Elasticsearch
remote_user: root
command: "supervisorctl stop elasticsearch"
tags:
- stop
- stopelasticsearch
- name: Stop Cortex
remote_user: root
command: "supervisorctl stop cortex"
tags:
- stop
- stopcortex
......@@ -92,7 +92,4 @@
local: "roles/misp/files/mispsecret"
- name: Set Autostart for supervisord's services
replace:
path: /etc/supervisord.conf
regexp: '^autostart=false$'
replace: 'autostart=true'
shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf"
......@@ -24,6 +24,3 @@
regexp: '^autostart=false$'
replace: 'autostart=true'
- name: Stop TheHive
remote_user: root
command: "supervisorctl stop thehive"
......@@ -2,16 +2,16 @@
- name: Start soctools cluster
import_playbook: startsoctools.yml
when: "'start' or 'config' in ansible_run_tags"
when: "'start' in ansible_run_tags or 'config' in ansible_run_tags"
- name: Stop soctools cluster
import_playbook: stopsoctools.yml
when: "'stop' or 'stop-thehive' or 'stop-keycloak' or 'stop-cortex' in ansible_run_tags"
when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags"
- name: Update soctools cluster configs
import_playbook: update-config-soctools.yml
when: "'update-config' or 'update-keycloak-config' or 'update-thehive-config' or 'update-cortex-config' in ansible_run_tags"
when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags"
- name: restart soctools cluster servics
import_playbook: restart-soctools.yml
when: "'restart' or 'restart-thehive' or 'restart-keycloak' or 'restart-cortex' in ansible_run_tags"
when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment