diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 48c8bf6a..b13122b2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -35,8 +35,8 @@ jobs: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' - scenario-distributed-wazuh-odfe: - name: Distributed ODFE + Wazuh + scenario-distributed-wazuh: + name: Distributed Wazuh runs-on: ubuntu-latest steps: - name: Check out the codebase. @@ -60,7 +60,7 @@ jobs: run: poetry install - name: Run Molecule tests. - run: poetry run molecule test -s distributed-wazuh-odfe + run: poetry run molecule test -s distributed-wazuh env: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' diff --git a/molecule/distributed-wazuh-odfe/converge.yml b/molecule/distributed-wazuh-odfe/converge.yml deleted file mode 100644 index 874df159..00000000 --- a/molecule/distributed-wazuh-odfe/converge.yml +++ /dev/null @@ -1,75 +0,0 @@ ---- - -- name: Build Facts - hosts: all - become: true - become_user: root - vars: - endpoints_hostvars: '{{ managers_hostvars | union(elastic_hostvars) | union(kibana_hostvars) }}' - wazuh_managers_common: - port: 1514 - protocol: tcp - api_port: 55000 - api_proto: 'http' - api_user: ansible - max_retries: 5 - retry_interval: 5 - pre_tasks: - - name: (converge) build instances list dynamically for cert generator consumption - set_fact: - odfe_endpoint_list: "{{ odfe_endpoint_list | default({}) | combine({ instance_hostname: instance_item }) }}" - vars: - instance_hostname: '{{ item.ansible_facts.hostname }}' - instance_item: - name: '{{ instance_hostname }}' - ip: '{{ item.private_ip }}' - loop: '{{ endpoints_hostvars }}' - no_log: true - - - name: (converge) build wazuh_managers list dynamically for agents to consume - set_fact: - wazuh_managers_list: '{{ wazuh_managers_list | default([]) | union([manager_item]) }}' - vars: - manager_item: '{{ wazuh_managers_common | combine({"address": item}) }}' - loop: '{{ manager_addresses }}' - - - name: overview of cert configuration - debug: - var: odfe_endpoint_list - -- name: Generate certificates prior to converging - hosts: molecule_odfe_elasticsearch_centos7 - become: true - become_user: root - roles: - - role: ../../roles/opendistro/opendistro-elasticsearch - vars: - generate_certs: true - perform_installation: false - instances: '{{ odfe_endpoint_list }}' - pre_tasks: - - name: overview of cert configuration - debug: - var: odfe_endpoint_list - -- name: Converge - hosts: all - become: true - become_user: root - roles: - # 1. Elasticsearch - - role: ../../roles/opendistro/opendistro-elasticsearch - when: inventory_hostname in groups['elastic'] - # 2. Managers - - role: ../../roles/wazuh/ansible-wazuh-manager - when: inventory_hostname in groups['managers'] - - role: ../../roles/wazuh/ansible-filebeat-oss - when: inventory_hostname in groups['managers'] - # 3. Kibana - - role: ../../roles/opendistro/opendistro-kibana - when: inventory_hostname in groups['kibana'] - # 4. Agents: - - role: ../../roles/wazuh/ansible-wazuh-agent - vars: - wazuh_managers: '{{ wazuh_managers_list }}' - when: inventory_hostname in groups['agents'] \ No newline at end of file diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml deleted file mode 100644 index 4fcb46fd..00000000 --- a/molecule/distributed-wazuh-odfe/group_vars/all.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- - -######################################################## -# Helper variables -private_ip: '{{ ansible_default_ipv4.address }}' - -managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" -elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" -kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}" - -manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" -elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" -kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}" - -######################################################## -# General ELK stack variables - -# OpenDistro -kibana_opendistro_security: true - -opendistro_kibana_user: kibanaserver -opendistro_security_user: elastic - -opendistro_kibana_password: changeme -opendistro_security_password: admin -opendistro_admin_password: changeme - -# All nodes are called by IP name -elasticsearch_node_name: '{{ ansible_hostname }}' -kibana_node_name: '{{ ansible_hostname }}' -filebeat_node_name: '{{ ansible_hostname }}' - -######################################################## -# Versions -# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/ - -elastic_stack_version: 7.10.2 -opendistro_version: 1.13.2 -filebeat_version: 7.10.2 -kibana_opendistro_version: 1.13.2-1 - -# Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.3.1-1 -wazuh_agent_version: 4.3.1-1 - -# Kibana role appends it automatically. -wazuh_version: 4.3.1 diff --git a/molecule/distributed-wazuh-odfe/group_vars/elastic.yml b/molecule/distributed-wazuh-odfe/group_vars/elastic.yml deleted file mode 100644 index 056f5184..00000000 --- a/molecule/distributed-wazuh-odfe/group_vars/elastic.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -single_node: false -elasticsearch_node_master: true -minimum_master_nodes: 1 - -elasticsearch_network_host: '{{ private_ip }}' - -elasticsearch_reachable_host: '{{ private_ip }}' -elasticsearch_http_port: 9200 - -elasticsearch_bootstrap_node: true -elasticsearch_cluster_nodes: '{{ elastic_addresses }}' -elasticsearch_discovery_nodes: '{{ elastic_addresses }}' - -opendistro_jvm_xms: 1024 diff --git a/molecule/distributed-wazuh-odfe/group_vars/kibana.yml b/molecule/distributed-wazuh-odfe/group_vars/kibana.yml deleted file mode 100644 index 5101d76a..00000000 --- a/molecule/distributed-wazuh-odfe/group_vars/kibana.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- - -kibana_server_name: '{{ ansible_hostname }}' -elasticsearch_network_host: "{{ elastic_addresses[0] }}" -#elasticsearch_http_port: 9200 - -elasticsearch_node_master: false -elasticsearch_node_ingest: false -elasticsearch_node_data: false - -wazuh_api_credentials: - - id: default - url: 'https://{{ manager_addresses[0] }}' - port: 55000 - #port: 1514 - username: wazuh - password: wazuh diff --git a/molecule/distributed-wazuh-odfe/INSTALL.rst b/molecule/distributed-wazuh/INSTALL.rst similarity index 100% rename from molecule/distributed-wazuh-odfe/INSTALL.rst rename to molecule/distributed-wazuh/INSTALL.rst diff --git a/molecule/distributed-wazuh/converge.yml b/molecule/distributed-wazuh/converge.yml new file mode 100644 index 00000000..8ff42c37 --- /dev/null +++ b/molecule/distributed-wazuh/converge.yml @@ -0,0 +1,121 @@ +--- + +- name: Build Facts + hosts: all + become: true + become_user: root + vars: + endpoints_hostvars: '{{ managers_hostvars | union(indexer_hostvars) | union(dashboard_hostvars) }}' + wazuh_managers_common: + port: 1514 + protocol: tcp + api_port: 55000 + api_proto: 'http' + api_user: ansible + max_retries: 5 + retry_interval: 5 + pre_tasks: + - name: (converge) build instances list dynamically for cert generator consumption + set_fact: + wazuh_endpoint_list: "{{ wazuh_endpoint_list | default({}) | combine({ instance_hostname: instance_item }) }}" + vars: + instance_hostname: '{{ item.ansible_facts.hostname }}' + instance_item: + name: '{{ instance_hostname }}' + ip: '{{ item.private_ip }}' + loop: '{{ endpoints_hostvars }}' + no_log: true + + - name: (converge) build wazuh_managers list dynamically for agents to consume + set_fact: + wazuh_managers_list: '{{ wazuh_managers_list | default([]) | union([manager_item]) }}' + vars: + manager_item: '{{ wazuh_managers_common | combine({"address": item}) }}' + loop: '{{ manager_addresses }}' + + - name: overview of cert configuration + debug: + var: wazuh_endpoint_list + +- name: Generate certificates prior to converging + hosts: molecule_wazuh_indexer_centos7 + become: true + become_user: root + roles: + - role: ../../roles/wazuh/wazuh-indexer + vars: + generate_certs: true + perform_installation: false + instances: + node1: + name: wazuh-es01 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.molecule_wazuh_indexer_centos7.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer + node2: + name: wazuh-es02 + ip: "{{ hostvars.molecule_wazuh_indexer_centos7_2.private_ip }}" + role: indexer + node3: + name: wazuh-mgr01 + ip: "{{ hostvars.molecule_wazuh_manager_debian9.private_ip }}" + role: wazuh + node_type: master + node4: + name: wazuh-mgr02 + ip: "{{ hostvars.molecule_wazuh_manager_centos7.private_ip }}" + role: wazuh + node_type: worker + node5: + name: wazuh-dash01 + ip: "{{ hostvars.molecule_wazuh_dashboard_centos7.private_ip }}" + role: dashboard + pre_tasks: + - name: overview of cert configuration + debug: + var: wazuh_endpoint_list + +- name: Converge + hosts: all + become: true + become_user: root + roles: + # 1. Wazuh indexer + - role: ../../roles/wazuh/wazuh-indexer + when: inventory_hostname in groups['indexer'] + # 2. Managers + - role: ../../roles/wazuh/ansible-wazuh-manager + when: inventory_hostname in groups['managers'] + - role: ../../roles/wazuh/ansible-filebeat-oss + when: inventory_hostname in groups['managers'] + # 3. Wazuh dashboard + - role: ../../roles/wazuh/wazuh-dashboard + when: inventory_hostname in groups['dashboard'] + # 4. Agents: + - role: ../../roles/wazuh/ansible-wazuh-agent + vars: + wazuh_managers: '{{ wazuh_managers_list }}' + when: inventory_hostname in groups['agents'] + vars: + instances: + node1: + name: wazuh-es01 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.molecule_wazuh_indexer_centos7.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer + node2: + name: wazuh-es02 + ip: "{{ hostvars.molecule_wazuh_indexer_centos7_2.private_ip }}" + role: indexer + node3: + name: wazuh-mgr01 + ip: "{{ hostvars.molecule_wazuh_manager_debian9.private_ip }}" + role: wazuh + node_type: master + node4: + name: wazuh-mgr02 + ip: "{{ hostvars.molecule_wazuh_manager_centos7.private_ip }}" + role: wazuh + node_type: worker + node5: + name: wazuh-dash01 + ip: "{{ hostvars.molecule_wazuh_dashboard_centos7.private_ip }}" + role: dashboard \ No newline at end of file diff --git a/molecule/distributed-wazuh-odfe/group_vars/agents.yml b/molecule/distributed-wazuh/group_vars/agents.yml similarity index 100% rename from molecule/distributed-wazuh-odfe/group_vars/agents.yml rename to molecule/distributed-wazuh/group_vars/agents.yml diff --git a/molecule/distributed-wazuh/group_vars/all.yml b/molecule/distributed-wazuh/group_vars/all.yml new file mode 100644 index 00000000..8bac41a5 --- /dev/null +++ b/molecule/distributed-wazuh/group_vars/all.yml @@ -0,0 +1,39 @@ +--- + +######################################################## +# Helper variables +private_ip: '{{ ansible_default_ipv4.address }}' + +managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" +indexer_hostvars: "{{ groups['indexer'] | map('extract', hostvars) | list }}" +dashboard_hostvars: "{{ groups['dashboard'] | map('extract', hostvars) | list }}" + +manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" +indexer_addresses: "{{ indexer_hostvars | map(attribute='private_ip') | list }}" +dashboard_addresses: "{{ dashboard_hostvars | map(attribute='private_ip') | list }}" + +######################################################## +# General Wazuh stack variables + +# Wazuh indexer/dashboard +dashboard_security: true + +dashboard_user: kibanaserver +indexer_security_user: admin + +dashboard_password: changeme +indexer_security_password: changeme +indexer_admin_password: changeme + +# All nodes are called by IP name +indexer_node_name: '{{ ansible_facts.hostname }}' +dashboard_node_name: '{{ ansible_facts.hostname }}' +filebeat_node_name: '{{ ansible_facts.hostname }}' + +indexer_version: 4.3.1 +filebeat_version: 7.10.2 +wazuh_version: 4.3.1 + +# Debian packages need the ${VERSION}-1 +wazuh_manager_version: 4.3.1-1 +wazuh_agent_version: 4.3.1-1 diff --git a/molecule/distributed-wazuh/group_vars/dashboard.yml b/molecule/distributed-wazuh/group_vars/dashboard.yml new file mode 100644 index 00000000..16f48959 --- /dev/null +++ b/molecule/distributed-wazuh/group_vars/dashboard.yml @@ -0,0 +1,16 @@ +--- + +dashboard_server_name: '{{ ansible_hostname }}' +indexer_network_host: "{{ indexer_addresses[0] }}" + +indexer_node_master: false +indexer_node_ingest: false +indexer_node_data: false +role: 'dashboard' + +wazuh_api_credentials: + - id: default + url: 'https://{{ manager_addresses[0] }}' + port: 55000 + username: wazuh + password: wazuh diff --git a/molecule/distributed-wazuh/group_vars/indexer.yml b/molecule/distributed-wazuh/group_vars/indexer.yml new file mode 100644 index 00000000..f8804629 --- /dev/null +++ b/molecule/distributed-wazuh/group_vars/indexer.yml @@ -0,0 +1,13 @@ +--- + +single_node: false +indexer_node_master: true +minimum_master_nodes: 1 +role: 'indexer' + +indexer_network_host: '{{ private_ip }}' + +indexer_http_port: 9200 + +indexer_cluster_nodes: '{{ indexer_addresses }}' +indexer_discovery_nodes: '{{ indexer_addresses }}' diff --git a/molecule/distributed-wazuh-odfe/group_vars/managers.yml b/molecule/distributed-wazuh/group_vars/managers.yml similarity index 69% rename from molecule/distributed-wazuh-odfe/group_vars/managers.yml rename to molecule/distributed-wazuh/group_vars/managers.yml index 4f15afd5..354136c7 100644 --- a/molecule/distributed-wazuh-odfe/group_vars/managers.yml +++ b/molecule/distributed-wazuh/group_vars/managers.yml @@ -1,7 +1,9 @@ --- wazuh_manager_fqdn: '{{ ansible_hostname }}' -filebeat_output_elasticsearch_hosts: '{{ elastic_addresses }}' +filebeat_output_indexer_hosts: '{{ indexer_addresses }}' +node_type: "{{ 'master' if ansible_hostname == 'wazuh-mgr01' else 'worker' }}" +role: 'wazuh' wazuh_manager_config: connection: diff --git a/molecule/distributed-wazuh-odfe/molecule.yml b/molecule/distributed-wazuh/molecule.yml similarity index 88% rename from molecule/distributed-wazuh-odfe/molecule.yml rename to molecule/distributed-wazuh/molecule.yml index 46c08695..d6f1d90b 100644 --- a/molecule/distributed-wazuh-odfe/molecule.yml +++ b/molecule/distributed-wazuh/molecule.yml @@ -18,7 +18,7 @@ platforms: ################################################ # Wazuh Managers ################################################ - - name: molecule_odfe_manager_centos7 + - name: molecule_wazuh_manager_centos7 hostname: wazuh-mgr01 image: geerlingguy/docker-centos7-ansible command: /sbin/init @@ -33,7 +33,7 @@ platforms: volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: molecule_odfe_manager_debian9 + - name: molecule_wazuh_manager_debian9 hostname: wazuh-mgr02 image: geerlingguy/docker-debian9-ansible command: /sbin/init @@ -49,9 +49,9 @@ platforms: - /sys/fs/cgroup:/sys/fs/cgroup:ro ################################################ - # Elastic Cluster + # Wazuh indexer Cluster ################################################ - - name: molecule_odfe_elasticsearch_centos7 + - name: molecule_wazuh_indexer_centos7 hostname: wazuh-es01 image: geerlingguy/docker-centos7-ansible command: /sbin/init @@ -60,13 +60,13 @@ platforms: memory: 4096m memory_reservation: 2048m groups: - - elastic + - indexer ulimits: - nofile:262144:262144 volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: molecule_odfe_elasticsearch_centos7_2 + - name: molecule_wazuh_indexer_centos7_2 hostname: wazuh-es02 image: geerlingguy/docker-centos7-ansible command: /sbin/init @@ -75,7 +75,7 @@ platforms: memory: 4096m memory_reservation: 2048m groups: - - elastic + - indexer ulimits: - nofile:262144:262144 volumes: @@ -84,7 +84,7 @@ platforms: ################################################ # Wazuh Agents ################################################ - - name: molecule_odfe_agent_centos7 + - name: molecule_wazuh_agent_centos7 hostname: wazuh-agent01 image: geerlingguy/docker-centos7-ansible command: /sbin/init @@ -97,7 +97,7 @@ platforms: volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: molecule_odfe_agent_debian9 + - name: molecule_wazuh_agent_debian9 hostname: wazuh-agent02 image: geerlingguy/docker-debian9-ansible command: /sbin/init @@ -111,11 +111,11 @@ platforms: - /sys/fs/cgroup:/sys/fs/cgroup:ro ################################################ - # Kibana + # Wazuh dashboard ################################################ - - name: molecule_odfe_kibana_centos7 - hostname: wazuh-kib01 + - name: molecule_wazuh_dashboard_centos7 + hostname: wazuh-dash01 image: geerlingguy/docker-centos7-ansible command: /sbin/init pre_build_image: true @@ -123,7 +123,7 @@ platforms: memory: 2048m memory_reservation: 512m groups: - - kibana + - dashboard volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -147,7 +147,7 @@ provisioner: name: ansible-lint enabled: false scenario: - name: distributed-wazuh-odfe + name: distributed-wazuh test_sequence: - dependency - syntax diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh/tests/test_default.py similarity index 100% rename from molecule/distributed-wazuh-odfe/tests/test_default.py rename to molecule/distributed-wazuh/tests/test_default.py diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 08698f73..b3af417a 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -1,5 +1,14 @@ --- +- name: "Install dependencies" + package: + name: + - unzip + - openssl + - tar + - curl + state: present + - name: Get latest wazuh release shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-" register: wazuh_latest_release @@ -17,14 +26,6 @@ config_layer: '{{ wazuh_manager_config | default({}) }}' when: wazuh_manager_config_overlay | bool -- name: "Install dependencies" - package: - name: - - unzip - - openssl - - tar - state: present - - include_tasks: "RedHat.yml" when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family == "RedHat" and ansible_distribution == "Amazon") diff --git a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml index 405bfe33..3921db2d 100644 --- a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml +++ b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml @@ -45,57 +45,56 @@ mode: 0644 run_once: true -- name: Hashing the custom admin password - shell: | - export JAVA_HOME=/usr/share/wazuh-indexer/jdk - {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }} - register: indexer_admin_password_hashed - no_log: '{{ indexer_nolog_sensible | bool }}' +- block: + - name: Hashing the custom admin password + shell: | + export JAVA_HOME=/usr/share/wazuh-indexer/jdk + {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }} + register: indexer_admin_password_hashed + no_log: '{{ indexer_nolog_sensible | bool }}' + + - name: Set the Admin user password + replace: + path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" + regexp: '(?<=admin:\n hash: )(.*)(?=)' + replace: "{{ indexer_password_hash | quote }}" + vars: + indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}" + + # this can also be achieved with password_hash, but it requires dependencies on the controller + - name: Hash the kibanaserver role/user pasword + shell: | + export JAVA_HOME=/usr/share/wazuh-indexer/jdk + {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }} + register: indexer_kibanaserver_password_hashed + no_log: '{{ indexer_nolog_sensible | bool }}' + + - name: Set the kibanaserver user password + replace: + path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" + regexp: '(?<=kibanaserver:\n hash: )(.*)(?=)' + replace: "{{ indexer_password_hash | quote }}" + vars: + indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}" + + - name: Initialize the Opensearch security index in Wazuh indexer + command: > + sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }} + JAVA_HOME=/usr/share/wazuh-indexer/jdk + {{ indexer_sec_plugin_tools_path }}/securityadmin.sh + -cd {{ indexer_sec_plugin_conf_path }}/ + -icl -p 9300 -cd {{ indexer_sec_plugin_conf_path }}/ + -nhnv + -cacert {{ indexer_conf_path }}/certs/root-ca.pem + -cert {{ indexer_conf_path }}/certs/admin.pem + -key {{ indexer_conf_path }}/certs/admin-key.pem + -h {{ target_address }} + retries: 2 + delay: 5 + register: result + until: result.rc == 0 run_once: true -- name: Set the Admin user password - replace: - path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" - regexp: '(?<=admin:\n hash: )(.*)(?=)' - replace: "{{ indexer_password_hash | quote }}" - vars: - indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}" - run_once: true - -# this can also be achieved with password_hash, but it requires dependencies on the controller -- name: Hash the kibanaserver role/user pasword - shell: | - export JAVA_HOME=/usr/share/wazuh-indexer/jdk - {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }} - register: indexer_kibanaserver_password_hashed - no_log: '{{ indexer_nolog_sensible | bool }}' - run_once: true - -- name: Set the kibanaserver user password - replace: - path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" - regexp: '(?<=kibanaserver:\n hash: )(.*)(?=)' - replace: "{{ indexer_password_hash | quote }}" - vars: - indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}" - run_once: true - -- name: Initialize the Opensearch security index in Wazuh indexer - command: > - sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }} - JAVA_HOME=/usr/share/wazuh-indexer/jdk - {{ indexer_sec_plugin_tools_path }}/securityadmin.sh - -cd {{ indexer_sec_plugin_conf_path }}/ - -icl -p 9300 -cd {{ indexer_sec_plugin_conf_path }}/ - -nhnv - -cacert {{ indexer_conf_path }}/certs/root-ca.pem - -cert {{ indexer_conf_path }}/certs/admin.pem - -key {{ indexer_conf_path }}/certs/admin-key.pem - -h {{ target_address }} - retries: 2 - delay: 5 - register: result - until: result.rc == 0 - name: Create custom user uri: