From c9791f3d66910684584d58bccfec3e3d1948f0b3 Mon Sep 17 00:00:00 2001 From: Drazen Date: Tue, 20 Feb 2024 11:12:35 +0100 Subject: [PATCH 1/2] Fixing-wazuh --- roles/debian/ce_provision/defaults/main.yml | 2 +- roles/debian/wazuh/tasks/main.yml | 8 -------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/roles/debian/ce_provision/defaults/main.yml b/roles/debian/ce_provision/defaults/main.yml index 8f8d508cf..1f3116ba3 100644 --- a/roles/debian/ce_provision/defaults/main.yml +++ b/roles/debian/ce_provision/defaults/main.yml @@ -29,7 +29,7 @@ ce_provision: contrib_roles: - directory: wazuh repo: https://github.com/wazuh/wazuh-ansible.git - branch: stable + branch: "v4.7.2" - directory: systemd_timers repo: https://github.com/vlcty/ansible-systemd-timers.git branch: master diff --git a/roles/debian/wazuh/tasks/main.yml b/roles/debian/wazuh/tasks/main.yml index 2c3799c52..f5b1d774d 100644 --- a/roles/debian/wazuh/tasks/main.yml +++ b/roles/debian/wazuh/tasks/main.yml @@ -1,13 +1,5 @@ --- # Assumes you have run the ce_provision role on your controller and it has already installed the Wazuh roles -- name: Set the Wazuh version branch for the playbooks and roles. - ansible.builtin.git: - repo: https://github.com/wazuh/wazuh-ansible.git - dest: "{{ wazuh.roles_directory | default('/home/' + user_provision.username + '/.ansible/roles/wazuh-ansible') }}" - version: "{{ wazuh.branch }}" - become: true - become_user: "{{ user_provision.username }}" - delegate_to: localhost - name: Import elastic-stack. ansible.builtin.import_role: From 4d52a298246a7f824d57b390982c1276035e3b65 Mon Sep 17 00:00:00 2001 From: Drazen Date: Tue, 20 Feb 2024 11:37:55 +0100 Subject: [PATCH 2/2] Fixing-wazuh --- roles/debian/wazuh/tasks/install.yml | 112 ++++++++++++++++++++++++ roles/debian/wazuh/tasks/main.yml | 125 +++------------------------ 2 files changed, 124 insertions(+), 113 deletions(-) create mode 100644 roles/debian/wazuh/tasks/install.yml diff --git a/roles/debian/wazuh/tasks/install.yml b/roles/debian/wazuh/tasks/install.yml new file mode 100644 index 000000000..6f9ec930e --- /dev/null +++ b/roles/debian/wazuh/tasks/install.yml @@ -0,0 +1,112 @@ +- name: Import elastic-stack. + ansible.builtin.import_role: + name: "contrib/{{ wazuh_path }}/roles/elastic-stack/ansible-kibana" + +- name: Import opendistro. + ansible.builtin.import_role: + name: "contrib/{{ wazuh_path }}/roles/opendistro/opendistro-kibana" + +- name: Generate certificates. + ansible.builtin.import_role: + name: wazuh-ansible/roles/wazuh/wazuh-indexer + delegate_to: localhost + vars: + indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" + instances: "{{ wazuh.indexer.indexer_primary }}" + perform_installation: false + tags: + - generate-certs + +- name: Install Wazuh indexer. + ansible.builtin.import_role: + name: wazuh-ansible/roles/wazuh/wazuh-indexer + vars: + single_node: "{{ wazuh.indexer.single_node }}" + domain_name: "{{ wazuh.indexer.domain_name }}" + indexer_cluster_name: "{{ wazuh.indexer.indexer_cluster_name }}" + indexer_node_name: "{{ wazuh.indexer.indexer_node_name }}" + minimum_master_nodes: "{{ wazuh.indexer.minimum_master_nodes }}" + indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" + indexer_node_data: "{{ wazuh.indexer.indexer_node_data }}" + indexer_node_ingest: "{{ wazuh.indexer.indexer_node_ingest }}" + indexer_start_timeout: "{{ wazuh.indexer.indexer_start_timeout }}" + indexer_network_host: "{{ wazuh.indexer.indexer_network_host }}" + indexer_cluster_nodes: "{{ wazuh.indexer.indexer_cluster_nodes }}" + indexer_discovery_nodes: "{{ wazuh.indexer.indexer_discovery_nodes }}" + indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" + indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" + indexer_custom_user: "{{ wazuh.indexer.indexer_custom_user }}" + indexer_custom_user_role: "{{ wazuh.indexer.indexer_custom_user_role }}" + indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" + dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" + instances: "{{ wazuh.indexer.indexer_instances }}" + perform_installation: true + tags: + - install + when: wazuh.indexer.install + +- name: Install Wazuh Manager. + ansible.builtin.import_role: + name: wazuh-ansible/roles/wazuh/ansible-wazuh-manager + vars: + wazuh_manager_mailto: "{{ wazuh.manager.wazuh_manager_mailto }}" + wazuh_manager_email_smtp_server: "{{ wazuh.manager.wazuh_manager_email_smtp_server }}" + wazuh_manager_email_from: "{{ wazuh.manager.wazuh_manager_email_from }}" + wazuh_manager_email_maxperhour: "{{ wazuh.manager.wazuh_manager_email_maxperhour }}" + wazuh_manager_email_queue_size: "{{ wazuh.manager.wazuh_manager_email_queue_size }}" + wazuh_manager_email_log_source: "{{ wazuh.manager.wazuh_manager_email_log_source }}" + wazuh_manager_log_level: "{{ wazuh.manager.wazuh_manager_log_level }}" + wazuh_manager_email_level: "{{ wazuh.manager.wazuh_manager_email_level }}" + wazuh_manager_extra_emails: "{{ wazuh.manager.wazuh_manager_extra_emails }}" + wazuh_manager_reports: "{{ wazuh.manager.wazuh_manager_reports }}" + wazuh_manager_api: "{{ wazuh.manager.wazuh_manager_api }}" + agent_groups: "{{ wazuh.manager.agent_groups }}" + when: wazuh.manager.install + +- name: Install Filebeat. + ansible.builtin.import_role: + name: wazuh-ansible/roles/wazuh/ansible-filebeat-oss + vars: + filebeat_version: "{{ wazuh.filebeat.filebeat_version }}" + filebeat_node_name: "{{ wazuh.filebeat.filebeat_node_name }}" + filebeat_output_indexer_hosts: "{{ wazuh.filebeat.filebeat_output_indexer_hosts }}" + filebeat_module_package_url: "{{ wazuh.filebeat.filebeat_module_package_url }}" + filebeat_module_package_name: "{{ wazuh.filebeat.filebeat_module_package_name }}" + indexer_security_user: "{{ wazuh.filebeat.indexer_security_user | default('admin') }}" + indexer_security_password: "{{ wazuh.indexer.indexer_admin_password }}" + when: wazuh.filebeat.install + +- name: Install Wazuh dashboard. + ansible.builtin.import_role: + name: wazuh-ansible/roles/wazuh/wazuh-dashboard + vars: + dashboard_node_name: "{{ wazuh.dashboard.dashboard_node_name }}" + dashboard_server_host: "{{ wazuh.dashboard.dashboard_server_host }}" + dashboard_server_port: "{{ wazuh.dashboard.dashboard_server_port }}" + dashboard_server_name: "{{ wazuh.dashboard.dashboard_server_name }}" + wazuh_api_credentials: "{{ wazuh.dashboard.wazuh_api_credentials }}" + dashboard_security: "{{ wazuh.dashboard.dashboard_security }}" + dashboard_user: "{{ wazuh.dashboard.dashboard_user }}" + dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" + indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" + indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" + indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" + ansible_shell_allow_world_readable_temp: true + when: wazuh.dashboard.install + +- name: Install Wazuh agent. + ansible.builtin.import_role: + name: wazuh-ansible/roles/wazuh/ansible-wazuh-agent + vars: + wazuh_managers: "{{ wazuh.agent.managers }}" + wazuh_agent_enrollment: + enabled: "{{ wazuh.agent.wazuh_agent_enrollment.enabled }}" + agent_name: "{{ wazuh.agent.wazuh_agent_enrollment.agent_name }}" + groups: "{{ wazuh.agent.wazuh_agent_enrollment.groups }}" + agent_address: "{{ wazuh.agent.wazuh_agent_enrollment.agent_address }}" + ssl_ciphers: "{{ wazuh.agent.wazuh_agent_enrollment.ssl_ciphers }}" + wazuh_custom_packages_installation_agent_enabled: false + ansible_shell_allow_world_readable_temp: true + wazuh_agent_sources_installation: + enabled: true + when: wazuh.agent.install and not wazuh_agent_sources_installation.enabled \ No newline at end of file diff --git a/roles/debian/wazuh/tasks/main.yml b/roles/debian/wazuh/tasks/main.yml index f5b1d774d..8ac70a976 100644 --- a/roles/debian/wazuh/tasks/main.yml +++ b/roles/debian/wazuh/tasks/main.yml @@ -1,115 +1,14 @@ --- # Assumes you have run the ce_provision role on your controller and it has already installed the Wazuh roles - -- name: Import elastic-stack. - ansible.builtin.import_role: - name: wazuh-ansible/roles/elastic-stack/ansible-kibana - -- name: Import opendistro. - ansible.builtin.import_role: - name: wazuh-ansible/roles/opendistro/opendistro-kibana - -- name: Generate certificates. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/wazuh-indexer - delegate_to: localhost - vars: - indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" - instances: "{{ wazuh.indexer.indexer_primary }}" - perform_installation: false - tags: - - generate-certs - -- name: Install Wazuh indexer. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/wazuh-indexer - vars: - single_node: "{{ wazuh.indexer.single_node }}" - domain_name: "{{ wazuh.indexer.domain_name }}" - indexer_cluster_name: "{{ wazuh.indexer.indexer_cluster_name }}" - indexer_node_name: "{{ wazuh.indexer.indexer_node_name }}" - minimum_master_nodes: "{{ wazuh.indexer.minimum_master_nodes }}" - indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" - indexer_node_data: "{{ wazuh.indexer.indexer_node_data }}" - indexer_node_ingest: "{{ wazuh.indexer.indexer_node_ingest }}" - indexer_start_timeout: "{{ wazuh.indexer.indexer_start_timeout }}" - indexer_network_host: "{{ wazuh.indexer.indexer_network_host }}" - indexer_cluster_nodes: "{{ wazuh.indexer.indexer_cluster_nodes }}" - indexer_discovery_nodes: "{{ wazuh.indexer.indexer_discovery_nodes }}" - indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" - indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" - indexer_custom_user: "{{ wazuh.indexer.indexer_custom_user }}" - indexer_custom_user_role: "{{ wazuh.indexer.indexer_custom_user_role }}" - indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" - dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" - instances: "{{ wazuh.indexer.indexer_instances }}" - perform_installation: true - tags: - - install - when: wazuh.indexer.install - -- name: Install Wazuh Manager. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/ansible-wazuh-manager - vars: - wazuh_manager_mailto: "{{ wazuh.manager.wazuh_manager_mailto }}" - wazuh_manager_email_smtp_server: "{{ wazuh.manager.wazuh_manager_email_smtp_server }}" - wazuh_manager_email_from: "{{ wazuh.manager.wazuh_manager_email_from }}" - wazuh_manager_email_maxperhour: "{{ wazuh.manager.wazuh_manager_email_maxperhour }}" - wazuh_manager_email_queue_size: "{{ wazuh.manager.wazuh_manager_email_queue_size }}" - wazuh_manager_email_log_source: "{{ wazuh.manager.wazuh_manager_email_log_source }}" - wazuh_manager_log_level: "{{ wazuh.manager.wazuh_manager_log_level }}" - wazuh_manager_email_level: "{{ wazuh.manager.wazuh_manager_email_level }}" - wazuh_manager_extra_emails: "{{ wazuh.manager.wazuh_manager_extra_emails }}" - wazuh_manager_reports: "{{ wazuh.manager.wazuh_manager_reports }}" - wazuh_manager_api: "{{ wazuh.manager.wazuh_manager_api }}" - agent_groups: "{{ wazuh.manager.agent_groups }}" - when: wazuh.manager.install - -- name: Install Filebeat. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/ansible-filebeat-oss - vars: - filebeat_version: "{{ wazuh.filebeat.filebeat_version }}" - filebeat_node_name: "{{ wazuh.filebeat.filebeat_node_name }}" - filebeat_output_indexer_hosts: "{{ wazuh.filebeat.filebeat_output_indexer_hosts }}" - filebeat_module_package_url: "{{ wazuh.filebeat.filebeat_module_package_url }}" - filebeat_module_package_name: "{{ wazuh.filebeat.filebeat_module_package_name }}" - indexer_security_user: "{{ wazuh.filebeat.indexer_security_user | default('admin') }}" - indexer_security_password: "{{ wazuh.indexer.indexer_admin_password }}" - when: wazuh.filebeat.install - -- name: Install Wazuh dashboard. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/wazuh-dashboard - vars: - dashboard_node_name: "{{ wazuh.dashboard.dashboard_node_name }}" - dashboard_server_host: "{{ wazuh.dashboard.dashboard_server_host }}" - dashboard_server_port: "{{ wazuh.dashboard.dashboard_server_port }}" - dashboard_server_name: "{{ wazuh.dashboard.dashboard_server_name }}" - wazuh_api_credentials: "{{ wazuh.dashboard.wazuh_api_credentials }}" - dashboard_security: "{{ wazuh.dashboard.dashboard_security }}" - dashboard_user: "{{ wazuh.dashboard.dashboard_user }}" - dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" - indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" - indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" - indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" - ansible_shell_allow_world_readable_temp: true - when: wazuh.dashboard.install - -- name: Install Wazuh agent. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/ansible-wazuh-agent - vars: - wazuh_managers: "{{ wazuh.agent.managers }}" - wazuh_agent_enrollment: - enabled: "{{ wazuh.agent.wazuh_agent_enrollment.enabled }}" - agent_name: "{{ wazuh.agent.wazuh_agent_enrollment.agent_name }}" - groups: "{{ wazuh.agent.wazuh_agent_enrollment.groups }}" - agent_address: "{{ wazuh.agent.wazuh_agent_enrollment.agent_address }}" - ssl_ciphers: "{{ wazuh.agent.wazuh_agent_enrollment.ssl_ciphers }}" - wazuh_custom_packages_installation_agent_enabled: false - ansible_shell_allow_world_readable_temp: true - wazuh_agent_sources_installation: - enabled: true - when: wazuh.agent.install and not wazuh_agent_sources_installation.enabled \ No newline at end of file +- name: Select items with URL https://github.com/wazuh/wazuh-ansible.git + set_fact: + wazuh_items: "{{ ce_provision.contrib_roles | selectattr('repo', 'equalto', 'https://github.com/wazuh/wazuh-ansible.git') | list }}" + +- name: Set wazuh path + set_fact: + wazuh_path: "{{ wazuh_items.directory }}" + when: wazuh_items | length > 0 + +- name: Include task to install based on selected items + include_tasks: install.yml + when: wazuh_items | length > 0 \ No newline at end of file