afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

VD keystore changes

Browse Source
This commit is contained in:
Gonzalo Acuña 2024-01-24 10:39:31 -03:00
parent a4295b4c33
commit 65d896ec7f
No known key found for this signature in database
GPG Key ID: 646BA79A313A2270
2 changed files with 19 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
roles/wazuh/ansible-wazuh-manager/tasks/main.yml
View File

@ -252,6 +252,15 @@
- init
- config
- name: Generate the wazuh-keystore
shell: >
/var/ossec/bin/wazuh-keystore -f indexer -k user -v {{ indexer_security_user }}
/var/ossec/bin/wazuh-keystore -f indexer -k password -v {{ indexer_security_password }}
notify: restart wazuh-manager
tags:
- init
- config
- name: Ossec-authd password
template:
src: authd_pass.j2

22
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -267,20 +267,18 @@
<indexer>
<enabled>{% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' or wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %}</enabled>
<hosts>
{% for item in wazuh_manager_config.indexer.hosts %}
<host>https://{{ item }}:{{ filebeat_output_indexer_port }}</host>
{% endfor %}
{% for item in wazuh_manager_config.indexer.hosts %}
<host>https://{{ item }}:{{ filebeat_output_indexer_port }}</host>
{% endfor %}
</hosts>
<username>{{ indexer_security_user }}</username>
<password>{{ indexer_security_password }}</password>
<ssl>
<certificate_authorities>
<ca>{{ filebeat_ssl_dir }}/root-ca.pem</ca>
</certificate_authorities>
<certificate>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem</certificate>
<key>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem</key>
</ssl>
<ssl>
<certificate_authorities>
<ca>{{ filebeat_ssl_dir }}/root-ca.pem</ca>
</certificate_authorities>
<certificate>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem</certificate>
<key>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem</key>
</ssl>
</indexer>
<!-- File integrity monitoring -->