Indexer and Dashboard comments removed

roles/opensearch/wazuh-dashboard/defaults/main.yml

@@ -4,21 +4,14 @@
 indexer_http_port: 9700
 indexer_api_protocol: https
 dashboard_conf_path: /etc/wazuh-dashboard/
-## 732 check the path
 dashboard_node_name: node-1
 dashboard_server_host: "0.0.0.0"
 dashboard_server_port: "5601"
 dashboard_server_name: "dashboard"
-#kibana_max_payload_bytes: 1048576
-#elastic_stack_version: 4.3.0
-## 732 check if it is the right version
 wazuh_version: 4.3.0
-#wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
-## 732 check if it is needed.
 
-# The OpenDistro package repository
+# The Wazuh dashboard package repository
-dashboard_version: "4.3.0" # Version includes the - for RedHat family compatibility, replace with = for Debian hosts
+dashboard_version: "4.3.0"
-## 732 check if it is the right version
 
 package_repos:
   yum:
@@ -42,28 +35,9 @@ wazuh_api_credentials:
     username: "wazuh"
     password: "wazuh"
 
-# opendistro Security
+# Dashboard Security
 dashboard_security: true
-#kibana_newsfeed_enabled: "false"
-#kibana_telemetry_optin: "false"
-#kibana_telemetry_enabled: "false"
-
 indexer_admin_password: changeme
 dashboard_user: kibanaserver
 dashboard_password: changeme
 local_certs_path: "{{ playbook_dir }}/indexer/certificates"
-
-# Nodejs
-nodejs:
-  repo_dict:
-      debian: "deb"
-      redhat: "rpm"
-  repo_url_ext: "nodesource.com/setup_10.x"
-
-# Build from sources
-build_from_sources: false
-#wazuh_plugin_branch: 4.1-7.10
-## 732 check if it is the right version and if it is needed
-
-#Nodejs NODE_OPTIONS
-node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536

roles/opensearch/wazuh-dashboard/handlers/main.yml

@@ -1,4 +1,3 @@
 ---
 - name: restart wazuh-dashboard
   service: name=wazuh-dashboard state=restarted
-## 732 service name should be updated

roles/opensearch/wazuh-dashboard/tasks/build_wazuh_plugin.yml

@@ -1,79 +0,0 @@
----
-## 732 will not be needed
-  - name: Ensure the Git package is present
-    package:
-      name: git
-      state: present
-
-  - name: Modify repo url if host is in Debian family
-    set_fact:
-      node_js_repo_type: deb
-    when:
-      - ansible_os_family | lower == "debian"
-
-  - name: Download script to install Nodejs repository
-    get_url:
-      url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
-      dest: "/tmp/setup_nodejs_repo.sh"
-      mode: 0700
-
-  - name: Execute downloaded script to install Nodejs repo
-    command: /tmp/setup_nodejs_repo.sh
-    register: node_repo_installation_result
-    changed_when: false
-
-  - name: Install Nodejs
-    package:
-      name: nodejs
-      state: present
-
-  - name: Install yarn dependency to build the Wazuh Kibana Plugin
-    # Using shell due to errors when evaluating text between @ with command
-    shell: "npm install -g {{ 'yarn' }}{{ '@' }}{{ '1.10.1'}}" # noqa 305
-    register: install_yarn_result
-    changed_when: install_yarn_result == 0
-
-  - name: Remove old wazuh-kibana-app git directory
-## 732 check if it is needed
-    file:
-      path: /tmp/app
-      state: absent
-    changed_when: false
-
-  - name: Clone wazuh-kibana-app repository # Using command as git module doesn't cover single-branch nor depth
-## 732 will not be needed
-    command: git clone https://github.com/wazuh/wazuh-kibana-app -b {{ wazuh_plugin_branch }} --single-branch --depth=1 app # noqa 303
-    register: clone_app_repo_result
-    changed_when: false
-    args:
-      chdir: "/tmp"
-
-  - name: Executing yarn to build the package
-    command: "{{ item }}"
-    with_items:
-      - "yarn"
-      - "yarn build"
-    register: yarn_execution_result
-    changed_when: false
-    args:
-      chdir: "/tmp/app/"
-
-  - name: Obtain name of generated package
-    shell: "find ./ -name 'wazuh-*.zip' -printf '%f\\n'"
-    register: wazuhapp_package_name
-    changed_when: false
-    args:
-      chdir: "/tmp/app/build"
-
-  - name: Install Wazuh Plugin (can take a while)
-    shell: NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}
-    args:
-      executable: /bin/bash
-      creates: /usr/share/kibana/plugins/wazuh/package.json
-      chdir: /usr/share/kibana
-    become: yes
-    become_user: kibana
-    notify: restart kibana
-    tags:
-      - install
-      - skip_ansible_lint

roles/opensearch/wazuh-dashboard/tasks/main.yml

@@ -1,13 +1,5 @@
 ---
 
-- name: Stopping early, trying to compile Wazuh Dashboard Plugin on Debian 10 is not possible
-  fail:
-    msg: "It's not possible to compile the Wazuh Dashboard plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924"
-  when:
-    - build_from_sources
-    - ansible_distribution == "Debian"
-    - ansible_distribution_major_version == "10"
-
 - import_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
 
@@ -45,39 +37,6 @@
     group: wazuh-dashboard
     recurse: yes
 
-#- name: Build and Install Wazuh Kibana Plugin from sources
-#  import_tasks: build_wazuh_plugin.yml
-#  when:
-#    - build_from_sources is defined
-#    - build_from_sources
-
-#- name: Install Wazuh Plugin (can take a while)
-#  shell: >-
-#    NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install
-#    {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}-1.zip
-#  args:
-#    executable: /bin/bash
-#    creates: /usr/share/kibana/plugins/wazuh/package.json
-#    chdir: /usr/share/kibana
-#  become: yes
-#  become_user: kibana
-#  notify: restart kibana
-#  tags:
-#    - install
-#    - skip_ansible_lint
-#  when:
-#    - not build_from_sources
-
-#- name: Kibana optimization (can take a while)
-#  shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli/cli.js --optimize -c {{ dashboard_conf_path }}/kibana.yml
-#  args:
-#    executable: /bin/bash
-#  become: yes
-#  become_user: kibana
-#  changed_when: false
-#  tags:
-#    - skip_ansible_lint
-
 - name: Wait for Wazuh-Indexer port
   wait_for: host={{ indexer_network_host }} port={{ indexer_http_port }}
 

roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2

@@ -1,36 +0,0 @@
-# {{ ansible_managed }}
-# Description:
-# Default Kibana configuration for Open Distro.
-server.port: {{ dashboard_server_port }}
-
-#server.basePath: ""
-server.maxPayloadBytes: {{ kibana_max_payload_bytes }}
-server.name: {{ dashboard_server_name }}
-server.host: {{ kibana_server_host }}
-
-
-{% if kibana_opendistro_security %}
-
-elasticsearch.hosts: "https://{{ indexer_network_host }}:{{ indexer_http_port }}"
-elasticsearch.username: {{ opendistro_kibana_user }}
-elasticsearch.password: {{ dashboard_password }}
-server.ssl.enabled: true
-server.ssl.certificate: "/usr/share/kibana/{{ kibana_node_name }}_http.pem"
-server.ssl.key: "/usr/share/kibana/{{ kibana_node_name }}_http.key"
-elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/root-ca.pem"]
-elasticsearch.ssl.verificationMode: full
-
-{% else %}
-elasticsearch.hosts: "http://{{ indexer_network_host }}:{{ indexer_http_port }}"
-{% endif %}
-
-elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
-opendistro_security.multitenancy.enabled: true
-opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
-opendistro_security.readonly_mode.roles: ["kibana_read_only"]
-
-newsfeed.enabled: {{ kibana_newsfeed_enabled }}
-telemetry.optIn: {{ kibana_telemetry_optin }}
-telemetry.enabled: {{ kibana_telemetry_enabled }}
-
-server.defaultRoute: /app/wazuh?security_tenant=global

roles/opensearch/wazuh-dashboard/templates/wazuh.yml.j2

@@ -16,7 +16,7 @@
 # https://documentation.wazuh.com/current/installation-guide/index.html
 #
 # Also, you can check our repository:
-# https://github.com/wazuh/wazuh-kibana-app
+# https://github.com/wazuh/wazuh-dashboard
 #
 # ------------------------------- Index patterns -------------------------------
 #

roles/opensearch/wazuh-indexer/defaults/main.yml

@@ -12,23 +12,21 @@ indexer_node_data: true
 indexer_node_ingest: true
 indexer_start_timeout: 90
 
-#elasticsearch_lower_disk_requirements: false
 indexer_cluster_nodes:
   - 127.0.0.1
 indexer_discovery_nodes:
   - 127.0.0.1
 
 local_certs_path: "{{ playbook_dir }}/indexer/certificates"
-##check if it is the correct directory
 
-# Minimum master nodes in cluster, 2 for 3 nodes elasticsearch cluster
+# Minimum master nodes in cluster, 2 for 3 nodes Wazuh indexer cluster
 minimum_master_nodes: 2
 
-# Configure hostnames for Elasticsearch nodes
+# Configure hostnames for Wazuh indexer nodes
 # Example es1.example.com, es2.example.com
 domain_name: wazuh.com
 
-# The OpenDistro package repository
+# The Wazuh indexer package repository
 package_repos:
   yum:
     indexer:
@@ -58,14 +56,11 @@ indexer_custom_user_role: "admin"
 indexer_jvm_xms: null
 
 indexer_http_port: 9700
-## 732 this port changes to 9700
 
 certs_gen_tool_version: 4.3
-## 732 will no longer be needed. /usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-cert-tool.sh comes with the package.
 
-# Url of Search Guard certificates generator tool
+# Url of certificates generator tool
 certs_gen_tool_url: "https://packages-dev.wazuh.com/resources/{{ certs_gen_tool_version }}/install_functions/opendistro/wazuh-cert-tool.sh"
-## 732 will no longer be needed. /usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-cert-tool.sh comes with the package.
 
 indexer_admin_password: changeme
 dashboard_password: changeme

roles/opensearch/wazuh-indexer/tasks/local_actions.yml

@@ -18,50 +18,23 @@
       state: directory
 
   - name: Local action | Check that the generation tool exists
-  ## 732 will not be needed
     stat:
       path: "{{ local_certs_path }}/wazuh-cert-tool.sh"
     register: tool_package
 
   - name: Local action | Download certificates generation tool
-  ## 732 will not be needed
     get_url:
       url: "{{ certs_gen_tool_url }}"
       dest: "{{ local_certs_path }}/wazuh-cert-tool.sh"
-      #search-guard-tlstool-{{ certs_gen_tool_version }}.zip"
     when: not tool_package.stat.exists
 
-#  - name: Local action | Extract the certificates generation tool
-#  ## 732 will not be needed
-#    unarchive:
-#      src: "{{ local_certs_path }}/search-guard-tlstool-{{ certs_gen_tool_version }}.zip"
-#      dest: "{{ local_certs_path }}/"
-
-#  - name: Local action | Add the execution bit to the binary
-#  ## 732 will not be needed
-#    file:
-#      dest: "{{ local_certs_path }}/tools/sgtlstool.sh"
-#      mode: a+x
-
   - name: Local action | Prepare the certificates generation template file
-## 732 need to resolve the certificate creation (config.yml)
     template:
       src: "templates/config.yml.j2"
       dest: "{{ local_certs_path }}/config.yml"
       mode: 0644
     register: tlsconfig_template
 
-#  - name: Create a directory if it does not exist
-#    file:
-#      path: "{{ local_certs_path }}/certs/"
-#      state: directory
-#      mode: '0755'
-
-#  - name: Local action | Check if root CA file exists
-#    stat:
-#      path: "{{ local_certs_path }}/certs/root-ca.key"
-#    register: root_ca_file
-
   - name: Local action | Generate the node & admin certificates in local
     command: >-
       bash {{ local_certs_path }}/wazuh-cert-tool.sh

roles/opensearch/wazuh-indexer/tasks/main.yml

@@ -11,28 +11,25 @@
     - import_tasks: Debian.yml
       when: ansible_os_family == 'Debian'
 
-#    - name: Remove performance analyzer plugin from elasticsearch
+    - name: Remove performance analyzer plugin from Wazuh indexer
-#  ## 732 will not be needed
+      become: true
-#      become: true
+      command: ./opensearch-plugin remove opensearch-performance-analyzer
-#      command: ./elasticsearch-plugin remove opendistro-performance-analyzer
+      ignore_errors: true
-#      ignore_errors: true
+      args:
-#      args:
+        chdir: /usr/share/wazuh-indexer/bin/
-#        chdir: /usr/share/elasticsearch/bin/
+      register: remove_opensearch_performance_analyzer
-#      register: remove_elasticsearch_performance_analyzer
+      failed_when:
-#      failed_when:
+        - remove_opensearch_performance_analyzer.rc != 0
-#        - remove_elasticsearch_performance_analyzer.rc != 0
+        - '"not found" not in remove_opensearch_performance_analyzer.stderr'
-#        - '"not found" not in remove_elasticsearch_performance_analyzer.stderr'
+      changed_when: "remove_opensearch_performance_analyzer.rc == 0"
-#      changed_when: "remove_elasticsearch_performance_analyzer.rc == 0"
 
     - name: Remove Opensearch configuration file
-  ## 732 will not be needed
       file:
         path: "{{ indexer_conf_path }}/opensearch.yml"
         state: absent
       tags: install
 
     - name: Copy Opensearch Configuration File
-  ## 732 will not be needed
       template:
         src: "templates/opensearch.yml.j2"
         dest: "{{ indexer_conf_path }}/opensearch.yml"
@@ -48,7 +45,6 @@
 
 
     - name: Configure Wazuh-Indexer JVM memmory.
-  ## 732 will not be needed and if it is needed the path should be updated.
       template:
         src: "templates/jvm.options.j2"
         dest: "{{ indexer_conf_path }}/jvm.options"
@@ -60,7 +56,6 @@
       tags: install
 
     - name: Configure disabled log4j.
-  ## 732 will not be needed
       template:
         src: "templates/disabledlog4j.options.j2"
         dest: "{{ indexer_conf_path }}/jvm.options.d/disabledlog4j.options"
@@ -92,7 +87,6 @@
       with_items: "{{ files_to_delete.files }}"
 
     - name: Ensure Wazuh-Indexer started and enabled
-  ## 732 the service name should be updated
       service:
         name: wazuh-indexer
         enabled: true

roles/opensearch/wazuh-indexer/tasks/security_actions.yml

@@ -1,13 +1,11 @@
-#- name: Remove demo certs
+- name: Remove demo certs
-#  ## 732 will not be needed
+  file:
-#  file:
+    path: "{{ item }}"
-#    path: "{{ item }}"
+    state: absent
-#    state: absent
+  with_items:
-#  with_items:
+    - "{{ indexer_conf_path }}/demo-indexer-key.pem"
-#    - "{{ indexer_conf_path }}/kirk.pem"
+    - "{{ indexer_conf_path }}/demo-indexer.pem"
-#    - "{{ indexer_conf_path }}/kirk-key.pem"
+
-#    - "{{ indexer_conf_path }}/esnode.pem"
-#    - "{{ indexer_conf_path }}/esnode-key.pem"
 
 - name: Configure IP (Private address)
   set_fact:
@@ -33,28 +31,9 @@
     - root-ca.key
     - "{{ indexer_node_name }}-key.pem"
     - "{{ indexer_node_name }}.pem"
-    #- "{{ indexer_node_name }}_http.key"
-    #- "{{ indexer_node_name }}_http.pem"
-    #- "{{ indexer_node_name }}_elasticsearch_config_snippet.yml"
     - admin-key.pem
     - admin.pem
 
-#- name: Copy the OpenDistro security configuration file to cluster
-#  blockinfile:
-#    block: "{{ lookup('file', snippet_path ) }}"
-#    dest: "{{ indexer_conf_path }}/elasticsearch.yml"
-#    insertafter: EOF
-#    marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
-#  vars:
-#    snippet_path: '{{ local_certs_path }}/certs/{{ indexer_node_name }}_elasticsearch_config_snippet.yml'
-
-#- name: Prepare the OpenDistro security configuration file
-#  replace:
-#    path: "{{ indexer_conf_path }}/elasticsearch.yml"
-#    regexp: 'searchguard'
-#    replace: 'opendistro_security'
-#  tags: local
-
 - name: Restart Wazuh-Indexer with security configuration
   systemd:
     name: wazuh-indexer
@@ -70,7 +49,7 @@
 - name: Hashing the custom admin password
   command: "{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }}" # noqa 301
   register: indexer_admin_password_hashed
-  #no_log: '{{ indexer_nolog_sensible | bool }}'
+  no_log: '{{ indexer_nolog_sensible | bool }}'
   run_once: true
 
 - name: Set the Admin user password

roles/opensearch/wazuh-indexer/templates/config.yml.j2

@@ -26,7 +26,7 @@ nodes:
 
   # Kibana node
   kibana:
-## 732 this will change to dashboards:
+## 732 this will change to dashboard:
 {% for (key,value) in instances.items() %}
 {% if (value.role is defined and value.role == 'dashboard') %}
     name: {{ value.name }}

roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2

@@ -1,44 +0,0 @@
-cluster.name: {{ opendistro_cluster_name }}
-node.name: {{ elasticsearch_node_name }}
-path.data: /var/lib/elasticsearch
-path.logs: /var/log/elasticsearch
-network.host: {{ elasticsearch_network_host }}
-
-node.master: {{ indexer_node_master|lower }}
-
-{% if single_node == true %}
-discovery.type: single-node
-{% else %}
-cluster.initial_master_nodes:
-{% for item in elasticsearch_cluster_nodes %}
-  - {{ item }}
-{% endfor %}
-
-discovery.seed_hosts:
-{% for item in elasticsearch_discovery_nodes %}
-  - {{ item }}
-{% endfor %}
-{% endif %}
-
-{% if indexer_node_data|lower == 'false' %}
-node.data: false
-{% endif %}
-
-{% if indexer_node_ingest|lower == 'false' %}
-node.ingest: false
-{% endif %}
-
-
-{% if elasticsearch_lower_disk_requirements %}
-cluster.routing.allocation.disk.threshold_enabled: true
-cluster.routing.allocation.disk.watermark.flood_stage: 200mb
-cluster.routing.allocation.disk.watermark.low: 500mb
-cluster.routing.allocation.disk.watermark.high: 300mb
-{% endif %}
-
-discovery.zen.minimum_master_nodes: "{{ minimum_master_nodes }}"
-opendistro_security.allow_default_init_securityindex: true
-opendistro_security.audit.type: internal_elasticsearch
-opendistro_security.enable_snapshot_restore_privilege: true
-opendistro_security.check_snapshot_restore_write_privileges: true
-opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]

roles/opensearch/wazuh-indexer/templates/jvm.options.j2

@@ -11,8 +11,6 @@
 ## -Xms4g
 ## -Xmx4g
 ##
-## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
-## for more information
 ##
 ################################################################