diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml index 6f2528c3..279283c2 100644 --- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml +++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml @@ -36,7 +36,7 @@ node_certs_source: /usr/share/elasticsearch node_certs_destination: /etc/elasticsearch/certs # CA generation -master_certs_path: /es_certs +master_certs_path: "{{ playbook_dir }}/es_certs" generate_CA: true ca_key_name: "" ca_cert_name: "" diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml index 47438f98..01ef86e8 100644 --- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml +++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml @@ -102,6 +102,7 @@ state: directory mode: 0700 delegate_to: "127.0.0.1" + become: no when: - node_certs_generator @@ -111,6 +112,7 @@ state: directory mode: 0700 delegate_to: "127.0.0.1" + become: no when: - node_certs_generator @@ -139,6 +141,7 @@ src: "{{ master_certs_path }}/certs.zip" dest: "{{ master_certs_path }}/" delegate_to: "127.0.0.1" + become: no when: - node_certs_generator tags: diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index d1ddb8e1..e3164ec0 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -34,7 +34,7 @@ node_certs_source: /usr/share/elasticsearch node_certs_destination: /etc/kibana/certs # CA Generation -master_certs_path: /es_certs +master_certs_path: "{{ playbook_dir }}/es_certs" generate_CA: true ca_cert_name: "" diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index cc7de7bf..78b6b3c7 100644 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -46,7 +46,7 @@ node_certs_destination: /etc/filebeat/certs # CA Generation -master_certs_path: /es_certs +master_certs_path: "{{ playbook_dir }}/es_certs" generate_CA: true ca_cert_name: ""