From 971ddc6afde77665bb73f7f68a14a992b124305f Mon Sep 17 00:00:00 2001
From: Emmanouil Kampitakis <emmanouil.kampitakis@1und1.de>
Date: Wed, 18 Jul 2018 11:02:10 +0200
Subject: [PATCH 1/5] Set cache valid time for oracle java installation

---
 ansible-role-elasticsearch/tasks/Debian.yml | 15 ++++++++++++---
 ansible-role-filebeat/tasks/Debian.yml      |  5 ++++-
 ansible-role-filebeat/tests/test.yml        |  3 ++-
 ansible-role-kibana/tasks/Debian.yml        | 12 +++++++++---
 ansible-role-logstash/tasks/Debian.yml      | 12 +++++++++---
 ansible-wazuh-agent/tasks/Debian.yml        | 10 ++++++++--
 ansible-wazuh-manager/tasks/Debian.yml      | 15 ++++++++++++---
 7 files changed, 56 insertions(+), 16 deletions(-)

diff --git a/ansible-role-elasticsearch/tasks/Debian.yml b/ansible-role-elasticsearch/tasks/Debian.yml
index d6e3a7e1..55eae8cf 100644
--- a/ansible-role-elasticsearch/tasks/Debian.yml
+++ b/ansible-role-elasticsearch/tasks/Debian.yml
@@ -1,6 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt: name="{{ item }}" state=present update_cache=yes
+  apt:
+    name: "{{ item }}"
+    state: present
+    cache_valid_time: 3600
   with_items:
     - apt-transport-https
     - ca-certificates
@@ -20,7 +23,10 @@
         vtype: boolean
 
     - name: Debian/Ubuntu | Oracle Java 8 installer
-      apt: name=oracle-java8-installer state=present update_cache=yes
+      apt:
+        name: oracle-java8-installer
+        state: present
+        cache_valid_time: 3600
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
@@ -35,5 +41,8 @@
     filename: 'elastic_repo'
 
 - name: Debian/Ubuntu | Install Elasticsarch
-  apt: name=elasticsearch={{ elastic_stack_version }} state=present update_cache=yes
+  apt:
+    name: "elasticsearch={{ elastic_stack_version }}"
+    state: present
+    cache_valid_time: 3600
   tags: install
diff --git a/ansible-role-filebeat/tasks/Debian.yml b/ansible-role-filebeat/tasks/Debian.yml
index 24ae6173..45494c26 100644
--- a/ansible-role-filebeat/tasks/Debian.yml
+++ b/ansible-role-filebeat/tasks/Debian.yml
@@ -1,6 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt: name="{{ item }}" state=present update_cache=yes
+  apt:
+    name: "{{ item }}"
+    state: present
+    cache_valid_time: 3600
   with_items:
     - apt-transport-https
     - ca-certificates
diff --git a/ansible-role-filebeat/tests/test.yml b/ansible-role-filebeat/tests/test.yml
index 6981d75b..5e71b672 100644
--- a/ansible-role-filebeat/tests/test.yml
+++ b/ansible-role-filebeat/tests/test.yml
@@ -3,7 +3,8 @@
 
   pre_tasks:
     - name: Update apt cache.
-      apt: update_cache=yes cache_valid_time=600
+      apt:
+        cache_valid_time: 600
       when: ansible_os_family == 'Debian'
 
     - name: Install test dependencies (RedHat).
diff --git a/ansible-role-kibana/tasks/Debian.yml b/ansible-role-kibana/tasks/Debian.yml
index 356bda03..e7849ee7 100644
--- a/ansible-role-kibana/tasks/Debian.yml
+++ b/ansible-role-kibana/tasks/Debian.yml
@@ -1,6 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt: name="{{ item }}" state=present update_cache=yes
+  apt:
+    name: "{{ item }}"
+    state: present
+    cache_valid_time: 3600
   with_items:
     - apt-transport-https
     - ca-certificates
@@ -17,5 +20,8 @@
     filename: 'elastic_repo'
 
 - name: Debian/Ubuntu | Install Kibana
-  apt: name=kibana={{ elastic_stack_version }} state=present update_cache=yes
-  tags: install
+  apt:
+    name: "kibana={{ elastic_stack_version }}"
+    state: present
+    cache_valid_time: 3600
+    tags: install
diff --git a/ansible-role-logstash/tasks/Debian.yml b/ansible-role-logstash/tasks/Debian.yml
index afaf50e3..bd8adfba 100644
--- a/ansible-role-logstash/tasks/Debian.yml
+++ b/ansible-role-logstash/tasks/Debian.yml
@@ -1,6 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt: name="{{ item }}" state=present update_cache=yes
+  apt:
+    name: "{{ item }}"
+    state: present
+    cache_valid_time: 3600
   with_items:
     - apt-transport-https
     - ca-certificates
@@ -22,8 +25,8 @@
     - name: Debian/Ubuntu | Oracle Java 8 installer
       apt:
         name: oracle-java8-installer
-        update_cache: yes
         state: present
+        cache_valid_time: 3600
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
@@ -38,7 +41,10 @@
     filename: 'elastic_repo'
 
 - name: Debian/Ubuntu | Install Logstash
-  apt: name=logstash=1:{{ elastic_stack_version }}-1 state=present update_cache=yes
+  apt:
+    name: logstash=1:{{ elastic_stack_version }}-1
+    state: present
+    update_cache: yes
   tags: install
 
 - name: Debian/Ubuntu | Checking if wazuh-manager is installed
diff --git a/ansible-wazuh-agent/tasks/Debian.yml b/ansible-wazuh-agent/tasks/Debian.yml
index db8008d7..6acde9ea 100644
--- a/ansible-wazuh-agent/tasks/Debian.yml
+++ b/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,6 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt: name="{{ item }}" state=present update_cache=yes
+  apt:
+    name: "{{ item }}"
+    state: present
+    cache_valid_time: 3600
   with_items:
     - apt-transport-https
     - ca-certificates
@@ -42,7 +45,10 @@
     - init
 
 - name: Debian/Ubuntu | Oracle Java 8 installer
-  apt: name=oracle-java8-installer state=present update_cache=yes
+  apt:
+    name: oracle-java8-installer
+    state: present
+    cache_valid_time: 3600
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
     - wazuh_agent_config.cis_cat.install_java == 'yes'
diff --git a/ansible-wazuh-manager/tasks/Debian.yml b/ansible-wazuh-manager/tasks/Debian.yml
index f6e517b6..60bd7fa6 100644
--- a/ansible-wazuh-manager/tasks/Debian.yml
+++ b/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,6 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt: name="{{ item }}" state=present update_cache=yes
+  apt:
+    name: "{{ item }}"
+    state: present
+    cache_valid_time: 3600
   with_items:
     - apt-transport-https
     - ca-certificates
@@ -50,7 +53,10 @@
     - init
 
 - name: Debian/Ubuntu | Oracle Java 8 installer
-  apt: name=oracle-java8-installer state=present update_cache=yes
+  apt:
+    name: oracle-java8-installer
+    state: present
+    cache_valid_time: 3600
   when:
     - wazuh_manager_config.cis_cat.disable == 'no'
     - wazuh_manager_config.cis_cat.install_java == 'yes'
@@ -58,7 +64,10 @@
     - init
 
 - name: Debian/Ubuntu | Install OpenScap
-  package: name={{ item }} state=present update_cache=yes
+  package:
+    name: {{ item }}
+    state: present
+    cache_valid_time: 3600
   when: wazuh_manager_config.openscap.disable == 'no'
   with_items:
     - libopenscap8

From f1d596852a1d73bd407af5deff93e702a596afe0 Mon Sep 17 00:00:00 2001
From: Emmanouil Kampitakis <emmanouil.kampitakis@1und1.de>
Date: Wed, 18 Jul 2018 11:02:56 +0200
Subject: [PATCH 2/5] Update cache when a new repository has been added

---
 ansible-role-elasticsearch/tasks/Debian.yml | 2 ++
 ansible-role-kibana/tasks/Debian.yml        | 1 +
 ansible-wazuh-agent/tasks/Debian.yml        | 6 +++++-
 ansible-wazuh-manager/tasks/Debian.yml      | 1 +
 4 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/ansible-role-elasticsearch/tasks/Debian.yml b/ansible-role-elasticsearch/tasks/Debian.yml
index 55eae8cf..c51fb631 100644
--- a/ansible-role-elasticsearch/tasks/Debian.yml
+++ b/ansible-role-elasticsearch/tasks/Debian.yml
@@ -12,6 +12,7 @@
   apt_repository:
     repo: 'ppa:webupd8team/java'
     codename: 'xenial'
+    update_cache: yes
 
 - when: elasticsearch_install_java
   block:
@@ -39,6 +40,7 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     filename: 'elastic_repo'
+    update_cache: yes
 
 - name: Debian/Ubuntu | Install Elasticsarch
   apt:
diff --git a/ansible-role-kibana/tasks/Debian.yml b/ansible-role-kibana/tasks/Debian.yml
index e7849ee7..5858816f 100644
--- a/ansible-role-kibana/tasks/Debian.yml
+++ b/ansible-role-kibana/tasks/Debian.yml
@@ -18,6 +18,7 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     filename: 'elastic_repo'
+    updated_cache: yes
 
 - name: Debian/Ubuntu | Install Kibana
   apt:
diff --git a/ansible-wazuh-agent/tasks/Debian.yml b/ansible-wazuh-agent/tasks/Debian.yml
index 6acde9ea..30dfe28c 100644
--- a/ansible-wazuh-agent/tasks/Debian.yml
+++ b/ansible-wazuh-agent/tasks/Debian.yml
@@ -26,6 +26,7 @@
   apt_repository:
     repo: 'ppa:webupd8team/java'
     codename: 'xenial'
+    update_cache: yes
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
     - wazuh_agent_config.cis_cat.install_java == 'yes'
@@ -56,7 +57,10 @@
     - init
 
 - name: Debian/Ubuntu | Install OpenScap
-  package: name={{ item }} state=present update_cache=yes
+  apt:
+    name: {{ item }}
+    state: present
+    cache_valid_time: 3600
   when: wazuh_agent_config.openscap.disable == 'no'
   with_items:
     - libopenscap8
diff --git a/ansible-wazuh-manager/tasks/Debian.yml b/ansible-wazuh-manager/tasks/Debian.yml
index 60bd7fa6..556563b0 100644
--- a/ansible-wazuh-manager/tasks/Debian.yml
+++ b/ansible-wazuh-manager/tasks/Debian.yml
@@ -34,6 +34,7 @@
   apt_repository:
     repo: 'ppa:webupd8team/java'
     codename: 'xenial'
+    update_cache: yes
   when:
     - wazuh_manager_config.cis_cat.disable == 'no'
     - wazuh_manager_config.cis_cat.install_java == 'yes'

From f268354cf1a2acbe93e8cac4d8ab9bb2f0807a14 Mon Sep 17 00:00:00 2001
From: Emmanouil Kampitakis <emmanouil.kampitakis@1und1.de>
Date: Wed, 18 Jul 2018 16:39:54 +0200
Subject: [PATCH 3/5] Add quotes around variables

---
 ansible-role-logstash/tasks/Debian.yml | 2 +-
 ansible-wazuh-agent/tasks/Debian.yml   | 2 +-
 ansible-wazuh-manager/tasks/Debian.yml | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ansible-role-logstash/tasks/Debian.yml b/ansible-role-logstash/tasks/Debian.yml
index bd8adfba..a5ffb14e 100644
--- a/ansible-role-logstash/tasks/Debian.yml
+++ b/ansible-role-logstash/tasks/Debian.yml
@@ -42,7 +42,7 @@
 
 - name: Debian/Ubuntu | Install Logstash
   apt:
-    name: logstash=1:{{ elastic_stack_version }}-1
+    name: "logstash=1:{{ elastic_stack_version }}-1"
     state: present
     update_cache: yes
   tags: install
diff --git a/ansible-wazuh-agent/tasks/Debian.yml b/ansible-wazuh-agent/tasks/Debian.yml
index 30dfe28c..9f265eb1 100644
--- a/ansible-wazuh-agent/tasks/Debian.yml
+++ b/ansible-wazuh-agent/tasks/Debian.yml
@@ -58,7 +58,7 @@
 
 - name: Debian/Ubuntu | Install OpenScap
   apt:
-    name: {{ item }}
+    name: "{{ item }}"
     state: present
     cache_valid_time: 3600
   when: wazuh_agent_config.openscap.disable == 'no'
diff --git a/ansible-wazuh-manager/tasks/Debian.yml b/ansible-wazuh-manager/tasks/Debian.yml
index 556563b0..56090f87 100644
--- a/ansible-wazuh-manager/tasks/Debian.yml
+++ b/ansible-wazuh-manager/tasks/Debian.yml
@@ -22,7 +22,7 @@
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
-    repo: deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main
+    repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
     state: present
     update_cache: yes
 
@@ -66,7 +66,7 @@
 
 - name: Debian/Ubuntu | Install OpenScap
   package:
-    name: {{ item }}
+    name: "{{ item }}"
     state: present
     cache_valid_time: 3600
   when: wazuh_manager_config.openscap.disable == 'no'

From 69dd148fba3564b8a3abd168dcadf32737227e97 Mon Sep 17 00:00:00 2001
From: Emmanouil Kampitakis <emmanouil.kampitakis@1und1.de>
Date: Thu, 19 Jul 2018 16:04:35 +0200
Subject: [PATCH 4/5] Correct typo in kibana role

---
 ansible-role-kibana/tasks/Debian.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible-role-kibana/tasks/Debian.yml b/ansible-role-kibana/tasks/Debian.yml
index 5858816f..6f35a694 100644
--- a/ansible-role-kibana/tasks/Debian.yml
+++ b/ansible-role-kibana/tasks/Debian.yml
@@ -18,7 +18,7 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     filename: 'elastic_repo'
-    updated_cache: yes
+    update_cache: yes
 
 - name: Debian/Ubuntu | Install Kibana
   apt:

From 1f605bb39e2d22d31ed79b8f620fb7359560254c Mon Sep 17 00:00:00 2001
From: Emmanouil Kampitakis <emmanouil.kampitakis@1und1.de>
Date: Mon, 23 Jul 2018 19:33:18 +0200
Subject: [PATCH 5/5] Fixed indentation typo

---
 ansible-role-kibana/tasks/Debian.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible-role-kibana/tasks/Debian.yml b/ansible-role-kibana/tasks/Debian.yml
index 6f35a694..9cb809d2 100644
--- a/ansible-role-kibana/tasks/Debian.yml
+++ b/ansible-role-kibana/tasks/Debian.yml
@@ -25,4 +25,4 @@
     name: "kibana={{ elastic_stack_version }}"
     state: present
     cache_valid_time: 3600
-    tags: install
+  tags: install