Modified several variables

roles/opendistro/opendistro-elasticsearch/defaults/main.yml

@@ -1,7 +1,6 @@
 ---
 # The OpenDistro version
 opendistro_version: 1.6.0
-
 elasticsearch_cluster_name: wazuh-cluster
 
 # Minimum master nodes in cluster, 2 for 3 nodes elasticsearch cluster
@@ -25,12 +24,9 @@ package_repos:
       baseurl: 'https://artifacts.elastic.co/packages/oss-7.x/yum'
       gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
 
-populate_inventory_to_hosts_file: true
-
-es_plugin_bin_path: /usr/share/elasticsearch/bin/elasticsearch-plugin
-es_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
-es_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools
-
+opendistro_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
+opendistro_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools
+opendistro_conf_path: /etc/elasticsearch/
 es_nodes: |-
         {% for item in groups['es-cluster'] -%}
           {{ hostvars[item]['ip'] }}{% if not loop.last %}","{% endif %}
@@ -42,11 +38,6 @@ opendistro_security_password: admin
 opendistro_jvm_xms: null
 
 opendistro_http_port: 9200
-opendistro_network_host: 127.0.0.1
-opendistro_reachable_host: 127.0.0.1
-opendistro_jvm_xms: null
-elastic_stack_version: 7.6.1
-opendistro_lower_disk_requirements: false
 
 elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
@@ -54,6 +45,7 @@ elasticrepo:
   gpg: 'https://artifacts.elastic.co/GPG-KEY-opendistro'
   key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
+opendistro_admin_password: Test@123
 # Cluster Settings
 single_node: true
 opendistro_cluster_name: wazuh
@@ -67,18 +59,3 @@ opendistro_discovery_nodes:
 opendistro_node_data: true
 opendistro_node_ingest: true
 
-# X-Pack Security 
-opendistro_xpack_security: false
-opendistro_xpack_security_user: elastic
-opendistro_xpack_security_password: elastic_pass
-
-node_certs_generator: false
-node_certs_source: /usr/share/elasticsearch
-node_certs_destination: /etc/elasticsearch/certs
-
-# CA generation
-master_certs_path: /es_certs
-generate_CA: true
-ca_key_name: ""
-ca_cert_name: ""
-ca_password: ""

roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml

@@ -56,14 +56,14 @@
 - name: RedHat/CentOS/Fedora | Copy the opendistro security configuration file to cluster
   blockinfile:
     block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
-    dest: "{{ conf_dir }}/elasticsearch.yml"
+    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
     backup: yes
     insertafter: EOF
     marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Prepare the opendistro security configuration file
-  command: sed -i 's/searchguard/opendistro_security/g' {{ conf_dir }}/elasticsearch.yml
+  command: sed -i 's/searchguard/opendistro_security/g' {{ opendistro_conf_path }}/elasticsearch.yml
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Restart elasticsearch with security configuration
@@ -75,32 +75,32 @@
 - name: RedHat/CentOS/Fedora | Copy the opendistro security internal users template
   template:
     src: "templates/internal_users.yml.j2"
-    dest: "{{ es_sec_plugin_conf_path }}/internal_users.yml"
+    dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
     mode: 0644
   run_once: true
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Set the Admin user password
   shell: >
-    sed -i 's,{{ admin_password }},'$(sh {{ es_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
-    {{ es_sec_plugin_conf_path }}/internal_users.yml
+    sed -i 's,{{ admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
+    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
   run_once: true
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Set the kibanaserver user pasword
   shell: >
-    sed -i 's,{{ kibanaserver_password }},'$(sh {{ es_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
-    {{ es_sec_plugin_conf_path }}/internal_users.yml
+    sed -i 's,{{ kibanaserver_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
+    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
   run_once: true
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Initialize the opendistro security index in elasticsearch
   shell: >
-    sh {{ es_sec_plugin_tools_path }}/securityadmin.sh
-    -cacert {{ conf_dir }}/root-ca.pem
-    -cert {{ conf_dir }}/admin.pem
-    -key {{ conf_dir }}/admin.key
-    -cd {{ es_sec_plugin_conf_path }}/
+    sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
+    -cacert {{ opendistro_conf_path }}/root-ca.pem
+    -cert {{ opendistro_conf_path }}/admin.pem
+    -key {{ opendistro_conf_path }}/admin.key
+    -cd {{ opendistro_sec_plugin_conf_path }}/
     -nhnv -icl
     -h {{ hostvars[inventory_hostname]['ip'] }}
   run_once: true

roles/opendistro/opendistro-elasticsearch/tasks/main.yml

@@ -22,8 +22,8 @@
 
 - name: Copy Configuration File
   template: 
-    src: "templates/elasticsearch.ym.j2"
-    dest: "{{conf_dir}}/elasticsearch.yml"
+    src: "templates/elasticsearch.yml.j2"
+    dest: "{{opendistro_conf_path}}/elasticsearch.yml"
     group: elasticsearch
     mode: 0644
     backup: yes

roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2

@@ -1,4 +1,4 @@
-cluster.name: "{{ elasticsearch_cluster_name }}"
+cluster.name: "{{ opendistro_cluster_name }}"
 
 node.name: "{{ inventory_hostname }}"
 

roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2

@@ -23,10 +23,10 @@
 
 # Xms represents the initial size of total heap space
 # Xmx represents the maximum size of total heap space
-{% if elasticsearch_jvm_xms is not none %}
-{% if elasticsearch_jvm_xms < 32000 %}
--Xms{{ elasticsearch_jvm_xms }}m
--Xmx{{ elasticsearch_jvm_xms }}m
+{% if opendistro_jvm_xms is not none %}
+{% if opendistro_jvm_xms < 32000 %}
+-Xms{{ opendistro_jvm_xms }}m
+-Xmx{{ opendistro_jvm_xms }}m
 {% else %}
 -Xms32000m
 -Xmx32000m