{"id":17679296,"url":"https://github.com/bbkane/shovel_ansible","last_synced_at":"2025-04-30T17:44:51.305Z","repository":{"id":197526162,"uuid":"698493272","full_name":"bbkane/shovel_ansible","owner":"bbkane","description":"Install shovel on a Linux machine!","archived":false,"fork":false,"pushed_at":"2024-05-05T15:38:40.000Z","size":39,"stargazers_count":4,"open_issues_count":3,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-26T22:57:45.935Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bbkane.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-30T04:50:29.000Z","updated_at":"2025-03-12T09:55:23.000Z","dependencies_parsed_at":"2024-01-02T23:47:17.064Z","dependency_job_id":"e8355df0-2249-49bd-ba6c-57815755996e","html_url":"https://github.com/bbkane/shovel_ansible","commit_stats":null,"previous_names":["bbkane/shovel_ansible"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bbkane%2Fshovel_ansible","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bbkane%2Fshovel_ansible/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bbkane%2Fshovel_ansible/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bbkane%2Fshovel_ansible/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bbkane","download_url":"https://codeload.github.com/bbkane/shovel_ansible/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251753788,"owners_count":21638379,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-24T08:22:00.558Z","updated_at":"2025-04-30T17:44:51.256Z","avatar_url":"https://github.com/bbkane.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# shovel_ansible\n\nInstall [shovel](https://github.com/bbkane/shovel) + [OpenObserve](https://openobserve.ai/) as systemd services, on a local dev VM or production VM.\n\n# Local Dev VM install\n\n## Start a local Lima VM\n\nMostly from [Lima: a nice way to run Linux VMs on Mac](https://jvns.ca/blog/2023/07/10/lima--a-nice-way-to-run-linux-vms-on-mac/)\n\nInstall Lima:\n\n```bash\nbrew install lima\n```\n\nUseful Lima commands:\n\n```bash\nlimactl start default\nlima  # open shell\nlimactl factory-reset default  # to test playbook from scratch\nlimactl stop\n```\n\n## Install locally trusted TLS certificates\n\nUses [`mkcert`](https://github.com/FiloSottile/mkcert) - Note the warning!\n\n\u003e **Warning**: the rootCA-key.pem file that mkcert automatically generates gives complete power to intercept secure requests from your machine. Do not share it.\n\n```bash\nbrew install mkcert nss\nmkcert -install\nmkcert localhost\n```\n\nThis generates `./localhost-key.pem` and `localhost.pem`, signed by the `rootCA` cert generated by `mkcert`.\n\n## Install shovel + OpenObserve on the Lima VM\n\nNote: if using an arm64 Mac, Lima VMs are aarch64 (another name for the same architecture), so get linux arm64/aarch64 versions of the releases.\n\nObtain a shovel release from [GitHub](https://github.com/bbkane/shovel/releases) or by building with GoReleasor\n\nGet an [OpenObserve release](https://github.com/openobserve/openobserve/releases).\n\nUpdate [./lima_vars.yaml](./lima_vars.yaml) with paths to the OpenObserve and shovel tar.gz files.\n\nExport environmental variables for Ansible to read\n\n```bash\nexport SHOVEL_SERVE_OPENOBSERVE_PASS='...';\nexport SHOVEL_SERVE_OPENOBSERVE_USER='...';\nexport ZO_ROOT_USER_EMAIL='...';\nexport ZO_ROOT_USER_PASSWORD='...';\n```\n\nI use [`envelope`](https://github.com/bbkane/envelope) to manage environment variables, so I use the following commands to set up the environment:\n\n```bash\nenvelope env create\nenvelope env var create --name ZO_ROOT_USER_EMAIL --value root@example.com\nenvelope env var create --name ZO_ROOT_USER_PASSWORD --value ZO_ROOT_USER_PASSWORD\n\n# Re-use the root user password\nenvelope env ref create --name SHOVEL_SERVE_OPENOBSERVE_USER --ref-env-name \"$PWD\" --ref-var-name ZO_ROOT_USER_EMAIL\nenvelope env ref create --name SHOVEL_SERVE_OPENOBSERVE_PASS --ref-env-name \"$PWD\" --ref-var-name ZO_ROOT_USER_PASSWORD\n\nexport-env \"$PWD\"\n```\n\nRun the Ansible playbooks:\n\n```bash\nansible-playbook \\\n    -i 'lima-default,' \\\n    --ssh-extra-args \"-F $HOME/.lima/default/ssh.config\" \\\n    --extra-vars \"@lima_vars.yaml\" openobserve.ansible.yaml shovel.ansible.yaml\n```\n\n## Open sites\n\nOpen OpenObserve at: http://localhost:5080/web/traces?period=15m\u0026query=\u0026org_identifier=default\n\nOpen shovel at: https://localhost:8080/?count=1\u0026nameservers=dns3.p09.nsone.net%3A53\u0026protocol=udp\u0026qnames=linkedin.com+www.linkedin.com\u0026rtypes=A\u0026subnetMap=\u0026subnets=\n\n## Import dashboards\n\nThere isn't an API for this yet, so export by using the download icon when viewing a dashboard and import from the main menu.\n\n# Production VM\n\nObtain releases and export envvars as above.\n\nCreate `prod_vars.yaml`. Use `./lima_vars.yaml` for reference\n\nNOTE: ensure the `-i` flag for a single host ends with a comma (`,`)\n\n```bash\nansible-playbook \\\n    --ask-become-pass \\\n    -i '\u003chost\u003e,' \\\n    --extra-vars \"@prod_vars.yaml\" \\\n    openobserve.ansible.yaml shovel.ansible.yaml\n```\n\n# Debugging\n\n```bash\n# Check if the service is running\nsudo systemctl status shovel\n\n# Check logs\nsudo journalctl -u shovel\n\n# Analyze security to tighten systemd capabilities\nsudo systemd-analyze security /etc/systemd/system/openobserve.service\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbbkane%2Fshovel_ansible","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbbkane%2Fshovel_ansible","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbbkane%2Fshovel_ansible/lists"}