commit all my PR fixes to one branch

upstream PRs wazuh#929, wazuh#930, wazuh#931
medeopolis · Jun 5, 2023 · 9c3f04a · 9c3f04a
1 parent d5e9291
commit 9c3f04a
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -340,7 +340,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a sing
 ```yaml
 ---
 # Certificates generation
-  - hosts: aio
+  - hosts: wazuh_aio
     roles:
       - role: ../roles/wazuh/wazuh-indexer
         perform_installation: false
@@ -356,7 +356,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a sing
     tags:
       - generate-certs
 # Single node
-  - hosts: aio
+  - hosts: wazuh_aio
     become: yes
     become_user: root
     roles:
@@ -383,7 +383,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a sing
 ### Inventory file
 
 ```ini
-[aio]
+[wazuh_aio]
 <your server host>
 
 [all:vars]

diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
@@ -1,16 +1,17 @@
 ---
-- hosts: <your wazuh agents hosts>
+- hosts: wazuh_clients:!wazuh_aio
   become: yes
   become_user: root
   roles:
     - ../roles/wazuh/ansible-wazuh-agent
   vars:
     wazuh_managers:
-      - address: <your manager IP>
+      - address: wazuh_aio
         port: 1514
         protocol: tcp
         api_port: 55000
         api_proto: 'http'
         api_user: ansible
         max_retries: 5
-        retry_interval: 5
+        retry_interval: 5
+
diff --git a/playbooks/wazuh-single.yml b/playbooks/wazuh-single.yml
@@ -1,6 +1,6 @@
 ---
 # Certificates generation
-  - hosts: aio
+  - hosts: wazuh_aio
     roles:
       - role: ../roles/wazuh/wazuh-indexer
         perform_installation: false
@@ -16,7 +16,7 @@
     tags:
       - generate-certs
 # Single node
-  - hosts: aio
+  - hosts: wazuh_aio
     become: yes
     become_user: root
     roles:

diff --git a/roles/wazuh/wazuh-indexer/tasks/main.yml b/roles/wazuh/wazuh-indexer/tasks/main.yml
@@ -109,6 +109,7 @@
       tags: debug
       when:
         - hostvars[inventory_hostname]['private_ip'] is not defined or not hostvars[inventory_hostname]['private_ip']
+        - not ansible_check_mode
 
     - name: Wait for Wazuh indexer API (Private IP)
       uri:
@@ -128,6 +129,7 @@
       tags: debug
       when:
         - hostvars[inventory_hostname]['private_ip'] is defined and hostvars[inventory_hostname]['private_ip']
+        - not ansible_check_mode
 
     - import_tasks: "RMRedHat.yml"
       when: ansible_os_family == "RedHat"

diff --git a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
@@ -60,7 +60,9 @@
       replace: "{{ indexer_password_hash | quote }}"
     vars:
       indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
-
+    when:
+      - not ansible_check_mode
+
   # this can also be achieved with password_hash, but it requires dependencies on the controller
   - name: Hash the kibanaserver role/user pasword
     shell: |
@@ -76,7 +78,9 @@
       replace: "{{ indexer_password_hash | quote }}"
     vars:
       indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}"
-
+    when:
+      - not ansible_check_mode
+
   - name: Initialize the Opensearch security index in Wazuh indexer
     command: >
       sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }}