adapted wazuh-agent test playbook and created run.sh
This commit is contained in:
Rshad Zhran
parent
0e24c57fc6
commit
40ab9eb9f2
@ -44,7 +44,7 @@
|
||||
|
||||
- name: Create docker network(s)
|
||||
docker_network:
|
||||
name: "new_network"
|
||||
name: "main"
|
||||
state: present
|
||||
|
||||
|
||||
@ -65,7 +65,7 @@
|
||||
published_ports: "{{ item.published_ports | default(omit) }}"
|
||||
ulimits: "{{ item.ulimits | default(omit) }}"
|
||||
networks:
|
||||
- name: "new_network"
|
||||
- name: "main"
|
||||
dns_servers: "{{ item.dns_servers | default(omit) }}"
|
||||
register: server
|
||||
with_items: "{{ molecule_yml.platforms }}"
|
||||
|
||||
@ -16,13 +16,13 @@ platforms:
|
||||
- nofile:262144:262144
|
||||
privileged: true
|
||||
memory_reservation: 1024m
|
||||
- name: xenial
|
||||
image: solita/ubuntu-systemd:xenial
|
||||
privileged: true
|
||||
memory_reservation: 1024m
|
||||
command: /sbin/init
|
||||
ulimits:
|
||||
- nofile:262144:262144
|
||||
# - name: xenial
|
||||
# image: solita/ubuntu-systemd:xenial
|
||||
# privileged: true
|
||||
# memory_reservation: 1024m
|
||||
# command: /sbin/init
|
||||
# ulimits:
|
||||
# - nofile:262144:262144
|
||||
# - name: trusty
|
||||
# image: ubuntu:trusty
|
||||
# memory_reservation: 1024m
|
||||
@ -34,12 +34,12 @@ platforms:
|
||||
# memory_reservation: 1024m
|
||||
# ulimits:
|
||||
# - nofile:262144:262144
|
||||
- name: centos7
|
||||
image: milcom/centos7-systemd
|
||||
memory_reservation: 1024m
|
||||
privileged: true
|
||||
ulimits:
|
||||
- nofile:262144:262144
|
||||
# - name: centos7
|
||||
# image: milcom/centos7-systemd
|
||||
# memory_reservation: 1024m
|
||||
# privileged: true
|
||||
# ulimits:
|
||||
# - nofile:262144:262144
|
||||
provisioner:
|
||||
name: ansible
|
||||
playbooks:
|
||||
|
||||
@ -4,4 +4,5 @@
|
||||
roles:
|
||||
|
||||
- role: elastic-stack/ansible-kibana
|
||||
elasticsearch_network_host: 'elasticsearch'
|
||||
|
||||
@ -11,27 +11,27 @@ lint:
|
||||
config-data:
|
||||
ignore: .virtualenv
|
||||
platforms:
|
||||
- name: wazuh_server_centos7
|
||||
image: milcom/centos7-systemd
|
||||
networks:
|
||||
- name: wazuh
|
||||
privileged: true
|
||||
groups:
|
||||
- manager
|
||||
#- name: wazuh_server_centos7
|
||||
# image: milcom/centos7-systemd
|
||||
# networks:
|
||||
# - name: wazuh
|
||||
# privileged: true
|
||||
# groups:
|
||||
# - manager
|
||||
- name: wazuh_agent_bionic
|
||||
image: ubuntu:bionic
|
||||
networks:
|
||||
- name: wazuh
|
||||
groups:
|
||||
- agent
|
||||
- name: wazuh_agent_xenial
|
||||
image: solita/ubuntu-systemd:xenial
|
||||
privileged: true
|
||||
command: /sbin/init
|
||||
networks:
|
||||
- name: wazuh
|
||||
groups:
|
||||
- agent
|
||||
#- name: wazuh_agent_xenial
|
||||
# image: solita/ubuntu-systemd:xenial
|
||||
# privileged: true
|
||||
# command: /sbin/init
|
||||
# networks:
|
||||
# - name: wazuh
|
||||
# groups:
|
||||
# - agent
|
||||
#- name: wazuh_agent_trusty
|
||||
# image: ubuntu:trusty
|
||||
# networks:
|
||||
@ -44,13 +44,13 @@ platforms:
|
||||
# - name: wazuh
|
||||
# groups:
|
||||
# - agent
|
||||
- name: wazuh_agent_centos7
|
||||
image: milcom/centos7-systemd
|
||||
privileged: true
|
||||
networks:
|
||||
- name: wazuh
|
||||
groups:
|
||||
- agent
|
||||
#- name: wazuh_agent_centos7
|
||||
# image: milcom/centos7-systemd
|
||||
# privileged: true
|
||||
# networks:
|
||||
# - name: wazuh
|
||||
# groups:
|
||||
# - agent
|
||||
provisioner:
|
||||
name: ansible
|
||||
playbooks:
|
||||
|
||||
@ -1,20 +1,18 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: agent
|
||||
pre_tasks:
|
||||
- name: "Get ip Wazuh Manager"
|
||||
shell: |
|
||||
set -o pipefail
|
||||
grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 2 | tail -n 1
|
||||
register: wazuh_manager_ip_stdout
|
||||
changed_when: false
|
||||
delegate_to: wazuh_server_centos7
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
||||
- name: "Set fact for ip address"
|
||||
set_fact:
|
||||
wazuh_manager_ip: "{{ wazuh_manager_ip_stdout.stdout }}"
|
||||
|
||||
hosts: all
|
||||
roles:
|
||||
- role: wazuh/ansible-wazuh-agent
|
||||
vars:
|
||||
wazuh_managers:
|
||||
- address: 'manager'
|
||||
port: 1514
|
||||
protocol: tcp
|
||||
api_port: 55000
|
||||
api_proto: 'http'
|
||||
api_user: ansible
|
||||
wazuh_agent_authd:
|
||||
enable: true
|
||||
port: 1515
|
||||
ssl_agent_ca: null
|
||||
ssl_auto_negotiate: 'no'
|
||||
|
||||
@ -1,41 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# 10 seconds interval time by default
|
||||
INTERVAL=${INTERVAL:-10}
|
||||
|
||||
# dnsmasq config directory
|
||||
DNSMASQ_CONFIG=${DNSMASQ_CONFIG:-.}
|
||||
|
||||
# commands used in this script
|
||||
DOCKER=${DOCKER:-docker}
|
||||
SLEEP=${SLEEP:-sleep}
|
||||
TAIL=${TAIL:-tail}
|
||||
|
||||
declare -A service_map
|
||||
|
||||
while true
|
||||
do
|
||||
changed=false
|
||||
while read line
|
||||
do
|
||||
name=${line##* }
|
||||
ip=$(${DOCKER} inspect --format '{{.NetworkSettings.IPAddress}}' $name)
|
||||
# if IP addr changed
|
||||
if [ -z ${service_map[$name]} ] || [ ${service_map[$name]} != $ip ]
|
||||
then
|
||||
service_map[$name]=$ip
|
||||
# write to file
|
||||
echo $name has a new IP Address $ip >&2
|
||||
echo "host-record=$name,$ip" > "${DNSMASQ_CONFIG}/docker-$name"
|
||||
changed=true
|
||||
fi
|
||||
done < <(${DOCKER} ps | ${TAIL} -n +2)
|
||||
|
||||
# a change of IP address occured, restart dnsmasq
|
||||
if [ $changed = true ]
|
||||
then
|
||||
systemctl restart dnsmasq
|
||||
fi
|
||||
|
||||
${SLEEP} $INTERVAL
|
||||
done
|
||||
Loading…
Reference in New Issue
Block a user