afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #245 from wazuh/242-elastic-multiline-fix

Browse Source 
242 elastic multiline fix
This commit is contained in:
Manuel J. Bernal 2019-09-24 13:02:14 +02:00 committed by GitHub
commit 4e4151e674
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 56 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
View File

@ -60,9 +60,10 @@
tags: xpack-security tags: xpack-security
- name: Generating certificates for Elasticsearch security (generating CA) - name: Generating certificates for Elasticsearch security (generating CA)
shell: >- command: >-
/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem
{{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip --in {{ node_certs_source }}/instances.yml
--out {{ node_certs_source }}/certs.zip
when: when:
- node_certs_generator - node_certs_generator
- not xpack_certs_zip.stat.exists - not xpack_certs_zip.stat.exists
@ -70,28 +71,31 @@
tags: xpack-security tags: xpack-security
- name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password) - name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password)
shell: >- command: >-
/usr/share/elasticsearch/bin/elasticsearch-certutil cert /usr/share/elasticsearch/bin/elasticsearch-certutil cert
--ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} --ca-key {{ node_certs_source }}/{{ ca_key_name }}
--pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
--pem --in {{ node_certs_source }}/instances.yml
--out {{ node_certs_source }}/certs.zip
when: when:
- node_certs_generator - node_certs_generator
- not xpack_certs_zip.stat.exists - not xpack_certs_zip.stat.exists
- not generate_CA - not generate_CA
- ca_password == "" - ca_password | length == 0
tags: xpack-security tags: xpack-security
- name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password) - name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password)
shell: >- command: >-
/usr/share/elasticsearch/bin/elasticsearch-certutil cert /usr/share/elasticsearch/bin/elasticsearch-certutil cert
--ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} --ca-key {{ node_certs_source }}/{{ ca_key_name }}
--ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
--pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
--ca-pass {{ ca_password }} --ca-pass {{ ca_password }}
when: when:
- node_certs_generator - node_certs_generator
- not xpack_certs_zip.stat.exists - not xpack_certs_zip.stat.exists
- not generate_CA - not generate_CA
- ca_password != "" - ca_password | length > 0
tags: xpack-security tags: xpack-security
- name: Verify the Elastic certificates directory - name: Verify the Elastic certificates directory
@ -175,8 +179,8 @@
tags: xpack-security tags: xpack-security
- name: Set elasticsearch bootstrap password - name: Set elasticsearch bootstrap password
shell: >- command: >-
set -o pipefail
echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
when: when:
- node_certs_generator - node_certs_generator