Repositories variables unified

2022-04-26 09:59:33 -03:00 · 2022-04-26 09:59:33 -03:00 · 31d3cd64d1
commit 31d3cd64d1
parent a6093aedd9
16 changed files with 52 additions and 44 deletions
--- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml
@ -1,7 +1,7 @@
 ---
 filebeat_version: 7.10.2
-wazuh_template_branch: v4.3.0
+wazuh_template_branch: 4.3
 filebeat_node_name: node-1
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@ -55,17 +55,10 @@ wazuh_winagent_config:
  auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
  check_md5: True
  md5: 8ffa75d13280f1aa6ffca54f4273df4d
 wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.3.0-1.msi
 wazuh_winagent_package_name: wazuh-agent-4.3.0-1.msi
 wazuh_dir: "/var/ossec"
 wazuh_agent_repo:
  apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
  yum: 'https://packages.wazuh.com/4.x/yum/'
  gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
  key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
 # This is deprecated, see: wazuh_agent_address
 wazuh_agent_nat: false
@ -367,7 +360,7 @@ wazuh_agent_log_format: 'plain'
 # wazuh_agent_config
 wazuh_agent_config_defaults:
-  repo: '{{ wazuh_agent_repo }}'
+  repo: '{{ wazuh_repo }}'
  active_response: '{{ wazuh_agent_active_response }}'
  log_format: '{{ wazuh_agent_log_format }}'
  client_buffer: '{{ wazuh_agent_client_buffer }}'
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@ -14,7 +14,7 @@
  become: true
  shell: |
    set -o pipefail
-    curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
+    curl -s {{ wazuh_agent_config.repo.gpg }} | apt-key add -
  args:
    warn: false
    executable: /bin/bash
--- a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
@ -1,5 +1,15 @@
 ---
 - name: Get latest wazuh release
  shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-"
  register: wazuh_latest_release
 - include_vars: ../../vars/repo.yml
  when: "{{ wazuh_latest_release.stdout is version(wazuh_agent_version, operator='ge') }}"
 - include_vars: ../../vars/repo_dev.yml
  when: "{{ wazuh_latest_release.stdout is version(wazuh_agent_version, operator='lt') }}"
 - name: Overlay wazuh_agent_config on top of defaults
  set_fact:
    wazuh_agent_config: '{{ wazuh_agent_config_defaults | combine(config_layer, recursive=True) }}'
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@ -37,12 +37,6 @@ wazuh_manager_sources_installation:
  threads: "2"
 wazuh_dir: "/var/ossec"
 wazuh_manager_repo:
  apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
  yum: 'https://packages.wazuh.com/4.x/yum/'
  gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
  key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
 ##########################################
 ### Wazuh-OSSEC
@ -421,7 +415,7 @@ wazuh_manager_config_overlay: true
 ## Other/Wrappers
 wazuh_manager_config_defaults:
-  repo: '{{ wazuh_manager_repo }}'
+  repo: '{{ wazuh_repo }}'
  json_output: '{{ wazuh_manager_json_output }}'
  alerts_log: '{{ wazuh_manager_alerts_log }}'
  logall: '{{ wazuh_manager_logall }}'
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@ -16,7 +16,7 @@
  become: true
  shell: |
    set -o pipefail
-    curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
+    curl -s {{ wazuh_manager_config.repo.gpg }} | apt-key add -
  args:
    warn: false
    executable: /bin/bash
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@ -1,5 +1,15 @@
 ---
 - name: Get latest wazuh release
  shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-"
  register: wazuh_latest_release
 - include_vars: ../../vars/repo.yml
  when: "{{ wazuh_latest_release.stdout is version(wazuh_manager_version, operator='ge') }}"
 - include_vars: ../../vars/repo_dev.yml
  when: "{{ wazuh_latest_release.stdout is version(wazuh_manager_version, operator='lt') }}"
 - name: Overlay wazuh_manager_config on top of defaults
  set_fact:
    wazuh_manager_config: '{{ wazuh_manager_config_defaults | combine(config_layer, recursive=True) }}'
--- a/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml
@ -2,7 +2,7 @@
 - name: Debian/Ubuntu | Remove Wazuh repository.
  apt_repository:
-    repo: deb https://packages.wazuh.com/4.x/apt {{ ansible_distribution_release }} main
+    repo: "{{ wazuh_manager_config.repo.apt }}"
    state: absent
  changed_when: false
  when: ansible_os_family == "Debian"
--- a/roles/wazuh/wazuh-dashboard/defaults/main.yml
+++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml
@ -15,16 +15,6 @@ indexer_cluster_nodes:
 # The Wazuh dashboard package repository
 dashboard_version: "4.3.0"
 package_repos:
  yum:
    dashboard:
      baseurl: 'https://packages.wazuh.com/4.x/yum/'
      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
  apt:
    dashboard:
      baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
 # API credentials
 wazuh_api_credentials:
  - id: "default"
--- a/roles/wazuh/wazuh-dashboard/tasks/Debian.yml
+++ b/roles/wazuh/wazuh-dashboard/tasks/Debian.yml
@ -4,12 +4,12 @@
  - include_vars: debian.yml
  - name: Add apt repository signing key
    apt_key:
-      url: "{{ package_repos.apt.dashboard.gpg }}"
+      url: "{{ wazuh_repo.gpg }}"
      state: present
  - name: Debian systems | Add Wazuh dashboard repo
    apt_repository:
-      repo: "{{ package_repos.apt.dashboard.baseurl }}"
+      repo: "{{ wazuh_repo.apt }}"
      state: present
      update_cache: yes
--- a/roles/wazuh/wazuh-dashboard/tasks/RedHat.yml
+++ b/roles/wazuh/wazuh-dashboard/tasks/RedHat.yml
@ -6,8 +6,8 @@
      file: wazuh
      name: wazuh_repo
      description: Wazuh yum repository
-      baseurl: "{{ package_repos.yum.dashboard.baseurl }}"
+      baseurl: "{{ wazuh_repo.yum }}"
-      gpgkey: "{{ package_repos.yum.dashboard.gpg }}"
+      gpgkey: "{{ wazuh_repo.gpg }}"
      gpgcheck: true
  - name: Install Wazuh dashboard
--- a/roles/wazuh/wazuh-dashboard/tasks/main.yml
+++ b/roles/wazuh/wazuh-dashboard/tasks/main.yml
@ -1,4 +1,13 @@
 ---
 - name: Get latest wazuh release
  shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-"
  register: wazuh_latest_release
 - include_vars: ../../vars/repo.yml
  when: "{{ wazuh_latest_release.stdout is version(dashboard_version, operator='ge') }}"
 - include_vars: ../../vars/repo_dev.yml
  when: "{{ wazuh_latest_release.stdout is version(dashboard_version, operator='lt') }}"
 - import_tasks: RedHat.yml
  when: ansible_os_family == 'RedHat'
--- a/roles/wazuh/wazuh-indexer/defaults/main.yml
+++ b/roles/wazuh/wazuh-indexer/defaults/main.yml
@ -28,14 +28,7 @@ domain_name: wazuh.com
 # The Wazuh indexer package repository
 package_repos:
  yum:
    indexer:
      baseurl: 'https://packages.wazuh.com/4.x/yum/'
      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
  apt:
    indexer:
      baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
    openjdk:
      baseurl: 'deb http://deb.debian.org/debian stretch-backports main'
--- a/roles/wazuh/wazuh-indexer/tasks/Debian.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/Debian.yml
@ -39,12 +39,12 @@
  block:
    - name: Add apt repository signing key
      apt_key:
-        url: "{{ package_repos.apt.indexer.gpg }}"
+        url: "{{ wazuh_repo.apt.gpg }}"
        state: present
    - name: Add Wazuh indexer repository
      apt_repository:
-        repo: "{{ package_repos.apt.indexer.baseurl }}"
+        repo: "{{ wazuh_repo.apt }}"
        state: present
        filename: 'wazuh-indexer'
        update_cache: yes
--- a/roles/wazuh/wazuh-indexer/tasks/RedHat.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/RedHat.yml
@ -6,8 +6,8 @@
      file: wazuh
      name: wazuh_repo
      description: Wazuh yum repository
-      baseurl: "{{ package_repos.yum.indexer.baseurl }}"
+      baseurl: "{{ wazuh_repo.yum }}"
-      gpgkey: "{{ package_repos.yum.indexer.gpg }}"
+      gpgkey: "{{ wazuh_repo.gpg }}"
      gpgcheck: true
    changed_when: false
--- a/roles/wazuh/wazuh-indexer/tasks/main.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/main.yml
@ -1,4 +1,13 @@
 ---
 - name: Get latest wazuh release
  shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-"
  register: wazuh_latest_release
 - include_vars: ../../vars/repo.yml
  when: "{{ wazuh_latest_release.stdout is version(indexer_version, operator='ge') }}"
 - include_vars: ../../vars/repo_dev.yml
  when: "{{ wazuh_latest_release.stdout is version(indexer_version, operator='lt') }}"
 - import_tasks: local_actions.yml
  when: