afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

VD keystore changes

Browse Source
This commit is contained in:
Gonzalo Acuña 2024-01-24 10:39:31 -03:00
parent a4295b4c33
commit 65d896ec7f
No known key found for this signature in database
GPG Key ID: 646BA79A313A2270
2 changed files with 19 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
roles/wazuh/ansible-wazuh-manager/tasks/main.yml
View File

@ -252,6 +252,15 @@
- init - init
- config - config
- name: Generate the wazuh-keystore
shell: >
/var/ossec/bin/wazuh-keystore -f indexer -k user -v {{ indexer_security_user }}
/var/ossec/bin/wazuh-keystore -f indexer -k password -v {{ indexer_security_password }}
notify: restart wazuh-manager
tags:
- init
- config
- name: Ossec-authd password - name: Ossec-authd password
template: template:
src: authd_pass.j2 src: authd_pass.j2

22
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -267,20 +267,18 @@
<indexer> <indexer>
<enabled>{% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' or wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %}</enabled> <enabled>{% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' or wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %}</enabled>
<hosts> <hosts>
{% for item in wazuh_manager_config.indexer.hosts %} {% for item in wazuh_manager_config.indexer.hosts %}
<host>https://{{ item }}:{{ filebeat_output_indexer_port }}</host> <host>https://{{ item }}:{{ filebeat_output_indexer_port }}</host>
{% endfor %} {% endfor %}
</hosts> </hosts>
<username>{{ indexer_security_user }}</username> <ssl>
<password>{{ indexer_security_password }}</password> <certificate_authorities>
<ssl> <ca>{{ filebeat_ssl_dir }}/root-ca.pem</ca>
<certificate_authorities> </certificate_authorities>
<ca>{{ filebeat_ssl_dir }}/root-ca.pem</ca> <certificate>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem</certificate>
</certificate_authorities> <key>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem</key>
<certificate>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem</certificate> </ssl>
<key>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem</key>
</ssl>
</indexer> </indexer>
<!-- File integrity monitoring --> <!-- File integrity monitoring -->