status-im
/
infra-the-hive
mirror of https://github.com/status-im/infra-the-hive.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
infra-the-hive/ansible/group_vars/thehive-slave.yml

58 lines
2.2 KiB
YAML
Raw Blame History

---
# Cassandra cluster for storing metrics
cassandra_cluster_name: 'thp'
cassandra_data_dir: '/data/cassandra'
cassandra_rpc_address: '{{ ansible_local.wireguard.vpn_ip }}'
cassandra_listen_address: '{{ ansible_local.wireguard.vpn_ip }}'
cassandra_storage_port: 7000
cassandra_native_port: 9042
cassandra_exp_listen_port: 8080
cassandra_db_users:
- user: '{{ lookup("bitwarden", "the-hive/cassandra", field="username") }}'
pass: '{{ lookup("bitwarden", "the-hive/cassandra", field="password") }}'
# ElasticSearch Cluster
es_service_name: 'elasticsearch'
es_service_path: '/docker/{{ es_service_name }}'
es_docker_network_name: '{{ es_service_name }}'
es_cluster_name: 'cortex'
es_node_cont_tag: '7.17.5'
es_cont_name: elasticsearch
es_api_port: 9200
es_node_port: 9300
es_metrics_cont_port: 9114
# WARNING: This works only if playbook is ran for whole group
es_master_nodes: |
{{ ansible_play_hosts
| map('extract', hostvars)
| list
| json_query(
'[].{
name: hostname,
addr: ansible_local.wireguard.vpn_ip,
port: to_string(es_node_port)
}') }}
# Since Logstash stores 1 index per day this is fine
# See: https://www.elastic.co/blog/how-many-shards-should-i-have-in-my-elasticsearch-cluster
es_number_of_replicas: 1
es_number_of_shards: 3
# JVM memory settings
es_jvm_mem_ratio: 0.5
es_jvm_mem: '{{ (ansible_memtotal_mb * es_jvm_mem_ratio) | round(0, "floor") }}'
es_jvm_min_heap: '{{ es_jvm_mem | int }}m'
es_jvm_max_heap: '{{ es_jvm_mem | int }}m'
# Open Nginx Ports
open_ports_default_chain: 'VPN'
open_ports_list:
- { port: '{{ es_api_port }}', ipset: 'dash.hq', comment: 'ElasticSearch' }
- { port: '{{ es_api_port }}', ipset: 'thehive.prod', comment: 'ElasticSearch' }
- { port: '{{ es_node_port }}', ipset: 'thehive.prod', comment: 'ElasticSearch' }
- { port: '{{ es_metrics_cont_port }}', ipset: 'metrics.hq', comment: 'ElasticSearch' }
- { port: '{{ cassandra_storage_port }}', ipset: 'thehive.prod', comment: 'Cassandra' }
- { port: '{{ cassandra_native_port }}', ipset: 'thehive.prod', comment: 'Cassandra' }
- { port: '{{ cassandra_exp_listen_port }}', ipset: 'metrics.hq', comment: 'Cassandra' }
Reference in New Issue View Git Blame Copy Permalink