diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml index 36bd9b1d..eda19931 100644 --- a/playbooks/wazuh-elastic.yml +++ b/playbooks/wazuh-elastic.yml @@ -1,5 +1,5 @@ --- - hosts: roles: - - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch + - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch elasticsearch_network_host: '' diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml index 8c6bc567..5f4213f5 100644 --- a/playbooks/wazuh-elastic_stack-distributed.yml +++ b/playbooks/wazuh-elastic_stack-distributed.yml @@ -6,7 +6,7 @@ elasticsearch_network_host: node_name: node-1 elasticsearch_bootstrap_node: true - elasticsearch_cluster_nodes: + elasticsearch_cluster_nodes: - - - @@ -22,7 +22,7 @@ vars: instances: node1: - name: node-1 # Important: must be equal to elasticsearch_node_name. + name: node-1 # Important: must be equal to elasticsearch_node_name. ip: # When unzipping, the node will search for its node name folder to get the cert. node2: name: node-2 @@ -43,10 +43,10 @@ - - - - + - hosts: roles: - - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch + - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch elasticsearch_network_host: elasticsearch_node_name: node-3 single_node: false diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml index 051b5fd2..aba365c9 100644 --- a/playbooks/wazuh-elastic_stack-single.yml +++ b/playbooks/wazuh-elastic_stack-single.yml @@ -1,8 +1,8 @@ --- - hosts: roles: - - {role: ../roles/wazuh/ansible-wazuh-manager} - - role: ../roles/wazuh/ansible-filebeat - filebeat_output_elasticsearch_hosts: localhost:9200 - - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true} - - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' } + - {role: ../roles/wazuh/ansible-wazuh-manager} + - role: ../roles/wazuh/ansible-filebeat + filebeat_output_elasticsearch_hosts: localhost:9200 + - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true} + - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: '0.0.0.0', elasticsearch_reachable_host: 'localhost' } \ No newline at end of file diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index 526bfabf..0a05d853 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -23,3 +23,14 @@ node_certs_destination: /etc/kibana/certs master_certs_path: /es_certs generate_CA: true ca_cert_name: "" + +# Nodejs +nodejs: + repo_dict: + debian: "deb" + redhat: "rpm" + repo_url_ext: "nodesource.com/setup_8.x" + +# Build from sources +build_from_sources: true +wazuh_plugin_branch: 3.10-7.4 \ No newline at end of file diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml new file mode 100644 index 00000000..6a3dc514 --- /dev/null +++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml @@ -0,0 +1,77 @@ +--- + - name: Ensure the Git package is present + package: + name: git + state: present + + - name: Modify repo url if host is in Debian family + set_fact: + node_js_repo_type: deb + when: + - ansible_os_family | lower == "debian" + + - name: Download script to install Nodejs repository + get_url: + url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}" + dest: "/tmp/setup_nodejs_repo.sh" + mode: "0700" + + - name: Execute downloaded script to install Nodejs repo + command: /tmp/setup_nodejs_repo.sh + register: node_repo_installation_result + changed_when: false + + - name: Install Nodejs + package: + name: nodejs + state: present + + - name: Install yarn dependency to build the Wazuh Kibana Plugin + # Using shell due to errors when evaluating text between @ with command + shell: "npm install -g {{ 'yarn' }}{{ '@' }}{{ '1.10.1'}}" # noqa 305 + register: install_yarn_result + changed_when: install_yarn_result == 0 + + - name: Remove old wazuh-kibana-app git directory + file: + path: /tmp/app + state: absent + changed_when: false + + - name: Clone wazuh-kibana-app repository # Using command as git module doesn't cover single-branch nor depth + command: git clone https://github.com/wazuh/wazuh-kibana-app -b {{ wazuh_plugin_branch }} --single-branch --depth=1 app # noqa 303 + register: clone_app_repo_result + changed_when: false + args: + chdir: "/tmp" + + - name: Executing yarn to build the package + command: "{{ item }}" + with_items: + - "yarn" + - "yarn build" + register: yarn_execution_result + changed_when: false + args: + chdir: "/tmp/app/" + + - name: Obtain name of generated package + shell: "find ./ -name 'wazuh-*.zip' -printf '%f\\n'" + register: wazuhapp_package_name + changed_when: false + args: + chdir: "/tmp/app/build" + + - name: Install Wazuh Plugin (can take a while) + shell: "/usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}" + environment: + NODE_OPTIONS: "--max-old-space-size=3072" + args: + executable: /bin/bash + creates: /usr/share/kibana/plugins/wazuh/package.json + become: yes + become_user: kibana + notify: restart kibana + tags: + - install + - skip_ansible_lint diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index 622db80b..dd0e423f 100644 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -1,4 +1,13 @@ --- + +- name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible + fail: + msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924" + when: + - build_from_sources + - ansible_distribution == "Debian" + - ansible_distribution_major_version == "10" + - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' @@ -82,8 +91,8 @@ register: wazuh_app_verify changed_when: false failed_when: - - wazuh_app_verify.rc != 0 - - wazuh_app_verify.rc != 1 + - wazuh_app_verify.rc != 0 + - wazuh_app_verify.rc != 1 - name: Removing old Wazuh-APP command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh @@ -91,13 +100,25 @@ tags: install - name: Removing bundles - file: path=/usr/share/kibana/optimize/bundles state=absent - become: yes - become_user: kibana + file: + path: /usr/share/kibana/optimize/bundles + state: absent when: wazuh_app_verify.rc == 1 tags: install -- name: Install Wazuh-APP (can take a while) +- name: Explicitly starting Kibana to generate "wazuh-" + service: + name: kibana + state: started + +- name: Build and Install Wazuh Kibana Plugin from sources + import_tasks: build_wazuh_plugin.yml + when: + - build_from_sources is defined + - build_from_sources + + +- name: Install Wazuh Plugin (can take a while) shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip" environment: NODE_OPTIONS: "--max-old-space-size=3072" @@ -110,6 +131,8 @@ tags: - install - skip_ansible_lint + when: + - not build_from_sources - name: Reload systemd configuration systemd: diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 4060e99c..64935264 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,28 @@ --- wazuh_agent_version: 3.10.2-1 + +wazuh_agent_sources_installation: + enabled: "false" + branch: "v3.10.2" + user_language: "y" + user_no_stop: "y" + user_install_type: "agent" + user_dir: "/var/ossec" + user_delete_dir: "y" + user_enable_active_response: "y" + user_enable_syscheck: "y" + user_enable_rootcheck: "y" + user_enable_openscap: "y" + user_enable_sca: "y" + user_enable_authd: "y" + user_generate_authd_cert: "n" + user_update: "y" + user_binaryinstall: null + user_agent_server_ip: "YOUR_MANAGER_IP" + user_agent_server_name: null + user_agent_config_profile: null + user_ca_store: "/var/ossec/wpk_root.pem" + wazuh_managers: - address: 127.0.0.1 port: 1514 @@ -320,4 +343,4 @@ wazuh_agent_config: list: - key: Env value: Production -wazuh_agent_nat: false +wazuh_agent_nat: false \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml index 1aa7a38e..0e0ba92f 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml @@ -20,12 +20,14 @@ when: - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 + - not wazuh_agent_sources_installation.enabled - name: Debian/Ubuntu | Installing Wazuh repository key apt_key: url: "{{ wazuh_agent_config.repo.gpg }}" when: - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) + - not wazuh_agent_sources_installation.enabled - name: Debian/Ubuntu | Add Wazuh repositories apt_repository: @@ -33,6 +35,8 @@ repo: "{{ wazuh_agent_config.repo.apt }}" state: present update_cache: true + when: + - not wazuh_agent_sources_installation.enabled - name: Debian/Ubuntu | Set Distribution CIS filename for debian set_fact: diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index 2ef87f11..9265ce92 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -5,6 +5,10 @@ - include_tasks: "Debian.yml" when: ansible_os_family == "Debian" +- include_tasks: "installation_from_sources.yml" + when: + - wazuh_agent_sources_installation.enabled + - name: Linux CentOS/RedHat | Install wazuh-agent package: name: wazuh-agent-{{ wazuh_agent_version }} @@ -13,6 +17,7 @@ poll: 30 when: - ansible_os_family|lower == "redhat" + - not wazuh_agent_sources_installation.enabled tags: - init @@ -23,6 +28,7 @@ cache_valid_time: 3600 when: - ansible_os_family|lower != "redhat" + - not wazuh_agent_sources_installation.enabled tags: - init @@ -192,7 +198,11 @@ tags: config - include_tasks: "RMRedHat.yml" - when: ansible_os_family == "RedHat" + when: + - ansible_os_family == "RedHat" + - not wazuh_agent_sources_installation.enabled - include_tasks: "RMDebian.yml" - when: ansible_os_family == "Debian" + when: + - ansible_os_family == "Debian" + - not wazuh_agent_sources_installation.enabled diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml index 8f3b8dbd..e0b2b426 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml @@ -10,6 +10,7 @@ when: - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon') - (ansible_distribution_major_version|int <= 5) + - not wazuh_agent_sources_installation.enabled or not wazuh_api_sources_installation.enabled register: repo_v5_installed - name: RedHat/CentOS/Fedora | Install Wazuh repo @@ -22,6 +23,7 @@ changed_when: false when: - repo_v5_installed is skipped + - not wazuh_agent_sources_installation.enabled - name: RedHat/CentOS/Fedora | download Oracle Java RPM get_url: diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml new file mode 100644 index 00000000..69934631 --- /dev/null +++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml @@ -0,0 +1,99 @@ +--- + - name: Install dependencies to build Wazuh packages + package: + name: + - make + - gcc + - automake + - autoconf + - libtool + - tar + state: present + + - name: Removing old files + file: + path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz" + state: absent + + - name: Removing old folders + file: + path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}" + state: absent + + - name: Installing policycoreutils-python (RedHat families) + package: + name: + - policycoreutils-python + when: + - ansible_os_family|lower == "redhat" + + - name: Installing policycoreutils-python-utils (Debian families) + package: + name: + - libc6-dev + - curl + - policycoreutils + when: + - ansible_os_family|lower == "debian" + + - name: Download required packages from github.com/wazuh/wazuh + get_url: + url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_agent_sources_installation.branch }}.tar.gz" + dest: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz" + delegate_to: "{{ inventory_hostname }}" + changed_when: false + + - name: Create folder to extract Wazuh branch + file: + path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}" + state: directory + changed_when: false + + - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip + command: >- + tar -xzvf /tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz + --strip 1 + --directory /tmp/wazuh-{{ wazuh_agent_sources_installation.branch }} + register: wazuh_untar + changed_when: false + args: + warn: false + + - name: Clean remaining files from others builds + command: "make -C src {{ item }}" + args: + chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}/src/" + with_items: + - "clean" + - "clean-deps" + register: clean_result + changed_when: clean_result.rc == 0 + failed_when: false + + - name: Render the "preloaded-vars.conf" file + template: + src: "templates/preloaded_vars_agent.conf.j2" + dest: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}/etc/preloaded-vars.conf" + owner: root + group: root + mode: '644' + changed_when: false + + - name: Executing "install.sh" script to build and install the Wazuh Agent + shell: ./install.sh > /tmp/build_agent_log.txt + register: installation_result + changed_when: installation_result == 0 + args: + chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}" + + - name: Cleanup downloaded files + file: + path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz" + state: absent + changed_when: false + + - name: Cleanup created folders + file: + path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}" + state: absent + changed_when: false \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars_agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars_agent.conf.j2 new file mode 100644 index 00000000..0887b367 --- /dev/null +++ b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars_agent.conf.j2 @@ -0,0 +1,7 @@ +{% for key, value in wazuh_agent_sources_installation.items() %} +{% if "user_" in key %} +{% if value is defined and value is not none %} +{{ key|upper }}="{{ value }}" +{% endif %} +{% endif %} +{% endfor %} \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 66253fef..0a5eaf07 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -4,6 +4,49 @@ wazuh_manager_version: 3.10.2-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present +wazuh_manager_sources_installation: + enabled: true + branch: "v3.10.2" + user_language: "en" + user_no_stop: "y" + user_install_type: "server" + user_dir: "/var/ossec" + user_delete_dir: null + user_enable_active_response: null + user_enable_syscheck: "y" + user_enable_rootcheck: "y" + user_enable_openscap: "y" + user_enable_authd: "y" + user_generate_authd_cert: null + user_update: "y" + user_binaryinstall: null + user_enable_email: "n" + user_auto_start: "y" + user_email_address: null + user_email_smpt: null + user_enable_syslog: "n" + user_white_list: "n" + user_ca_store: null + threads: "2" + +wazuh_api_sources_installation: + enabled: true + branch: "v3.10.2" + update: "y" + remove: "y" + directory: null + port: 55000 + https: "n" + authd: null + proxy: null + country: null + state: null + locality: null + org_name: null + org_unit: null + common_name: null + password: null + wazuh_manager_config: repo: apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main' @@ -326,8 +369,9 @@ wazuh_agent_configs: format: 'eventchannel' - location: 'System' format: 'eventlog' + nodejs: - repo_dic: + repo_dict: debian: "deb" redhat: "rpm" - repo_url_ext: "nodesource.com/setup_8.x" \ No newline at end of file + repo_url_ext: "nodesource.com/setup_8.x" diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml index 0fac45a1..46f1097b 100644 --- a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml @@ -12,6 +12,4 @@ service: name: wazuh-api state: restarted - enabled: true - when: - - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6) + enabled: true \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index b4e94308..e045059d 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -23,12 +23,14 @@ when: - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 + - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled - name: Debian/Ubuntu | Installing Wazuh repository key apt_key: url: "{{ wazuh_manager_config.repo.gpg }}" when: - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) + - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled - name: Debian/Ubuntu | Add Wazuh repositories apt_repository: @@ -37,6 +39,8 @@ state: present update_cache: true changed_when: false + when: + - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu set_fact: @@ -89,10 +93,26 @@ tags: - config -- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api +- name: Debian/Ubuntu | Install wazuh-manager apt: name: - "wazuh-manager={{ wazuh_manager_version }}" + state: present + cache_valid_time: 3600 + install_recommends: false + register: wazuh_manager_main_packages_installed + until: wazuh_manager_main_packages_installed is succeeded + tags: init + when: + - not wazuh_manager_sources_installation.enabled + +- include_tasks: "installation_from_sources.yml" + when: + - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled + +- name: Debian/Ubuntu | Install wazuh-api + apt: + name: - "wazuh-api={{ wazuh_manager_version }}" state: present cache_valid_time: 3600 @@ -100,3 +120,5 @@ register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded tags: init + when: + - not wazuh_api_sources_installation.enabled \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index 938bc83d..5dc57e81 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -10,6 +10,7 @@ when: - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon') - (ansible_distribution_major_version|int <= 5) + - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled register: repo_v5_manager_installed - name: RedHat/CentOS/Fedora | Install Wazuh repo @@ -22,6 +23,7 @@ changed_when: false when: - repo_v5_manager_installed is skipped + - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled - name: RedHat/CentOS/Fedora | Install openscap package: name={{ item }} state=present @@ -107,17 +109,31 @@ when: - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" -- name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api +- name: CentOS/RedHat/Amazon | Install wazuh-manager package: - name: "{{ item }}-{{ wazuh_manager_version }}" + name: "wazuh-manager-{{ wazuh_manager_version }}" state: "{{ wazuh_manager_package_state }}" - with_items: - - wazuh-manager - - wazuh-api register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded when: - ansible_os_family|lower == "redhat" + - not wazuh_manager_sources_installation.enabled + tags: + - init + +- include_tasks: "../tasks/installation_from_sources.yml" + when: + - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled + +- name: CentOS/RedHat/Amazon | Install wazuh-api + package: + name: "wazuh-api-{{ wazuh_manager_version }}" + state: "{{ wazuh_manager_package_state }}" + register: wazuh_api_main_packages_installed + until: wazuh_api_main_packages_installed is succeeded + when: + - ansible_os_family|lower == "redhat" + - not wazuh_api_sources_installation.enabled tags: - init @@ -143,3 +159,4 @@ - ansible_distribution_major_version|int < 6 tags: - init + diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml new file mode 100644 index 00000000..b92e4edc --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml @@ -0,0 +1,181 @@ +--- +# Wazuh Manager + - name: Check if Wazuh Manager is already installed + stat: + path: /var/ossec/bin/ossec-control + register: wazuh_ossec_control + + - name: Installing Wazuh Manager from sources + block: + - name: Install dependencies to build Wazuh packages + package: + name: + - make + - gcc + - automake + - autoconf + - libtool + - tar + state: present + + - name: Removing old files + file: + path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz" + state: absent + + - name: Removing old folders + file: + path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}" + state: absent + + - name: Installing policycoreutils-python (RedHat families) + package: + name: + - policycoreutils-python + when: + - ansible_os_family|lower == "redhat" + + - name: Installing policycoreutils-python-utils (Debian families) + package: + name: + - libc6-dev + - curl + - policycoreutils + when: + - ansible_os_family|lower == "debian" + + - name: Remove old repository folder + file: + path: /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }} + state: absent + + - name: Download required packages from github.com/wazuh/wazuh + get_url: + url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz" + dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz" + delegate_to: "{{ inventory_hostname }}" + + - name: Create folder to extract Wazuh branch + file: + path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}" + state: directory + + # When downloading "v3.10.2" extracted folder name is 3.10.2. + # Explicitly creating the folder with proper naming and striping first level in .tar.gz file + + - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip + command: >- + tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz + --strip 1 + --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }} + register: wazuh_untar + changed_when: wazuh_untar.rc ==0 + args: + warn: false + + - name: Clean remaining files from others builds + command: "make -C src {{ item }}" + args: + chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/" + with_items: + - "clean" + - "clean-deps" + register: clean_result + changed_when: clean_result.rc == 0 + failed_when: false + + - name: Render the "preloaded-vars.conf" file + template: + src: "templates/preloaded_vars_manager.conf.j2" + dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf" + owner: root + group: root + mode: '644' + + - name: Executing "install.sh" script to build and install the Wazuh Manager + shell: ./install.sh > /tmp/build_wazuh_manager_log.txt + register: installation_result + changed_when: installation_result == 0 + args: + chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}" + + - name: Cleanup downloaded files + file: + path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz" + state: absent + + - name: Cleanup created folders + file: + path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}" + state: absent + + when: + - not wazuh_ossec_control.stat.exists + - wazuh_manager_sources_installation.enabled + tags: + - manager + +# Wazuh API + + - name: Check if Wazuh API is already installed + stat: + path: /var/ossec/api/app.js + register: wazuh_api + + - name: Install Wazuh API from sources + block: + - name: Install dependencies to build Wazuh packages + package: + name: + - make + - gcc + - automake + - autoconf + - libtool + - tar + state: present + + - name: Explicitly installing npm for Debian hosts + package: + name: npm + state: present + when: + - ansible_distribution == "Debian" + + - name: Ensure Git is present in the host + package: + name: git + state: present + + - name: Remove old repository folder + file: + path: /tmp/wazuh-api + state: absent + + - name: Download the Wazuh API repository + git: + repo: 'https://github.com/wazuh/wazuh-api.git' + version: "{{ wazuh_api_sources_installation.branch }}" + dest: /tmp/wazuh-api + + - name: Configure Wazuh API installation + template: + src: "templates/preloaded_vars_api.conf.j2" + dest: "/tmp/wazuh-api/configuration/preloaded_vars.conf" + owner: root + group: root + mode: '644' + + - name: Execute Wazuh API installation script + shell: ./install_api.sh > /tmp/build_wazuh_api_log.txt + register: install_api + changed_when: install_api.rc == 0 + args: + chdir: "/tmp/wazuh-api" + notify: + - restart wazuh-api + when: + - not wazuh_api.stat.exists + - wazuh_api_sources_installation.enabled + tags: + - api \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index d17e29bd..0bb00fef 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -16,7 +16,7 @@ block: - name: Download NodeJS repository script get_url: - url: "https://{{ nodejs['repo_dic'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}" + url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}" dest: /etc/nodejs.sh mode: '0775' changed_when: false @@ -56,7 +56,7 @@ chdir: /var/ossec/etc/ tags: - config - when: not wazuh_manager_config.authd.ssl_agent_ca is not none + when: wazuh_manager_config.authd.ssl_agent_ca is not none - name: Copy CA, SSL key and cert for authd copy: @@ -382,7 +382,11 @@ - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6 - include_tasks: "RMRedHat.yml" - when: ansible_os_family == "RedHat" or ansible_os_family == "Amazon" + when: + - ansible_os_family == "RedHat" or ansible_os_family == "Amazon" + - not wazuh_manager_sources_installation.enabled - include_tasks: "RMDebian.yml" - when: ansible_os_family == "Debian" + when: + - ansible_os_family == "Debian" + - not wazuh_manager_sources_installation.enabled diff --git a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2 new file mode 100644 index 00000000..198178c8 --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2 @@ -0,0 +1,7 @@ +{% for key, value in wazuh_api_sources_installation.items() %} +{% if "enabled" not in key and "branch" not in key %} +{% if value is defined and value is not none %} +{{ key|upper }}="{{ value }}" +{% endif %} +{% endif %} +{% endfor %} \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_manager.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_manager.conf.j2 new file mode 100644 index 00000000..3dacef92 --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_manager.conf.j2 @@ -0,0 +1,7 @@ +{% for key, value in wazuh_manager_sources_installation.items() %} +{% if "user_" in key %} +{% if value is defined and value is not none %} +{{ key|upper }}="{{ value }}" +{% endif %} +{% endif %} +{% endfor %}