From 4c612fc6cd5e5c25cb05e6e1ea81708da8b93bd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 29 Mar 2022 16:49:42 -0300 Subject: [PATCH 01/16] Default converge test update --- molecule/default/converge.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index ef634b65..39cc94fb 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -4,7 +4,7 @@ roles: - role: ../../roles/wazuh/ansible-wazuh-manager vars: - - { role: ../../roles/wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: "elasticsearch_centos7:9200" } + - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "elasticsearch_centos7:9200" } vars: pre_tasks: - name: (converge) fix missing packages in cloud images From 779baf16cb877c58683d50512c1a89fbba80122d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 29 Mar 2022 17:03:36 -0300 Subject: [PATCH 02/16] Default converge test indexer host update --- molecule/default/converge.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 39cc94fb..55b89e35 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -4,7 +4,7 @@ roles: - role: ../../roles/wazuh/ansible-wazuh-manager vars: - - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "elasticsearch_centos7:9200" } + - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "indexer_centos7:9200" } vars: pre_tasks: - name: (converge) fix missing packages in cloud images From bf0dd97293c4e7b6ce3d64b59ea58704c44f408f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 11:42:53 -0300 Subject: [PATCH 03/16] Packages-dev --- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 11 +++++++---- roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 2 +- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 9 ++++++--- roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 2 +- roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml | 2 +- roles/wazuh/wazuh-dashboard/defaults/main.yml | 8 ++++---- roles/wazuh/wazuh-indexer/defaults/main.yml | 10 +++++----- 8 files changed, 26 insertions(+), 20 deletions(-) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 15d21b1f..0de5d2d0 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.3.0 +wazuh_template_branch: v4.2.5 filebeat_output_indexer_hosts: - "localhost:9200" diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 8706a992..46fc0f1c 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -55,15 +55,18 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.3.0-1.msi +wazuh_winagent_config_url: https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-4.3.0-1.msi wazuh_winagent_package_name: wazuh-agent-4.3.0-1.msi wazuh_dir: "/var/ossec" wazuh_agent_repo: - apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - yum: 'https://packages.wazuh.com/4.x/yum/' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' +# apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' +# yum: 'https://packages.wazuh.com/4.x/yum/' +# gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + apt: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' + yum: 'https://packages-dev.wazuh.com/pre-release/yum/' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' # This is deprecated, see: wazuh_agent_address diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml index d9b3e255..0ffa9f4f 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml @@ -14,7 +14,7 @@ become: true shell: | set -o pipefail - curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - + curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - args: warn: false executable: /bin/bash diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 2e694ab5..8bd2e8b6 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -38,9 +38,12 @@ wazuh_manager_sources_installation: wazuh_dir: "/var/ossec" wazuh_manager_repo: - apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - yum: 'https://packages.wazuh.com/4.x/yum/' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' +# apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' +# yum: 'https://packages.wazuh.com/4.x/yum/' +# gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + apt: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' + yum: 'https://packages-dev.wazuh.com/pre-release/yum/' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index 717add8c..eec63592 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -16,7 +16,7 @@ become: true shell: | set -o pipefail - curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - + curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - args: warn: false executable: /bin/bash diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml b/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml index 6dcf5df9..57dee085 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml @@ -2,7 +2,7 @@ - name: Debian/Ubuntu | Remove Wazuh repository. apt_repository: - repo: deb https://packages.wazuh.com/4.x/apt {{ ansible_distribution_release }} main + repo: deb https://packages-dev.wazuh.com/pre-release/apt {{ ansible_distribution_release }} main state: absent changed_when: false when: ansible_os_family == "Debian" diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index b69e8369..7b66d761 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -18,12 +18,12 @@ dashboard_version: "4.3.0" package_repos: yum: dashboard: - baseurl: 'https://packages.wazuh.com/4.x/yum/' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' apt: dashboard: - baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index e2a4bb48..a379f8d1 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -30,12 +30,12 @@ domain_name: wazuh.com package_repos: yum: indexer: - baseurl: 'https://packages.wazuh.com/4.x/yum/' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' apt: indexer: - baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' + gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' openjdk: baseurl: 'deb http://deb.debian.org/debian stretch-backports main' @@ -56,7 +56,7 @@ indexer_http_port: 9200 certs_gen_tool_version: 4.3 # Url of certificates generator tool -certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" +certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" indexer_admin_password: changeme dashboard_password: changeme From 3b09eabf961abeec1230242d0685f9fa67e65f06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 11:54:21 -0300 Subject: [PATCH 04/16] filebeat_node_name default value added --- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 0de5d2d0..38865b19 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -3,6 +3,8 @@ filebeat_version: 7.10.2 wazuh_template_branch: v4.2.5 +filebeat_node_name: node-1 + filebeat_output_indexer_hosts: - "localhost:9200" From 0ec5802a3401a79a4777fbc0453598766088ac41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 12:15:19 -0300 Subject: [PATCH 05/16] Default converge updates --- molecule/default/converge.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 55b89e35..fb1279d2 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -2,10 +2,17 @@ - name: Converge hosts: all roles: + - role: ../roles/wazuh/wazuh-indexer + perform_installation: false - role: ../../roles/wazuh/ansible-wazuh-manager vars: - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "indexer_centos7:9200" } vars: + instances: + node1: + name: node-1 # Important: must be equal to indexer_node_name. + ip: 127.0.0.1 + role: indexer pre_tasks: - name: (converge) fix missing packages in cloud images apt: From 27a9c300b0ef15d4adffddf8c9d43e1e7c1c4bf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 12:26:01 -0300 Subject: [PATCH 06/16] Converge indentation fixed --- molecule/default/converge.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index fb1279d2..56f38df2 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -9,10 +9,10 @@ - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "indexer_centos7:9200" } vars: instances: - node1: - name: node-1 # Important: must be equal to indexer_node_name. - ip: 127.0.0.1 - role: indexer + node1: + name: node-1 # Important: must be equal to indexer_node_name. + ip: 127.0.0.1 + role: indexer pre_tasks: - name: (converge) fix missing packages in cloud images apt: From da6a3f3ea507ac36c474d9ab3c959e5a5af3732e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 12:42:09 -0300 Subject: [PATCH 07/16] Converge generate certs tag added --- molecule/default/converge.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 56f38df2..f1b5776f 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -13,6 +13,8 @@ name: node-1 # Important: must be equal to indexer_node_name. ip: 127.0.0.1 role: indexer + tags: + - generate-certs pre_tasks: - name: (converge) fix missing packages in cloud images apt: From 8a944aafc0fcee7d342997821358b6b6caf03a83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 13:43:13 -0300 Subject: [PATCH 08/16] Converge playbook updated --- molecule/default/converge.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index f1b5776f..62c15859 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,12 +1,9 @@ --- -- name: Converge - hosts: all +- name: ConvergeCerts + hosts: localhost roles: - - role: ../roles/wazuh/wazuh-indexer + - role: ../../roles/wazuh/wazuh-indexer perform_installation: false - - role: ../../roles/wazuh/ansible-wazuh-manager - vars: - - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "indexer_centos7:9200" } vars: instances: node1: @@ -15,6 +12,12 @@ role: indexer tags: - generate-certs +- name: ConvergeInstall + hosts: all + roles: + - role: ../../roles/wazuh/ansible-wazuh-manager + vars: + - { role: ../../roles/wazuh/ansible-filebeat-oss, filebeat_output_indexer_hosts: "indexer_centos7:9200" } pre_tasks: - name: (converge) fix missing packages in cloud images apt: From 8811afd44acfa2ffb3454f59c1bf7637ca72f71a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 13:59:01 -0300 Subject: [PATCH 09/16] Print config.yml added --- roles/wazuh/wazuh-indexer/tasks/local_actions.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml index 2329d25e..61be2a39 100644 --- a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml +++ b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml @@ -35,6 +35,14 @@ mode: 0644 register: tlsconfig_template + - name: Display config.yml contents + command: cat {{ local_certs_path }}/config.yml + register: command_output + + - name: Print config.yml + debug: + msg: "{{command_output.stdout}}" + - name: Local action | Generate the node & admin certificates in local command: >- bash {{ local_certs_path }}/wazuh-certs-tool.sh -A From 4242b07b4506774352345afe90ca6902447d7370 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 14:37:33 -0300 Subject: [PATCH 10/16] Sudo added to poetry run --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 48c8bf6a..eede5944 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -30,7 +30,7 @@ jobs: run: poetry install - name: Run Molecule tests. - run: poetry run molecule test -s default + run: poetry run molecule test --sudo -s default env: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' From a52721a1a67b80ba58685e1a10a1069d467f9438 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 14:39:01 -0300 Subject: [PATCH 11/16] Become yes added to list certificates --- roles/wazuh/wazuh-indexer/tasks/local_actions.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml index 61be2a39..9505c694 100644 --- a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml +++ b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml @@ -53,6 +53,7 @@ paths: "{{ local_certs_path }}/wazuh-certificates" patterns: "*" register: certificate_files + become: yes - name: Change Certificates Ownership file: From 80189d11d5360241251347d79987c6500f17b02c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 14:47:12 -0300 Subject: [PATCH 12/16] Become yes to filebeat certificates copy --- .github/workflows/main.yml | 2 +- roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index eede5944..48c8bf6a 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -30,7 +30,7 @@ jobs: run: poetry install - name: Run Molecule tests. - run: poetry run molecule test --sudo -s default + run: poetry run molecule test -s default env: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' diff --git a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml index c9b90070..35fec5cb 100644 --- a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml +++ b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml @@ -15,6 +15,7 @@ owner: root group: root mode: 0644 + become: yes with_items: - "{{ filebeat_node_name }}-key.pem" - "{{ filebeat_node_name }}.pem" From 35e66f83ba6f3b081d6b1e6fd83286039b2a3c8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 30 Mar 2022 15:09:51 -0300 Subject: [PATCH 13/16] Local cert path updated for filebeat --- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 38865b19..53e2678c 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -20,7 +20,7 @@ filebeat_security: true filebeat_ssl_dir: /etc/pki/filebeat # Local path to store the generated certificates (Opensearch security plugin) -local_certs_path: ./indexer/certificates +local_certs_path: "{{ playbook_dir }}/indexer/certificates" filebeatrepo: apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' From 7dc0e20322dc39bcd51dc555fc6eab86ae51d4a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 31 Mar 2022 13:06:26 -0300 Subject: [PATCH 14/16] Certificates permissions updated --- .../wazuh/wazuh-indexer/tasks/local_actions.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml index 9505c694..69784a45 100644 --- a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml +++ b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml @@ -35,14 +35,6 @@ mode: 0644 register: tlsconfig_template - - name: Display config.yml contents - command: cat {{ local_certs_path }}/config.yml - register: command_output - - - name: Print config.yml - debug: - msg: "{{command_output.stdout}}" - - name: Local action | Generate the node & admin certificates in local command: >- bash {{ local_certs_path }}/wazuh-certs-tool.sh -A @@ -52,7 +44,14 @@ find: paths: "{{ local_certs_path }}/wazuh-certificates" patterns: "*" + become: yes register: certificate_files + + - name: Change certificates directory ownership + file: + path: "{{ local_certs_path }}/wazuh-certificates" + state: directory + mode: '777' become: yes - name: Change Certificates Ownership @@ -60,6 +59,7 @@ path: "{{ item.path }}" owner: "{{ ansible_effective_user_id }}" group: "{{ ansible_effective_user_id }}" + mode: '777' become: yes with_items: "{{ certificate_files.files }}" From 16e6fb71837430f0189a8cd2dd0eff073edcafd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 31 Mar 2022 13:26:50 -0300 Subject: [PATCH 15/16] Packages-dev rollback --- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- .../ansible-filebeat-oss/tasks/security_actions.yml | 1 - roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 11 ++++------- roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 2 +- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 9 +++------ roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 2 +- roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml | 2 +- roles/wazuh/wazuh-dashboard/defaults/main.yml | 8 ++++---- roles/wazuh/wazuh-indexer/defaults/main.yml | 10 +++++----- 9 files changed, 20 insertions(+), 27 deletions(-) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 53e2678c..5e47eb65 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.2.5 +wazuh_template_branch: v4.3.0 filebeat_node_name: node-1 diff --git a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml index 35fec5cb..c9b90070 100644 --- a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml +++ b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml @@ -15,7 +15,6 @@ owner: root group: root mode: 0644 - become: yes with_items: - "{{ filebeat_node_name }}-key.pem" - "{{ filebeat_node_name }}.pem" diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 46fc0f1c..d54fe828 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -55,18 +55,15 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-4.3.0-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/pre-release/windows/wazuh-agent-4.3.0-1.msi wazuh_winagent_package_name: wazuh-agent-4.3.0-1.msi wazuh_dir: "/var/ossec" wazuh_agent_repo: -# apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' -# yum: 'https://packages.wazuh.com/4.x/yum/' -# gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' - apt: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' - yum: 'https://packages-dev.wazuh.com/pre-release/yum/' - gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + yum: 'https://packages.wazuh.com/4.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' # This is deprecated, see: wazuh_agent_address diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml index 0ffa9f4f..d9b3e255 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml @@ -14,7 +14,7 @@ become: true shell: | set -o pipefail - curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - + curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - args: warn: false executable: /bin/bash diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 8bd2e8b6..2e694ab5 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -38,12 +38,9 @@ wazuh_manager_sources_installation: wazuh_dir: "/var/ossec" wazuh_manager_repo: -# apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' -# yum: 'https://packages.wazuh.com/4.x/yum/' -# gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' - apt: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' - yum: 'https://packages-dev.wazuh.com/pre-release/yum/' - gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + yum: 'https://packages.wazuh.com/4.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index eec63592..717add8c 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -16,7 +16,7 @@ become: true shell: | set -o pipefail - curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - + curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - args: warn: false executable: /bin/bash diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml b/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml index 57dee085..6dcf5df9 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml @@ -2,7 +2,7 @@ - name: Debian/Ubuntu | Remove Wazuh repository. apt_repository: - repo: deb https://packages-dev.wazuh.com/pre-release/apt {{ ansible_distribution_release }} main + repo: deb https://packages.wazuh.com/4.x/apt {{ ansible_distribution_release }} main state: absent changed_when: false when: ansible_os_family == "Debian" diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index 7b66d761..c1431674 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -18,12 +18,12 @@ dashboard_version: "4.3.0" package_repos: yum: dashboard: - baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/' - gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'https://packages.wazuh.com/4.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' apt: dashboard: - baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' - gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ unstable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index a379f8d1..ebbe43c6 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -30,12 +30,12 @@ domain_name: wazuh.com package_repos: yum: indexer: - baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/' - gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'https://packages.wazuh.com/4.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' apt: indexer: - baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' - gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ unstable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' openjdk: baseurl: 'deb http://deb.debian.org/debian stretch-backports main' @@ -56,7 +56,7 @@ indexer_http_port: 9200 certs_gen_tool_version: 4.3 # Url of certificates generator tool -certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" +certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" indexer_admin_password: changeme dashboard_password: changeme From 5fc870aafc9b50101caa4eeafd6ab264c1bbd493 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 31 Mar 2022 13:28:22 -0300 Subject: [PATCH 16/16] Unstable changed for stable --- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +- roles/wazuh/wazuh-dashboard/defaults/main.yml | 2 +- roles/wazuh/wazuh-indexer/defaults/main.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index d54fe828..8706a992 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -55,7 +55,7 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages.wazuh.com/pre-release/windows/wazuh-agent-4.3.0-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.3.0-1.msi wazuh_winagent_package_name: wazuh-agent-4.3.0-1.msi wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index c1431674..b69e8369 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -22,7 +22,7 @@ package_repos: gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' apt: dashboard: - baseurl: 'deb https://packages.wazuh.com/4.x/apt/ unstable main' + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' # API credentials diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index ebbe43c6..e2a4bb48 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -34,7 +34,7 @@ package_repos: gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' apt: indexer: - baseurl: 'deb https://packages.wazuh.com/4.x/apt/ unstable main' + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' openjdk: baseurl: 'deb http://deb.debian.org/debian stretch-backports main'