playbooks-retailor/roles/elasticsearch/tasks/logstash.yml

---
- name: Create a Docker network for Logstash
  docker_network:
    name: elk_network
    state: present

- name: Create logstash directory on host
  file:
    path: /etc/logstash
    state: directory
    mode: "0755"

- name: Copy logstash config
  copy:
    src: templates/pipelines.yml.j2
    dest: /etc/logstash/pipelines.yml

- name: Create logstash directory on host
  file:
    path: /etc/logstash/pipeline
    state: directory
    mode: "0755"

- name: Copy logstash input configs
  copy:
    src: "{{ item }}"
    dest: /etc/logstash/pipeline/{{ item | basename | regex_replace('\.j2$', '') }}
  loop: "{{ query('fileglob', 'templates/logstash-conf.d/*.j2') }}"

- name: Pull Logstash Docker image
  docker_image:
    name: docker.elastic.co/logstash/logstash:{{ elk_version }}
    source: pull

# TODO rember to move CA cert from elastic to Logstash
# docker cp elasticsearch:/usr/share/elasticsearch/config/certs/http_ca.crt .
# docker cp http_ca.crt logstash:/usr/share/logstash/config/certs/ca/http_ca.crt
- name: Start Logstash container
  docker_container:
    name: logstash
    image: docker.elastic.co/logstash/logstash:{{ elk_version }}
    state: started
    restart: yes
    restart_policy: unless-stopped
    command:
      - /bin/bash
      - -c
      - |
        echo "Waiting for Elasticsearch availability";
        until curl -s {{ env_vars.ELASTIC_HOSTS }} | grep -q "missing authentication credentials"; do sleep 1; done;
        echo "Starting logstash";
        /usr/share/logstash/bin/logstash
    published_ports:
      - "5044-5049:5044-5049"
    volumes:
      - /etc/logstash/pipelines.yml:/usr/share/logstash/config/pipelines.yml
      - /etc/logstash/pipeline:/usr/share/logstash/pipeline
    env:
      xpack.monitoring.enabled: "false"
      ELASTIC_USER: elastic
      ELASTIC_PASSWORD: "{{ env_vars.ELASTIC_PASSWORD }}"
      ELASTIC_HOSTS: "{{ env_vars.ELASTIC_HOSTS }}"
    networks:
      - name: elk_network