Rename wazuh_sources_installation to wazuh_manager sources_installation

2019-11-21 15:01:15 +01:00 · 2019-11-21 15:01:15 +01:00 · 13b2321540
commit 13b2321540
parent 3acdd20dff
13 changed files with 81 additions and 73 deletions
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@ -1,8 +1,8 @@
 ---
- hosts: <your server host>
+- hosts: all
  roles:
-      - {role: ../roles/wazuh/ansible-wazuh-manager}
-      - role: ../roles/wazuh/ansible-filebeat
-        filebeat_output_elasticsearch_hosts: localhost:9200
-      - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
-      - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }
+      # - {role: ../roles/wazuh/ansible-wazuh-manager}
+      # - role: ../roles/wazuh/ansible-filebeat
+      #   filebeat_output_elasticsearch_hosts: 172.24.1.2:9200
+      # - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
+      - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: '172.24.1.1', elasticsearch_reachable_host: '172.24.1.2' }
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@ -1,6 +1,6 @@
 ---
 wazuh_agent_version: 3.10.2-1
-wazuh_sources_installation:
+wazuh_manager_sources_installation:
  enabled: "true"
  branch: "v3.10.2"
  user_language: "y"
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@ -20,7 +20,7 @@
  when:
    - ansible_distribution == "Ubuntu"
    - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Installing Wazuh repository key
  apt_key:
@ -35,7 +35,7 @@
    state: present
    update_cache: true
  when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
  set_fact:
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@ -1,7 +1,7 @@
 ---
 - include_tasks: "../tasks/installation_from_sources.yml"
  when:
-    - wazuh_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled

 - include_tasks: "RedHat.yml"
  when: ansible_os_family == "RedHat"
@ -17,7 +17,7 @@
  poll: 30
  when:
    - ansible_os_family|lower == "redhat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
  tags:
    - init

@ -28,7 +28,7 @@
    cache_valid_time: 3600
  when:
    - ansible_os_family|lower != "redhat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
  tags:
    - init

@ -200,9 +200,9 @@
 - include_tasks: "RMRedHat.yml"
  when:
    - ansible_os_family == "RedHat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - include_tasks: "RMDebian.yml"
  when:
    - ansible_os_family == "Debian"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@ -10,7 +10,7 @@
  when:
    - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
    - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
  register: repo_v5_installed

 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@ -23,7 +23,7 @@
  changed_when: false
  when:
    - repo_v5_installed is skipped
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
  get_url:
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@ -28,17 +28,17 @@

  - name: Download required packages from github.com/wazuh/wazuh
    get_url:
-      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
    delegate_to: "{{ inventory_hostname }}"

  - name: Create folder to extract Wazuh branch
    file:
-      path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
      state: directory

  - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
-    command: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    command: "tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
    register: wazuh_untar
    changed_when: wazuh_untar.rc ==0
    args:
@ -47,7 +47,7 @@
  - name: Clean remaining files from others builds
    command: "make -C src {{ item }}"
    args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
    with_items:
      - "clean"
      - "clean-deps"
@ -58,7 +58,7 @@
  - name: Render the "preloaded-vars.conf" file
    template:
      src: "templates/preloaded_vars.conf.j2"
-      dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+      dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
      owner: root
      group: root
      mode: '644'
@ -68,4 +68,4 @@
    register: installation_result
    changed_when: installation_result == 0
    args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
--- a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
@ -1,4 +1,4 @@
-{% for key, value in wazuh_sources_installation.items() %}
+{% for key, value in wazuh_manager_sources_installation.items() %}
 {% if "user_" in key %}
 {% if value is defined and value is not none %}
 {{ key|upper }}="{{ value }}"
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@ -4,7 +4,7 @@ wazuh_manager_version: 3.10.2-1
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present

-wazuh_sources_installation:
+wazuh_manager_sources_installation:
  enabled: true
  branch: "v3.10.2"
  user_language: "en"
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@ -1,7 +1,7 @@
 ---
 - include_tasks: "installation_from_sources.yml"
  when:
-    - wazuh_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
  apt:
@ -27,14 +27,14 @@
  when:
    - ansible_distribution == "Ubuntu"
    - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Installing Wazuh repository key
  apt_key:
    url: "{{ wazuh_manager_config.repo.gpg }}"
  when:
    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Add Wazuh repositories
  apt_repository:
@ -44,7 +44,7 @@
    update_cache: true
  changed_when: false
  when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
  become: true
@ -58,14 +58,14 @@
  when:
    - ansible_distribution == "Ubuntu"
    - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Installing NodeJS repository key
  apt_key:
    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
  when:
    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
  apt_repository:
@ -74,7 +74,7 @@
    update_cache: true
  changed_when: false
  when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
  set_fact:
@ -139,4 +139,4 @@
  until: wazuh_manager_main_packages_installed is succeeded
  tags: init
  when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@ -1,7 +1,7 @@
 ---
 - include_tasks: "../tasks/installation_from_sources.yml"
  when:
-    - wazuh_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled

 - name: RedHat/CentOS | Install Nodejs repo
  yum_repository:
@ -45,7 +45,7 @@
  when:
    - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
    - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
  register: repo_v5_manager_installed

 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@ -58,7 +58,7 @@
  changed_when: false
  when:
    - repo_v5_manager_installed is skipped
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - name: RedHat/CentOS/Fedora | Install openscap
  package: name={{ item }} state=present
@ -155,7 +155,7 @@
  until: wazuh_manager_main_packages_installed is succeeded
  when:
    - ansible_os_family|lower == "redhat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
  tags:
    - init

--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@ -29,17 +29,17 @@

  - name: Download required packages from github.com/wazuh/wazuh
    get_url:
-      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
    delegate_to: "{{ inventory_hostname }}"

  - name: Create folder to extract Wazuh branch
    file:
-      path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
      state: directory

  - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
-    command: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    command: "tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
    register: wazuh_untar
    changed_when: wazuh_untar.rc ==0
    args:
@ -48,7 +48,7 @@
  - name: Clean remaining files from others builds
    command: "make -C src {{ item }}"
    args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
    with_items:
      - "clean"
      - "clean-deps"
@ -59,7 +59,7 @@
  - name: Render the "preloaded-vars.conf" file
    template:
      src: "templates/preloaded_vars.conf.j2"
-      dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+      dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
      owner: root
      group: root
      mode: '644'
@ -69,38 +69,46 @@
    register: installation_result
    changed_when: installation_result == 0
    args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"

 # Wazuh API
+  - name: Check if Wazuh API is already installed
+    stat:
+      path: /var/ossec/api/app.js
+    register: wazuh_api

-  - name: Download script to install Nodejs repository
-    get_url:
-      url: "{{ node_js_repository_url }}"
-      dest: "/tmp/setup_nodejs_repo.sh"
-      mode: "0700"
+  - name: Install Wazuh API from sources
+    block:
+      - name: Download script to install Nodejs repository
+        get_url:
+          url: "{{ node_js_repository_url }}"
+          dest: "/tmp/setup_nodejs_repo.sh"
+          mode: "0700"

-  - name: Execute downloaded script to install Nodejs repo
-    command: /tmp/setup_nodejs_repo.sh
-    register: node_repo_installation_result
-    changed_when: node_repo_installation_result.rc == 0
+      - name: Execute downloaded script to install Nodejs repo
+        command: /tmp/setup_nodejs_repo.sh
+        register: node_repo_installation_result
+        changed_when: node_repo_installation_result.rc == 0

-  - name: Install Nodejs
-    package:
-      name: nodejs
-      state: present
+      - name: Install Nodejs
+        package:
+          name: nodejs
+          state: present

-  - name: Run NPM under root account
-    command: npm config set user 0
-    register: allow_root_npm
-    changed_when: allow_root_npm.rc == 0
+      - name: Run NPM under root account
+        command: npm config set user 0
+        register: allow_root_npm
+        changed_when: allow_root_npm.rc == 0

-  - name: Download the installation script to install Wazuh API
-    get_url:
-      url: "https://raw.githubusercontent.com/wazuh/wazuh-api/v{{ wazuh_manager_version[:-2] }}/install_api.sh"
-      dest: "/tmp/install_api.sh"
-      mode: "0700"
+      - name: Download the installation script to install Wazuh API
+        get_url:
+          url: "https://raw.githubusercontent.com/wazuh/wazuh-api/v{{ wazuh_manager_version[:-2] }}/install_api.sh"
+          dest: "/tmp/install_api.sh"
+          mode: "0700"

-  - name: Execute Wazuh API installation script
-    shell: /tmp/install_api.sh download > /tmp/build_api_log.txt
-    register: install_api
-    changed_when: install_api.rc == 0
+      - name: Execute Wazuh API installation script
+        shell: /tmp/install_api.sh download > /tmp/build_api_log.txt
+        register: install_api
+        changed_when: install_api.rc == 0
+    when:
+      - not wazuh_api.stat.exists
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@ -356,9 +356,9 @@
 - include_tasks: "RMRedHat.yml"
  when:
    - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled

 - include_tasks: "RMDebian.yml"
  when:
    - ansible_os_family == "Debian"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
--- a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
@ -1,4 +1,4 @@
-{% for key, value in wazuh_sources_installation.items() %}
+{% for key, value in wazuh_manager_sources_installation.items() %}
 {% if "user_" in key %}
 {% if value is defined and value is not none %}
 {{ key|upper }}="{{ value }}"