From 7ae757ef674661b06e5580dd91e4bb00386b466f Mon Sep 17 00:00:00 2001
From: Stephan Eicher <stephan.eicher@check24.de>
Date: Thu, 9 Jun 2022 11:34:36 +0200
Subject: [PATCH] Fix to be able to set complex passwords with symbols too

---
 roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2 | 2 +-
 roles/wazuh/wazuh-dashboard/tasks/main.yml                 | 2 +-
 roles/wazuh/wazuh-indexer/tasks/security_actions.yml       | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2
index 558b5cf8..e5665b61 100644
--- a/roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2
@@ -21,7 +21,7 @@ output.elasticsearch:
 
 {% if filebeat_security %}
   username: {{ indexer_security_user }}
-  password: {{ indexer_security_password }}
+  password: "{{ indexer_security_password }}"
   protocol: https
   ssl.certificate_authorities:
     - {{ filebeat_ssl_dir }}/root-ca.pem
diff --git a/roles/wazuh/wazuh-dashboard/tasks/main.yml b/roles/wazuh/wazuh-dashboard/tasks/main.yml
index ac451b3d..6e010d5c 100755
--- a/roles/wazuh/wazuh-dashboard/tasks/main.yml
+++ b/roles/wazuh/wazuh-dashboard/tasks/main.yml
@@ -83,7 +83,7 @@
 
 - name: Configure opensearch.password in opensearch_dashboards.keystore
   shell: >-
-    echo {{ dashboard_password }} | /usr/share/wazuh-dashboard/bin/opensearch-dashboards-keystore --allow-root add -f --stdin opensearch.password
+    echo '{{ dashboard_password }}' | /usr/share/wazuh-dashboard/bin/opensearch-dashboards-keystore --allow-root add -f --stdin opensearch.password
   args:
     executable: /bin/bash
   become: yes
diff --git a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
index 3921db2d..2b481cc2 100644
--- a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
@@ -49,7 +49,7 @@
   - name: Hashing the custom admin password
     shell: |
       export JAVA_HOME=/usr/share/wazuh-indexer/jdk
-      {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }}
+      {{ indexer_sec_plugin_tools_path }}/hash.sh -p '{{ indexer_admin_password }}'
     register: indexer_admin_password_hashed
     no_log: '{{ indexer_nolog_sensible | bool }}'
   
@@ -65,7 +65,7 @@
   - name: Hash the kibanaserver role/user pasword
     shell: |
       export JAVA_HOME=/usr/share/wazuh-indexer/jdk
-      {{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }}
+      {{ indexer_sec_plugin_tools_path }}/hash.sh -p '{{ dashboard_password }}'
     register: indexer_kibanaserver_password_hashed
     no_log: '{{ indexer_nolog_sensible | bool }}'