afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adapted wazuh-agent test playbook and created run.sh

Browse Source
This commit is contained in:
Rshad Zhran 2019-08-21 16:27:15 +02:00
parent 0e24c57fc6
commit 40ab9eb9f2
6 changed files with 52 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
molecule/default/create.yml
View File

@ -44,7 +44,7 @@
- name: Create docker network(s) - name: Create docker network(s)
docker_network: docker_network:
name: "new_network" name: "main"
state: present state: present
@ -65,7 +65,7 @@
published_ports: "{{ item.published_ports | default(omit) }}" published_ports: "{{ item.published_ports | default(omit) }}"
ulimits: "{{ item.ulimits | default(omit) }}" ulimits: "{{ item.ulimits | default(omit) }}"
networks: networks:
- name: "new_network" - name: "main"
dns_servers: "{{ item.dns_servers | default(omit) }}" dns_servers: "{{ item.dns_servers | default(omit) }}"
register: server register: server
with_items: "{{ molecule_yml.platforms }}" with_items: "{{ molecule_yml.platforms }}"

26
molecule/kibana/molecule.yml
View File

@ -16,13 +16,13 @@ platforms:
- nofile:262144:262144 - nofile:262144:262144
privileged: true privileged: true
memory_reservation: 1024m memory_reservation: 1024m
- name: xenial # - name: xenial
image: solita/ubuntu-systemd:xenial # image: solita/ubuntu-systemd:xenial
privileged: true # privileged: true
memory_reservation: 1024m # memory_reservation: 1024m
command: /sbin/init # command: /sbin/init
ulimits: # ulimits:
- nofile:262144:262144 # - nofile:262144:262144
# - name: trusty # - name: trusty
# image: ubuntu:trusty # image: ubuntu:trusty
# memory_reservation: 1024m # memory_reservation: 1024m
@ -34,12 +34,12 @@ platforms:
# memory_reservation: 1024m # memory_reservation: 1024m
# ulimits: # ulimits:
# - nofile:262144:262144 # - nofile:262144:262144
- name: centos7 # - name: centos7
image: milcom/centos7-systemd # image: milcom/centos7-systemd
memory_reservation: 1024m # memory_reservation: 1024m
privileged: true # privileged: true
ulimits: # ulimits:
- nofile:262144:262144 # - nofile:262144:262144
provisioner: provisioner:
name: ansible name: ansible
playbooks: playbooks:

1
molecule/kibana/playbook.yml
View File

@ -4,4 +4,5 @@
roles: roles:
- role: elastic-stack/ansible-kibana - role: elastic-stack/ansible-kibana
elasticsearch_network_host: 'elasticsearch'

44
molecule/wazuh-agent/molecule.yml
View File

@ -11,27 +11,27 @@ lint:
config-data: config-data:
ignore: .virtualenv ignore: .virtualenv
platforms: platforms:
- name: wazuh_server_centos7 #- name: wazuh_server_centos7
image: milcom/centos7-systemd # image: milcom/centos7-systemd
networks: # networks:
- name: wazuh # - name: wazuh
privileged: true # privileged: true
groups: # groups:
- manager # - manager
- name: wazuh_agent_bionic - name: wazuh_agent_bionic
image: ubuntu:bionic image: ubuntu:bionic
networks: networks:
- name: wazuh - name: wazuh
groups: groups:
- agent - agent
- name: wazuh_agent_xenial #- name: wazuh_agent_xenial
image: solita/ubuntu-systemd:xenial # image: solita/ubuntu-systemd:xenial
privileged: true # privileged: true
command: /sbin/init # command: /sbin/init
networks: # networks:
- name: wazuh # - name: wazuh
groups: # groups:
- agent # - agent
#- name: wazuh_agent_trusty #- name: wazuh_agent_trusty
# image: ubuntu:trusty # image: ubuntu:trusty
# networks: # networks:
@ -44,13 +44,13 @@ platforms:
# - name: wazuh # - name: wazuh
# groups: # groups:
# - agent # - agent
- name: wazuh_agent_centos7 #- name: wazuh_agent_centos7
image: milcom/centos7-systemd # image: milcom/centos7-systemd
privileged: true # privileged: true
networks: # networks:
- name: wazuh # - name: wazuh
groups: # groups:
- agent # - agent
provisioner: provisioner:
name: ansible name: ansible
playbooks: playbooks:

30
molecule/wazuh-agent/playbook.yml
View File

@ -1,20 +1,18 @@
--- ---
- name: Converge - name: Converge
hosts: agent hosts: all
pre_tasks:
- name: "Get ip Wazuh Manager"
shell: |
set -o pipefail
grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 2 | tail -n 1
register: wazuh_manager_ip_stdout
changed_when: false
delegate_to: wazuh_server_centos7
args:
executable: /bin/bash
- name: "Set fact for ip address"
set_fact:
wazuh_manager_ip: "{{ wazuh_manager_ip_stdout.stdout }}"
roles: roles:
- role: wazuh/ansible-wazuh-agent - role: wazuh/ansible-wazuh-agent
vars:
wazuh_managers:
- address: 'manager'
port: 1514
protocol: tcp
api_port: 55000
api_proto: 'http'
api_user: ansible
wazuh_agent_authd:
enable: true
port: 1515
ssl_agent_ca: null
ssl_auto_negotiate: 'no'

41
update-dnsmasq.sh
View File

@ -1,41 +0,0 @@
#!/bin/bash
# 10 seconds interval time by default
INTERVAL=${INTERVAL:-10}
# dnsmasq config directory
DNSMASQ_CONFIG=${DNSMASQ_CONFIG:-.}
# commands used in this script
DOCKER=${DOCKER:-docker}
SLEEP=${SLEEP:-sleep}
TAIL=${TAIL:-tail}
declare -A service_map
while true
do
changed=false
while read line
do
name=${line##* }
ip=$(${DOCKER} inspect --format '{{.NetworkSettings.IPAddress}}' $name)
# if IP addr changed
if [ -z ${service_map[$name]} ] || [ ${service_map[$name]} != $ip ]
then
service_map[$name]=$ip
# write to file
echo $name has a new IP Address $ip >&2
echo "host-record=$name,$ip" > "${DNSMASQ_CONFIG}/docker-$name"
changed=true
fi
done < <(${DOCKER} ps | ${TAIL} -n +2)
# a change of IP address occured, restart dnsmasq
if [ $changed = true ]
then
systemctl restart dnsmasq
fi
${SLEEP} $INTERVAL
done