afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #771 from wazuh/770-fix-ci

Browse Source 
Fix CI
This commit is contained in:
José Fernández Aguilera 2022-05-20 10:52:49 +02:00 committed by GitHub
commit 03ce4abdea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 266 additions and 230 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/main.yml vendored
View File

@ -35,8 +35,8 @@ jobs:
PY_COLORS: '1' PY_COLORS: '1'
ANSIBLE_FORCE_COLOR: '1' ANSIBLE_FORCE_COLOR: '1'
scenario-distributed-wazuh-odfe: scenario-distributed-wazuh:
name: Distributed ODFE + Wazuh name: Distributed Wazuh
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out the codebase. - name: Check out the codebase.
@ -60,7 +60,7 @@ jobs:
run: poetry install run: poetry install
- name: Run Molecule tests. - name: Run Molecule tests.
run: poetry run molecule test -s distributed-wazuh-odfe run: poetry run molecule test -s distributed-wazuh
env: env:
PY_COLORS: '1' PY_COLORS: '1'
ANSIBLE_FORCE_COLOR: '1' ANSIBLE_FORCE_COLOR: '1'

75
molecule/distributed-wazuh-odfe/converge.yml
View File

@ -1,75 +0,0 @@
---
- name: Build Facts
hosts: all
become: true
become_user: root
vars:
endpoints_hostvars: '{{ managers_hostvars | union(elastic_hostvars) | union(kibana_hostvars) }}'
wazuh_managers_common:
port: 1514
protocol: tcp
api_port: 55000
api_proto: 'http'
api_user: ansible
max_retries: 5
retry_interval: 5
pre_tasks:
- name: (converge) build instances list dynamically for cert generator consumption
set_fact:
odfe_endpoint_list: "{{ odfe_endpoint_list | default({}) | combine({ instance_hostname: instance_item }) }}"
vars:
instance_hostname: '{{ item.ansible_facts.hostname }}'
instance_item:
name: '{{ instance_hostname }}'
ip: '{{ item.private_ip }}'
loop: '{{ endpoints_hostvars }}'
no_log: true
- name: (converge) build wazuh_managers list dynamically for agents to consume
set_fact:
wazuh_managers_list: '{{ wazuh_managers_list | default([]) | union([manager_item]) }}'
vars:
manager_item: '{{ wazuh_managers_common | combine({"address": item}) }}'
loop: '{{ manager_addresses }}'
- name: overview of cert configuration
debug:
var: odfe_endpoint_list
- name: Generate certificates prior to converging
hosts: molecule_odfe_elasticsearch_centos7
become: true
become_user: root
roles:
- role: ../../roles/opendistro/opendistro-elasticsearch
vars:
generate_certs: true
perform_installation: false
instances: '{{ odfe_endpoint_list }}'
pre_tasks:
- name: overview of cert configuration
debug:
var: odfe_endpoint_list
- name: Converge
hosts: all
become: true
become_user: root
roles:
# 1. Elasticsearch
- role: ../../roles/opendistro/opendistro-elasticsearch
when: inventory_hostname in groups['elastic']
# 2. Managers
- role: ../../roles/wazuh/ansible-wazuh-manager
when: inventory_hostname in groups['managers']
- role: ../../roles/wazuh/ansible-filebeat-oss
when: inventory_hostname in groups['managers']
# 3. Kibana
- role: ../../roles/opendistro/opendistro-kibana
when: inventory_hostname in groups['kibana']
# 4. Agents:
- role: ../../roles/wazuh/ansible-wazuh-agent
vars:
wazuh_managers: '{{ wazuh_managers_list }}'
when: inventory_hostname in groups['agents']

47
molecule/distributed-wazuh-odfe/group_vars/all.yml
View File

@ -1,47 +0,0 @@
---
########################################################
# Helper variables
private_ip: '{{ ansible_default_ipv4.address }}'
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}"
kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}"
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}"
########################################################
# General ELK stack variables
# OpenDistro
kibana_opendistro_security: true
opendistro_kibana_user: kibanaserver
opendistro_security_user: elastic
opendistro_kibana_password: changeme
opendistro_security_password: admin
opendistro_admin_password: changeme
# All nodes are called by IP name
elasticsearch_node_name: '{{ ansible_hostname }}'
kibana_node_name: '{{ ansible_hostname }}'
filebeat_node_name: '{{ ansible_hostname }}'
########################################################
# Versions
# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/
elastic_stack_version: 7.10.2
opendistro_version: 1.13.2
filebeat_version: 7.10.2
kibana_opendistro_version: 1.13.2-1
# Debian packages need the ${VERSION}-1
wazuh_manager_version: 4.3.1-1
wazuh_agent_version: 4.3.1-1
# Kibana role appends it automatically.
wazuh_version: 4.3.1

16
molecule/distributed-wazuh-odfe/group_vars/elastic.yml
View File

@ -1,16 +0,0 @@
---
single_node: false
elasticsearch_node_master: true
minimum_master_nodes: 1
elasticsearch_network_host: '{{ private_ip }}'
elasticsearch_reachable_host: '{{ private_ip }}'
elasticsearch_http_port: 9200
elasticsearch_bootstrap_node: true
elasticsearch_cluster_nodes: '{{ elastic_addresses }}'
elasticsearch_discovery_nodes: '{{ elastic_addresses }}'
opendistro_jvm_xms: 1024

17
molecule/distributed-wazuh-odfe/group_vars/kibana.yml
View File

@ -1,17 +0,0 @@
---
kibana_server_name: '{{ ansible_hostname }}'
elasticsearch_network_host: "{{ elastic_addresses[0] }}"
#elasticsearch_http_port: 9200
elasticsearch_node_master: false
elasticsearch_node_ingest: false
elasticsearch_node_data: false
wazuh_api_credentials:
- id: default
url: 'https://{{ manager_addresses[0] }}'
port: 55000
#port: 1514
username: wazuh
password: wazuh

0
molecule/distributed-wazuh-odfe/INSTALL.rst → molecule/distributed-wazuh/INSTALL.rst
View File

121
molecule/distributed-wazuh/converge.yml Normal file
View File

@ -0,0 +1,121 @@
---
- name: Build Facts
hosts: all
become: true
become_user: root
vars:
endpoints_hostvars: '{{ managers_hostvars | union(indexer_hostvars) | union(dashboard_hostvars) }}'
wazuh_managers_common:
port: 1514
protocol: tcp
api_port: 55000
api_proto: 'http'
api_user: ansible
max_retries: 5
retry_interval: 5
pre_tasks:
- name: (converge) build instances list dynamically for cert generator consumption
set_fact:
wazuh_endpoint_list: "{{ wazuh_endpoint_list | default({}) | combine({ instance_hostname: instance_item }) }}"
vars:
instance_hostname: '{{ item.ansible_facts.hostname }}'
instance_item:
name: '{{ instance_hostname }}'
ip: '{{ item.private_ip }}'
loop: '{{ endpoints_hostvars }}'
no_log: true
- name: (converge) build wazuh_managers list dynamically for agents to consume
set_fact:
wazuh_managers_list: '{{ wazuh_managers_list | default([]) | union([manager_item]) }}'
vars:
manager_item: '{{ wazuh_managers_common | combine({"address": item}) }}'
loop: '{{ manager_addresses }}'
- name: overview of cert configuration
debug:
var: wazuh_endpoint_list
- name: Generate certificates prior to converging
hosts: molecule_wazuh_indexer_centos7
become: true
become_user: root
roles:
- role: ../../roles/wazuh/wazuh-indexer
vars:
generate_certs: true
perform_installation: false
instances:
node1:
name: wazuh-es01 # Important: must be equal to indexer_node_name.
ip: "{{ hostvars.molecule_wazuh_indexer_centos7.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert.
role: indexer
node2:
name: wazuh-es02
ip: "{{ hostvars.molecule_wazuh_indexer_centos7_2.private_ip }}"
role: indexer
node3:
name: wazuh-mgr01
ip: "{{ hostvars.molecule_wazuh_manager_debian9.private_ip }}"
role: wazuh
node_type: master
node4:
name: wazuh-mgr02
ip: "{{ hostvars.molecule_wazuh_manager_centos7.private_ip }}"
role: wazuh
node_type: worker
node5:
name: wazuh-dash01
ip: "{{ hostvars.molecule_wazuh_dashboard_centos7.private_ip }}"
role: dashboard
pre_tasks:
- name: overview of cert configuration
debug:
var: wazuh_endpoint_list
- name: Converge
hosts: all
become: true
become_user: root
roles:
# 1. Wazuh indexer
- role: ../../roles/wazuh/wazuh-indexer
when: inventory_hostname in groups['indexer']
# 2. Managers
- role: ../../roles/wazuh/ansible-wazuh-manager
when: inventory_hostname in groups['managers']
- role: ../../roles/wazuh/ansible-filebeat-oss
when: inventory_hostname in groups['managers']
# 3. Wazuh dashboard
- role: ../../roles/wazuh/wazuh-dashboard
when: inventory_hostname in groups['dashboard']
# 4. Agents:
- role: ../../roles/wazuh/ansible-wazuh-agent
vars:
wazuh_managers: '{{ wazuh_managers_list }}'
when: inventory_hostname in groups['agents']
vars:
instances:
node1:
name: wazuh-es01 # Important: must be equal to indexer_node_name.
ip: "{{ hostvars.molecule_wazuh_indexer_centos7.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert.
role: indexer
node2:
name: wazuh-es02
ip: "{{ hostvars.molecule_wazuh_indexer_centos7_2.private_ip }}"
role: indexer
node3:
name: wazuh-mgr01
ip: "{{ hostvars.molecule_wazuh_manager_debian9.private_ip }}"
role: wazuh
node_type: master
node4:
name: wazuh-mgr02
ip: "{{ hostvars.molecule_wazuh_manager_centos7.private_ip }}"
role: wazuh
node_type: worker
node5:
name: wazuh-dash01
ip: "{{ hostvars.molecule_wazuh_dashboard_centos7.private_ip }}"
role: dashboard

0
molecule/distributed-wazuh-odfe/group_vars/agents.yml → molecule/distributed-wazuh/group_vars/agents.yml
View File

39
molecule/distributed-wazuh/group_vars/all.yml Normal file
View File

@ -0,0 +1,39 @@
---
########################################################
# Helper variables
private_ip: '{{ ansible_default_ipv4.address }}'
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
indexer_hostvars: "{{ groups['indexer'] | map('extract', hostvars) | list }}"
dashboard_hostvars: "{{ groups['dashboard'] | map('extract', hostvars) | list }}"
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
indexer_addresses: "{{ indexer_hostvars | map(attribute='private_ip') | list }}"
dashboard_addresses: "{{ dashboard_hostvars | map(attribute='private_ip') | list }}"
########################################################
# General Wazuh stack variables
# Wazuh indexer/dashboard
dashboard_security: true
dashboard_user: kibanaserver
indexer_security_user: admin
dashboard_password: changeme
indexer_security_password: changeme
indexer_admin_password: changeme
# All nodes are called by IP name
indexer_node_name: '{{ ansible_facts.hostname }}'
dashboard_node_name: '{{ ansible_facts.hostname }}'
filebeat_node_name: '{{ ansible_facts.hostname }}'
indexer_version: 4.3.1
filebeat_version: 7.10.2
wazuh_version: 4.3.1
# Debian packages need the ${VERSION}-1
wazuh_manager_version: 4.3.1-1
wazuh_agent_version: 4.3.1-1

16
molecule/distributed-wazuh/group_vars/dashboard.yml Normal file
View File

@ -0,0 +1,16 @@
---
dashboard_server_name: '{{ ansible_hostname }}'
indexer_network_host: "{{ indexer_addresses[0] }}"
indexer_node_master: false
indexer_node_ingest: false
indexer_node_data: false
role: 'dashboard'
wazuh_api_credentials:
- id: default
url: 'https://{{ manager_addresses[0] }}'
port: 55000
username: wazuh
password: wazuh

13
molecule/distributed-wazuh/group_vars/indexer.yml Normal file
View File

@ -0,0 +1,13 @@
---
single_node: false
indexer_node_master: true
minimum_master_nodes: 1
role: 'indexer'
indexer_network_host: '{{ private_ip }}'
indexer_http_port: 9200
indexer_cluster_nodes: '{{ indexer_addresses }}'
indexer_discovery_nodes: '{{ indexer_addresses }}'

4
molecule/distributed-wazuh-odfe/group_vars/managers.yml → molecule/distributed-wazuh/group_vars/managers.yml
View File

@ -1,7 +1,9 @@
--- ---
wazuh_manager_fqdn: '{{ ansible_hostname }}' wazuh_manager_fqdn: '{{ ansible_hostname }}'
filebeat_output_elasticsearch_hosts: '{{ elastic_addresses }}' filebeat_output_indexer_hosts: '{{ indexer_addresses }}'
node_type: "{{ 'master' if ansible_hostname == 'wazuh-mgr01' else 'worker' }}"
role: 'wazuh'
wazuh_manager_config: wazuh_manager_config:
connection: connection:

28
molecule/distributed-wazuh-odfe/molecule.yml → molecule/distributed-wazuh/molecule.yml
View File

@ -18,7 +18,7 @@ platforms:
################################################ ################################################
# Wazuh Managers # Wazuh Managers
################################################ ################################################
- name: molecule_odfe_manager_centos7 - name: molecule_wazuh_manager_centos7
hostname: wazuh-mgr01 hostname: wazuh-mgr01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -33,7 +33,7 @@ platforms:
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: molecule_odfe_manager_debian9 - name: molecule_wazuh_manager_debian9
hostname: wazuh-mgr02 hostname: wazuh-mgr02
image: geerlingguy/docker-debian9-ansible image: geerlingguy/docker-debian9-ansible
command: /sbin/init command: /sbin/init
@ -49,9 +49,9 @@ platforms:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
################################################ ################################################
# Elastic Cluster # Wazuh indexer Cluster
################################################ ################################################
- name: molecule_odfe_elasticsearch_centos7 - name: molecule_wazuh_indexer_centos7
hostname: wazuh-es01 hostname: wazuh-es01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -60,13 +60,13 @@ platforms:
memory: 4096m memory: 4096m
memory_reservation: 2048m memory_reservation: 2048m
groups: groups:
- elastic - indexer
ulimits: ulimits:
- nofile:262144:262144 - nofile:262144:262144
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: molecule_odfe_elasticsearch_centos7_2 - name: molecule_wazuh_indexer_centos7_2
hostname: wazuh-es02 hostname: wazuh-es02
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -75,7 +75,7 @@ platforms:
memory: 4096m memory: 4096m
memory_reservation: 2048m memory_reservation: 2048m
groups: groups:
- elastic - indexer
ulimits: ulimits:
- nofile:262144:262144 - nofile:262144:262144
volumes: volumes:
@ -84,7 +84,7 @@ platforms:
################################################ ################################################
# Wazuh Agents # Wazuh Agents
################################################ ################################################
- name: molecule_odfe_agent_centos7 - name: molecule_wazuh_agent_centos7
hostname: wazuh-agent01 hostname: wazuh-agent01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -97,7 +97,7 @@ platforms:
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: molecule_odfe_agent_debian9 - name: molecule_wazuh_agent_debian9
hostname: wazuh-agent02 hostname: wazuh-agent02
image: geerlingguy/docker-debian9-ansible image: geerlingguy/docker-debian9-ansible
command: /sbin/init command: /sbin/init
@ -111,11 +111,11 @@ platforms:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
################################################ ################################################
# Kibana # Wazuh dashboard
################################################ ################################################
- name: molecule_odfe_kibana_centos7 - name: molecule_wazuh_dashboard_centos7
hostname: wazuh-kib01 hostname: wazuh-dash01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
pre_build_image: true pre_build_image: true
@ -123,7 +123,7 @@ platforms:
memory: 2048m memory: 2048m
memory_reservation: 512m memory_reservation: 512m
groups: groups:
- kibana - dashboard
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -147,7 +147,7 @@ provisioner:
name: ansible-lint name: ansible-lint
enabled: false enabled: false
scenario: scenario:
name: distributed-wazuh-odfe name: distributed-wazuh
test_sequence: test_sequence:
- dependency - dependency
- syntax - syntax

0
molecule/distributed-wazuh-odfe/tests/test_default.py → molecule/distributed-wazuh/tests/test_default.py
View File

17
roles/wazuh/ansible-wazuh-manager/tasks/main.yml
View File

@ -1,5 +1,14 @@
--- ---
- name: "Install dependencies"
package:
name:
- unzip
- openssl
- tar
- curl
state: present
- name: Get latest wazuh release - name: Get latest wazuh release
shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-" shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-"
register: wazuh_latest_release register: wazuh_latest_release
@ -17,14 +26,6 @@
config_layer: '{{ wazuh_manager_config | default({}) }}' config_layer: '{{ wazuh_manager_config | default({}) }}'
when: wazuh_manager_config_overlay | bool when: wazuh_manager_config_overlay | bool
- name: "Install dependencies"
package:
name:
- unzip
- openssl
- tar
state: present
- include_tasks: "RedHat.yml" - include_tasks: "RedHat.yml"
when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family == "RedHat" and ansible_distribution == "Amazon") when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family == "RedHat" and ansible_distribution == "Amazon")

97
roles/wazuh/wazuh-indexer/tasks/security_actions.yml
View File

@ -45,57 +45,56 @@
mode: 0644 mode: 0644
run_once: true run_once: true
- name: Hashing the custom admin password - block:
shell: | - name: Hashing the custom admin password
export JAVA_HOME=/usr/share/wazuh-indexer/jdk shell: |
{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }} export JAVA_HOME=/usr/share/wazuh-indexer/jdk
register: indexer_admin_password_hashed {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }}
no_log: '{{ indexer_nolog_sensible | bool }}' register: indexer_admin_password_hashed
no_log: '{{ indexer_nolog_sensible | bool }}'
- name: Set the Admin user password
replace:
path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
regexp: '(?<=admin:\n hash: )(.*)(?=)'
replace: "{{ indexer_password_hash | quote }}"
vars:
indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
# this can also be achieved with password_hash, but it requires dependencies on the controller
- name: Hash the kibanaserver role/user pasword
shell: |
export JAVA_HOME=/usr/share/wazuh-indexer/jdk
{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }}
register: indexer_kibanaserver_password_hashed
no_log: '{{ indexer_nolog_sensible | bool }}'
- name: Set the kibanaserver user password
replace:
path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
regexp: '(?<=kibanaserver:\n hash: )(.*)(?=)'
replace: "{{ indexer_password_hash | quote }}"
vars:
indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}"
- name: Initialize the Opensearch security index in Wazuh indexer
command: >
sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }}
JAVA_HOME=/usr/share/wazuh-indexer/jdk
{{ indexer_sec_plugin_tools_path }}/securityadmin.sh
-cd {{ indexer_sec_plugin_conf_path }}/
-icl -p 9300 -cd {{ indexer_sec_plugin_conf_path }}/
-nhnv
-cacert {{ indexer_conf_path }}/certs/root-ca.pem
-cert {{ indexer_conf_path }}/certs/admin.pem
-key {{ indexer_conf_path }}/certs/admin-key.pem
-h {{ target_address }}
retries: 2
delay: 5
register: result
until: result.rc == 0
run_once: true run_once: true
- name: Set the Admin user password
replace:
path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
regexp: '(?<=admin:\n hash: )(.*)(?=)'
replace: "{{ indexer_password_hash | quote }}"
vars:
indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
run_once: true
# this can also be achieved with password_hash, but it requires dependencies on the controller
- name: Hash the kibanaserver role/user pasword
shell: |
export JAVA_HOME=/usr/share/wazuh-indexer/jdk
{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }}
register: indexer_kibanaserver_password_hashed
no_log: '{{ indexer_nolog_sensible | bool }}'
run_once: true
- name: Set the kibanaserver user password
replace:
path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
regexp: '(?<=kibanaserver:\n hash: )(.*)(?=)'
replace: "{{ indexer_password_hash | quote }}"
vars:
indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}"
run_once: true
- name: Initialize the Opensearch security index in Wazuh indexer
command: >
sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }}
JAVA_HOME=/usr/share/wazuh-indexer/jdk
{{ indexer_sec_plugin_tools_path }}/securityadmin.sh
-cd {{ indexer_sec_plugin_conf_path }}/
-icl -p 9300 -cd {{ indexer_sec_plugin_conf_path }}/
-nhnv
-cacert {{ indexer_conf_path }}/certs/root-ca.pem
-cert {{ indexer_conf_path }}/certs/admin.pem
-key {{ indexer_conf_path }}/certs/admin-key.pem
-h {{ target_address }}
retries: 2
delay: 5
register: result
until: result.rc == 0
- name: Create custom user - name: Create custom user
uri: uri: