afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #669 from wazuh/625-authd-update-in-ossec-conf

Browse Source 
Authd options update
This commit is contained in:
Gonzalo Acuña 2021-11-23 13:10:03 -03:00 committed by GitHub
commit 0b8a1a7032
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
roles/wazuh/ansible-wazuh-manager/defaults/main.yml
View File

@ -351,8 +351,11 @@ wazuh_manager_authd:
enable: true enable: true
port: 1515 port: 1515
use_source_ip: 'no' use_source_ip: 'no'
force_insert: 'yes' force:
force_time: 0 enabled: 'yes'
key_mismatch: 'yes'
disconnected_time: '1h'
after_registration_time: '1h'
purge: 'yes' purge: 'yes'
use_password: 'no' use_password: 'no'
ciphers: 'HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH' ciphers: 'HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH'

26
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -369,7 +369,9 @@
<command> <command>
<name>{{ command.name }}</name> <name>{{ command.name }}</name>
<executable>{{ command.executable }}</executable> <executable>{{ command.executable }}</executable>
{% if command.expect is defined %}
<expect>{{ command.expect }}</expect> <expect>{{ command.expect }}</expect>
{% endif %}
{% if command.timeout_allowed is defined %} {% if command.timeout_allowed is defined %}
<timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed> <timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed>
{% endif %} {% endif %}
@ -623,12 +625,28 @@
{% if wazuh_manager_config.authd.use_source_ip is not none %} {% if wazuh_manager_config.authd.use_source_ip is not none %}
<use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip> <use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.force_insert is not none %} <force>
<force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert> {% if wazuh_manager_config.authd.force.enabled is not none %}
<enabled>{{wazuh_manager_config.authd.force.enabled}}</enabled>
{% else %}
<enabledport>yes</enabled>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.force_time is not none %} {% if wazuh_manager_config.authd.force.key_mismatch is not none %}
<force_time>{{wazuh_manager_config.authd.force_time}}</force_time> <key_mismatch>{{wazuh_manager_config.authd.force.key_mismatch}}</key_mismatch>
{% else %}
<key_mismatch>yes</key_mismatch>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.force.disconnected_time is not none %}
<disconnected_time enabled="yes">{{wazuh_manager_config.authd.force.disconnected_time}}</disconnected_time>
{% else %}
<disconnected_time enabled="yes">1h</disconnected_time>
{% endif %}
{% if wazuh_manager_config.authd.force.after_registration_time is not none %}
<after_registration_time>{{wazuh_manager_config.authd.force.after_registration_time}}</after_registration_time>
{% else %}
<after_registration_time>1h</after_registration_time>
{% endif %}
</force>
{% if wazuh_manager_config.authd.purge is not none %} {% if wazuh_manager_config.authd.purge is not none %}
<purge>{{wazuh_manager_config.authd.purge}}</purge> <purge>{{wazuh_manager_config.authd.purge}}</purge>
{% endif %} {% endif %}