From 2525dbd2af0db4831090e4c62eb161b55891f92b Mon Sep 17 00:00:00 2001 From: Jose M Date: Mon, 1 Jul 2019 11:52:25 +0200 Subject: [PATCH] Copy .key and .crt in generator node (locally) --- .../ansible-elasticsearch/tasks/main.yml | 24 +++++++++++++------ 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml index c0abc731..82572055 100644 --- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml +++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml @@ -109,14 +109,14 @@ - name: Unzip generated certs.zip unarchive: src: "{{node_certs_source}}/certs.zip" - dest: "{{node_certs_source}}" + dest: "{{node_certs_source}}/" remote_src: yes when: - node_certs_generator - elasticsearch_xpack_security tags: xpack-security -- name: Copy local certificate for generator node +- name: Copy .key & .crt files in generator node synchronize: src: "{{node_certs_source}}/{{elasticsearch_node_name}}/" dest: "{{node_certs_destination}}/" @@ -126,7 +126,17 @@ - elasticsearch_xpack_security tags: xpack-security -- name: Importing certificate generated previously +- name: Copy ca .crt file in generator node + synchronize: + src: "{{node_certs_source}}/ca/" + dest: "{{node_certs_destination}}/" + delegate_to: "{{ node_certs_generator_ip }}" + when: + - node_certs_generator + - elasticsearch_xpack_security + tags: xpack-security + +- name: Importing node .key & .crt files shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/" when: - not node_certs_generator @@ -176,9 +186,9 @@ - wazuh_alerts_template_exits.status != 200 tags: init -# - import_tasks: "RMRedHat.yml" -# when: ansible_os_family == "RedHat" +- import_tasks: "RMRedHat.yml" + when: ansible_os_family == "RedHat" -# - import_tasks: "RMDebian.yml" -# when: ansible_os_family == "Debian" +- import_tasks: "RMDebian.yml" + when: ansible_os_family == "Debian"