Adding windows support.

ansible-wazuh-agent/defaults/main.yml

@@ -6,6 +6,11 @@ wazuh_manager_proto: tcp
 wazuh_register_client: false
 wazuh_notify_time: null
 wazuh_time_reconnect: null
+wazuh_winagent_config:
+  install_dir: 'C:\wazuh-agent\'
+  version: '2.1.0'
+  url: https://packages.wazuh.com/windows/wazuh-winagent-v2.1.0-1.exe
+  md5: 715fbd55f670c2cecc607f2cbd0b2310
 wazuh_agent_config:
   log_format: 'plain'
   syscheck:

ansible-wazuh-agent/handlers/main.yml

@@ -1,3 +1,6 @@
 ---
 - name: restart wazuh-agent
   service: name=wazuh-agent state=restarted enabled=yes
+
+- name: restart wazuh-agent windows
+  win_service: name=OssecSvc start_mode=auto state=restarted

ansible-wazuh-agent/tasks/Linux.yml

@@ -0,0 +1,59 @@
+---
+- include: "RedHat.yml"
+  when: ansible_os_family == "RedHat"
+
+- include: "Debian.yml"
+  when: ansible_os_family == "Debian"
+
+- name: Linux | Install wazuh-agent
+  package: name=wazuh-agent state=latest
+  tags:
+    - init
+
+- name: Linux | Check if client.keys exists
+  stat: path=/var/ossec/etc/client.keys
+  register: check_keys
+  tags:
+    - config
+
+- name: Linux | Register agent
+  shell: /var/ossec/bin/agent-auth -m {{ wazuh_manager_ip }} -p {{ wazuh_authd_port }}
+  register: agent_auth_output
+  when:
+    - wazuh_register_client == true
+    - check_keys.stat.size == 0
+    - wazuh_manager_ip is not none
+  tags:
+    - config
+
+- name: Linux | Verify agent registration
+  shell: echo {{ agent_auth_output }} | grep "Valid key created"
+  when:
+    - wazuh_register_client == true
+    - check_keys.stat.size == 0
+    - wazuh_manager_ip is not none
+  tags:
+    - config
+
+- name: Linux | Installing agent configuration (ossec.conf)
+  template: src=var-ossec-etc-ossec-agent.conf.j2
+            dest=/var/ossec/etc/ossec.conf
+            owner=root
+            group=ossec
+            mode=0644
+  notify: restart wazuh-agent
+  tags:
+    - init
+    - config
+
+- name: Linux | Ensure Wazuh Agent service is started and enabled
+  service:
+    name: wazuh-agent
+    enabled: yes
+    state: started
+
+- include: "RMRedHat.yml"
+  when: ansible_os_family == "RedHat"
+
+- include: "RMDebian.yml"
+  when: ansible_os_family == "Debian"

ansible-wazuh-agent/tasks/Windows.yml

@@ -0,0 +1,70 @@
+---
+- name: Windows | Get current installed version
+  win_shell: "{{ wazuh_winagent_config.install_dir }}ossec-agent.exe -h"
+  args:
+    removes: "{{ wazuh_winagent_config.install_dir }}ossec-agent.exe"
+  register: agent_version
+  failed_when: False
+  changed_when: False
+
+- name: Windows | Check Wazuh agent version installed
+  set_fact: correct_version=true
+  when:
+    - agent_version.stdout is defined
+    - wazuh_winagent_config.version in agent_version.stdout
+
+- name: Windows | Downloading windows Wazuh agent installer
+  win_get_url:
+    dest: C:\wazuh-agent-installer.exe
+    url: "{{ wazuh_winagent_config.url }}"
+  when:
+    - correct_version is not defined
+
+- name: Windows | Verify the downloaded Wazuh agent installer
+  win_stat:
+    path: C:\wazuh-agent-installer.exe
+    get_checksum: yes
+    checksum_algorithm: md5
+  register: installer_md5
+  when:
+    - correct_version is not defined
+  failed_when:
+    - installer_md5.stat.checksum != wazuh_winagent_config.md5
+
+- name: Windows | Install Wazuh agent
+  win_shell: C:\wazuh-agent-installer.exe /S /D={{ wazuh_winagent_config.install_dir }}
+  when:
+    - correct_version is not defined
+
+- name: Windows | Check if client.keys exists
+  win_stat: path="{{ wazuh_winagent_config.install_dir }}client.keys"
+  register: check_windows_key
+  notify: restart wazuh-agent windows
+  tags:
+    - config
+
+- name: Windows | Register agent
+  win_shell: "{{ wazuh_winagent_config.install_dir }}agent-auth.exe -m {{ wazuh_manager_ip }} -p {{ wazuh_authd_port }}"
+  args:
+    chdir: "{{ wazuh_winagent_config.install_dir }}"
+  register: agent_auth_output
+  notify: restart wazuh-agent windows
+  when:
+    - wazuh_register_client == true
+    - check_windows_key.stat.exists == false
+    - wazuh_manager_ip is not none
+  tags:
+    - config
+
+- name: Windows | Installing agent configuration (ossec.conf)
+  win_template:
+    src: var-ossec-etc-ossec-agent.conf.j2
+    dest: "{{ wazuh_winagent_config.install_dir }}ossec.conf"
+  notify: restart wazuh-agent windows
+  tags:
+    - config
+
+- name: Windows | Delete downloaded Wazuh agent installer file
+  win_file:
+    path: C:\wazuh-agent-installer.exe
+    state: absent

ansible-wazuh-agent/tasks/main.yml

@@ -1,59 +1,6 @@
 ---
-- include: "RedHat.yml"
+- include: "Windows.yml"
-  when: ansible_os_family == "RedHat"
+  when: ansible_os_family == "Windows"
 
-- include: "Debian.yml"
+- include: "Linux.yml"
-  when: ansible_os_family == "Debian"
+  when: ansible_system == "Linux"
-
-- name: Install wazuh-agent
-  package: name=wazuh-agent state=latest
-  tags:
-    - init
-
-- name: Check if client.keys exists
-  stat: path=/var/ossec/etc/client.keys
-  register: check_keys
-  tags:
-    - config
-
-- name: Register agent
-  shell: /var/ossec/bin/agent-auth -m {{ wazuh_manager_ip }} -p {{ wazuh_authd_port }}
-  register: agent_auth_output
-  when:
-    - wazuh_register_client == true
-    - check_keys.stat.size == 0
-    - wazuh_manager_ip is not none
-  tags:
-    - config
-
-- name: Verify agent registration
-  shell: echo {{ agent_auth_output }} | grep "Valid key created"
-  when:
-    - wazuh_register_client == true
-    - check_keys.stat.size == 0
-    - wazuh_manager_ip is not none
-  tags:
-    - config
-
-- name: Installing agent configuration (ossec.conf)
-  template: src=var-ossec-etc-ossec-agent.conf.j2
-            dest=/var/ossec/etc/ossec.conf
-            owner=root
-            group=ossec
-            mode=0644
-  notify: restart wazuh-agent
-  tags:
-    - init
-    - config
-
-- name: Ensure Wazuh Agent service is started and enabled
-  service:
-    name: wazuh-agent
-    enabled: yes
-    state: started
-
-- include: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
-
-- include: "RMDebian.yml"
-  when: ansible_os_family == "Debian"