afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'devel' into feature-256-add-sca-template

Browse Source
This commit is contained in:
Jose M 2019-10-07 16:18:57 +02:00
commit 6b8b1b6eb4
9 changed files with 101 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -37,6 +37,10 @@ All notable changes to this project will be documented in this file.
- Fixed Kibana installation in Amazon Linux [@jm404](https://github.com/jm404) [#232](https://github.com/wazuh/wazuh-ansible/pull/232) - Fixed Kibana installation in Amazon Linux [@jm404](https://github.com/jm404) [#232](https://github.com/wazuh/wazuh-ansible/pull/232)
- Fixed Windows Agent installation and configuration [@jm404](https://github.com/jm404) [#234](https://github.com/wazuh/wazuh-ansible/pull/234) - Fixed Windows Agent installation and configuration [@jm404](https://github.com/jm404) [#234](https://github.com/wazuh/wazuh-ansible/pull/234)
### Fixed
- Removed registry key check on Wazuh Agent installation in windows [@jm404](https://github.com/jm404) [#265](https://github.com/wazuh/wazuh-ansible/pull/265)
## [v3.9.5_7.2.1] ## [v3.9.5_7.2.1]
### Added ### Added

75
roles/elastic-stack/ansible-elasticsearch/README.md
View File

@ -12,6 +12,8 @@ This role will work on:
* Fedora * Fedora
* Debian * Debian
* Ubuntu * Ubuntu
For the elasticsearch role with XPack security the `unzip` command must be available on the Ansible master.
Role Variables Role Variables
-------------- --------------
@ -53,6 +55,79 @@ Example Playbook
- {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']} - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
``` ```
- Three nodes Elasticsearch cluster with XPack security
```
---
- hosts: elastic-1
roles:
- role: ../roles/elastic-stack/ansible-elasticsearch
elasticsearch_network_host: 172.16.0.111
elasticsearch_node_name: node-1
single_node: false
elasticsearch_master_candidate: true
elasticsearch_bootstrap_node: true
elasticsearch_cluster_nodes:
- 172.16.0.111
- 172.16.0.112
- 172.16.0.113
elasticsearch_discovery_nodes:
- 172.16.0.111
- 172.16.0.112
- 172.16.0.113
elasticsearch_xpack_security: true
node_certs_generator: true
node_certs_generator_ip: 172.16.0.111
vars:
elasticsearch_xpack_users:
anne:
password: 'PasswordHere'
roles: '["kibana_user", "monitoring_user"]'
jack:
password: 'PasswordHere'
roles: '["superuser"]'
instances:
node-1:
name: node-1
ip: 172.16.0.111
node-2:
name: node-2
ip: 172.16.0.112
node-3:
name: node-3
ip: 172.16.0.113
- hosts: elastic-2
roles:
- role: ../roles/elastic-stack/ansible-elasticsearch
elasticsearch_network_host: 172.16.0.112
elasticsearch_node_name: node-2
single_node: false
elasticsearch_xpack_security: true
elasticsearch_master_candidate: true
node_certs_generator_ip: 172.16.0.111
elasticsearch_discovery_nodes:
- 172.16.0.111
- 172.16.0.112
- 172.16.0.113
- hosts: elastic-3
roles:
- role: ../roles/elastic-stack/ansible-elasticsearch
elasticsearch_network_host: 172.16.0.113
elasticsearch_node_name: node-3
single_node: false
elasticsearch_xpack_security: true
elasticsearch_master_candidate: true
node_certs_generator_ip: 172.16.0.111
elasticsearch_discovery_nodes:
- 172.16.0.111
- 172.16.0.112
- 172.16.0.113
```
License and copyright License and copyright
--------------------- ---------------------

5
roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
View File

@ -3,6 +3,7 @@ elasticsearch_cluster_name: wazuh
elasticsearch_node_name: node-1 elasticsearch_node_name: node-1
elasticsearch_http_port: 9200 elasticsearch_http_port: 9200
elasticsearch_network_host: 127.0.0.1 elasticsearch_network_host: 127.0.0.1
elasticsearch_reachable_host: 127.0.0.1
elasticsearch_jvm_xms: null elasticsearch_jvm_xms: null
elastic_stack_version: 7.3.2 elastic_stack_version: 7.3.2
single_node: true single_node: true
@ -30,7 +31,3 @@ generate_CA: true
ca_key_name: "" ca_key_name: ""
ca_cert_name: "" ca_cert_name: ""
ca_password: "" ca_password: ""

2
roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
View File

@ -109,7 +109,7 @@
- init - init
- name: Make sure Elasticsearch is running before proceeding - name: Make sure Elasticsearch is running before proceeding
wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400 wait_for: host={{ elasticsearch_reachable_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
tags: tags:
- configure - configure
- init - init

24
roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
View File

@ -1,12 +1,4 @@
- name: Install unzip dependency.
package:
name: unzip
state: present
delegate_to: "127.0.0.1"
when:
- node_certs_generator
- name: Check if certificate exists locally - name: Check if certificate exists locally
stat: stat:
path: "{{ node_certs_destination }}/{{ elasticsearch_node_name }}.crt" path: "{{ node_certs_destination }}/{{ elasticsearch_node_name }}.crt"
@ -202,3 +194,19 @@
when: when:
- node_certs_generator - node_certs_generator
tags: molecule-idempotence-notest tags: molecule-idempotence-notest
- name: Create elasticsearch users
uri:
url: "https://{{ elasticsearch_reachable_host }}:9200/_security/user/{{ item.key }}"
method: POST
body_format: json
user: "{{ elasticsearch_xpack_security_user }}"
password: "{{ elasticsearch_xpack_security_password }}"
body: '{ "password" : "{{ item.value["password"] }}", "roles" : {{ item.value["roles"] }} }'
validate_certs: no
loop: "{{ elasticsearch_xpack_users|default({})|dict2items }}"
register: http_response
failed_when: http_response.status != 200
when:
- elasticsearch_xpack_users is defined
- node_certs_generator

4
roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
View File

@ -6,10 +6,10 @@
instances: instances:
{% for (key,value) in instances.items() %} {% for (key,value) in instances.items() %}
- name: "{{ value.name }}" - name: "{{ value.name }}"
{% if value.ip %} {% if value.ip is defined and value.ip | length > 0 %}
ip: ip:
- "{{ value.ip }}" - "{{ value.ip }}"
{% elif value.dns %} {% elif value.dns is defined and value.dns | length > 0 %}
dns: dns:
- "{{ value.dns }}" - "{{ value.dns }}"
{% endif %} {% endif %}

3
roles/wazuh/ansible-wazuh-agent/defaults/main.yml
View File

@ -29,8 +29,7 @@ wazuh_winagent_config:
version: '3.10.2' version: '3.10.2'
revision: '1' revision: '1'
repo: https://packages.wazuh.com/3.x/windows/ repo: https://packages.wazuh.com/3.x/windows/
md5: ee5b24216db472d291da4e14f0b3bc63 md5: 71650780904cbfc2e45eae4298adb7a3
register_key: 9903C258-FC1E-4886-B7DB-1535976EC1D5
wazuh_agent_config: wazuh_agent_config:
active_response: active_response:
ar_disabled: 'no' ar_disabled: 'no'

1
roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
View File

@ -185,6 +185,7 @@
name: wazuh-agent name: wazuh-agent
enabled: true enabled: true
state: started state: started
tags: config
- import_tasks: "RMRedHat.yml" - import_tasks: "RMRedHat.yml"
when: ansible_os_family == "RedHat" when: ansible_os_family == "RedHat"

1
roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
View File

@ -42,7 +42,6 @@
- name: Windows | Install Agent if not already installed - name: Windows | Install Agent if not already installed
win_package: win_package:
path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi" path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
product_id: '{{ "{" }}{{ wazuh_winagent_config.register_key }}{{ "}" }}'
state: present state: present
- name: Windows | Check if client.keys exists - name: Windows | Check if client.keys exists