From 4ce3a0e5d77f69ebe2b3afc73057794b2a8e71cd Mon Sep 17 00:00:00 2001 From: Jose M Date: Thu, 5 Sep 2019 12:05:42 +0200 Subject: [PATCH 1/3] Fix conditionals for Amazon Linux in Manager and Filebeat --- roles/wazuh/ansible-filebeat/tasks/main.yml | 4 ++-- .../ansible-wazuh-manager/tasks/main.yml | 24 +++++++++---------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml index fbf8cfbf..d9dc11c2 100644 --- a/roles/wazuh/ansible-filebeat/tasks/main.yml +++ b/roles/wazuh/ansible-filebeat/tasks/main.yml @@ -10,7 +10,7 @@ register: filebeat_installing_package until: filebeat_installing_package is succeeded when: - - ansible_distribution in ['CentOS','RedHat'] + - ansible_distribution in ['CentOS','RedHat', 'Amazon'] tags: - install @@ -22,7 +22,7 @@ register: filebeat_installing_package_debian until: filebeat_installing_package_debian is succeeded when: - - not (ansible_distribution in ['CentOS','RedHat']) + - not (ansible_distribution in ['CentOS','RedHat', 'Amazon']) tags: - init diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 30e5ec87..d63b8ec7 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -5,7 +5,7 @@ - import_tasks: "Debian.yml" when: ansible_os_family == "Debian" -- name: CentOS/RedHat | Install wazuh-manager, wazuh-api +- name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }} with_items: - wazuh-manager @@ -13,7 +13,7 @@ register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded when: - - ansible_distribution in ['CentOS','RedHat'] + - ansible_distribution in ['CentOS','RedHat', 'Amazon'] tags: - init @@ -28,13 +28,13 @@ register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded when: - - not (ansible_distribution in ['CentOS','RedHat']) + - not (ansible_distribution in ['CentOS','RedHat', 'Amazon']) tags: init - name: Install expect package: pkg=expect state={{ wazuh_manager_package_state }} when: - - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) + - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6) tags: init - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3 @@ -43,7 +43,7 @@ regexp: 'echo -n "Starting Wazuh-manager: "' replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib' when: - - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int == 6 + - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6 - wazuh_manager_config.cluster.disable != 'yes' - name: Install wazuh-manager and expect (EL5) @@ -54,7 +54,7 @@ register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded when: - - ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6 + - ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6 tags: - init @@ -203,7 +203,7 @@ - name: Retrieving Wazuh-API User Credentials include_vars: wazuh_api_creds.yml when: - - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) + - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6) tags: - config @@ -281,7 +281,7 @@ poll: 0 when: - wazuh_manager_config.vuls.disable != 'yes' - - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle'] + - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle', 'Amazon'] tags: - init @@ -322,7 +322,7 @@ notify: restart wazuh-api when: - wazuh_api_user is defined - - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6) + - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon' and ansible_distribution_major_version|int < 6) tags: - config @@ -378,7 +378,7 @@ environment: LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib" when: - - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6) + - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon' and ansible_distribution_major_version|int < 6) - name: Ensure Wazuh Manager is started and enabled (EL5) service: @@ -388,10 +388,10 @@ tags: - config when: - - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 6 + - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6 - import_tasks: "RMRedHat.yml" - when: ansible_os_family == "RedHat" + when: ansible_os_family == "RedHat" or ansible_os_family == "Amazon" - import_tasks: "RMDebian.yml" when: ansible_os_family == "Debian" From a15477300f803d1d1cc6b7bc44e24b6e29bbbcff Mon Sep 17 00:00:00 2001 From: Jose M Date: Thu, 5 Sep 2019 15:57:02 +0200 Subject: [PATCH 2/3] Reload deamons to fix Kibana error on Amazon Linux 2 --- .../elastic-stack/ansible-kibana/tasks/main.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index fe0c9365..e695ddec 100644 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -93,7 +93,6 @@ owner: root group: root mode: 0664 - notify: restart kibana tags: configure - name: Checking Wazuh-APP version @@ -124,21 +123,30 @@ args: executable: /bin/bash creates: /usr/share/kibana/plugins/wazuh/package.json - notify: restart kibana become: yes become_user: kibana tags: - install - skip_ansible_lint -- name: Ensure Kibana started and enabled +- name: Reload systemd configuration + systemd: + daemon_reload: true + +- name: Restart Kibana + service: + name: kibana + enabled: true + state: restarted + +- name: Ensure Kibana is started service: name: kibana enabled: true state: started - import_tasks: RMRedHat.yml - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat', 'Amazon' - import_tasks: RMDebian.yml when: ansible_os_family == 'Debian' From ad0fde391e7b35c42c25a75456db76a3fa2108c2 Mon Sep 17 00:00:00 2001 From: Jose M Date: Thu, 5 Sep 2019 15:59:03 +0200 Subject: [PATCH 3/3] Fix Kibana enabling task description --- roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index e695ddec..320c9b74 100644 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -139,7 +139,7 @@ enabled: true state: restarted -- name: Ensure Kibana is started +- name: Ensure Kibana is started and enabled service: name: kibana enabled: true