afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

roles/agent: add comments on role defaults and group registration related tasks

Browse Source
This commit is contained in:
neonmei 2020-11-23 11:41:17 -03:00
parent 7e445c7f55
commit 35c9df9c7e
No known key found for this signature in database
GPG Key ID: 7EA1832E7E17237E
1 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
roles/wazuh/ansible-wazuh-agent/defaults/main.yml
View File

@ -43,16 +43,6 @@ wazuh_profile_centos: 'centos, centos7, centos7.6'
wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04' wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
wazuh_auto_restart: 'yes' wazuh_auto_restart: 'yes'
wazuh_agent_authd:
registration_address: 127.0.0.1
enable: false
port: 1515
agent_name: null
groups: []
ssl_agent_ca: null
ssl_agent_cert: null
ssl_agent_key: null
ssl_auto_negotiate: 'no'
wazuh_notify_time: '10' wazuh_notify_time: '10'
wazuh_time_reconnect: '60' wazuh_time_reconnect: '60'
wazuh_crypto_method: 'aes' wazuh_crypto_method: 'aes'
@ -74,6 +64,7 @@ wazuh_agent_repo:
gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
# This is deprecated, see: wazuh_agent_address
wazuh_agent_nat: false wazuh_agent_nat: false
########################################## ##########################################
@ -87,18 +78,24 @@ wazuh_agent_config_overlay: yes
# and allow working with agents having several network interfaces # and allow working with agents having several network interfaces
wazuh_agent_address: '{{ "any" if wazuh_agent_nat else ansible_default_ipv4.address }}' wazuh_agent_address: '{{ "any" if wazuh_agent_nat else ansible_default_ipv4.address }}'
# List of managers. The first one with register variable declared *and* set to true
# is the one used to register the agent. Otherwise, the first one in the list will be used.
wazuh_managers: wazuh_managers:
- address: 127.0.0.1 - address: 127.0.0.1
port: 1514 port: 1514
protocol: tcp protocol: tcp
api_port: 55000 api_port: 55000
api_proto: 'http' api_proto: https
api_user: wazuh api_user: wazuh
max_retries: 5 max_retries: 5
retry_interval: 5 retry_interval: 5
register: yes register: yes
## Enrollment ## Authentication Method: Enrollment section (4.x)
# For more information see:
# * https://documentation.wazuh.com/4.0/user-manual/reference/ossec-conf/client.html#enrollment
wazuh_agent_enrollment: wazuh_agent_enrollment:
enabled: '' enabled: ''
manager_address: '' manager_address: ''
@ -115,6 +112,22 @@ wazuh_agent_enrollment:
delay_after_enrollment: 20 delay_after_enrollment: 20
use_source_ip: 'no' use_source_ip: 'no'
## Authentication Method: invoking agent-auth
# For more information see:
# * https://documentation.wazuh.com/4.0/user-manual/registering/password-authorization-registration.html
wazuh_agent_authd:
registration_address: 127.0.0.1
enable: false
port: 1515
agent_name: null
groups: []
ssl_agent_ca: null
ssl_agent_cert: null
ssl_agent_key: null
ssl_auto_negotiate: 'no'
## Authentication Method: REST API ## Authentication Method: REST API
# For more information see: # For more information see: