Added precheck of available CPU/RAM. Restrict elasticsearch/logstash versions...

Added precheck of available CPU/RAM. Restrict elasticsearch/logstash versions to 7.16.1 or higher (avoid installation of log4j vulnerable versions)

README.md

@@ -9,7 +9,7 @@
 
 > #### Minimal Hardware Requirements for the single node installation
 >
-> - 2 Core
+> - 4 Core
 > - 8GB Ram
 > - 10GB Free space
 

tasks/01-elasticsearch.yml

@@ -14,6 +14,14 @@
         - ansible_distribution_release != 'buster'
         - ansible_distribution_release != 'bullseye'
 
+    - name: Print error if not enough CPU/RAM resources available on target server
+      fail: msg="You are trying to install WAS on server with lower CPU/RAM resources than required. Please read the README file for details"
+      when: (ansible_processor_nproc < 4) or (ansible_memtotal_mb <= 7800)
+
+    - name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is less then 7.16.1 or greater than 8.0
+      fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not higher than 7.16.1 and lower than 8.0."
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
+
     - name: Ensure dig and gpg are installed
       apt:
         update_cache: true
@@ -39,10 +47,6 @@
       fail: msg="There is no or wrong DNS record for {{ was_server_hostname }}-elastic.{{ was_server_domainname }}. It must be resolve to {{ ipify_public_ip }} which is not the case. Please read README for requirements"
       when: was_elastic_dns_record.stdout != ipify_public_ip
 
-    - name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is not 7.x
-      fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not 7.x. Currently only version 7.x is supported"
-      when: (elasticsearch_kibana_version is defined) and ((elasticsearch_kibana_version < 7.0) or (elasticsearch_kibana_version >= 8.0))
-
     - name: Add elsaticsearch apt signing key
       apt_key:
         url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
@@ -76,7 +80,7 @@
         cmd: |
            apt-cache madison elasticsearch | grep {{ elasticsearch_kibana_version }} | head -n1 | awk -F"|" '{print $2}' | tr -d ' '
       register: elasticsearch_kibana_version_latest
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Install elasticsearch specific version if elasticsearch_kibana_version variable is set
       apt:
@@ -85,7 +89,7 @@
           - elasticsearch={{ elasticsearch_kibana_version_latest.stdout }}
         state: present
         dpkg_options: 'force-confold,force-confdef'
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Prevent elasticsearch package from being upgraded if elasticsearch_kibana_version variable is set
       dpkg_selections:
@@ -93,7 +97,7 @@
         selection: hold
       with_items:
         - elasticsearch
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Install latest elasticsearch/logstash 7.x versions if elasticsearch_kibana_version variable is not set
       apt:

tasks/02-kibana.yml

@@ -14,6 +14,10 @@
         - ansible_distribution_release != 'buster'
         - ansible_distribution_release != 'bullseye'
 
+    - name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is less then 7.16.1 or greater than 8.0
+      fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not higher than 7.16.1 and lower than 8.0."
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
+
     - name: Ensure dig and gpg installed
       apt:
         update_cache: true
@@ -39,10 +43,6 @@
       fail: msg="There is no or wrong DNS record for {{ was_server_hostname }}-kibana.{{ was_server_domainname }}. It must be resolve to {{ ipify_public_ip }} which is not the case. Please read README for requirements"
       when: was_kibana_dns_record.stdout != ipify_public_ip
 
-    - name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is not 7.x
-      fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not 7.x. Currently only version 7.x is supported"
-      when: (elasticsearch_kibana_version is defined) and ((elasticsearch_kibana_version < 7.0) or (elasticsearch_kibana_version >= 8.0))
-
     - name: Add elsaticsearch apt signing key
       apt_key:
         url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
@@ -76,7 +76,7 @@
         cmd: |
            apt-cache madison kibana | grep {{ elasticsearch_kibana_version }} | head -n1 | awk -F"|" '{print $2}' | tr -d ' '
       register: elasticsearch_kibana_version_latest
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Install kibana specific versions if elasticsearch_kibana_version variable is set
       apt:
@@ -85,7 +85,7 @@
           - kibana={{ elasticsearch_kibana_version_latest.stdout }}
         state: present
         dpkg_options: 'force-confold,force-confdef'
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Prevent kibana packages from being upgraded if elasticsearch_kibana_version variable is set
       dpkg_selections:
@@ -93,7 +93,7 @@
         selection: hold
       with_items:
         - kibana
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Install latest kibana 7.x versions if elasticsearch_kibana_version variable is not set
       apt:
@@ -102,6 +102,7 @@
           - kibana
         state: present
         dpkg_options: 'force-confold,force-confdef'
+      when: elasticsearch_kibana_version is not defined
 
     - name: Remove useless packages from the cache
       apt:

tasks/05-logstash.yml

@@ -14,6 +14,10 @@
         - ansible_distribution_release != 'buster'
         - ansible_distribution_release != 'bullseye'
 
+    - name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is less then 7.16.1 or greater than 8.0
+      fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not higher than 7.16.1 and lower than 8.0."
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
+
     - name: Ensure dig and gpg are installed
       apt:
         update_cache: true
@@ -39,10 +43,6 @@
       fail: msg="There is no or wrong DNS record for {{ was_server_hostname }}-logstash.{{ was_server_domainname }}. It must be resolve to {{ ipify_public_ip }} which is not the case. Please read README for requirements"
       when: was_logstash_dns_record.stdout != ipify_public_ip
 
-    - name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is not 7.x
-      fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not 7.x. Currently only version 7.x is supported"
-      when: (elasticsearch_kibana_version is defined) and ((elasticsearch_kibana_version < 7.0) or (elasticsearch_kibana_version >= 8.0))
-
     - name: Add elsaticsearch apt signing key
       apt_key:
         url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
@@ -77,7 +77,7 @@
         cmd: |
            apt-cache madison logstash | grep {{ elasticsearch_kibana_version }} | head -n1 | awk -F"|" '{print $2}' | tr -d ' '
       register: elasticsearch_kibana_version_latest
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0) 
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Install logstash specific version if elasticsearch_kibana_version variable is set
       apt:
@@ -86,7 +86,7 @@
           - logstash={{ elasticsearch_kibana_version_latest.stdout }}
         state: present
         dpkg_options: 'force-confold,force-confdef'
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0) 
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Prevent logstash packages from being upgraded if elasticsearch_kibana_version variable is set
       dpkg_selections:
@@ -94,7 +94,7 @@
         selection: hold
       with_items:
         - logstash
-      when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0) 
+      when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
     - name: Install latest logstash 7.x version if elasticsearch_kibana_version variable is not set
       apt:
@@ -103,6 +103,7 @@
           - logstash
         state: present
         dpkg_options: 'force-confold,force-confdef'
+      when: elasticsearch_kibana_version is not defined
 
     - name: Remove useless packages from the cache
       apt:

tasks/main.yml

@@ -7,6 +7,14 @@
     - ansible_distribution_release != 'buster'
     - ansible_distribution_release != 'bullseye'
 
+- name: Print error if not enough CPU/RAM resources available on target server
+  fail: msg="You are trying to install WAS on server with lower CPU/RAM resources than required. Please read the README file for details"
+  when: (ansible_processor_nproc < 4) or (ansible_memtotal_mb <= 7800)
+
+- name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is less then 7.16.1 or greater than 8.0
+  fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not higher than 7.16.1 and lower than 8.0."
+  when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
+
 - name: Ensure dig and gpg are installed
   apt:
     update_cache: true
@@ -62,10 +70,6 @@
   fail: msg="There is no or wrong DNS record for {{ was_server_hostname }}-kibana.{{ was_server_domainname }}. It must be resolve to {{ ipify_public_ip }} which is not the case. Please read README for requirements"
   when: was_kibana_dns_record.stdout != ipify_public_ip
 
-- name: Break if elasticsearch_kibana_version variable is set and elasticsearch/kibana version is not 7.x
-  fail: msg="Elasticsearch/kibana version you defined in var/main.yml is not 7.x. Currently only version 7.x is supported"
-  when: (elasticsearch_kibana_version is defined) and ((elasticsearch_kibana_version < 7.0) or (elasticsearch_kibana_version >= 8.0))
-
 - name: Set a FQDN hostname
   hostname:
     name: "{{ was_server_hostname }}"
@@ -139,14 +143,14 @@
     cmd: |
        apt-cache madison elasticsearch | grep {{ elasticsearch_kibana_version }} | head -n1 | awk -F"|" '{print $2}' | tr -d ' '
   register: elasticsearch_kibana_version_latest
-  when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+  when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
 - name: Find latest minor verions of logstash if elasticsearch_kibana_version variable is set and no minor version specified
   shell:
     cmd: |
        apt-cache madison logstash | grep {{ elasticsearch_kibana_version }} | head -n1 | awk -F"|" '{print $2}' | tr -d ' '
   register: logstash_version_latest
-  when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+  when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
 - name: Install elasticsearch/kibana/logstash specific versions if elasticsearch_kibana_version variable is set
   apt:
@@ -157,7 +161,7 @@
       - logstash={{ logstash_version_latest.stdout }}
     state: present
     dpkg_options: 'force-confold,force-confdef'
-  when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+  when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
 - name: Prevent elasticsearch/kibana packages from being upgraded if elasticsearch_kibana_version variable is set
   dpkg_selections:
@@ -167,7 +171,7 @@
     - elasticsearch
     - kibana
     - logstash
-  when: (elasticsearch_kibana_version is defined) and (elasticsearch_kibana_version >= 7.0) and (elasticsearch_kibana_version <= 8.0)
+  when: elasticsearch_kibana_version is defined and (elasticsearch_kibana_version is version('7.16.1', '<', strict=True) or elasticsearch_kibana_version is version('8.0', '>=', strict=True))
 
 - name: Install latest elasticsearch/kibana 7.x versions if elasticsearch_kibana_version variable is not set
   apt:
@@ -177,10 +181,10 @@
       - kibana
       - logstash
     state: present
+  when: elasticsearch_kibana_version is not defined
 
 - name: Install wifimon-agent package
   apt:
-    #deb: http://83.97.95.167/manual/wifimon-agent-{{ wifimon_agent_version }}.deb
     deb: https://s3.grena.ge/wifimon-agent/wifimon-agent-{{ wifimon_agent_version }}.deb
     dpkg_options: 'force-confold,force-confdef'
 

vars/main.yml

 # Password variable values below are just examples. Don not use them in production! Set your own secure passwords!
 ---
-# Uncoment and set variable elasticsearch_kibana_version below if you wish to install specific versions of elasticsearch/kibana/logstash. These 3 packages will be prevent from being upgraded. The value of this variable can only be float. For example 7.15. Not 7, or 7.15.1. Currently only elasticsearch/kibana/logstash versions 7.x are supported. If you do not define this variable, latest 7.x version packages will be installed.
-#elasticsearch_kibana_version: 7.14
+# Uncoment and set variable elasticsearch_kibana_version below if you wish to install specific versions of elasticsearch/kibana/logstash. These 3 packages will be prevent from being upgraded. The value of this variable can be float, or complex version number. For example 7.16, or 7.16.1. Currently only elasticsearch/kibana/logstash versions 7.x are supported. If you do not define this variable, latest 7.x version packages will be installed. Due to log4j vulnerability please don't use elasticsearch/logstash version lower than 7.16.1.
+#elasticsearch_kibana_version: 7.16.1
 # Please set the value of variable <wifimon_agent_version> below to 1.4.0 or higher. This playbook will not work with older versions
 wifimon_agent_version: 1.4.1
 # It is necessary to set following variable (postgresl_version). Leave it to default value if you are not sure, or you do not requere any specific version of PostgreSQL