diff --git a/Copy_keys_Test.yml b/Copy_keys_Test.yml index 4f5c0ca..5f027e7 100644 --- a/Copy_keys_Test.yml +++ b/Copy_keys_Test.yml @@ -7,7 +7,7 @@ - name: Copie de la clé du DSMC sur les instances splunk copy: src: /opt/splunk/etc/auth/distServerKeys/trusted.pem - dest: "{{ playbook_dir }}/Keys_public/SVLCTPLOGSUP01.mom.fr/test/" + dest: "{{ playbook_dir }}/Keys_public/SVLCTPLOGSUP01.mom.fr/" owner: root group: root remote_src: true diff --git a/Deploy_Splunk.yml b/Deploy_Splunk.yml index 9529a85..8f2c182 100644 --- a/Deploy_Splunk.yml +++ b/Deploy_Splunk.yml @@ -3,7 +3,7 @@ become: yes hosts: all:!splunk_uf_Linux tasks: - - name: Deploy_Configuration + - name: Deploy_Conf-to-Splunk include_tasks: roles/splunk_deploy/tasks/Deploy_Conf-to-Splunk.yml - name: "Deploy Configuration for Instance Splunk DSMC" @@ -11,7 +11,7 @@ become_user: "{{ privileged_user }}" hosts: splunk_deployement tasks: - - name: Deploy_Configuration + - name: Deploy_Conf_DSMC include_tasks: roles/splunk_deploy/tasks/Deploy_Conf_DSMC.yml - name: "Deploy Configuration Initial SHC" @@ -19,14 +19,14 @@ become_user: "{{ privileged_user }}" hosts: splunk_search_head tasks: - - name: Deploy_Configuration + - name: Deploy_Conf_SHC_Init include_tasks: roles/splunk_deploy/tasks/Deploy_Conf_SHC_Init.yml - name: "Restart de fin d'initialisation Splunk" become: yes hosts: all:!splunk_uf_Linux tasks: - - name: Deploy_Configuration + - name: Restart_SPL include_tasks: roles/splunk_deploy/tasks/Restart_SPL.yml - name: "Deploy Configuration Bootstrap SHC" @@ -34,12 +34,26 @@ become_user: "{{ privileged_user }}" hosts: SVLCTPLOGPUB02.mom.fr tasks: - - name: Deploy_Configuration + - name: Deploy_Conf_SHC_BS include_tasks: roles/splunk_deploy/tasks/Deploy_Conf_SHC_BS.yml - name: "Arrête de fin de deploiement Splunk" become: yes hosts: all:!splunk_uf_Linux tasks: - - name: Deploy_Configuration - include_tasks: roles/splunk_deploy/tasks/Stop_SPL.yml \ No newline at end of file + - name: Stop_SPL + include_tasks: roles/splunk_deploy/tasks/Stop_SPL.yml + +- name: "Récupération du trusted.pem" + become: yes + hosts: splunk_deployement + tasks: + - name: Backup_Keys_DSMC + include_tasks: roles/splunk_deploy/tasks/Backup_Keys_DSMC.yml + +- name: "Copie du trusted.pem" + become: yes + hosts: all:!splunk_uf_Linux:!splunk_deployement + tasks: + - name: Deploy_Keys_to_others + include_tasks: roles/splunk_deploy/tasks/Deploy_Keys_to_others.yml diff --git a/Keys_public/SVLCTPLOGSUP01.mom.fr/trusted.pem b/Keys_public/SVLCTPLOGSUP01.mom.fr/trusted.pem deleted file mode 100644 index 780a6ac..0000000 --- a/Keys_public/SVLCTPLOGSUP01.mom.fr/trusted.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomC5omIGpz1vp5JFb8bu -YEF53B+XWQ87MVIU/63qF82UBAyHEFsC40E5H4be8p6u+9vGLvv30YlAoj2LlWw5 -l/BLJJJJSHz6ueq6c84H6N+UCrDPlcs9jLqlaCXsYjYFWjgTtRm0GXYRjWluAfPP -bPMkxHyY+05UPTb21oCwe0ypIUWEX6Jp1ZkyWnIjB9WdOsfat3v3wr9bd5y7zUuT -DZm1vxpucL6x/IfeQ2nKo3HWI6+AZELNmd0jQSoOGZiJzhpnQEjGorX9ua6vmnDZ -T/iQ9vpIneE0ud062gBkUw/MoqGEXoy6Vu2oAFZrfKtJ0ImOVtiRUM0gKkPAg+Ph -DwIDAQAB ------END PUBLIC KEY----- diff --git a/roles/splunk_deploy/tasks/Backup_Keys_DSMC.yml b/roles/splunk_deploy/tasks/Backup_Keys_DSMC.yml new file mode 100644 index 0000000..f3ad403 --- /dev/null +++ b/roles/splunk_deploy/tasks/Backup_Keys_DSMC.yml @@ -0,0 +1,8 @@ +--- +- name: Copie de la clé du DSMC sur les instances splunk + copy: + src: /opt/splunk/etc/auth/distServerKeys/trusted.pem + dest: "{{ playbook_dir }}/Keys_public/SVLCTPLOGSUP01.mom.fr/" + owner: root + group: root + remote_src: true \ No newline at end of file diff --git a/roles/splunk_deploy/tasks/Deploy_Keys_to_others.yml b/roles/splunk_deploy/tasks/Deploy_Keys_to_others.yml new file mode 100644 index 0000000..9b6d3d3 --- /dev/null +++ b/roles/splunk_deploy/tasks/Deploy_Keys_to_others.yml @@ -0,0 +1,18 @@ +--- +- name: Copie de la clé du DSMC sur les instances splunk + copy: + src: "{{ playbook_dir }}/Keys_public/SVLCTPLOGSUP01.mom.fr/trusted.pem" + dest: "/opt/splunk/etc/auth/distServerKeys/SVLCTPLOGSUP01.mom.fr/" + owner: splunk + group: splunk + remote_src: true + +- name: "Attribution des droits Splunk" + shell: "chown -Rf splunk:splunk /opt/splunk/" + become: yes + become_user: "{{ privileged_user }}" + +- name: "Start Splunk via cli" + command: "{{ splunk_exec }} start" + become: yes + become_user: "{{ privileged_user }}" \ No newline at end of file