status-im
/
infra-the-hive
mirror of https://github.com/status-im/infra-the-hive.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
66 Commits 1 Branch 0 Tags 180 KiB
Commit Graph

66 Commits

Author SHA1 Message Date
Jakub Sokołowski 051563d341
ansible/requirements: bump origin-certs role 
https://github.com/status-im/infra-role-origin-certs/commit/586d81d6

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-13 10:50:43 +02:00
Jakub Sokołowski f26032e983
ansible: add versioncheck.py script to verify role versions 
This was originally introduced to `infra-nimbus` and proved robust.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-05-11 09:57:32 +02:00
Jakub Sokołowski 9c53d48e54
cortex: add Docker fix that removes our configuration 
This is necessary because our logging config and UID remapping breaks
how Cortex runs it's analyzers/responders.

https://github.com/status-im/infra-the-hive/issues/2

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-03-31 20:38:26 +02:00
Jakub Sokołowski 029daa842f
cortex: add explicit job configuration, set 30 min timeout 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-03-31 20:37:57 +02:00
Jakub Sokołowski 4b2ca980aa
cortex: update analyzer/responder download URLs 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-03-31 20:37:12 +02:00
Jakub Sokołowski 50ad2d8be5
bootstrap: provide Consul encryption key from infra-pass 
Related: https://github.com/status-im/infra-role-bootstrap/commit/0d40f81d

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-03-22 11:13:49 +01:00
Jakub Sokołowski 2550509507
Makefile: use shasum since md5sum is not available on MacOS 
shasum is available on MacOS by default andn from Perl package
on most Linux distros by default.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-03-11 10:45:07 +01:00
Jakub Sokołowski cdd7acbcfc
Makefile: upgrade Ansible plugin to 2.5.0, check MD5 sum 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-02-23 13:26:56 +01:00
Jakub Sokołowski 066a2465b1
upgrade Terraform to 0.14.4 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-02-17 11:43:17 +01:00
Jakub Sokołowski a72f074a17
ansible.cfg: enable ansible ssh multiplexing 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-02-01 13:22:40 +01:00
Jakub Sokołowski 9d2e1c2b23
ansible.cfg: shell instead of command as default module 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2021-01-25 15:16:38 +01:00
Jakub Sokołowski 8a83456de0
remove duplicate variable definition 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-12-10 12:25:44 +01:00
Jakub Sokołowski 8246018adf
update variables for open-ports role 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-27 17:22:35 +01:00
Jakub Sokołowski d01e6f733f
cortex: add GitHub OAuth configuration 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-13 18:37:03 +01:00
Jakub Sokołowski 9835031923
the-hive: configure connection with Cortex 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-13 18:06:15 +01:00
Jakub Sokołowski f84f9c6a9a
cortex: create superadmin and thehive users 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-13 17:56:22 +01:00
Jakub Sokołowski 6d25ba9c08
cortex: call /api/maintenance/migrate to create index 
Makes no sense but okay...

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-13 14:07:23 +01:00
Jakub Sokołowski 5cabc22058
cortex: deploy 3.1.0 and add config for TheHive 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-11-04 17:00:46 +01:00
Jakub Sokołowski 4093ed7491
rename cortex secrets to TheHive-Cortex 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-26 09:27:14 +01:00
Jakub Sokołowski 04699b5f03
cortex: add ElasticSearch index creation 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-22 20:14:24 +02:00
Jakub Sokołowski 38a8ef79ae
cortex: upgrade to 3.1.0-RC1 to support ElasticSearch 7 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-22 14:34:57 +02:00
Jakub Sokołowski 9b3a50d574
cortex: fix logging configuration 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-22 14:29:23 +02:00
Jakub Sokołowski 4628eec7a9
the-hive: set OAuth secrets 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-20 18:20:24 +02:00
Jakub Sokołowski fda79b6066
rename move thehive-es under infra.status.im 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-13 16:35:59 +02:00
Jakub Sokołowski b47a8df7f6
cortex: adjust service name to not clash with infra-hq 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-13 13:01:43 +02:00
Jakub Sokołowski 9ef85ceeb4
configure an Nginx proxy for cortex.status.im 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-13 12:50:56 +02:00
Jakub Sokołowski ca0936b573
deploy Cortex on master node 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 19:32:56 +02:00
Jakub Sokołowski 0cdae1d3cd
add Ansible role for configuring Cortex 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 19:30:43 +02:00
Jakub Sokołowski 06159181ed
thehive-slave: rename ES cluster to 'cortex' 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 17:09:35 +02:00
Jakub Sokołowski a0e15deb83
the-hive: create group before creating user 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 16:41:34 +02:00
Jakub Sokołowski dae50c95f4
move swap size config to group_vars/all.yml 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 16:28:48 +02:00
Jakub Sokołowski 83a58bdae1
move extracting Cassandra info to group_vars 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 16:23:16 +02:00
Jakub Sokołowski 891304ede7
the-hive: fix missing logs in journald 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 16:17:40 +02:00
Jakub Sokołowski 7e74e1afae
the-hive: download specifically 4.0.0-1 version 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 16:06:49 +02:00
Jakub Sokołowski c12b93dc0b
set proxy_read_timeout to 3600 seconds, 1 hour 
This fixes errors like:
upstream timed out (110: Connection timed out) while reading response header from upstream

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 12:29:45 +02:00
Jakub Sokołowski dc77d248e7
the-hive: add GitHub OAuth configuration 
It works only if you first create a user with public email of given
user in their GitHub profile.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 11:25:39 +02:00
Jakub Sokołowski 060fac2d20
use HTTP 1.1 for Nginx reverse proxy 
Otherwise we were getting:
POST /api/v0/query returned 500
play.core.server.common.ServerResultException: HTTP 1.0 client does not support chunked respo

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 10:51:42 +02:00
Jakub Sokołowski e496295412
the-hive: fix location of secret.conf 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-12 10:18:19 +02:00
Jakub Sokołowski b7a3d2d3bc
the-hive: add log level control via logback.xml 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 20:33:04 +02:00
Jakub Sokołowski 7d79872663
the-hive: drop unused admin password variable 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 19:40:39 +02:00
Jakub Sokołowski 3e26144260
add DNS record and deploy Nginx proxy for The Hive UI 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 19:01:13 +02:00
Jakub Sokołowski f9ef66285d
deploy The Hive on the master-01 host 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 18:48:49 +02:00
Jakub Sokołowski 47b145d2be
add the-hive Ansible role 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 18:48:30 +02:00
Jakub Sokołowski b7f8d872e9
bind Terraform environment to be prod 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 15:10:53 +02:00
Jakub Sokołowski 123b32befe
move consul_catalog_url to all.yml group 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-09 13:31:01 +02:00
Jakub Sokołowski 6b360decfd
add 30 GB data volume for master host 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-08 15:19:56 +02:00
Jakub Sokołowski c266e5551d
specify location of volume and bind it at /docker 
This avoids issues with docker containers.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-08 15:09:33 +02:00
Jakub Sokołowski 6a6290c733
add Nginx proxy for ElasticSearch HQ 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-08 14:12:29 +02:00
Jakub Sokołowski ae18e0b275
add DNS entry for thehive-es.status.im 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-08 13:40:23 +02:00
Jakub Sokołowski bfe47e12ac
add ElasticSearch cluster configuration, WebUI + OAuth 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
 2020-10-08 13:40:22 +02:00