Reorganizes variables

defaults/main.yml

@@ -94,8 +94,9 @@ beats_path_logs: ~
 # Use this variables to override the default paths that come with this role for
 # your OS (which are set by default to the per-OS values defined in the official
 # Beats documentation).
-# TODO: These are currently not supported on Windows. I need to find a way to
-# override the paths that the service is passing to the beats executable.
+# TODO: These are currently not properly supported on Windows. I need to find
+# a way to override the paths that the service is passing to the beats
+# executable.
 
 beats_check_output: false
 # Check if beats can connect successfully to the configured output before
@@ -109,14 +110,8 @@ beats_output_pass: ~
 # used for any other task. When configuring your output in `beats_config`,
 # you can reference these variables using `${OUTPUT_USER}` and `${OUTPUT_PASS}`.
 
-beats_config: {}
-# The beats configuration. This will be combined with a default
-# configuration that comes with this role. The variables below are used by the
-# default configuration and are meant as a convenience. You can ignore them and
-# set the relevant settings in `beats_config` directly.
-
-beats_name: "{{ inventory_hostname }}"
-# The name of the beat.
+beats_config: "{{ _beats_flavor_specific_default_config }}"
+# The beats configuration.
 
 beats_uuid: ~
 # A custom uuid to set for the beat installation. A uuid is generated
@@ -192,9 +187,12 @@ beats_setup_pipelines: false
 # # }}}
 # Kibana dashboards {{{
 beats_config_kibana_endpoint: false
-# Set to true to configure the kibana endpoint in the beat config. If you set
-# this variable to true, the variables below will be used. Otherwise, they are
-# ignored.
+# Set to true to configure the kibana endpoint. Doing so will add the required
+# directives in `beats_config` automatically, using the variables below. Set
+# this variable to false if you want to manually configure the kibana endpoint
+# in `beats_config` and ignore the variables below (if you do that, note that
+# the role will not upload or otherwise handle ssl certificates for the kibana
+# endpoint and you will have to take care of them yourself).
 
 beats_setup_kibana_dashboards: false
 # Whether to try to install the dashboards manually. If you configure the kibana
@@ -206,6 +204,7 @@ beats_setup_kibana_dashboards: false
 
 beats_kibana_host: ~
 # Address where the Kibana endpoint can be reached at.
+
 beats_kibana_path: ~
 # HTTP path prefix to prepend to http api calls
 

tasks/core/configure.yml

@@ -2,12 +2,8 @@
 
 - name: "{{ beats_flavor }}: Combine configs"
   set_fact:
-    beats_combined_config: >-
-      {{
-        _beats_default_config
-        | combine(beats_combined_config, recursive=True)
-        | combine(beats_config, recursive=True)
-      }}
+    beats_combined_config: "{{ beats_combined_config | combine(beats_config, recursive=True) }}"
+    # The user config always has the last say.
 
 - name: "{{ beats_flavor }}: configuration tasks for Linux"
   block:

tasks/core/install/Debian-winlogbeat.yml

@@ -51,13 +51,13 @@
     - name: "{{ beats_flavor }}: Create winlogbeat download url"
       set_fact:
         _winlogbeat_url:
+          # TODO Winlogbeat download url does not support wildcards for minor/patch versions
           "https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-{{
                   beats_major_version }}.{{ beats_minor_version }}.0-windows-x86_64.zip"
 
     - name: "{{ beats_flavor }}: Download winlogbeat"
       unarchive:
-        src: "https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-{{
-          beats_major_version }}.{{ beats_minor_version }}.0-windows-x86_64.zip"
+        src: "{{ _winlogbeat_url }}"
         dest: "{{ beats_path_home | dirname }}"
         remote_src: true
 

tasks/variables.yml

@@ -1,5 +1,6 @@
 ---
 
+# Packages {{{
 - name: "Include OS specific packages"
   include_vars: "{{ _beats__file }}"
   loop: "{{ query('first_found', files) }}"
@@ -9,8 +10,9 @@
     files:
       - "{{ role_path }}/vars/packages/{{ ansible_distribution_release }}.yml"
       - "{{ role_path }}/vars/packages/{{ ansible_os_family }}.yml"
-
-- name: "Include OS specific paths"
+# }}}
+# Paths {{{
+- name: "{{ beats_flavor }}: Load default paths"
   include_vars: "{{ role_path }}/vars/paths/{{ ansible_os_family }}.yml"
   # Using the absolute path because I source this file from the molecule tests
   # and a relative path would fail.
@@ -40,42 +42,41 @@
     beats_path_logs: "{{ _beats_path_logs }}"
   when: beats_path_logs is none
 
-# The following 4 variables make sure that forward slashes in paths are
-# converted to backslashes. This is needed when installing on Windows and using
-# the paths in `win_command` and `win_shell` modules.
-- name: "{{ beats_flavor }}: Set beats_path_data_backslashes"
-  set_fact:
-    beats_path_data_backslashes: >-
-      {{ beats_path_data | regex_replace('/', '\\') }}
-
-- name: Set beats_path_home_backslashes
-  set_fact:
-    beats_path_home_backslashes: >-
-      {{ beats_path_home | regex_replace('/', '\\') }}
-
-- name: "{{ beats_flavor }}: Set beats_path_config_backslashes"
-  set_fact:
-    beats_path_config_backslashes: >-
-      {{ beats_path_config | regex_replace('/', '\\') }}
-
-- name: Set beats_path_logs_backslashes
-  set_fact:
-    beats_path_logs_backslashes: >-
-      {{ beats_path_logs | regex_replace('/', '\\') }}
+# Make sure that forward slashes in paths are converted to backslashes. This is
+# needed when installing on Windows and using the paths in `win_command` and
+# `win_shell` modules.
+- name: Create backslashed path variables for Windows
+  set_fact:
+    "{{ _beats__path }}_backslashes": "{{ lookup('vars', _beats__path) | replace('/', '\\\\') }}"
+  loop:
+    - beats_path_config
+    - beats_path_home
+    - beats_path_data
+    - beats_path_logs
+  loop_control:
+    loop_var: _beats__path
 
-- name: "Load {{ beats_flavor }} specific variables"
-  include_vars: "{{ role_path }}/vars/configs/{{ beats_flavor }}.yml"
+# }}}
+# Configs {{{
+- name: "Load {{ _beats__vars_file }} default config"
+  include_vars: "{{ role_path }}/vars/{{ _beats__vars_file }}.yml"
   # Using the absolute path because I source this file from the molecule tests
   # and a relative path would fail.
+  loop:
+    - "configs/general"
+    - "configs/{{ beats_flavor }}"
+  loop_control:
+    loop_var: _beats__vars_file
 
 - name: "{{ beats_flavor }}: Merge user conf with defaults"
   set_fact:
     beats_combined_config: >-
       {{
-        _beats_default_config
-        | combine(beats_config, recursive=True)
+        _beats_general_default_config
+        | combine(beats_config, recursive=true)
       }}
-
+# }}}
+# Commands {{{
 - name: "{{ beats_flavor }}: Set beats_linux_exec"
   set_fact:
     beats_linux_exec: "{{ beats_flavor
@@ -102,7 +103,8 @@
       }} --path.config {{ beats_path_home_backslashes
       }} --path.home {{ beats_path_home_backslashes
       }} --path.logs {{ beats_path_logs_backslashes }}"
-
+# }}}
+# Others {{{
 - name: "{{ beats_flavor }}: Check if beats already installed on Linux"
   stat:
     path: "{{ beats_path_config }}/{{ beats_flavor }}.yml"
@@ -132,7 +134,10 @@
         beats_major_version | string
       }}{{
         '.' + beats_minor_version | string if beats_minor_version != '*'
+                                           else ''
       }}{{
         '.' + beats_patch_version | string if beats_minor_version != '*'
                                            and beats_patch_version != '*'
+                                           else ''
       }}
+# }}}

vars/configs/auditbeat.yml

@@ -1,13 +1,7 @@
 ---
 
 # Default config coming with auditbeat 7.0
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   auditbeat:
     modules:
       - module: auditd
@@ -36,8 +30,3 @@ _beats_default_config:
           - process
           - socket
         period: 1s
-  setup:
-    template:
-      settings:
-        index:
-          number_of_shards: 1

vars/configs/filebeat.yml

@@ -1,13 +1,7 @@
 ---
 
 # Default config coming with filebeat 7.0
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   filebeat:
     inputs:
       - type: log
@@ -21,10 +15,3 @@ _beats_default_config:
         path: "{{ beats_filebeat_modules_dir }}/*.yml"
         reload:
           enabled: false
-  setup:
-    template:
-      settings:
-        index:
-          number_of_shards: 1
-    dashboards:
-      enabled: false

vars/configs/general.yml

@@ -0,0 +1,9 @@
+---
+
+_beats_general_default_config:
+  path:
+    # These are read from `vars/paths/`
+    home: "{{ _beats_path_home }}"
+    config: "{{ _beats_path_config }}"
+    data: "{{ _beats_path_data }}"
+    logs: "{{ _beats_path_logs }}"

vars/configs/heartbeat.yml

@@ -1,20 +1,10 @@
 ---
 
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   heartbeat:
     config:
       monitors:
         path: "{{ beats_heartbeat_monitors_path }}/*.yml"
       reload:
         enabled: true
         period: 5s
-  setup:
-    index:
-      number_of_shards: 1
-      codec: best_compression

vars/configs/journalbeat.yml

@@ -1,21 +1,8 @@
 ---
 
 # Default config coming with journalbeat 7.0
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   journalbeat:
     inputs:
       - paths: []
         seek: cursor
-  setup:
-    template:
-      settings:
-        index:
-          number_of_shards: 1
-    dashboards:
-      enabled: false

vars/configs/metricbeat.yml

@@ -1,23 +1,10 @@
 ---
 
 # Default config coming with metricbeat 7.0
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   metricbeat:
     config:
       modules:
         path: "{{ beats_metricbeat_modules_dir }}/*.yml"
         reload:
           enabled: false
-  setup:
-    template:
-      settings:
-        index:
-          number_of_shards: 1
-    dashboards:
-      enabled: false

vars/configs/packetbeat.yml

@@ -1,13 +1,7 @@
 ---
 
 # Default config coming with auditbeat 7.0
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   packetbeat:
     interfaces:
       device: any
@@ -50,7 +44,3 @@ _beats_default_config:
           - 8443
           - 8883
           - 9243
-  setup:
-    template:
-      settings:
-        index.number_of_shards: 1

vars/configs/winlogbeat.yml

@@ -1,13 +1,7 @@
 ---
 
 # Default config coming with winlogbeat 7.0
-_beats_default_config:
-  name: "{{ beats_name }}"
-  path:
-    home: "{{ beats_path_home }}"
-    config: "{{ beats_path_config }}"
-    data: "{{ beats_path_data }}"
-    logs: "{{ beats_path_logs }}"
+_beats_flavor_specific_default_config:
   winlogbeat:
     event_logs:
       - name: Application
@@ -25,8 +19,3 @@ _beats_default_config:
               lang: javascript
               id: sysmon
               file: ${path.home}/module/sysmon/config/winlogbeat-sysmon.js
-  setup:
-    template:
-      settings:
-        index:
-          number_of_shards: 1