From 74aac1fe66cd356a974b2c99042fae0352342e2b Mon Sep 17 00:00:00 2001
From: Abhinav Kalra <abhinavkalra2002@gmail.com>
Date: Mon, 8 Jul 2024 12:21:11 +0200
Subject: [PATCH] modify and organize variables

---
 defaults/main.yml                  |  3 +-
 molecule/default/converge-vars.yml | 38 ++++++++++++++++++++++
 molecule/default/converge.yml      | 51 ++----------------------------
 3 files changed, 42 insertions(+), 50 deletions(-)
 create mode 100644 molecule/default/converge-vars.yml

diff --git a/defaults/main.yml b/defaults/main.yml
index 0ca507a..10eb170 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -175,7 +175,8 @@ elastic_config:
     logs: /var/log/elasticsearch
   xpack:
     security:
-      enabled: true
+      hide_settings: 'xpack.security.authc.realms.native.*'
+      enabled: false
 # Elastic configuration in the form of a yaml array with non-collapsed keys.
 # The `elastic_config` array will be output as is into the
 # `/etc/elasticsearch/elasticsearch.yml` file. For what these settings do,
diff --git a/molecule/default/converge-vars.yml b/molecule/default/converge-vars.yml
new file mode 100644
index 0000000..9201adc
--- /dev/null
+++ b/molecule/default/converge-vars.yml
@@ -0,0 +1,38 @@
+---
+
+elastic_bind_host: 0.0.0.0
+elastic_cluster_name: watchmen
+elastic_node_name: nite-owl
+elastic_jvm_extra_config: |
+  -Des.enforce.bootstrap.checks=true
+elastic_certificates_password: 'nk}$Q%];a3Gy$E!QvT8E'
+elastic_certificates:
+  ca: "~/pki/ca.crt"
+  crt: "~/pki/issued/elastic.crt"
+  key: "~/pki/private/elastic.key"
+elastic_certificates_dir: /etc/elasticsearch/certs/
+elastic_builtin_users_set_random_passwords: true
+elastic_builtin_users_password_backup_file: ~/elastic-passwords
+template_files:
+  # When using logstash in front of kibana and you use elastic beats to send
+  # data to logstash (which will then be forwarded to elastic), you will
+  # need to manually load the index templates that come with the elastic
+  # beats. The `nkakouros.beats` role allow you to extract the index
+  # template into a json file. Here, we read the paths on the ansible
+  # controller where these json files are located in order for the
+  # `nkakouros.elastic` role to insert them into elasticsearch.
+  "{{ q('fileglob', '~/elk/beats/*.json') }}"
+elastic_index_templates: >-
+  [
+    {%- for file in template_files -%}
+      {
+        'file': '{{ file }}',
+        'name': '{{
+            file
+            | basename
+            | regex_replace('^([^.]+\.[0-9]+\.[0-9]+\.[0-9]+)\..*$', '\1')
+            | replace('.', '-', count=1)
+          }}'
+      },
+    {%- endfor -%}
+  ]
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
index 4c66d02..3d742f4 100644
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@@ -4,52 +4,5 @@
   hosts: all
   roles:
     - nkakouros.elasticsearch
-  vars:
-    elastic_bind_host: 0.0.0.0
-    elastic_cluster_name: watchmen
-    elastic_node_name: nite-owl
-    elastic_jvm_extra_config: |
-      -Des.enforce.bootstrap.checks=true
-    elastic_certificates_password: 'nk}$Q%];a3Gy$E!QvT8E'
-    elastic_certificates:
-      ca: "~/pki/ca.crt"
-      crt: "~/pki/issued/elastic.crt"
-      key: "~/pki/private/elastic.key"
-    elastic_certificates_dir: /etc/elasticsearch/certs/
-    elastic_builtin_users_set_random_passwords: true
-    elastic_builtin_users_password_backup_file: ~/elastic-passwords
-    elastic_config:
-      xpack:
-        security:
-          hide_settings: 'xpack.security.authc.realms.native.*'
-          enabled: false
-          # authc:
-          #   accept_default_password: false
-          #   realms:
-          #     native:
-          #       native1:
-          #         enabled: true
-          #         order: 0
-    template_files:
-      # When using logstash in front of kibana and you use elastic beats to send
-      # data to logstash (which will then be forwarded to elastic), you will
-      # need to manually load the index templates that come with the elastic
-      # beats. The `nkakouros.beats` role allow you to extract the index
-      # template into a json file. Here, we read the paths on the ansible
-      # controller where these json files are located in order for the
-      # `nkakouros.elastic` role to insert them into elasticsearch.
-      "{{ q('fileglob', '~/elk/beats/*.json') }}"
-    elastic_index_templates: >-
-      [
-        {%- for file in template_files -%}
-          {
-            'file': '{{ file }}',
-            'name': '{{
-                file
-                | basename
-                | regex_replace('^([^.]+\.[0-9]+\.[0-9]+\.[0-9]+)\..*$', '\1')
-                | replace('.', '-', count=1)
-              }}'
-          },
-        {%- endfor -%}
-      ]
+  vars_files:
+    - converge-vars.yml
\ No newline at end of file