During this meeting Ferenc Erki, the lead developer of Rex is going to lead us setting up a system using several different Linux distributions and handling the differences.

We will also attempt to set up a full ELK stack.

We will start where we left of las time when FErki gave us an introduction to Rex



Most of this will be probably delayed to a future meeting:

  • Download the rpm file of ElasticSearch and install on a CentOS based box.
  • Configure the /etc/elasticsearch/elasticsearch.yml file
  • Make sure we can access it locally with curl
  • Install Kibana on another machine
  • Configure ElastiSearch and Kibana so Kibana can access ElasticSearch
  • Configure Nginx on the Kibana machine as a reverse proxy and add Basic Authentication.
  • Install Metricbeat on all the machines and make them send the data to the ElasticSearch
  • Add different tags to the instances.
  • Install our log generator application on one of the boxes.
  • Install Logstash on one of the boxes
  • Install Filebeat on the box with the log generator application
  • Configure filebeat to process the logfile and send it to the Logstash
  • Configure Logstash to accept the data from filebeat and send it to ElasTicsearch


use Rex -feature => [qw( 1.4 exec_autodie)];
use Rex::Group::Lookup::YAML;
use Rex::CodeMaven::Nginx;
use Rex::CodeMaven::Elasticsearch;
# Module::Pluggable


desc 'Just printing hostname';
task 'print_hostname', sub {
    say run('hostname');

# vim: syntax=perl




package Rex::CodeMaven::Elasticsearch;
use strict;
use warnings;

use Rex -base;

desc 'Base Setup';
task base_setup => sub {
    pkg 'wget', ensure => 'present';

desc 'Setup Elasticsearch';
task setup => sub {
    needs 'base_setup';

    my $elastic = 'elasticsearch-7.11.2-x86_64.rpm';
    my $project_root = '/root';
    my $url = "https://artifacts.elastic.co/downloads/elasticsearch/$elastic";
    my $dest = "$project_root/$elastic";
    file $project_root, ensure => 'directory';
    run("wget $url -O $dest", unless => "test -e $dest");
    run("rpm -vi $dest", unless => "rpm -q elasticsearch");

    needs 'config';
    service 'elasticsearch', ensure => 'started';

desc 'Config Elasticsearch';
task config => sub {
    file '/etc/elasticsearch/elasticsearch.yml',
        source => 'files/etc/elasticsearch/elasticsearch.yml',
        on_change => sub {
            service 'elasticsearch' => 'restart';

task verify => sub {
    say run("curl http://localhost:9200");



package Rex::CodeMaven::Nginx;
use strict;
use warnings;

use Rex -base;

desc 'Setup nginx';
task setup => sub {
    pkg 'nginx', ensure => 'present';
    service 'nginx', ensure => 'started';

desc 'Configure Nginx';
task configure => sub {
    my $reload_needed = FALSE;
    # We only checked this on CentOs
    my $nginx_root_dir ="/etc/nginx";
    file "$nginx_root_dir/nginx.conf",
        source => 'files/etc/nginx/nginx.conf',
        on_change => sub {
            $reload_needed = TRUE;

    my $nginx_conf_dir = case operating_system, {
                qr{Debian|Ubuntu}i  => "$nginx_root_dir/sites-enabled",
                qr{Fedora|Centos}i  => "$nginx_root_dir/conf.d",

    file "$nginx_conf_dir/default", ensure => 'absent';

    file "$nginx_conf_dir/nginx-elk.conf",
        source => 'files/etc/nginx/conf.d/nginx-elk.conf',
        on_change => sub {
            $reload_needed = TRUE;

    file "/usr/share/nginx/html/.htpasswd",
        source => 'files/usr/share/nginx/html/.htpasswd',
        on_change => sub {
            $reload_needed = TRUE;

    run("setsebool httpd_can_network_connect on -P");

    service 'nginx' => 'reload' if $reload_needed;


rex -u root -d -g demo CodeMaven:Elasticsearch:setup
rex -u root -d -g demo CodeMaven:Elasticsearch:config
rex -u root -d -g demo CodeMaven:Elasticsearch:verify
rex -u root -d -g demo CodeMaven:Nginx:setup
rex -u root -d -g demo CodeMaven:Nginx:configure