mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-12-22 10:58:29 +00:00
32 lines
901 B
YAML
32 lines
901 B
YAML
|
---
|
||
|
# graylog
|
||
|
graylog_server_firewall_rules:
|
||
|
- port: 9000/tcp
|
||
|
permanent: true
|
||
|
state: enabled
|
||
|
- port: 1514/tcp
|
||
|
permanent: true
|
||
|
state: enabled
|
||
|
- port: 1514/udp
|
||
|
permanent: true
|
||
|
state: enabled
|
||
|
|
||
|
graylog_tls_ca_cert: "/etc/pki/tls/certs/ca-bundle.crt"
|
||
|
graylog_tls_cert: "/etc/pki/tls/certs/{{ ansible_fqdn }}.crt"
|
||
|
graylog_tls_key: "/etc/pki/tls/private/{{ ansible_fqdn }}.key"
|
||
|
|
||
|
ipa_getcert_requested_hostnames:
|
||
|
- name: "{{ ansible_fqdn }}"
|
||
|
owner: graylog
|
||
|
key_location: "{{ monitoring_tls_key }}"
|
||
|
cert_location: "{{ monitoring_tls_cert }}"
|
||
|
postcmd: "/bin/systemctl restart graylog-server"
|
||
|
cnames:
|
||
|
- "graylog.rockylinux.org"
|
||
|
|
||
|
graylog_ipa_dnsrecord_zone_name: rockylinux.org
|
||
|
graylog_ipa_dnsrecord_name: graylog
|
||
|
graylog_ipa_dnsrecord_record_type: CNAME
|
||
|
graylog_ipa_dnsrecord_record_value: graylog002.rockylinux.org.
|
||
|
graylog_ipa_dnsrecord_state: present
|