ptrslvk/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
61f680dc97f48b7c4b3755e191fa26c266dbb0f3
ansible/templates/elasticsearch.yml.j2
Petr Slavik 61f680dc97 commit
2025-09-02 18:19:14 +02:00

48 lines
2.0 KiB
Django/Jinja
Raw Blame History

# ======================== Elasticsearch Configuration =========================
# ANSIBLE MANAGED FILE: Do not edit directly. Changes will be overwritten.
#
# ---------------------------------- Cluster -----------------------------------
cluster.name: "{{ es_cluster_name }}"
# ------------------------------------ Node ------------------------------------
node.name: "{{ es_node_name }}"
# ----------------------------------- Paths ------------------------------------
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
# ----------------------------------- Memory -----------------------------------
# Lock the memory on startup to prevent the OS from swapping it out.
bootstrap.memory_lock: true
# ---------------------------------- Network -----------------------------------
# Bind to the host's private IP address for cluster communication.
network.host: "{{ es_network_host }}"
http.port: 9200
# --------------------------------- Discovery ----------------------------------
# A list of hosts to contact to discover the cluster.
discovery.seed_hosts: {{ es_seed_hosts | to_json }}
# Bootstrap the cluster using an initial set of master-eligible nodes.
cluster.initial_master_nodes: {{ es_initial_master_nodes | to_json }}
# ---------------------------------- Security ----------------------------------
# Security features are enabled by default on Elasticsearch 8.0+
# On first start, a password for the 'elastic' user and a Kibana enrollment
# token will be generated in the output of the 'elasticsearch' service.
# You can also generate them manually later.
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# These settings configure TLS for HTTP and transport (inter-node) layers.
# Elasticsearch automatically generates these certificates on first startup.
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
Reference in New Issue View Git Blame Copy Permalink