68 lines
1.9 KiB
YAML
68 lines
1.9 KiB
YAML
- name: Generate certificates prior to converging
|
|
hosts: localhost
|
|
become: true
|
|
become_user: root
|
|
roles:
|
|
# 1. Check packages
|
|
- role: ../../roles/wazuh/check-packages
|
|
become: no
|
|
delegate_to: localhost
|
|
run_once: true
|
|
# 2. Generate certificates
|
|
- role: ../../roles/wazuh/wazuh-indexer
|
|
vars:
|
|
generate_certs: true
|
|
perform_installation: false
|
|
instances:
|
|
node1:
|
|
name: wazuh-es01 # Important: must be equal to indexer_node_name.
|
|
ip: "127.0.0.1" # When unzipping, the node will search for its node name folder to get the cert.
|
|
role: indexer
|
|
node3:
|
|
name: wazuh-mgr01
|
|
ip: "127.0.0.1"
|
|
role: wazuh
|
|
node5:
|
|
name: wazuh-dash01
|
|
ip: "127.0.0.1"
|
|
role: dashboard
|
|
pre_tasks:
|
|
- name: overview of cert configuration
|
|
debug:
|
|
var: wazuh_endpoint_list
|
|
|
|
- name: Converge
|
|
hosts: localhost
|
|
become: true
|
|
become_user: root
|
|
roles:
|
|
# 1. Wazuh indexer
|
|
- role: ../../roles/wazuh/wazuh-indexer
|
|
vars:
|
|
indexer_node_name: "wazuh-es01"
|
|
single_node: true
|
|
# 2. Managers
|
|
- role: ../../roles/wazuh/ansible-wazuh-manager
|
|
- role: ../../roles/wazuh/ansible-filebeat-oss
|
|
vars:
|
|
filebeat_node_name: "wazuh-mgr01"
|
|
filebeat_output_indexer_hosts:
|
|
- "localhost:9200"
|
|
# 3. Wazuh dashboard
|
|
- role: ../../roles/wazuh/wazuh-dashboard
|
|
vars:
|
|
dashboard_node_name: "wazuh-dash01"
|
|
vars:
|
|
instances:
|
|
node1:
|
|
name: wazuh-es01 # Important: must be equal to indexer_node_name.
|
|
ip: "127.0.0.1" # When unzipping, the node will search for its node name folder to get the cert.
|
|
role: indexer
|
|
node3:
|
|
name: wazuh-mgr01
|
|
ip: "127.0.0.1"
|
|
role: wazuh
|
|
node5:
|
|
name: wazuh-dash01
|
|
ip: "127.0.0.1"
|
|
role: dashboard |